What I want to achieve : if a user pass a PHP parameter to the server, it will return the same parameter value back to the user, instead of returning the value from the database itself.
while($row = mysqli_fetch_assoc($result)){
$classId = $row['classId'];
if($obj['classId'] != ""){
$classId = $obj['classId'];
}
...
}
For some reason, I found out that the $classId still using the $row['classId'] value, even if the user had inserted the classId parameter. It seems that the PHP has ignored/skipped the if statement.
if($obj['classId'] != ""){..} //SKIPPED?
The code works fine right now and I do get the return of the same parameter value. Only one user out of hundreds got this issue and I assumed that the he/she had sent the parameter when the server was busy.
Questions:
1.Can if-statement being ignored/skipped for some reason?
2.How to make the if-statement more reliable even if the server in a high-traffic?
Excuse me for posting here. I don't find the right keywords for googling myself.
Thank you.
You could try having your if statement more strict.
if($obj['classId'] != ""){
$classId = $obj['classId'];
} else {
$classId = $row['classId'];
}
I'd also recommend using isset instead of checking for an empty string.
if(isset($obj['classId'])) { }
Related
So i have this problem i can't figure out. but what the problem is that when i press the right arrow in the page, the value has to go up by 1, not 2. and when pressed the left button, it should go -1 and that works normally.
i try to get all the id's from the database and put it in a array. the functions check the array for end and first values and put's the data to the page input.
here is the code where i struggle with:
// checks if the variable has not been set, otherwise errors and problems will occur
if (empty($_SESSION["huidigeklant"])) {setHuidigeKlant();}
// common variables set to use
$id[] = $_SESSION["id"];
// makes a pre connection to check if a value can be set up or down to prevent errors in the input page.
$result = mysqli_query($conn, "SELECT * from klanten"); // run the query and assign the result to $result
while ($row=mysqli_fetch_assoc($result)) {
array_push($id, $row["id"]);
}
// checks first and last array value of the session id
function checkfirstklant(){ $firstID = reset($id); return $firstID; }
function checklastklant(){ $lastID = end($id); return $lastID; }
// checks first if the right or left button has been pressed and checks after that if the value is already at the first or end array
if (isset($_POST['leftbutton'])){
if (($firstID = checkfirstklant()) != $_SESSION["huidigeklant"]) {
$_SESSION['huidigeklant']--;
echo "huidige klant = " . $_SESSION["huidigeklant"];
}
}
if (isset($_POST['rightbutton'])){
if (($lastID = checklastklant()) != $_SESSION["huidigeklant"]) {
$_SESSION['huidigeklant']++;
echo "huidige klant = " . $_SESSION["huidigeklant"];
}
}
one thing to mention and already figured that out. the "setHuidigeKlant() sets $_SESSION["huidigeklant"] to 1".
so my question is: How can i prevent the program to set the value to 1, but still set the value to 1 if it hasn't been set in the first place?
i coudln't find a specific answer for this, but if you do. send a link to it please
thanks in advance ;)
So i already found my problem xD
what Difster already said at the post above, i need to isset my $_SESSSION["huidigeklant"] instead of checking if it is empty.
and i have to check if i am already at the end of the variable in the if statement instead of letting that doing by a function.
so now everything works as requested ;)
thanks again
Try this:
if (!isset($_SESSION["huidigeklant"])) { $_SESSION["huidigeklant"] = 1;}
so I want to make a notification with AJAX call, that checks the sum of rows in database, then compare it the amount from before.
when the AJAX access the php file, first it will check if $old_db is already defined or not, if not then define it.
then it will run the query(not using prepared statement yet because this still experimental to me) to check, num_row query and the store the value into $new_db.
after that it will compare the value and goes on.....
then finally it will assign $new_db value to $old_db
if(!(isset($old_db)) && empty($old_db)){
$old_db = "";
}
$sql = $con->query("SELECT * FROM produk");
$new_db = $sql->num_rows;
if($new_db > $old_db){
echo "ada";
echo "<br>".$old_db;
}
$old_db= $new_db;
now the problem whenever I run the php file, it never echoed the value of $old_db even though I already assign a value to it at the bottom of the script
I guess everytime I run the script the value got assigned as "" or null again? so how do I prevent that and keep the last value?
I'm thinking about storing it into Cookie....
after thinking about it if I only want to use it as notification then using Session is enough. thank you guys
session_start();
$_SESSION['old_db'] = $old_db;
if(!(isset($_SESSION['old_db']) && empty($_SESSION['old_db'])){
$_SESSION['old_db'] = "";
}
$sql = $con->query("SELECT * FROM produk");
$new_db = $sql->num_rows;
if($new_db > $_SESSION['old_db']){
echo "ada";
echo "<br>".$_SESSION['old_db'];
}
$_SESSION['old_db']= $new_db;
First of all, I know mysql is deprecated. Will change to mysqli as soon as I figure out the issue at hand. My query continues to update all my rows even if the data is not set in the 'stripetoken' column. Why is this happening?
Code snippet:
$token_query = 'SELECT * FROM jobsubmission';
$token_res = mysql_query($token_query);
$token_row = mysql_fetch_array($token_res);
if(isset($token_row['stripetoken'])) {
$updqry = 'UPDATE jobsubmission SET assigned=1 WHERE ID="'.$book_ids[$jcount].'"';
$update = mysql_query($updqry);
$bookdate = date("d-m-Y");
Because $token_row['stripetoken'] is always set because it is a column in your database and it will be available in $token_row as a result. Now whether it has a value or not is a different story. You should be using empty() instead (assuming you don't want it to be true for falsy values).
if(!empty($token_row['stripetoken'])) {
So while #JohnConde was absolutely correct in saying I needed to use the empty function over the isset, my solution layed elsewhere. Here is how I managed to get the query to work to my specifications:
instead of searching for empty, I made the 'stripetoken' column NULL
by default.
This allowed me to use the following code:
$token_query = 'SELECT * FROM jobsubmission WHERE ID="'.$book_ids
[$jcount].'" and stripetoken is not null';
$token_res = mysql_query($token_query);
$token_row = mysql_fetch_object($token_res);
if(!$token_row->stripetoken == NULL) {
I have this line in my registration page.
if (device_id_exists($_POST['device_id']) == true) {
$errors[] = 'Sorry the Serial Number \'' . htmlentities($_POST['device_id']) . '\' does not exist.';
}
I have this in my function page.
function device_id_exists($device_id) {
$device_id = sanitize($device_id);
$query = mysql_query("SELECT COUNT(`numbers`) FROM `devicenumbers` WHERE `numbers` = '$numbers'");
return (mysql_result($query, 0) == 0) ? true : false;
If I run this query SELECT COUNT(numbers) FROMdevicenumbersWHEREnumbers= '1234567890'
(a valid number) it will return 1 = match found right? If I put a bogus number it returns a '0'.
What is happening is when there is a valid number it still returns the error the number doesn't exist. If I change it to the result to == 1 it will submit any number? Im a newbie to DB calls any help appreciated. I hope I provided enough info.
Looks like you're calling the incorrect variable. Within the device_id_exists() function, you're accepting a variable named $device_id. However when you're performing the query, you're calling what appears to be an undefined variable: $numbers. I suspect $numbers should be renamed to $device_id.
I see your $device_id comes from a form post. I'd HIGHLY recommend you escape the variable, using mysql_real_escape_string() to ensure you are protected against SQL injection. Please note that sanitize() does NOT protect against SQL injection!
On one additional note, I'd recommend utilizng mysql_num_rows() rather than mysql_result() because mysql_result() actually asks the database server to return an actual result when all you really care about is whether the entry exists or not, not it's actual value.
function device_id_exists($device_id) {
$device_id = sanitize($device_id);
$device_id = mysql_real_escape_string($device_id);
$query = mysql_query("SELECT COUNT(`numbers`) FROM `devicenumbers` WHERE `numbers` = '$device_id'");
return mysql_num_rows($query) ? True : False;
}
I had a similar problem with mysql result set , It returns nums_rows == 1 even when there are no records (while using max() inside select query - In your case you have used count())... Instead of checking mysqlquery to 0, check it whether the result set empty (That's how i solved my problem).. eg. if(!empty(mysql_result($query))) ? true : false;
I'm using Drupal's db_fetch_array to fetch rows from my db_query. However, every row returned is equal to NULL. Typing the query into PHP myadmin works, so I have no idea whats going on. db_num_rows returns the number of rows as well. Here is the code:
if(count($rebuild_ids))
{
$ids=implode(",",$rebuild_ids);
$type_stmt = "SELECT * from {" . ItemType::$type_table_name . "} where id IN ($ids)";
$new_items=db_query($type_stmt);
if(!$new_items || db_num_rows($new_items) == 0)
{
return;
}
while($row = db_fetch_array($new_items));
{
if ($row!=NULL)
{
echo "I work!"
$game_items[] = $row['id'];
ItemInstance::$nid_to_item_type_code[$row['nid']] = $row['id'];
}
}
}
However, it never gets into the third if statement (i.e. never echos "I work!") Any ideas?
Friendly advice: Drupal has a coding standards http://drupal.org/coding-standards -- it helps to keep them. This error would have been a lot more obvious that way....
Also putting variables in a query is a huge no-no see http://drupal.org/writing-secure-code
$row is not NULL by definition, otherwise it wouldn´t even reach the third if statement.
There is no need to check if $row contains information, the while loop already takes care of that, but if you want to check anyway, use something like empty($row) or count($row) > 0; don´t compare an array with NULL.
The checking is completely unnecessary though...
K figured it out. It was the semicolon after the while loop!