Noob alert.
Code is below.
File is saved as a .php.
What I'm trying to do:
User uses 'select' box drop down list to pick a value.
Value ($site) is derived from a db query. This works fine.
Value selected is used as the 'where' clause of the 2nd query.
If $site is a single word, the 2nd query works like a charm.
If $site is more than one word (has spaces), the query returns a null
because $site is trimmed back to just the first word (I can tell that
because I echo the value of $site.
I've poked around here and googled but no joy. Any tips are
appreciated. Soooo close...
Doug
<html>
<body>
Select the site name from the list below<br>
Note - if you start typing the name, you don't have to scroll to the
name.<br>
</body>
<br>
<form>
<?php
// Define variables
$server = 'localhost';
$username = 'web';
$password = 'user';
$database = 'HomeData';
//$query = "Select site, username, password from sitelogins where site =
'$site'";
$query = "Select site from sitelogins order by site";
// connect to mysql
$db = mysql_connect($server, $username, $password);
// connect to db
mysql_select_db($database, $db);
// >>>>> run query and populate the select box - this bit works great.
// >>>>> note, if I use \"$site\" below, I get nothing. using site as
the name seems to work.
$result = mysql_query($query, $db);
echo "<select name=\"site\">";
if(!$result) die ("query failed");
while($row = mysql_fetch_row($result)) {
echo "<OPTION VALUE=".$row[0].">".$row[0]."</OPTION>";
}
echo "</select>";
// >>>>> next line - if the value of $site is something like 'fred joe',
the echo $site prints as 'fred' and the 2nd query returns null
echo "<br><br>The requested site is $site <br><br>";
echo "<table border=1>\n";
echo "<tr><td>The username is:</td><td>The password is:</td>";
$query2 = "Select * from sitelogins where site = '$site'";
$result2 = mysql_query($query2, $db);
if(!$result2) die ("query failed");
while($row = mysql_fetch_row($result2)) {
echo "<tr><td>$row[1]</td><td>$row[2]</td></tr>";
}
echo "</table>";
// close connnection
mysql_close($db);
?>
<br>
<input type="submit" value = "Get Password">
</form>
</html> 13 2851
dogu <df***********@netscape.net> wrote in news:gbudnWqdxpwKLefcRVn- sQ@metrocastcablevision.com: echo "<select name=\"site\">";
I think that would produce <select name=site>, which isnt right. right?
try echo "<select name='$site'>";
Theo,
Thanks but no joy. In this case, nothing is echoed back even if there's
only a single word in the selected value.
I've tried a number of different versions, none of them seem to work
including the one that seems to make the most sense
echo "<select name=\"$site\">";
which also returns nothing.
Thanks for the reply.
Doug
Theo wrote: dogu <df***********@netscape.net> wrote in news:gbudnWqdxpwKLefcRVn- sQ@metrocastcablevision.com:
echo "<select name=\"site\">";
I think that would produce <select name=site>, which isnt right. right?
try echo "<select name='$site'>";
OK, when fine motor skills don't do the trick, hit it with a hammer.
Did the following in MySQL
Update sitelogins
Set site = replace(site, " ", "_")
Execute
Bang! No spaces, happy happy joy joy.
Now, I still do want to know what's up with the space issue. I know
I'll run into this again and don't want to not allow spaces in MySQL data.
TIA for tips and pointers (and feel free to point me to resources rather
than solving the problem for me - I like to know how to fish, just give
me enough of a pointer to find the answer).
Doug
Theo wrote: dogu <df***********@netscape.net> wrote in news:gbudnWqdxpwKLefcRVn- sQ@metrocastcablevision.com:
echo "<select name=\"site\">";
I think that would produce <select name=site>, which isnt right. right?
try echo "<select name='$site'>";
dogu <df***********@netscape.net> wrote in news:gbudnWqdxpwKLefcRVn- sQ@metrocastcablevision.com: <html> <body> Select the site name from the list below<br> Note - if you start typing the name, you don't have to scroll to the name.<br> </body> <br> <form> <?php
// Define variables $server = 'localhost'; $username = 'web'; $password = 'user'; $database = 'HomeData';
//$query = "Select site, username, password from sitelogins where site
= '$site'"; $query = "Select site from sitelogins order by site";
// connect to mysql $db = mysql_connect($server, $username, $password);
// connect to db mysql_select_db($database, $db);
// >>>>> run query and populate the select box - this bit works
great. // >>>>> note, if I use \"$site\" below, I get nothing. using site as the name seems to work.
$result = mysql_query($query, $db); echo "<select name=\"site\">"; if(!$result) die ("query failed"); while($row = mysql_fetch_row($result)) { echo "<OPTION VALUE=".$row[0].">".$row[0]."</OPTION>"; } echo "</select>";
// >>>>> next line - if the value of $site is something like 'fred
joe', the echo $site prints as 'fred' and the 2nd query returns null
echo "<br><br>The requested site is $site <br><br>"; echo "<table border=1>\n"; echo "<tr><td>The username is:</td><td>The password is:</td>";
$query2 = "Select * from sitelogins where site = '$site'"; $result2 = mysql_query($query2, $db); if(!$result2) die ("query failed"); while($row = mysql_fetch_row($result2)) { echo "<tr><td>$row[1]</td><td>$row[2]</td></tr>"; }
echo "</table>";
// close connnection mysql_close($db); ?> <br> <input type="submit" value = "Get Password"> </form> </html>
Two things, where do you assign $site a value before you actually use it?
second, you are using the $db link instead of the connect link for your
querys (chose something other than result so you dont overwrite it).
And no I didnt catch that immediately :P
> dogu <df***********@netscape.net> wrote echo "<select name=\"site\">";
Try:
echo '<select name="'.$site.'">';
Geoff M
.oO(dogu) User uses 'select' box drop down list to pick a value. Value ($site) is derived from a db query. This works fine. Value selected is used as the 'where' clause of the 2nd query. If $site is a single word, the 2nd query works like a charm. If $site is more than one word (has spaces), the query returns a null because $site is trimmed back to just the first word (I can tell that because I echo the value of $site.
The reason is the way how you build your select box. Have a look at the
generated HTML code or even better run it through the W3 validator.
<form>
Where are the required form attribtues method and action?
// >>>>> run query and populate the select box - this bit works great. // >>>>> note, if I use \"$site\" below, I get nothing. using site as the name seems to work.
Sure, because you don't want to print out the value of the (undefined)
variable $site, but the literal string 'site'.
$result = mysql_query($query, $db); echo "<select name=\"site\">";
echo '<select name="site">';
if(!$result) die ("query failed"); while($row = mysql_fetch_row($result)) { echo "<OPTION VALUE=".$row[0].">".$row[0]."</OPTION>";
And here's the problem. Assuming $row[0] contains 'foo bar', the result
will look like this:
<OPTION VALUE=foo bar>foo bar</OPTION>
Got it? Not try it this way:
echo "<option value='$row[0]'>$row[0]</option>";
The result will be:
<option value='foo bar'>foo bar</option>
But why not simply use a kind of ID for the values instead of a complete
site name? Would avoid lots of problems.
$query2 = "Select * from sitelogins where site = '$site'";
First: You want to use $_GET['site'] or $_POST['site'] (dependent on the
used submission method) instead of just $site. http://www.php.net/manual/en/security.globals.php
Second: You want to use at least mysql_escape_string() before using a
user submitted string in a query. Check for magic quotes first. http://www.php.net/manual/en/securit...-injection.php http://www.php.net/manual/en/functio...ape-string.php http://www.php.net/manual/en/function.addslashes.php http://www.php.net/manual/en/functio...quotes-gpc.php
HTH
Micha
Theo wrote: dogu <df***********@netscape.net> wrote in news:gbudnWqdxpwKLefcRVn- sQ@metrocastcablevision.com:
<html> <body> Select the site name from the list below<br> Note - if you start typing the name, you don't have to scroll to the name.<br> </body> <br> <form> <?php
// Define variables $server = 'localhost'; $username = 'web'; $password = 'user'; $database = 'HomeData';
//$query = "Select site, username, password from sitelogins where site =
'$site'"; $query = "Select site from sitelogins order by site";
// connect to mysql $db = mysql_connect($server, $username, $password);
// connect to db mysql_select_db($database, $db);
// >>>>> run query and populate the select box - this bit works
great.
// >>>>> note, if I use \"$site\" below, I get nothing. using site as the name seems to work.
$result = mysql_query($query, $db); echo "<select name=\"site\">"; if(!$result) die ("query failed"); while($row = mysql_fetch_row($result)) { echo "<OPTION VALUE=".$row[0].">".$row[0]."</OPTION>"; } echo "</select>";
// >>>>> next line - if the value of $site is something like 'fred
joe',
the echo $site prints as 'fred' and the 2nd query returns null
echo "<br><br>The requested site is $site <br><br>"; echo "<table border=1>\n"; echo "<tr><td>The username is:</td><td>The password is:</td>";
$query2 = "Select * from sitelogins where site = '$site'"; $result2 = mysql_query($query2, $db); if(!$result2) die ("query failed"); while($row = mysql_fetch_row($result2)) { echo "<tr><td>$row[1]</td><td>$row[2]</td></tr>"; }
echo "</table>";
// close connnection mysql_close($db); ?> <br> <input type="submit" value = "Get Password"> </form> </html>
Two things, where do you assign $site a value before you actually use it?
Lost again...
What I thought I was doing was creating the variable in the line that
creates the drop down select box, echo "<select name=\"site\">";
That's where I thought the variable name was created. If it gets
created somewhere else, I don't have a clue where. second, you are using the $db link instead of the connect link for your querys (chose something other than result so you dont overwrite it).
And no I didnt catch that immediately :P
Still lost. Every example of php connecting to MySQL uses the same
format as my code.
$db = mysql_connect($server, $username, $password);
mysql_select_db($database, $db);
Isn't $db the connect link? Can't I use it throughout the code?
Are you referring to my $result2? Do I need to create something like a
second connect als $db2 = mysql_connect($server, $username, $password)?
I know I'm getting trapped in some kind of circular logic hell.
Everything I've used for references either has good HTML examples with
no PHP/MySQL, or good PHP with limited HTML or simple HTML form creation
with no clever modifications (ie programmatic population of lists) or...
but never a fully built example of the whole thing.
Once all the pieces come together, this'll be easy. I'm just not seeing
the solution. Sorry for my slowness and thank you for your patience.
Doug
Michael Fesser wrote: .oO(dogu)
User uses 'select' box drop down list to pick a value. Value ($site) is derived from a db query. This works fine. Value selected is used as the 'where' clause of the 2nd query. If $site is a single word, the 2nd query works like a charm. If $site is more than one word (has spaces), the query returns a null because $site is trimmed back to just the first word (I can tell that because I echo the value of $site.
The reason is the way how you build your select box. Have a look at the generated HTML code or even better run it through the W3 validator.
<form>
Where are the required form attribtues method and action?
What I appear to have created is a form that doesn't go anywhere. I'm
not calling a different PHP file to process the data, it's all in the
same file/form/code/whatever it's called. Set a value one place on the
form and another bit of the form uses the input. Not sure if this is
supposed to work, but when I hit my 'get password' button, stuff happens
and results pop into a table.
Should I be doing a 'call to self' (not sure of the format but know I've
seen something like that soemwhere)? // >>>>> run query and populate the select box - this bit works great. // >>>>> note, if I use \"$site\" below, I get nothing. using site as the name seems to work.
Sure, because you don't want to print out the value of the (undefined) variable $site, but the literal string 'site'.
$result = mysql_query($query, $db); echo "<select name=\"site\">";
echo '<select name="site">';
if(!$result) die ("query failed"); while($row = mysql_fetch_row($result)) { echo "<OPTION VALUE=".$row[0].">".$row[0]."</OPTION>";
And here's the problem. Assuming $row[0] contains 'foo bar', the result will look like this:
<OPTION VALUE=foo bar>foo bar</OPTION>
Got it? Not try it this way:
echo "<option value='$row[0]'>$row[0]</option>";
The result will be:
<option value='foo bar'>foo bar</option>
WHOA! It works like magic! I need to play with the logic of my 'bad'
version and yours to understand the difference. Is this a magic quote
thing? But why not simply use a kind of ID for the values instead of a complete site name? Would avoid lots of problems.
Two reasons. For the particular design I'm working with, I want the
choice displayed to the user derived directly from the db AND be human
readable.
Second, I know I'll run into this kind of problem again (spaces in
strings) and I want to be sure I know how to deal with them. $query2 = "Select * from sitelogins where site = '$site'";
First: You want to use $_GET['site'] or $_POST['site'] (dependent on the used submission method) instead of just $site.
See discussion further up about the form actions. I'm not using a post
or get, just running code inside one php file http://www.php.net/manual/en/security.globals.php
Second: You want to use at least mysql_escape_string() before using a user submitted string in a query. Check for magic quotes first.
Need to read up on these things. http://www.php.net/manual/en/securit...-injection.php http://www.php.net/manual/en/functio...ape-string.php http://www.php.net/manual/en/function.addslashes.php http://www.php.net/manual/en/functio...quotes-gpc.php
HTH Micha
My thanks to you for your patience. I've been working in one nicely
contained development environment for about 10 years (Lotus Notes) and
working out of that rut into 4 new languages/systems that all have to
work together is proving confusing (and making me think in new ways - a
good thing). Back at it!
Take care and I'll talk to you later.
Doug
.oO(dogu) Michael Fesser wrote: Where are the required form attribtues method and action? What I appear to have created is a form that doesn't go anywhere. I'm not calling a different PHP file to process the data, it's all in the same file/form/code/whatever it's called.
Quite usual, but nevertheless the browser has to know where to send the
data.
Set a value one place on the form and another bit of the form uses the input. Not sure if this is supposed to work, but when I hit my 'get password' button, stuff happens and results pop into a table. Should I be doing a 'call to self' (not sure of the format but know I've seen something like that soemwhere)?
Yep, at least the action-attribute is required. Use $_SERVER['PHP_SELF']
for its value. The method-attribute is not required (defaults to 'get'),
but IMHO makes the code more readable:
<form action="<?php print $_SERVER['PHP_SELF']?>" method="get"> <option value='foo bar'>foo bar</option> WHOA! It works like magic! I need to play with the logic of my 'bad' version and yours to understand the difference. Is this a magic quote thing?
Nope. The answer is much simpler. Without quotes in
<option value=foo bar>foo bar</option>
only 'foo' is seen as the attribute's value, 'bar' is considered as
another (undefined) attribute, because in HTML attributes are separated
by blanks. So to tell the browser, that all the words belong to the one
attribute, just put quotes around them. BTW it's a good idea to always
quote attribute values (with single or double quotes), this avoids such
errors. But why not simply use a kind of ID for the values instead of a complete site name? Would avoid lots of problems. Two reasons. For the particular design I'm working with, I want the choice displayed to the user derived directly from the db AND be human readable.
No problem so far, you could use an ID for the internal value and the
human readable stuff for the display. Assuming your records in the
database look like this ...
ID | site
----+----------------
1 | This is foo
2 | This is bar
42 | Nothing special
your select box could look like this ...
<select name="site">
<option value="1">This is foo</option>
<option value="2">This is bar</option>
<option value="42">Nothing special</option>
</select>
IMHO this would also make the querying of the DB easier and more
reliable. You don't have to deal with quoting, escaping and probably
encoding stuff anymore. You just have to do the "standard check" if a
value was submitted at all and use its integer-value in the query:
// This makes sure that $site always contains a numeric value, in case
// of an error it is set to zero
$site = isset($_GET['site']) ? intval($_GET['site']) : 0;
$query = "SELECT ... FROM ... WHERE site = $site";
Or both together in one statement using sprintf():
// %u is a placeholder for an unsigned integer
$query = sprintf('SELECT ... FROM ... WHERE site = %u',
isset($_GET['site']) ? $_GET['site'] : 0);
Just some ideas.
Second, I know I'll run into this kind of problem again (spaces in strings) and I want to be sure I know how to deal with them.
OK.
But as said earlier: In case of problems have a look at the generated
HTML-code (with an editor capable of syntax highlighting if available)
and use the W3 validator. It will complain about such errors. First: You want to use $_GET['site'] or $_POST['site'] (dependent on the used submission method) instead of just $site.
See discussion further up about the form actions. I'm not using a post or get, just running code inside one php file
Sure, but the browser has to submit the form first, before you can
process its data. Even if you send it to the same file, you have to
choose between get (default) or post. But what I was referring to was
the register_globals thing. On recent PHP installations with default
configuration the variable $site would be undefined, the correct way to
access its value is to use one of the superglobal arrays $_GET or
$_POST. This will work on all systems, regardless of the configuration. Second: You want to use at least mysql_escape_string() before using a user submitted string in a query. Check for magic quotes first. Need to read up on these things.
Do a Google on (Advanced) SQL Injection. When working with scripts and
especially databases you should know about some of the dangers and risks
that exist there and how to secure your scripts. The WWW is no play-
ground, it's a battlefield with thousands of crackers, script kiddies
and other parasites being your enemies.
Micha
dogu <df***********@netscape.net> wrote in
news:dc********************@metrocastcablevision.c om: Theo wrote: dogu <df***********@netscape.net> wrote in news:gbudnWqdxpwKLefcRVn- sQ@metrocastcablevision.com:
<html> <body> Select the site name from the list below<br> Note - if you start typing the name, you don't have to scroll to the name.<br> </body> <br> <form> <?php
// Define variables $server = 'localhost'; $username = 'web'; $password = 'user'; $database = 'HomeData';
//$query = "Select site, username, password from sitelogins where site
=
'$site'"; $query = "Select site from sitelogins order by site";
// connect to mysql $db = mysql_connect($server, $username, $password);
// connect to db mysql_select_db($database, $db);
// >>>>> run query and populate the select box - this bit works
great.
// >>>>> note, if I use \"$site\" below, I get nothing. using site as the name seems to work.
$result = mysql_query($query, $db); echo "<select name=\"site\">"; if(!$result) die ("query failed"); while($row = mysql_fetch_row($result)) { echo "<OPTION VALUE=".$row[0].">".$row[0]."</OPTION>"; } echo "</select>";
// >>>>> next line - if the value of $site is something like 'fred
joe',
the echo $site prints as 'fred' and the 2nd query returns null
echo "<br><br>The requested site is $site <br><br>"; echo "<table border=1>\n"; echo "<tr><td>The username is:</td><td>The password is:</td>";
$query2 = "Select * from sitelogins where site = '$site'"; $result2 = mysql_query($query2, $db); if(!$result2) die ("query failed"); while($row = mysql_fetch_row($result2)) { echo "<tr><td>$row[1]</td><td>$row[2]</td></tr>"; }
echo "</table>";
// close connnection mysql_close($db); ?> <br> <input type="submit" value = "Get Password"> </form> </html>
Two things, where do you assign $site a value before you actually use it?
Lost again...
What I thought I was doing was creating the variable in the line that creates the drop down select box, echo "<select name=\"site\">"; That's where I thought the variable name was created. If it gets created somewhere else, I don't have a clue where.
second, you are using the $db link instead of the connect link for your querys (chose something other than result so you dont overwrite it).
And no I didnt catch that immediately :P
Still lost. Every example of php connecting to MySQL uses the same format as my code.
$db = mysql_connect($server, $username, $password); mysql_select_db($database, $db); Isn't $db the connect link? Can't I use it throughout the code? Are you referring to my $result2? Do I need to create something like a second connect als $db2 = mysql_connect($server, $username, $password)?
I know I'm getting trapped in some kind of circular logic hell. Everything I've used for references either has good HTML examples with no PHP/MySQL, or good PHP with limited HTML or simple HTML form creation with no clever modifications (ie programmatic population of lists) or... but never a fully built example of the whole thing.
Once all the pieces come together, this'll be easy. I'm just not seeing the solution. Sorry for my slowness and thank you for your patience.
Doug
ok... first
you are submitting a query before you assign $site a value. if you do a
value check before submitting the query you will see that it is a null
value.
The line you commented out...
//$query = "Select site, username, password from sitelogins where site =
'$site'";
wont work because $site is null. So the question is, what value do you
want to assign to it, and where is it coming from... assuming its not the
same every time?
----
when checking values add a line like
print "my value is $value"; exit();
before you use it. so you can see what the value is at that point. If you
get something unexpected, or get 'my value is' and then nothing
afterwards, you need to check how you are assigning your values.
---
for the other point, youre right I got that backwards. Sorry bout that.
:-)
Man I love the internet. I cannot thank you enough for your help. This
message, especially, helps pull together the bits and pieces that make
it all work. I think the light finally went on (dim, but at least it's on).
Take care and I hope to be able to give back once I know a bit more.
Take care.
Doug
Michael Fesser wrote: .oO(dogu)
Michael Fesser wrote:
Where are the required form attribtues method and action?
What I appear to have created is a form that doesn't go anywhere. I'm not calling a different PHP file to process the data, it's all in the same file/form/code/whatever it's called.
Quite usual, but nevertheless the browser has to know where to send the data.
Set a value one place on the form and another bit of the form uses the input. Not sure if this is supposed to work, but when I hit my 'get password' button, stuff happens and results pop into a table. Should I be doing a 'call to self' (not sure of the format but know I've seen something like that soemwhere)?
Yep, at least the action-attribute is required. Use $_SERVER['PHP_SELF'] for its value. The method-attribute is not required (defaults to 'get'), but IMHO makes the code more readable:
<form action="<?php print $_SERVER['PHP_SELF']?>" method="get">
<option value='foo bar'>foo bar</option>
WHOA! It works like magic! I need to play with the logic of my 'bad' version and yours to understand the difference. Is this a magic quote thing?
Nope. The answer is much simpler. Without quotes in
<option value=foo bar>foo bar</option>
only 'foo' is seen as the attribute's value, 'bar' is considered as another (undefined) attribute, because in HTML attributes are separated by blanks. So to tell the browser, that all the words belong to the one attribute, just put quotes around them. BTW it's a good idea to always quote attribute values (with single or double quotes), this avoids such errors.
But why not simply use a kind of ID for the values instead of a complete site name? Would avoid lots of problems.
Two reasons. For the particular design I'm working with, I want the choice displayed to the user derived directly from the db AND be human readable.
No problem so far, you could use an ID for the internal value and the human readable stuff for the display. Assuming your records in the database look like this ...
ID | site ----+---------------- 1 | This is foo 2 | This is bar 42 | Nothing special
your select box could look like this ...
<select name="site"> <option value="1">This is foo</option> <option value="2">This is bar</option> <option value="42">Nothing special</option> </select>
IMHO this would also make the querying of the DB easier and more reliable. You don't have to deal with quoting, escaping and probably encoding stuff anymore. You just have to do the "standard check" if a value was submitted at all and use its integer-value in the query:
// This makes sure that $site always contains a numeric value, in case // of an error it is set to zero $site = isset($_GET['site']) ? intval($_GET['site']) : 0; $query = "SELECT ... FROM ... WHERE site = $site";
Or both together in one statement using sprintf():
// %u is a placeholder for an unsigned integer $query = sprintf('SELECT ... FROM ... WHERE site = %u', isset($_GET['site']) ? $_GET['site'] : 0);
Just some ideas.
Second, I know I'll run into this kind of problem again (spaces in strings) and I want to be sure I know how to deal with them.
OK.
But as said earlier: In case of problems have a look at the generated HTML-code (with an editor capable of syntax highlighting if available) and use the W3 validator. It will complain about such errors.
First: You want to use $_GET['site'] or $_POST['site'] (dependent on the used submission method) instead of just $site.
See discussion further up about the form actions. I'm not using a post or get, just running code inside one php file
Sure, but the browser has to submit the form first, before you can process its data. Even if you send it to the same file, you have to choose between get (default) or post. But what I was referring to was the register_globals thing. On recent PHP installations with default configuration the variable $site would be undefined, the correct way to access its value is to use one of the superglobal arrays $_GET or $_POST. This will work on all systems, regardless of the configuration.
Second: You want to use at least mysql_escape_string() before using a user submitted string in a query. Check for magic quotes first.
Need to read up on these things.
Do a Google on (Advanced) SQL Injection. When working with scripts and especially databases you should know about some of the dangers and risks that exist there and how to secure your scripts. The WWW is no play- ground, it's a battlefield with thousands of crackers, script kiddies and other parasites being your enemies.
Micha
Theo wrote: dogu <df***********@netscape.net> wrote in news:dc********************@metrocastcablevision.c om:
Theo wrote:
dogu <df***********@netscape.net> wrote in news:gbudnWqdxpwKLefcRVn- sQ@metrocastcablevision.com: <html> <body> Select the site name from the list below<br> Note - if you start typing the name, you don't have to scroll to the name.<br> </body> <br> <form> <?php
// Define variables $server = 'localhost'; $username = 'web'; $password = 'user'; $database = 'HomeData';
//$query = "Select site, username, password from sitelogins where site
=
'$site'"; $query = "Select site from sitelogins order by site";
// connect to mysql $db = mysql_connect($server, $username, $password);
// connect to db mysql_select_db($database, $db);
// >>>>> run query and populate the select box - this bit works
great.
// >>>>> note, if I use \"$site\" below, I get nothing. using site as the name seems to work.
$result = mysql_query($query, $db); echo "<select name=\"site\">"; if(!$result) die ("query failed"); while($row = mysql_fetch_row($result)) { echo "<OPTION VALUE=".$row[0].">".$row[0]."</OPTION>"; } echo "</select>";
// >>>>> next line - if the value of $site is something like 'fred
joe',
the echo $site prints as 'fred' and the 2nd query returns null
echo "<br><br>The requested site is $site <br><br>"; echo "<table border=1>\n"; echo "<tr><td>The username is:</td><td>The password is:</td>";
$query2 = "Select * from sitelogins where site = '$site'"; $result2 = mysql_query($query2, $db); if(!$result2) die ("query failed"); while($row = mysql_fetch_row($result2)) { echo "<tr><td>$row[1]</td><td>$row[2]</td></tr>"; }
echo "</table>";
// close connnection mysql_close($db); ?> <br> <input type="submit" value = "Get Password"> </form> </html>
Two things, where do you assign $site a value before you actually use it?
Lost again...
What I thought I was doing was creating the variable in the line that creates the drop down select box, echo "<select name=\"site\">"; That's where I thought the variable name was created. If it gets created somewhere else, I don't have a clue where.
second, you are using the $db link instead of the connect link for your querys (chose something other than result so you dont overwrite it).
And no I didnt catch that immediately :P
Still lost. Every example of php connecting to MySQL uses the same format as my code.
$db = mysql_connect($server, $username, $password); mysql_select_db($database, $db); Isn't $db the connect link? Can't I use it throughout the code? Are you referring to my $result2? Do I need to create something like a second connect als $db2 = mysql_connect($server, $username, $password)?
I know I'm getting trapped in some kind of circular logic hell. Everything I've used for references either has good HTML examples with no PHP/MySQL, or good PHP with limited HTML or simple HTML form creation with no clever modifications (ie programmatic population of lists) or... but never a fully built example of the whole thing.
Once all the pieces come together, this'll be easy. I'm just not seeing the solution. Sorry for my slowness and thank you for your patience.
Doug
ok... first
you are submitting a query before you assign $site a value. if you do a value check before submitting the query you will see that it is a null value.
The line you commented out...
//$query = "Select site, username, password from sitelogins where site = '$site'";
wont work because $site is null. So the question is, what value do you want to assign to it, and where is it coming from... assuming its not the same every time?
----
when checking values add a line like
print "my value is $value"; exit();
before you use it. so you can see what the value is at that point. If you get something unexpected, or get 'my value is' and then nothing afterwards, you need to check how you are assigning your values.
---
for the other point, youre right I got that backwards. Sorry bout that. :-)
Theo,
Thank you so very much. Between you and Micha, I think I'm beginning to
see the shape of both the problem and the solution. I'll play with this
tomorrow. Once I get something fully functional, I'll post the entire
code bit back here.
Take care and I'll talk to you later.
Doug
.oO(dogu) Man I love the internet. I cannot thank you enough for your help.
You're welcome.
Micha This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Wm |
last post by:
This is very peculiar -- for some reason, I'm getting 6-8 results from each
of these queries, although only one listing matches. I have a pair of forms
on one page:
<FORM>
Search for lastname:...
|
by: Andrew Mayo |
last post by:
There is something very strange going on here. Tested with ADO 2.7 and
MSDE/2000. At first, things look quite sensible.
You have a simple SQL query, let's say
select * from mytab where col1 =...
|
by: Andy Fish |
last post by:
Hi,
I am trying to concoct a query that will join rows on the basis of a
whitespace insensitive comparison. For instance if one row has the value
'a<space>b' and another has the value...
|
by: John Baker |
last post by:
Hi:
Most of the time when I do a query and it has no matches, there is a single blank line in
the result that I can test. I have one query where no result produces a response with NO
lines at...
|
by: Charles Law |
last post by:
I have a string similar to the following:
" MyString 40 "Hello world" all "
It contains white space that may be spaces or tabs, or a combination, and I
want to produce an array...
|
by: Joe-Paul |
last post by:
Hi:
I'm running a simple query on an Access Table from VB6.0. The operator can
make several different selections. Based on their selection, a different,
specific SQL needs to be run. So, when...
|
by: bojan.pikl |
last post by:
Hi, I am making a calculator. I have a double wich I am parsing to
string and writing to label. How could I make that double or string
would be only 14 length + space for negative sign (-).
So I...
|
by: funky |
last post by:
hello,
I've got a big problem ad i'm not able to resolve it. We have a server
running oracle 10g version 10.1.0. We usually use access as front end
and connect database tables for data extraction....
|
by: bugboy |
last post by:
Hi i'm a beginner at php and my simple web query page doesn't work.. i swear i had it working at one point but now i've come back to it it doesn't.
• My form works
• My DB connection works
•...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| | |