Hey folks,
I have aliile issue with my Date. I query the data base with a comperative query (see below) and want to get the date in a different format.
At first the query: - $query = mysql_query("SELECT var1, var2, RideTo, Date, Time, FROM table WHERE var1 = '$_POST[var1]' AND var2 = '$_POST[var2]'
-
ORDER BY Date AND Time")
-
or die("SELECT error: ".mysql_error());
-
-
That all works fine, the resulting table is all good. However, I tried to format the date in the query by replacing Date with DATE_FORMATE('Date', '%e %b %y') to get the output date in a different style. It won't work. Similar thing with the Time field.
Anybody an idea how to solve that?
Cheers,
Frank
3  2178 
Couple of things:
$query = mysql_query("SELECT var1, var2, RideTo, Date, Time, FROM table WHERE var1 = '$_POST[var1]' AND var2 = '$_POST[var2]'
ORDER BY Date AND Time")
or die("SELECT error: ".mysql_error());
[/code]
What would you do if $_POST[var1] === "'\c DROP TABLE `table`;"?
Also, s/b ORDER BY `Date`, `Time`.
That all works fine, the resulting table is all good. However, I tried to format the date in the query by replacing Date with DATE_FORMATE('Date', '%e %b %y') to get the output date in a different style. It won't work. Similar thing with the Time field.
Anybody an idea how to solve that?
Try DATE_FORMAT(`Date` instead of 'Date' (use backticks instead of quotes).
Couple of things:
What would you do if $_POST[var1] === "'\c DROP TABLE `table`;"?
Also, s/b ORDER BY `Date`, `Time`.
Try DATE_FORMAT(`Date` instead of 'Date' (use backticks instead of quotes).
Hey there,
Thanks for the hints. My input variable comes from a select box, so I think I won't get problems with SQL infiltration.
I tried the date_format with the backticks, however wouldn"t work. So I decided to formate the date with php function date(Y M d, strtotime($row['date from the sql query'])) in the output table and that's absolutely fine.
Cheers,
Frank
My input variable comes from a select box, so I think I won't get problems with SQL infiltration.
Yes, but...
A cracker could build his own form with a text box. At the very least, you might want to consider using addslashes.
Admittedly, it depends on the nature of your site and the perceived importance of the private data thereof. But it's still a good habit to get into.
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Ben |
last post by:
I would like to use php to query a database and retrieve a unix timestamp.
The problem is that mysql is storing the data in the date format and not
a timestamp.
I am sure that I can amend my...
|
by: Yulia Yegenov |
last post by:
I have a query that looks like this: (I insert the date created with the php
date function)
$status = "Active";
//(I cannot use the mysql timestamp function for other reason).
$curdate =...
|
by: mike m |
last post by:
all,
was able to piece together the following php/html code. Basically I
want to push an SQL query and format it, present it to an html
document. The problem appears with the SQL query.
...
|
by: Polar |
last post by:
I have a database that stories entries of short stories for a writers
website. I can easily input the data into MYSQL but my trouble lies in
retrieving the data.
the story in just cut and...
|
by: Jack Lauman |
last post by:
I have a table with a column "date" that contains dates in SQL format,
i.e. 2003-08-10
I need to query the table and return all the rows from the current date
thru the next 6 days. (i.e. today...
|
by: Newsscanner |
last post by:
Hello,
In my MySQL database, one of the fields eople have to fill in is "DOB"
(Date of Birth).
I have now managed to begin inserting data into my DB via a form, the
data type for the DOB field...
|
by: meltedown |
last post by:
Why doesn't this return anything ?
SELECT DATE_SUB('FROM_DAYS(TO_DAYS(2005-09-28 18:04:19))', INTERVAL 6 DAY)
|
by: hph |
last post by:
Please be gentle; I am a relative newbie for php/MySQL, and most of what
I am doing is based on being self-taught using someone else's
well-written code, and my own googling the answers to my...
|
by: rija |
last post by:
Hi folks,
I need help regarding date and time comparison in PHP and MySQL
My website is hosted in the USA (GMT - 8)
And It is managed in Madagascar (GMT + 3)
Want to consider DATE in Madagascar...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
