$POST is the differnce char or a reserved name

I have two peaces of code which are allmost the same.
The first -see the comment OK- executes
the second -NOK- (as I see it) generates an error.

Why executes the first and the second not. Is it because the second is a
char and the first an integer.
Or is it because one of the names is a reserved word or is b1
hexadecimal.

I am looking at this code and do not know how to continue the coding.
Can you and give me an advice?
thanks in advance.

ERROR
Could Not Execute SQL statementUnknown column 'b1' in 'where clause'
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL
result resource in
/nfs/vsp/dds.nl/t/thmulder/public_html/topbimini.nl/upd/vina lux_modify2.php
on line 21


CODE
include "db.php";
$link = mysql_connect("$hostname", "$username", "$password");
if(!$link)
print "Could Not Connect to DB Server";
$db = mysql_select_db("$databasename", $link);
if(!$db)
print "Could Not Open DB";

$query = "select * from vinalux join (size, price)
where vinalux.size_key = size.size_key
and vinalux.size_key = price.size_key
and vinalux.fabric = price.fabric
and vinalux.vinalux_id =
$_POST[vinalux_id]
order by vinalux.vinalux_id, vinalux.size_key,
vinalux.color";

$result= mysql_query($query);
if(!$result)
print "Could Not Execute SQL statement".mysql_error();

while($row = mysql_fetch_array($result))
{
$query = "update vinalux

set qty = qty - 0

where vinalux_id = $_POST[vinalux_id]";
/* OK */
$result= mysql_query($query);
if(!$result)
print "Could Not Execute SQL statement".mysql_error();
$query = "update size

set size_qty = size_qty - 0

where size_key = $_POST[size_key]";
/* NOK */
$result= mysql_query($query);
if(!$result)
print "Could Not Execute SQL statement".mysql_error();
}




$r = mysql_affected_rows();
if($r == 1)
header("location:vinalux_modify_confirm.php");

?>

Re: $POST is the differnce char or a reserved name

Hi,

Firstly when you build a SQL query, You can update a NumberCasted
column using (column_name = 12345) but StringCasted column values in
update (and even in reading) must be quoted (column_name = 'abcd'). If
you don't do that your string ('b1' in your case) will be interpreted
as an expression that's probably the reason of your bug.

secondly try to use $_POST with quoted indexes, in this case it seam to
work as you did but you will encounter furthers problems with that...

Good Luck and sorry for my "frenchie english"

Xabi

Re: $POST is the differnce char or a reserved name

Hi,

Firstly when you build a SQL query, You can update a NumberCasted
column using (column_name = 12345) but StringCasted column values in
update (and even in reading) must be quoted (column_name = 'abcd'). If
you don't do that your string ('b1' in your case) will be interpreted
as an expression that's probably the reason of your bug.

secondly try to use $_POST with quoted indexes, in this case it seam to
work as you did but you will encounter furthers problems with that...

Good Luck and sorry for my "frenchie english"

Xabi

Re: $POST is the differnce char or a reserved name

x.tardits@gmail.com wrote:

> Hi,
>
> Firstly when you build a SQL query, You can update a NumberCasted
> column using (column_name = 12345) but StringCasted column values in
> update (and even in reading) must be quoted (column_name = 'abcd'). If
> you don't do that your string ('b1' in your case) will be interpreted
> as an expression that's probably the reason of your bug.
>
> secondly try to use $_POST with quoted indexes, in this case it seam to
> work as you did but you will encounter furthers problems with that...
>
> Good Luck and sorry for my "frenchie english"
>
> Xabi
>

Xabi,

Thank you very much for your answer.
The nucleos of this problem is this peace of code
where size_key = $_POST[size_key]";

I tried it like
where size_key = '$_POST[size_key]'";
and like this
where size_key = \"$_POST[size_key]\"";
It generated only other errors.

The last thing you wrote "use $_POST with quoted indexes" I do not
understand.

Your English is better than most foreigners,
thank you again and good luck

Re: $POST is the differnce char or a reserved name

"fedor" wrote in message
news:PfadneXQC55hFuvYnZ2dnUVZ8s6dnZ2d@fiberworld.nl...
> x.tardits@gmail.com wrote:
>
>> Hi,
>>
>> Firstly when you build a SQL query, You can update a NumberCasted
>> column using (column_name = 12345) but StringCasted column values in
>> update (and even in reading) must be quoted (column_name = 'abcd'). If
>> you don't do that your string ('b1' in your case) will be interpreted
>> as an expression that's probably the reason of your bug.
>>
>> secondly try to use $_POST with quoted indexes, in this case it seam to
>> work as you did but you will encounter furthers problems with that...
>>
>> Good Luck and sorry for my "frenchie english"
>>
>> Xabi
>>
>
> Xabi,
>
> Thank you very much for your answer.
> The nucleos of this problem is this peace of code
> where size_key = $_POST[size_key]";
>
> I tried it like
> where size_key = '$_POST[size_key]'";
> and like this
> where size_key = \"$_POST[size_key]\"";
> It generated only other errors.
>
> The last thing you wrote "use $_POST with quoted indexes" I do not
> understand.
>
> Your English is better than most foreigners,
> thank you again and good luck


Have you tried it this way?

$query = "SELECT * WHERE size_key = '".$_POST['size_key']."'";

+e

Re: $POST is the differnce char or a reserved name

"fedor" wrote in message
news:GKmdnbraf4RvIenYRVnygg@fiberworld.nl...
> I have two peaces of code which are allmost the same.
> The first -see the comment OK- executes
> the second -NOK- (as I see it) generates an error.
>
> Why executes the first and the second not. Is it because the second is a
> char and the first an integer.
> Or is it because one of the names is a reserved word or is b1
> hexadecimal.
>
> I am looking at this code and do not know how to continue the coding.
> Can you and give me an advice?
> thanks in advance.
>
> ERROR
> Could Not Execute SQL statementUnknown column 'b1' in 'where clause'
> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL
> result resource in
>
/nfs/vsp/dds.nl/t/thmulder/public_html/topbimini.nl/upd/vina lux_modify2.php
> on line 21
>
>
> CODE
> > include "db.php";
> $link = mysql_connect("$hostname", "$username", "$password");
> if(!$link)
> print "Could Not Connect to DB Server";
> $db = mysql_select_db("$databasename", $link);
> if(!$db)
> print "Could Not Open DB";
>
> $query = "select * from vinalux join (size, price)
> where vinalux.size_key = size.size_key
> and vinalux.size_key = price.size_key
> and vinalux.fabric = price.fabric
> and vinalux.vinalux_id =
> $_POST[vinalux_id]
> order by vinalux.vinalux_id, vinalux.size_key,
> vinalux.color";
>
> $result= mysql_query($query);
> if(!$result)
> print "Could Not Execute SQL statement".mysql_error();
>
> while($row = mysql_fetch_array($result))
> {
> $query = "update vinalux
>
> set qty = qty - 0
>
> where vinalux_id = $_POST[vinalux_id]";
> /* OK */
> $result= mysql_query($query);
> if(!$result)
> print "Could Not Execute SQL statement".mysql_error();
> $query = "update size
>
> set size_qty = size_qty - 0
>
> where size_key = $_POST[size_key]";

insert an echo " /n/r"; here and then check your source code
to see what your query looks like. There is no problem with the code, you
probably need to make sure that $_POST[size_key] exists. or if it is a
string and not a number try '$_POST[size_key]' (single quotes around whole
$_POST variable.



> /* NOK */
> $result= mysql_query($query);
> if(!$result)
> print "Could Not Execute SQL statement".mysql_error();
> }
>
>
>
>
> $r = mysql_affected_rows();
> if($r == 1)
> header("location:vinalux_modify_confirm.php");
>
> ?>


Norm
--
FREE Avatar hosting at www.easyavatar.com