473,473 Members | 1,488 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

New to php and MySQL

Hi,

I'm quite new to MySQL and php so please go easy. Thanks!

I'm trying to design a very basic php script which displays the
contents of the table, then I want to enable the user to filter out
certain results. So I went about writing a MySQL query something like
......WHERE gender="$gender" AND group="$group" and then wrote a
form which sets the variables $gender and $group. Now is there a way of
setting $gender and $group to something that would display the whole
table?

And is this the right way of going about this? Or is there a better
way... Infact does anyone know of a good site that might guide me in
creating such a script?

Thanks

Alex

Jul 20 '06 #1
5 1199
If you change your SQL to the form WHERE gender LIKE '$gender' then you
can make use of the mySQL wildcard '%' to get all results.

ta********@gmail.com wrote:
Hi,

I'm quite new to MySQL and php so please go easy. Thanks!

I'm trying to design a very basic php script which displays the
contents of the table, then I want to enable the user to filter out
certain results. So I went about writing a MySQL query something like
.....WHERE gender="$gender" AND group="$group" and then wrote a
form which sets the variables $gender and $group. Now is there a way of
setting $gender and $group to something that would display the whole
table?

And is this the right way of going about this? Or is there a better
way... Infact does anyone know of a good site that might guide me in
creating such a script?

Thanks

Alex
Jul 20 '06 #2
Message-ID: <11*********************@p79g2000cwp.googlegroups. comfrom
ta********@gmail.com contained the following:
>
I'm trying to design a very basic php script which displays the
contents of the table, then I want to enable the user to filter out
certain results. So I went about writing a MySQL query something like
.....WHERE gender="$gender" AND group="$group" and then wrote a
form which sets the variables $gender and $group. Now is there a way of
setting $gender and $group to something that would display the whole
table?

And is this the right way of going about this? Or is there a better
way... Infact does anyone know of a good site that might guide me in
creating such a script?
If you want to do this you'd probably be better of using the keyword
LIKE and the wildcard (%) instead of the = sign alone
for instance
WHERE gender LIKE "$gender%"

would match 'male' if you input 'm', 'ma', 'mal' or 'male'

If it doesn't contain anything you would get all records.
--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Jul 20 '06 #3
That's sounds like exactly what I needed! I'll try that out now.

Thanks very much.

Alex
Geoff Berrow wrote:
Message-ID: <11*********************@p79g2000cwp.googlegroups. comfrom
ta********@gmail.com contained the following:

I'm trying to design a very basic php script which displays the
contents of the table, then I want to enable the user to filter out
certain results. So I went about writing a MySQL query something like
.....WHERE gender="$gender" AND group="$group" and then wrote a
form which sets the variables $gender and $group. Now is there a way of
setting $gender and $group to something that would display the whole
table?

And is this the right way of going about this? Or is there a better
way... Infact does anyone know of a good site that might guide me in
creating such a script?

If you want to do this you'd probably be better of using the keyword
LIKE and the wildcard (%) instead of the = sign alone
for instance
WHERE gender LIKE "$gender%"

would match 'male' if you input 'm', 'ma', 'mal' or 'male'

If it doesn't contain anything you would get all records.
--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Jul 20 '06 #4
Alex wrote:
That's sounds like exactly what I needed! I'll try that out now.

Thanks very much.

Alex
Alex, A serious warning: SQL_injection.

Make sure you understand how The Bad Guys try to inject stuff into your
queries and take over your database.

If you receive a searchterm freom a form, and proceed like this, you might
get into trouble:

$firstName = $_POST["firstName"];
$SQL = "SELECT firstname, lastname from tblusers WHERE ";
$SQL .= " (lastname LIKE '%".$firstName."%'); ";
etc. etc

Now the $firstName variable could contain possible something very nasty you
didn't expect, like:
%'); DELETE FROM tbluser; etc

If you execute that query, you might find out your tbluser is empty..

If you are new to PHP and SQL, make sure you understand SQL-injection, and
prepare yourself.
Have a look at functions like addslashes() and check php.ini for things like
gpc_magic_quotes, etc

Best of luck!

Regards,
Erwin Moller

Jul 20 '06 #5
ta********@gmail.com wrote:
Hi,

I'm quite new to MySQL and php so please go easy. Thanks!

I'm trying to design a very basic php script which displays the
contents of the table, then I want to enable the user to filter out
certain results. So I went about writing a MySQL query something like
.....WHERE gender="$gender" AND group="$group" and then wrote a
form which sets the variables $gender and $group. Now is there a way of
setting $gender and $group to something that would display the whole
table?

And is this the right way of going about this? Or is there a better
way... Infact does anyone know of a good site that might guide me in
creating such a script?

Thanks

Alex
Alternatively, check to see if $gender and $group are set. Build your
query dynamically and only use them if they are set, i.e. (Assumes
gender and query are strings):

$genset = false;
$query = 'SELECT ...';
if (isset($gender)) { // Or however you wish to test
$query .= " WHERE gender='$gender'";
$genset = true;
}
if (isset($group)) {
if ($genset) {
$query .= " AND ";
else
$query .= " WHERE ";
$query .= "group='$group'";
}

Or something similar.

And yes, you do need to ensure $gender and $group are validated to
prevent SQL injection attacks.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Jul 20 '06 #6
Create Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
2
"mysql.h: No such file or directory" when building MySQL-python
by: francescomoi | last post by:
Hi. I'm trying to build 'MySQL-python-1.2.0' on my Linux FC2: ---------------------------------- # export PATH=$PATH:/usr/local/mysql/bin/ # export mysqlclient=mysqlclient_r # python setup.py...
Latest Bytes
4
MySQL v4.0 -> Red Hat Linux 9
by: mikey | last post by:
Hi all, I'm having great problems trying to install the latest MySQl RPM package onto my Red Hat Linux OS. There is already MySQL v 3.0 pre-installed with the RH Linux distribution disk but I...
Latest Bytes
0
Install DBD::mysql failed
by: Yun Guan | last post by:
Hello mysql gurus, I am trying to run perl on mysql database on Red Hat box. I want to install DBI and DBD:mysql using CPAN: perl -MCPAN -e shell cpan>install DBI The above succeeded, but...
Latest Bytes
0
MySQL tips that I have come across
by: Mike Chirico | last post by:
Interesting Things to Know about MySQL Mike Chirico (mchirico@users.sourceforge.net) Copyright (GPU Free Documentation License) 2004 Last Updated: Mon Jun 7 10:37:28 EDT 2004 The latest...
Latest Bytes
2
MySQL Database improperly setup?
by: Saqib Ali | last post by:
I installed mySQL and have it running.... but I think I made a mistake somewhere along the line...... I believe I did follow the instructions that were provided with the distribution at:...
Latest Bytes
1
Installing DBD::mysql - missing mysql.h - how to get it known tocygwin/perl?
by: Alex Hunsley | last post by:
I am trying to install the DBD::mysql perl module. However, it claims I need mysql.h: cpan> install DBD::mysql CPAN: Storable loaded ok Going to read /home/alex/.cpan/Metadata Database was...
Latest Bytes
0
login as user 'root' but do not have root privlages and mysql doesn't recognize root logged in
by: ./Rob & | last post by:
Hi gang: I'm experiencing a problem with MySQL -- I updated MySQL from version 4.1.0 to 4.1.10 and now when I login as root it doesn't show all the databases I should have access to, nor it...
Latest Bytes
2
Please Help : upgrade to MySQL 5.0
by: trihanhcie | last post by:
I m currently working on a Unix server with a fedora 3 as an os My current version of mysql is 3.23.58. I'd like to upgrade the version to 5.0.18. After downloading from MYSQL.COM the package on...
Latest Bytes
1
Problem during installing MySQL-server-standard-5.0.24a-0.rhel3.i386.rpm on Redhat 9
by: manish deshpande | last post by:
Hi, When i'm installing MySQL-server-standard-5.0.24a-0.rhel3.i386.rpm by the following command: rpm -i MySQL-server-standard-5.0.24a-0.rhel3.i386.rpm the following error is being shown: ...
Latest Bytes
3
Installing DBD::mysql in Mac OSX 10.4.10
by: menzies | last post by:
Hi, I"m new to this forum, but I have been trying all day to install DBD::mysql onto my Intel MacBook. I've read lots of forums pages and none have gotten me to a successful 'make test' or a...
Latest Bytes
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Latest Bytes
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
Latest Bytes
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
Latest Bytes
1
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Latest Bytes
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Latest Bytes
0
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Latest Bytes
0
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Latest Bytes
0
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
Latest Bytes
0
muto222
php
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
Latest Bytes

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us