Is this syntax is correct?

Is this syntax is correct?

am 05.09.2010 15:18:19 von Nagendra Prasad

--0016e68ea4fb872ad5048f830090
Content-Type: text/plain; charset=ISO-8859-1

Hi All,

Is this syntax is correct??

SELECT username FROM data, password FROM registration WHERE username=%s AND
password=%s"


Best,
Guru.

--0016e68ea4fb872ad5048f830090--

Re: [PHP-DB] Is this syntax is correct?

am 05.09.2010 17:35:03 von Niel Archer

> Hi All,
>
> Is this syntax is correct??
>
> SELECT username FROM data, password FROM registration WHERE username=%s AND
> password=%s"

No, it is not.
This list is for Windows based PHP matters. You will find far more
knowledgeable people (so more responses) by asking on the appropriate
list, i.e. php-db@lists.php.net for database related PHP matters, or an
SQL list/forum for SQL problems.

http://dev.mysql.com/doc/refman/5.1/en/select.html

You seem to be trying to do a JOIN

> Best,
> Guru.

--
Niel Archer



--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Is this syntax is correct?

am 06.09.2010 16:48:47 von Amit Tandon

--00163628528ce8ef27048f986145
Content-Type: text/plain; charset=UTF-8

SELECT d.username, r.password FROM data join registration r on r.username
= d.username WHERE r.username like '%s' AND
r.password like '%s'"

Presuming the password stored as clear text and username is common field

SELECT d.username, r.password FROM data join registration r on r.username
= d.username WHERE r.username like '%s' AND
r.password like '%s'"

or

SELECT d.username FROM data as d, registration as r WHERE r.username like
'%s' AND
and r.password like '%s'"
and r.username = d.username
============
regds
amit

"The difference between fiction and reality? Fiction has to make sense."


On Sun, Sep 5, 2010 at 6:48 PM, nagendra prasad wrote:

> Hi All,
>
> Is this syntax is correct??
>
> SELECT username FROM data, password FROM registration WHERE username=%s AND
> password=%s"
>
>
> Best,
> Guru.
>

--00163628528ce8ef27048f986145--

Re: Is this syntax is correct?

am 06.09.2010 16:48:47 von Amit Tandon

--00163628528ce8ef27048f986145
Content-Type: text/plain; charset=UTF-8

SELECT d.username, r.password FROM data join registration r on r.username
= d.username WHERE r.username like '%s' AND
r.password like '%s'"

Presuming the password stored as clear text and username is common field

SELECT d.username, r.password FROM data join registration r on r.username
= d.username WHERE r.username like '%s' AND
r.password like '%s'"

or

SELECT d.username FROM data as d, registration as r WHERE r.username like
'%s' AND
and r.password like '%s'"
and r.username = d.username
============
regds
amit

"The difference between fiction and reality? Fiction has to make sense."


On Sun, Sep 5, 2010 at 6:48 PM, nagendra prasad wrote:

> Hi All,
>
> Is this syntax is correct??
>
> SELECT username FROM data, password FROM registration WHERE username=%s AND
> password=%s"
>
>
> Best,
> Guru.
>

--00163628528ce8ef27048f986145--

Re: Is this syntax is correct?

am 06.09.2010 17:11:59 von Swincher

Amit Tandon wrote:
> SELECT d.username, r.password FROM data join registration r on r.username

>> SELECT username FROM data, password FROM registration WHERE username=%s AND
>> password=%s"

Oh, boy -- "r on r"?? Obviously the guy is a rookie.
Let's be simple:

SELECT data.username,registration.password
FROM data inner join registration
ON data. = registration.
WHERE username=%s
AND password=%s"

is the name of the common field in each table, such as
"user_id".

Comments:

1. "data" is a really bad name for a table. You will confuse the heck
out of yourself and others who follow you. Change it.

2. As Amit kind of said, no password should be stored in a table
(available on a web server) without encrypting the password information.

Ken

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Is this syntax is correct?

am 06.09.2010 17:15:38 von Richard Quadling

On 6 September 2010 16:11, Ken Kixmoeller wrote:
> 2. As Amit kind of said, no password should be stored in a table (available
> on a web server) without encrypting the password information.

I'd go further and say "no password should be stored in a table".

A hash of the salted password, sure.


--
Richard Quadling
Twitter : EE : Zend
@RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

PHP Search DB Table

am 14.12.2010 12:08:33 von Oliver Kennedy

--_1543dc89-93c0-4eae-9882-ea0877b9d1d7_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable



Hello Everyone
=20
Apologies if I have not done this in the correct way=2C this is the first t=
ime I have turned to your for help so I am unaware if I have to submit this=
according to a certain protocol=2C if that is the case then please let me =
know and I will go through the proper channels. My problem is this.
=20
I have a very simple database consisting of 1 table=2C I want users here to=
be able to use a search function to query the database in order to return =
the information on a client by a specific ID number if it is in the databas=
e. My search form is this
=20











=20
and my process form is this
=20
$term =3D $_REQUEST['searchx']=3B
mysql_connect("localhost"=2C "root"=2C "*********") or die (mysql_error())=
=3B
mysql_select_db("moneyl") or die(mysql_error())=3B
$result =3D mysql_query("SELECT * FROM clients WHERE clientid =3D '$term'")
or die(mysql_error())=3B
echo""=3B
echo "







"=3B
while($row =3D mysql_fetch_array( $result ))
{
echo ""=3B
}
echo"
Client ID Feeearner First Name Middle Name Last Name House/Flat Number Address Postcode Gender Date of Birth Landline
"=3B
echo$row['clientid']=3B
echo"		"=3B
echo$row['feeearner']=3B
echo"		"=3B
echo$row['firstname']=3B
echo"		"=3B
echo$row['middlename']=3B
echo"		"=3B
echo$row['lastname']=3B
echo"		"=3B
echo$row['hfnumber']=3B
echo"		"=3B
echo$row['address']=3B
echo"		"=3B
echo$row['postcode']=3B
echo"		"=3B
echo$row['gender']=3B
echo"		"=3B
echo$row['dob']=3B
echo"		"=3B
echo$row['landline']=3B
echo"
"=3B
?>
=20
I know the form is connecting an retrieving okay because if I change the WH=
ERE client id =3D '' to a specific number of a client ID in the database th=
en it comes back with that information=2C so essentially it is not pulling =
through the numbers entered into the search box the value for which I have =
used REQUEST for and specified it with the value $term.
=20
I am a beginner at this and am trying to do something to impress the powers=
-that-be at work=2C this is now the last stumbling block. Any help would be=
appreciated.
=20
Regards
=20
Oliver =

--_1543dc89-93c0-4eae-9882-ea0877b9d1d7_--

PHP Search DB Table

am 14.12.2010 12:08:33 von Oliver Kennedy

--_1543dc89-93c0-4eae-9882-ea0877b9d1d7_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable



Hello Everyone
=20
Apologies if I have not done this in the correct way=2C this is the first t=
ime I have turned to your for help so I am unaware if I have to submit this=
according to a certain protocol=2C if that is the case then please let me =
know and I will go through the proper channels. My problem is this.
=20
I have a very simple database consisting of 1 table=2C I want users here to=
be able to use a search function to query the database in order to return =
the information on a client by a specific ID number if it is in the databas=
e. My search form is this
=20











=20
and my process form is this
=20
$term =3D $_REQUEST['searchx']=3B
mysql_connect("localhost"=2C "root"=2C "*********") or die (mysql_error())=
=3B
mysql_select_db("moneyl") or die(mysql_error())=3B
$result =3D mysql_query("SELECT * FROM clients WHERE clientid =3D '$term'")
or die(mysql_error())=3B
echo""=3B
echo "







"=3B
while($row =3D mysql_fetch_array( $result ))
{
echo ""=3B
}
echo"
Client ID Feeearner First Name Middle Name Last Name House/Flat Number Address Postcode Gender Date of Birth Landline
"=3B
echo$row['clientid']=3B
echo"		"=3B
echo$row['feeearner']=3B
echo"		"=3B
echo$row['firstname']=3B
echo"		"=3B
echo$row['middlename']=3B
echo"		"=3B
echo$row['lastname']=3B
echo"		"=3B
echo$row['hfnumber']=3B
echo"		"=3B
echo$row['address']=3B
echo"		"=3B
echo$row['postcode']=3B
echo"		"=3B
echo$row['gender']=3B
echo"		"=3B
echo$row['dob']=3B
echo"		"=3B
echo$row['landline']=3B
echo"
"=3B
?>
=20
I know the form is connecting an retrieving okay because if I change the WH=
ERE client id =3D '' to a specific number of a client ID in the database th=
en it comes back with that information=2C so essentially it is not pulling =
through the numbers entered into the search box the value for which I have =
used REQUEST for and specified it with the value $term.
=20
I am a beginner at this and am trying to do something to impress the powers=
-that-be at work=2C this is now the last stumbling block. Any help would be=
appreciated.
=20
Regards
=20
Oliver =

--_1543dc89-93c0-4eae-9882-ea0877b9d1d7_--

Re: PHP Search DB Table

am 14.12.2010 12:44:07 von David Robley

Oliver Kennedy wrote:

>
>
> Hello Everyone
>
> Apologies if I have not done this in the correct way, this is the first
> time I have turned to your for help so I am unaware if I have to submit
> this according to a certain protocol, if that is the case then please let
> me know and I will go through the proper channels. My problem is this.
>
> I have a very simple database consisting of 1 table, I want users here to
> be able to use a search function to query the database in order to return
> the information on a client by a specific ID number if it is in the
> database. My search form is this
>
>
>


>

>

>


>

>

>
>
>
>
> and my process form is this
>
> > $term = $_REQUEST['searchx'];
> mysql_connect("localhost", "root", "*********") or die (mysql_error());
> mysql_select_db("moneyl") or die(mysql_error());
> $result = mysql_query("SELECT * FROM clients WHERE clientid = '$term'")
> or die(mysql_error());
> echo"";
> echo "
>
>
>
>
>
>
>
> ";
> while($row = mysql_fetch_array( $result ))
> {
> echo "";
> }
> echo"
Client ID Feeearner First NameMiddle NameLast NameHouse/Flat NumberAddressPostcodeGenderDate of BirthLandline
";
> echo$row['clientid'];
> echo"		";
> echo$row['feeearner'];
> echo"		";
> echo$row['firstname'];
> echo"		";
> echo$row['middlename'];
> echo"		";
> echo$row['lastname'];
> echo"		";
> echo$row['hfnumber'];
> echo"		";
> echo$row['address'];
> echo"		";
> echo$row['postcode'];
> echo"		";
> echo$row['gender'];
> echo"		";
> echo$row['dob'];
> echo"		";
> echo$row['landline'];
> echo"
";
> ?>
>
> I know the form is connecting an retrieving okay because if I change the
> WHERE client id = '' to a specific number of a client ID in the database
> then it comes back with that information, so essentially it is not pulling
> through the numbers entered into the search box the value for which I have
> used REQUEST for and specified it with the value $term.
>
> I am a beginner at this and am trying to do something to impress the
> powers-that-be at work, this is now the last stumbling block. Any help
> would be appreciated.
>
> Regards
>
> Oliver

Try

$query = "SELECT * FROM clients WHERE clientid = '$term'";
echo $query . '
';
$result = mysql_query($query);

And see what is actually in the query.

Cheers
--
David Robley

Reality is nothing but a collective hunch.
Today is Pungenday, the 56th day of The Aftermath in the YOLD 3176.


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: PHP Search DB Table

am 14.12.2010 12:44:07 von David Robley

Oliver Kennedy wrote:

>
>
> Hello Everyone
>
> Apologies if I have not done this in the correct way, this is the first
> time I have turned to your for help so I am unaware if I have to submit
> this according to a certain protocol, if that is the case then please let
> me know and I will go through the proper channels. My problem is this.
>
> I have a very simple database consisting of 1 table, I want users here to
> be able to use a search function to query the database in order to return
> the information on a client by a specific ID number if it is in the
> database. My search form is this
>
>
>


>

>

>


>

>

>
>
>
>
> and my process form is this
>
> > $term = $_REQUEST['searchx'];
> mysql_connect("localhost", "root", "*********") or die (mysql_error());
> mysql_select_db("moneyl") or die(mysql_error());
> $result = mysql_query("SELECT * FROM clients WHERE clientid = '$term'")
> or die(mysql_error());
> echo"";
> echo "
>
>
>
>
>
>
>
> ";
> while($row = mysql_fetch_array( $result ))
> {
> echo "";
> }
> echo"
Client ID Feeearner First NameMiddle NameLast NameHouse/Flat NumberAddressPostcodeGenderDate of BirthLandline
";
> echo$row['clientid'];
> echo"		";
> echo$row['feeearner'];
> echo"		";
> echo$row['firstname'];
> echo"		";
> echo$row['middlename'];
> echo"		";
> echo$row['lastname'];
> echo"		";
> echo$row['hfnumber'];
> echo"		";
> echo$row['address'];
> echo"		";
> echo$row['postcode'];
> echo"		";
> echo$row['gender'];
> echo"		";
> echo$row['dob'];
> echo"		";
> echo$row['landline'];
> echo"
";
> ?>
>
> I know the form is connecting an retrieving okay because if I change the
> WHERE client id = '' to a specific number of a client ID in the database
> then it comes back with that information, so essentially it is not pulling
> through the numbers entered into the search box the value for which I have
> used REQUEST for and specified it with the value $term.
>
> I am a beginner at this and am trying to do something to impress the
> powers-that-be at work, this is now the last stumbling block. Any help
> would be appreciated.
>
> Regards
>
> Oliver

Try

$query = "SELECT * FROM clients WHERE clientid = '$term'";
echo $query . '
';
$result = mysql_query($query);

And see what is actually in the query.

Cheers
--
David Robley

Reality is nothing but a collective hunch.
Today is Pungenday, the 56th day of The Aftermath in the YOLD 3176.


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Re: PHP Search DB Table

am 14.12.2010 13:10:16 von harlequin2

David wrote:
>
> Oliver Kennedy wrote:
> > ...
> > I have a very simple database consisting of 1 table, I want users here
> to
> > be able to use a search function to query the database in order to
> return
> > the information on a client by a specific ID number if it is in the
> > database.
> > ...
>
> Try
>
> $query = "SELECT * FROM clients WHERE clientid = '$term'";
> echo $query . '
';
> $result = mysql_query($query);
>
> And see what is actually in the query.
>
> Cheers
> --
> David Robley

As David stated, output the query and copy it into the MySQL console, see if that gives you an error. You are talking about using an ID -number-, in that case using single quotes around your $term variable is incorrect but won't cause an error on MySQL servers.

Especially because you are new to PHP, I would recommend to do some reading about making PHP secure, your code above has lots of possibilies for code injection and SQL injection:

* Escaping variables for use in MySQL queries [1]
* SQL Injection [2]
* PHP and security [3]

Best regards,

Sascha

[1] http://de.php.net/mysql_real_escape_string
[2] http://de.php.net/manual/en/security.database.sql-injection. php
[3] http://de.php.net/manual/en/security.php
--
Freundliche Grüße / Kind regards,

Sascha Meyer
--------------------------------------------------
EE: http://www.experts-exchange.com/M_761556.html
ZCE: http://www.zend.com/en/yellow-pages#show-ClientCandidateID=Z END011290

GRATIS! Movie-FLAT mit über 300 Videos.
Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Re: PHP Search DB Table

am 14.12.2010 13:10:16 von harlequin2

David wrote:
>
> Oliver Kennedy wrote:
> > ...
> > I have a very simple database consisting of 1 table, I want users here
> to
> > be able to use a search function to query the database in order to
> return
> > the information on a client by a specific ID number if it is in the
> > database.
> > ...
>
> Try
>
> $query = "SELECT * FROM clients WHERE clientid = '$term'";
> echo $query . '
';
> $result = mysql_query($query);
>
> And see what is actually in the query.
>
> Cheers
> --
> David Robley

As David stated, output the query and copy it into the MySQL console, see if that gives you an error. You are talking about using an ID -number-, in that case using single quotes around your $term variable is incorrect but won't cause an error on MySQL servers.

Especially because you are new to PHP, I would recommend to do some reading about making PHP secure, your code above has lots of possibilies for code injection and SQL injection:

* Escaping variables for use in MySQL queries [1]
* SQL Injection [2]
* PHP and security [3]

Best regards,

Sascha

[1] http://de.php.net/mysql_real_escape_string
[2] http://de.php.net/manual/en/security.database.sql-injection. php
[3] http://de.php.net/manual/en/security.php
--
Freundliche Grüße / Kind regards,

Sascha Meyer
--------------------------------------------------
EE: http://www.experts-exchange.com/M_761556.html
ZCE: http://www.zend.com/en/yellow-pages#show-ClientCandidateID=Z END011290

GRATIS! Movie-FLAT mit über 300 Videos.
Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP-WIN] Re: PHP Search DB Table

am 14.12.2010 13:55:31 von Oliver Kennedy

--_56f2f31d-398c-47f8-9414-7a52ee12661f_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


David=2C Sascha thank you both for your help. Using the query=20
=20
$query =3D "SELECT * FROM clients WHERE clientid =3D '$term'"=3B
echo $query . '
'=3B
$result =3D mysql_query($query)=3B

as suggested printed out the below
=20
SELECT * FROM clients WHERE clientid =3D ''

This seems to indicate that it is not seeing the value within the single q=
uotes. However a slight caveats to that
If I change what is contained within the quotes to a specific number then i=
t does read it=2C for example
=20
SELECT * FROM clients WHERE clientid =3D '123456'=3B

So it is only when I enclose a value that it doesn't compute=2C I tried put=
ting the $term within %% like so
=20
$query =3D "SELECT * FROM clients WHERE clientid =3D '%".$term"%'"=3B
=20
however this just returns we page not found=2C possibly because I need to u=
se the LIKE parameter in there somewhere?
=20
Many thanks for all your help on this
=20
Kind Regards
=20
Oliver
=20

=20

=

--_56f2f31d-398c-47f8-9414-7a52ee12661f_--

RE: [PHP-WIN] Re: PHP Search DB Table

am 14.12.2010 13:55:31 von Oliver Kennedy

--_56f2f31d-398c-47f8-9414-7a52ee12661f_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


David=2C Sascha thank you both for your help. Using the query=20
=20
$query =3D "SELECT * FROM clients WHERE clientid =3D '$term'"=3B
echo $query . '
'=3B
$result =3D mysql_query($query)=3B

as suggested printed out the below
=20
SELECT * FROM clients WHERE clientid =3D ''

This seems to indicate that it is not seeing the value within the single q=
uotes. However a slight caveats to that
If I change what is contained within the quotes to a specific number then i=
t does read it=2C for example
=20
SELECT * FROM clients WHERE clientid =3D '123456'=3B

So it is only when I enclose a value that it doesn't compute=2C I tried put=
ting the $term within %% like so
=20
$query =3D "SELECT * FROM clients WHERE clientid =3D '%".$term"%'"=3B
=20
however this just returns we page not found=2C possibly because I need to u=
se the LIKE parameter in there somewhere?
=20
Many thanks for all your help on this
=20
Kind Regards
=20
Oliver
=20

=20

=

--_56f2f31d-398c-47f8-9414-7a52ee12661f_--

Re: [PHP-WIN] Re: PHP Search DB Table

am 14.12.2010 14:37:28 von Lester Caine

Oliver Kennedy wrote:
> $query = "SELECT * FROM clients WHERE clientid = '%".$term"%'";

$query = "SELECT * FROM clients WHERE clientid = '%".$term."%'";
Note missing '.'
But that should be the same as
$query = "SELECT * FROM clients WHERE clientid LIKE '".$term."'";

--
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk//
Firebird - http://www.firebirdsql.org/index.php

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Re: PHP Search DB Table

am 14.12.2010 15:36:26 von Oliver Kennedy

--_a8cc3714-3673-46a5-b2ee-3b31cf7812c5_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


Okay=2C thank you all again for your input=2C I have tried a number of sugg=
estions to work out what is happening. Just to reiterate here is the search=
form which is on a different page.
=20






=20
shown below is the datasearch.php page
=20
$term =3D $_REQUEST['searchx']=3B
mysql_connect("localhost"=2C "root"=2C "christmas") or die (mysql_error())=
=3B
mysql_select_db("moneyl") or die(mysql_error())=3B
$query =3D "SELECT * FROM clients WHERE clientid =3D '%".$term."%'"=3B
echo $query . '
';
echo $term . '
'=3B
$result =3D mysql_query($query)=3B
echo""=3B
echo "







"=3B
while($row =3D mysql_fetch_array( $result ))
{
echo ""=3B
}
echo"
Client ID Feeearner First Name Middle Name Last Name House/Flat Number Address Postcode Gender Date of Birth Landline
"=3B
echo$row['clientid']=3B
echo"		"=3B
echo$row['feeearner']=3B
echo"		"=3B
echo$row['firstname']=3B
echo"		"=3B
echo$row['middlename']=3B
echo"		"=3B
echo$row['lastname']=3B
echo"		"=3B
echo$row['hfnumber']=3B
echo"		"=3B
echo$row['address']=3B
echo"		"=3B
echo$row['postcode']=3B
echo"		"=3B
echo$row['gender']=3B
echo"		"=3B
echo$row['dob']=3B
echo"		"=3B
echo$row['landline']=3B
echo"
"=3B
?>
=20
The printout of the query reveals this
=20
SELECT * FROM clients WHERE clientid =3D '%%'

the echo of the value $term just showed a blank line.
=20
Essentially the numbers entered into the search box which I am retrieving u=
sing
=20
$term =3D $_REQUEST['searchx']=3B

are not being pulled through=2C am I using the correct funtion? I tried GET=
and POST just to see what would happen an no joy.
So why does the above just display a blank value even when there are number=
s in the search box? I am very much a novice at this so it is not impossibl=
e that I am making a very very basic mistake here but from the tutorials I =
have seen this should work.
=20
Many thanks for your help=2C this is the first time I have used this method=
to obtain help and I have been very impressed with both the speed and qual=
ity of the repsonse.
=20
Kind Regards
=20
Oliver

=20


> From: aristotlekhan@hotmail.co.uk
> To: harlequin2@gmx.de=3B php-windows@lists.php.net=3B php-db@lists.php.ne=
t=3B robleyd@aapt.net.au
> Date: Tue=2C 14 Dec 2010 12:55:31 +0000
> Subject: RE: [PHP-WIN] Re: PHP Search DB Table
>=20
>=20
> David=2C Sascha thank you both for your help. Using the query=20
>=20
> $query =3D "SELECT * FROM clients WHERE clientid =3D '$term'"=3B
> echo $query . '
'=3B
> $result =3D mysql_query($query)=3B
>=20
> as suggested printed out the below
>=20
> SELECT * FROM clients WHERE clientid =3D ''
>=20
> This seems to indicate that it is not seeing the value within the single =
quotes. However a slight caveats to that
> If I change what is contained within the quotes to a specific number then=
it does read it=2C for example
>=20
> SELECT * FROM clients WHERE clientid =3D '123456'=3B
>=20
> So it is only when I enclose a value that it doesn't compute=2C I tried p=
utting the $term within %% like so
>=20
> $query =3D "SELECT * FROM clients WHERE clientid =3D '%".$term"%'"=3B
>=20
> however this just returns we page not found=2C possibly because I need to=
use the LIKE parameter in there somewhere?
>=20
> Many thanks for all your help on this
>=20
> Kind Regards
>=20
> Oliver

=20
>=20
>=20
>=20
>=20
=

--_a8cc3714-3673-46a5-b2ee-3b31cf7812c5_--

RE: Re: PHP Search DB Table

am 14.12.2010 15:36:26 von Oliver Kennedy

--_a8cc3714-3673-46a5-b2ee-3b31cf7812c5_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


Okay=2C thank you all again for your input=2C I have tried a number of sugg=
estions to work out what is happening. Just to reiterate here is the search=
form which is on a different page.
=20





=20
shown below is the datasearch.php page
=20
$term =3D $_REQUEST['searchx']=3B
mysql_connect("localhost"=2C "root"=2C "christmas") or die (mysql_error())=
=3B
mysql_select_db("moneyl") or die(mysql_error())=3B
$query =3D "SELECT * FROM clients WHERE clientid =3D '%".$term."%'"=3B
echo $query . '
';
echo $term . '
'=3B
$result =3D mysql_query($query)=3B
echo""=3B
echo "







"=3B
while($row =3D mysql_fetch_array( $result ))
{
echo ""=3B
}
echo"
Client ID Feeearner First Name Middle Name Last Name House/Flat Number Address Postcode Gender Date of Birth Landline
"=3B
echo$row['clientid']=3B
echo"		"=3B
echo$row['feeearner']=3B
echo"		"=3B
echo$row['firstname']=3B
echo"		"=3B
echo$row['middlename']=3B
echo"		"=3B
echo$row['lastname']=3B
echo"		"=3B
echo$row['hfnumber']=3B
echo"		"=3B
echo$row['address']=3B
echo"		"=3B
echo$row['postcode']=3B
echo"		"=3B
echo$row['gender']=3B
echo"		"=3B
echo$row['dob']=3B
echo"		"=3B
echo$row['landline']=3B
echo"
"=3B
?>
=20
The printout of the query reveals this
=20
SELECT * FROM clients WHERE clientid =3D '%%'

the echo of the value $term just showed a blank line.
=20
Essentially the numbers entered into the search box which I am retrieving u=
sing
=20
$term =3D $_REQUEST['searchx']=3B

are not being pulled through=2C am I using the correct funtion? I tried GET=
and POST just to see what would happen an no joy.
So why does the above just display a blank value even when there are number=
s in the search box? I am very much a novice at this so it is not impossibl=
e that I am making a very very basic mistake here but from the tutorials I =
have seen this should work.
=20
Many thanks for your help=2C this is the first time I have used this method=
to obtain help and I have been very impressed with both the speed and qual=
ity of the repsonse.
=20
Kind Regards
=20
Oliver

=20


> From: aristotlekhan@hotmail.co.uk
> To: harlequin2@gmx.de=3B php-windows@lists.php.net=3B php-db@lists.php.ne=
t=3B robleyd@aapt.net.au
> Date: Tue=2C 14 Dec 2010 12:55:31 +0000
> Subject: RE: [PHP-WIN] Re: PHP Search DB Table
>=20
>=20
> David=2C Sascha thank you both for your help. Using the query=20
>=20
> $query =3D "SELECT * FROM clients WHERE clientid =3D '$term'"=3B
> echo $query . '
'=3B
> $result =3D mysql_query($query)=3B
>=20
> as suggested printed out the below
>=20
> SELECT * FROM clients WHERE clientid =3D ''
>=20
> This seems to indicate that it is not seeing the value within the single =
quotes. However a slight caveats to that
> If I change what is contained within the quotes to a specific number then=
it does read it=2C for example
>=20
> SELECT * FROM clients WHERE clientid =3D '123456'=3B
>=20
> So it is only when I enclose a value that it doesn't compute=2C I tried p=
utting the $term within %% like so
>=20
> $query =3D "SELECT * FROM clients WHERE clientid =3D '%".$term"%'"=3B
>=20
> however this just returns we page not found=2C possibly because I need to=
use the LIKE parameter in there somewhere?
>=20
> Many thanks for all your help on this
>=20
> Kind Regards
>=20
> Oliver

=20
>=20
>=20
>=20
>=20
=

--_a8cc3714-3673-46a5-b2ee-3b31cf7812c5_--

Re: RE: Re: PHP Search DB Table

am 14.12.2010 16:10:05 von harlequin2

Hi Oliver,

Oliver wrote:
>
> Okay, thank you all again for your input, I have tried a number of
> suggestions to work out what is happening. Just to reiterate here is the search
> form which is on a different page.
> ...

Try the following code on your search page to display GET- and POST-variables submitted by your form:
[CODE]
print "

";

print "POST:
";

print_r($_POST);

print "
";

print "GET:
";

print_r($_GET);

print "
";
[/CODE]

I couldn't locate an error in your previously posted code so let's give this one a try.

Regards,

Sascha
--
Freundliche Grüße / Kind regards,

Sascha Meyer
--------------------------------------------------
EE: http://www.experts-exchange.com/M_761556.html
ZCE: http://www.zend.com/en/yellow-pages#show-ClientCandidateID=Z END011290

GRATIS! Movie-FLAT mit über 300 Videos.
Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: RE: Re: PHP Search DB Table

am 14.12.2010 16:10:05 von harlequin2

Hi Oliver,

Oliver wrote:
>
> Okay, thank you all again for your input, I have tried a number of
> suggestions to work out what is happening. Just to reiterate here is the search
> form which is on a different page.
> ...

Try the following code on your search page to display GET- and POST-variables submitted by your form:
[CODE]
print "

";

print "POST:
";

print_r($_POST);

print "
";

print "GET:
";

print_r($_GET);

print "
";
[/CODE]

I couldn't locate an error in your previously posted code so let's give this one a try.

Regards,

Sascha
--
Freundliche Grüße / Kind regards,

Sascha Meyer
--------------------------------------------------
EE: http://www.experts-exchange.com/M_761556.html
ZCE: http://www.zend.com/en/yellow-pages#show-ClientCandidateID=Z END011290

GRATIS! Movie-FLAT mit über 300 Videos.
Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php