If( Query)

I have the following function:

function
add_item($item_name,$item_desc,$item_price,$item_man_id,$ite m_cat_id,$item_pix)
{
connect();
if($item_pix == "")
{
$sql = "INSERT INTO items
(item_name,item_desc,item_price,item_man_id,item_cat_id) VALUES
('$item_name','$item_desc','$item_price','$item_man_id','$it em_cat_id')";
}
else {
$sql = "INSERT INTO items
(item_name,item_desc,item_price,item_pix,item_man_id,item_ca t_id) VALUES
('$item_name','$item_desc','$item_price','$item_pix','$item_ man_id','$item_cat_id')";
}
mysql_query($sql);
return;
}

I am using the if statement because i want it so that if no picture is
uploaded the entry is blank and the mysql database has a default entry
of na.gif which is a "picture coming soon picture".

It works fine when i run in localy on MAMP, but if i run it on my web
server it doesnt add the row.

Is this a compatability error? or is there a better way to write this?

Thanks

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: If( Query)

Is your table set up in the same way on your webserver? Maybe you
forgot to set the default value to na.gif in your item_pix column. If
not, can you send your table definition?

On Sat, Sep 6, 2008 at 9:02 PM, Chris Hale wrote:
> I have the following function:
>
> function
> add_item($item_name,$item_desc,$item_price,$item_man_id,$ite m_cat_id,$item_pix)
> {
> connect();
> if($item_pix == "")
> {
> $sql = "INSERT INTO items
> (item_name,item_desc,item_price,item_man_id,item_cat_id) VALUES
> ('$item_name','$item_desc','$item_price','$item_man_id','$it em_cat_id')";
> }
> else {
> $sql = "INSERT INTO items
> (item_name,item_desc,item_price,item_pix,item_man_id,item_ca t_id) VALUES
> ('$item_name','$item_desc','$item_price','$item_pix','$item_ man_id','$item_cat_id')";
> }
> mysql_query($sql);
> return;
> }
>
> I am using the if statement because i want it so that if no picture is
> uploaded the entry is blank and the mysql database has a default entry of
> na.gif which is a "picture coming soon picture".
>
> It works fine when i run in localy on MAMP, but if i run it on my web server
> it doesnt add the row.
>
> Is this a compatability error? or is there a better way to write this?
>
> Thanks
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: If( Query)

Hi

> I have the following function:
>
> function
> add_item($item_name,$item_desc,$item_price,$item_man_id,$ite m_cat_id,$item_pix)
> {
> connect();
> if($item_pix == "")
> {
> $sql = "INSERT INTO items
> (item_name,item_desc,item_price,item_man_id,item_cat_id) VALUES
> ('$item_name','$item_desc','$item_price','$item_man_id','$it em_cat_id')";
> }
> else {
> $sql = "INSERT INTO items
> (item_name,item_desc,item_price,item_pix,item_man_id,item_ca t_id) VALUES
> ('$item_name','$item_desc','$item_price','$item_pix','$item_ man_id','$item_cat_id')";
> }
> mysql_query($sql);
> return;
> }
>
> I am using the if statement because i want it so that if no picture is
> uploaded the entry is blank and the mysql database has a default entry
> of na.gif which is a "picture coming soon picture".
>
> It works fine when i run in localy on MAMP, but if i run it on my web
> server it doesnt add the row.

You should be checking the mysql_query call for success and output the
error if it fails. Something like:

mysql_query($sql) or die('Insert failed: ' . mysql_error());

You'll now why it's failing then. Make sure you have error reporting
enabled.

> Is this a compatability error? or is there a better way to write this?
>


--
Niel Archer



--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: If( Query)

Niel Archer wrote:
> Hi
>
>
>> I have the following function:
>>
>> function
>> add_item($item_name,$item_desc,$item_price,$item_man_id,$ite m_cat_id,$item_pix)
>> {
>> connect();
>> if($item_pix == "")
>> {
>> $sql = "INSERT INTO items
>> (item_name,item_desc,item_price,item_man_id,item_cat_id) VALUES
>> ('$item_name','$item_desc','$item_price','$item_man_id','$it em_cat_id')";
>> }
>> else {
>> $sql = "INSERT INTO items
>> (item_name,item_desc,item_price,item_pix,item_man_id,item_ca t_id) VALUES
>> ('$item_name','$item_desc','$item_price','$item_pix','$item_ man_id','$item_cat_id')";
>> }
>> mysql_query($sql);
>> return;
>> }
>>
>> I am using the if statement because i want it so that if no picture is
>> uploaded the entry is blank and the mysql database has a default entry
>> of na.gif which is a "picture coming soon picture".
>>
>> It works fine when i run in localy on MAMP, but if i run it on my web
>> server it doesnt add the row.
>>
>
> You should be checking the mysql_query call for success and output the
> error if it fails. Something like:
>
> mysql_query($sql) or die('Insert failed: ' . mysql_error());
>
> You'll now why it's failing then. Make sure you have error reporting
> enabled.
>
>
>> Is this a compatability error? or is there a better way to write this?
>>
>>
>
>
> --
> Niel Archer
>
>
>
>
I have fixed it now:

function
add_item($item_name,$item_desc,$item_price,$item_man_id,$ite m_cat_id,$item_pix)
{
connect();
if($item_pix == "")
{
$sql = "INSERT INTO items
(item_name,item_desc,item_price,item_man_id,item_cat_id) VALUES
('$item_name','$item_desc','$item_price','$item_man_id','$it em_cat_id')";
}
else {
$sql = "INSERT INTO items
(item_name,item_desc,item_price,item_pix,item_man_id,item_ca t_id) VALUES
('$item_name','$item_desc','$item_price','$item_pix','$item_ man_id','$item_cat_id')";
}
mysql_query($sql);
return;
}

Thanks anyway.

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: If( Query)

Niel Archer wrote:
> Hi
>
>
>> I have the following function:
>>
>> function
>> add_item($item_name,$item_desc,$item_price,$item_man_id,$ite m_cat_id,$item_pix)
>> {
>> connect();
>> if($item_pix == "")
>> {
>> $sql = "INSERT INTO items
>> (item_name,item_desc,item_price,item_man_id,item_cat_id) VALUES
>> ('$item_name','$item_desc','$item_price','$item_man_id','$it em_cat_id')";
>> }
>> else {
>> $sql = "INSERT INTO items
>> (item_name,item_desc,item_price,item_pix,item_man_id,item_ca t_id) VALUES
>> ('$item_name','$item_desc','$item_price','$item_pix','$item_ man_id','$item_cat_id')";
>> }
>> mysql_query($sql);
>> return;
>> }
>>
>> I am using the if statement because i want it so that if no picture is
>> uploaded the entry is blank and the mysql database has a default entry
>> of na.gif which is a "picture coming soon picture".
>>
>> It works fine when i run in localy on MAMP, but if i run it on my web
>> server it doesnt add the row.
>>
>
> You should be checking the mysql_query call for success and output the
> error if it fails. Something like:
>
> mysql_query($sql) or die('Insert failed: ' . mysql_error());
>
> You'll now why it's failing then. Make sure you have error reporting
> enabled.
>
>
>> Is this a compatability error? or is there a better way to write this?
>>
>>
>
>
> --
> Niel Archer
>
>
>
>
Oh no i havnt =[ i thought i had but no i now get this error:

Insert failed: You have an error in your SQL syntax; check the manual
that corresponds to your MySQL server version for the right syntax to
use near 'Tactel', which is soft, breathable and quick drying and easy
to care for.
' at line 1

Which makes no sense.

This is the function:

function editproduct($item_id, $item_name, $item_desc, $item_price,
$item_pix, $item_man_id, $item_cat_id)
{
connect();
if($item_pix == "")
{
$sql = "UPDATE items SET item_name='$item_name',
item_desc='$item_desc', item_price='$item_price',
item_man_id='$item_man_id', item_cat_id='$item_cat_id' WHERE
item_id=$item_id";
}
else
{
$sql = "UPDATE items SET item_name='$item_name',
item_desc='$item_desc', item_price='$item_price', item_pix='$item_pix',
item_man_id='$item_man_id', item_cat_id='$item_cat_id' WHERE
item_id=$item_id";
}
mysql_query($sql) or die('Insert failed: ' . mysql_error());
return;
}

adn this is the process:

$item_id = $_POST['item_id'];
$item_name = $_POST['fname'];
$item_desc = $_POST["fdesc"];
$item_price = $_POST['fprice'];
$item_man_id = $_POST['fman'];
$item_cat_id = $_POST['fcat'];
$item_pix = $_FILES['pix']['name'];
$dest = 'images/items/'.$_FILES['pix']['name'];
$temp_file = $_FILES['pix']['tmp_name'];
move_uploaded_file($temp_file,$dest);
editproduct($item_id, $item_name, $item_desc, $item_price,
$item_pix, $item_man_id, $item_cat_id);
$message = 'Product Updated';
header("Location:admin.php?message=$message");

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: If( Query)

You need to run mysql_real_escape_string() on all of your input
variables before using them:

function editproduct($item_id, $item_name, $item_desc, $item_price,
$item_pix, $item_man_id, $item_cat_id) {
$item_id = mysql_real_escape_string($item_id);
$item_name = mysql_real_escape_string($item_name);
$item_desc = mysql_real_escape_string($item_desc);
$item_price = mysql_real_escape_string($item_price);
$item_pix = !empty($item_pix) ? mysql_real_escape_string($item_pix) : null;
$item_man_id = mysql_real_escape_string($item_man_id);
$item_cat_id = mysql_real_escape_string($item_cat_id);
connect();
$sql = "UPDATE items SET item_name='{item_name}',
item_desc='{item_desc}', item_price='{item_price}', " .
(!empty($item_pix) ? "item_pix='{item_pix}', " : "") .
"item_man_id='{item_man_id}', item_cat_id='{item_cat_id}' WHERE
item_id={$item_id}";
mysql_query($sql) or die('Insert failed: ' . mysql_error());
}

It looks like you're getting the values for the parameters from a form
- you should have some sort of validity check on it after fetching the
values.

Evert

On Mon, Sep 8, 2008 at 5:11 PM, Chris Hale wrote:
> Niel Archer wrote:
>>
>> Hi
>>
>>
>>>
>>> I have the following function:
>>>
>>> function
>>> add_item($item_name,$item_desc,$item_price,$item_man_id,$ite m_cat_id,$item_pix)
>>> {
>>> connect();
>>> if($item_pix == "")
>>> {
>>> $sql = "INSERT INTO items
>>> (item_name,item_desc,item_price,item_man_id,item_cat_id) VALUES
>>> ('$item_name','$item_desc','$item_price','$item_man_id','$it em_cat_id')";
>>> }
>>> else {
>>> $sql = "INSERT INTO items
>>> (item_name,item_desc,item_price,item_pix,item_man_id,item_ca t_id) VALUES
>>> ('$item_name','$item_desc','$item_price','$item_pix','$item_ man_id','$item_cat_id')";
>>> }
>>> mysql_query($sql);
>>> return;
>>> }
>>>
>>> I am using the if statement because i want it so that if no picture is
>>> uploaded the entry is blank and the mysql database has a default entry of
>>> na.gif which is a "picture coming soon picture".
>>>
>>> It works fine when i run in localy on MAMP, but if i run it on my web
>>> server it doesnt add the row.
>>>
>>
>> You should be checking the mysql_query call for success and output the
>> error if it fails. Something like:
>>
>> mysql_query($sql) or die('Insert failed: ' . mysql_error());
>>
>> You'll now why it's failing then. Make sure you have error reporting
>> enabled.
>>
>>
>>>
>>> Is this a compatability error? or is there a better way to write this?
>>>
>>>
>>
>>
>> --
>> Niel Archer
>>
>>
>>
>>
>
> Oh no i havnt =[ i thought i had but no i now get this error:
>
> Insert failed: You have an error in your SQL syntax; check the manual that
> corresponds to your MySQL server version for the right syntax to use near
> 'Tactel', which is soft, breathable and quick drying and easy to care for.
> ' at line 1
>
> Which makes no sense.
>
> This is the function:
>
> function editproduct($item_id, $item_name, $item_desc, $item_price,
> $item_pix, $item_man_id, $item_cat_id)
> {
> connect();
> if($item_pix == "")
> {
> $sql = "UPDATE items SET item_name='$item_name',
> item_desc='$item_desc', item_price='$item_price',
> item_man_id='$item_man_id', item_cat_id='$item_cat_id' WHERE
> item_id=$item_id";
> }
> else
> {
> $sql = "UPDATE items SET item_name='$item_name',
> item_desc='$item_desc', item_price='$item_price', item_pix='$item_pix',
> item_man_id='$item_man_id', item_cat_id='$item_cat_id' WHERE
> item_id=$item_id";
> }
> mysql_query($sql) or die('Insert failed: ' . mysql_error());
> return;
> }
>
> adn this is the process:
>
> $item_id = $_POST['item_id'];
> $item_name = $_POST['fname'];
> $item_desc = $_POST["fdesc"];
> $item_price = $_POST['fprice'];
> $item_man_id = $_POST['fman'];
> $item_cat_id = $_POST['fcat'];
> $item_pix = $_FILES['pix']['name'];
> $dest = 'images/items/'.$_FILES['pix']['name'];
> $temp_file = $_FILES['pix']['tmp_name'];
> move_uploaded_file($temp_file,$dest);
> editproduct($item_id, $item_name, $item_desc, $item_price, $item_pix,
> $item_man_id, $item_cat_id);
> $message = 'Product Updated';
> header("Location:admin.php?message=$message");
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: If( Query)

Do a print on the query:

>> function editproduct($item_id, $item_name, $item_desc, $item_price,
>> $item_pix, $item_man_id, $item_cat_id) {
>> $item_id = mysql_real_escape_string($item_id);
>> $item_name = mysql_real_escape_string($item_name);
>> $item_desc = mysql_real_escape_string($item_desc);
>> $item_price = mysql_real_escape_string($item_price);
>> $item_pix = !empty($item_pix) ? mysql_real_escape_string($item_pix)
>> : null;
>> $item_man_id = mysql_real_escape_string($item_man_id);
>> $item_cat_id = mysql_real_escape_string($item_cat_id);
>> connect();
>> $sql = "UPDATE items SET item_name='{item_name}',
>> item_desc='{item_desc}', item_price='{item_price}', " .
>> (!empty($item_pix) ? "item_pix='{item_pix}', " : "") .
>> "item_man_id='{item_man_id}', item_cat_id='{item_cat_id}' WHERE
>> item_id={$item_id}";

var_dump($sql);

>> mysql_query($sql) or die('Insert failed: ' . mysql_error());
>> }

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: If( Query)

all of us do, it's subscribed to the list. i filter it out.

On Mon, Sep 8, 2008 at 7:06 PM, Chris Hale wrote:
> Evert Lammerts wrote:
>>
>> My bad! Forgot the dollar signs.... This should work:
>> function editproduct($item_id, $item_name, $item_desc, $item_price,
>> $item_pix, $item_man_id, $item_cat_id) {
>> $item_id = mysql_real_escape_string($item_id);
>> $item_name = mysql_real_escape_string($item_name);
>> $item_desc = mysql_real_escape_string($item_desc);
>> $item_price = mysql_real_escape_string($item_price);
>> $item_pix = !empty($item_pix) ? mysql_real_escape_string($item_pix)
>> : null;
>> $item_man_id = mysql_real_escape_string($item_man_id);
>> $item_cat_id = mysql_real_escape_string($item_cat_id);
>> connect();
>> $sql = "UPDATE items SET item_name='{$item_name}',
>> item_desc='{$item_desc}', item_price='{$item_price}', " .
>> (!empty($item_pix) ? "item_pix='{$item_pix}', " : "") .
>> "item_man_id='{$item_man_id}', item_cat_id='{$item_cat_id}' WHERE
>> item_id={$item_id}";
>> mysql_query($sql) or die('Insert failed: ' . mysql_error());
>> }
>>
>> On Mon, Sep 8, 2008 at 6:07 PM, Chris Hale wrote:
>>
>>>
>>> Evert Lammerts wrote:
>>>
>>>>
>>>> Do a print on the query:
>>>>
>>>>
>>>>
>>>>>>
>>>>>> function editproduct($item_id, $item_name, $item_desc, $item_price,
>>>>>> $item_pix, $item_man_id, $item_cat_id) {
>>>>>> $item_id = mysql_real_escape_string($item_id);
>>>>>> $item_name = mysql_real_escape_string($item_name);
>>>>>> $item_desc = mysql_real_escape_string($item_desc);
>>>>>> $item_price = mysql_real_escape_string($item_price);
>>>>>> $item_pix = !empty($item_pix) ?
>>>>>> mysql_real_escape_string($item_pix)
>>>>>> : null;
>>>>>> $item_man_id = mysql_real_escape_string($item_man_id);
>>>>>> $item_cat_id = mysql_real_escape_string($item_cat_id);
>>>>>> connect();
>>>>>> $sql = "UPDATE items SET item_name='{item_name}',
>>>>>> item_desc='{item_desc}', item_price='{item_price}', " .
>>>>>> (!empty($item_pix) ? "item_pix='{item_pix}', " : "") .
>>>>>> "item_man_id='{item_man_id}', item_cat_id='{item_cat_id}' WHERE
>>>>>> item_id={$item_id}";
>>>>>>
>>>>>>
>>>>
>>>> var_dump($sql);
>>>>
>>>>
>>>>
>>>>>>
>>>>>> mysql_query($sql) or die('Insert failed: ' . mysql_error());
>>>>>> }
>>>>>>
>>>>>>
>>>>
>>>>
>>>
>>> This is what i get:
>>>
>>> string(165) "UPDATE items SET item_name='{item_name}',
>>> item_desc='{item_desc}', item_price='{item_price}',
>>> item_man_id='{item_man_id}', item_cat_id='{item_cat_id}' WHERE item_id="
>>> Insert failed: You have an error in your SQL syntax; check the manual
>>> that
>>> corresponds to your MySQL server version for the right syntax to use near
>>> ''
>>> at line 3
>>>
>>>
>>>
>>>
>>
>>
>
> Thanks, seems to be working now.
>
> Also i meant to ask, does every one else get a foreign email from someone
> saying something about google groups every time they send ina new email to
> this mailing list?
>

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php