I have a form that users enter data in and it gets entered into a mysql database. The issue is when they have entered a "%" sign or other special characters it causes problems when my website is trying to display the record. It actually causes nothing to be shown for that record when displaying results. How do I fix this?
$query = "SELECT * FROM makerperk WHERE pid='$pid' LIMIT 1";
$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
while($row = mysqli_fetch_assoc($result)) {
$makerid = $row['makerid'];
$name = $row['name'];
$title = $row['title'];
$perkdescription = $row['perkdescription'];
$image = $row['image'];
$perktype = $row['perktype'];
$restrictions = $row['restrictions'];
}
I think you should use PHP mysqli_real_escape_string
/*Escape input variable:*/
$pid = mysqli_real_escape_string($connection, $pid);
/*Run query with escaped string:*/
$query = "SELECT * FROM makerperk WHERE pid='$pid' LIMIT 1";
$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
while($row = mysqli_fetch_assoc($result)) {
$makerid = $row['makerid'];
$name = $row['name'];
$title = $row['title'];
$perkdescription = $row['perkdescription'];
$image = $row['image'];
$perktype = $row['perktype'];
$restrictions = $row['restrictions'];
}
Related
Some part from my codes
$blstkodu = $row[1];
$sqlisimcek = "select * from STOK where blkodu='$blstkodu'";
$queryisimcek = ibase_prepare($sqlisimcek);
$rsisimcek = ibase_execute($queryisimcek);
$rowisimcek = ibase_fetch_row($rsisimcek);
$stok_adi = $rowisimcek[2];
$sql2 = "select * from STOK_FIYAT where blstkodu='$blstkodu' and alis_satis='2' and fiyat_no='1'";
$query2 = ibase_prepare($sql2);
$rs2=ibase_execute($query2);
$row2 = ibase_fetch_row($rs2);
$fiyati = $row2[6];
$hesap = $row2[4];
$sonuc->stok_adi = $stok_adi;
$sonuc->fiyati = $fiyati;
$sonuc->hesap = $hesap;
echo json_encode($sonuc);
This not working because I am using json_encode, but when I change to echo its working normally. How can I fix it?
By the way my code is working normally when if I am using MySQL database, but it's not working with ibase. Working code is this:
$blkodu = $row['blkodu'];
$sql2 = "SELECT fiyati,hesap FROM stok_fiyat WHERE blstkodu = '$blkodu' and alis_satis='2' and fiyat_no='1'";
$result2 = mysqli_query($con,$sql2);
$row2 = mysqli_fetch_array($result2,MYSQLI_ASSOC);
$fiyati = $row2['fiyati'];
$hesap = $row2['hesap'];
$sonuc->stok_adi = $stok_adi;
$sonuc->fiyati = $fiyati;
$sonuc->hesap = $hesap;
echo json_encode( $sonuc);
if ($db = ibase_connect('database.FDB', 'username', 'password','utf8'))
if you add UTF 8 into your connection string, everything is working normally, thanks all of you
$connection = db_connect();
$query = mysqli_query($connection, "
SELECT * FROM birouri
WHERE disponibilitate = 'LIBER'
AND locatie_actuala = 'Orhideea'
AND pauza = ''
AND closed_program = ''
AND feedback = ''
LIMIT 1") or die(mysqli_error($connection));
$row = mysqli_fetch_assoc($query);
$username = $row['username'];
$nr_birou = $row['nr_birou'];
$disponibilitate = $row['disponibilitate'];
$locatie_actuala = $row['locatie_actuala'];
$pauza = $row['pauza'];
$closed_program = $row['closed_program'];
$feedback = $row['feedback'];
$inregistrare_clienti = $row['inregistrare_clienti'];
var_dump($row);
In database I have 6 rows that fits with my query criteria.
var_dump($row); returns me 1 array (first row) duplicated 7 times but I need to show only one. Limit 1 is not working.
Help, please.
change this
$row = mysqli_fetch_assoc($query);
$username = $row['username'];
$nr_birou = $row['nr_birou'];
$disponibilitate = $row['disponibilitate'];
$locatie_actuala = $row['locatie_actuala'];
$pauza = $row['pauza'];
$closed_program = $row['closed_program'];
$feedback = $row['feedback'];
$inregistrare_clienti = $row['inregistrare_clienti'];
to this and it will work
while($row = mysqli_fetch_assoc($query)){
$username = $row['username'];
$nr_birou = $row['nr_birou'];
$disponibilitate = $row['disponibilitate'];
$locatie_actuala = $row['locatie_actuala'];
$pauza = $row['pauza'];
$closed_program = $row['closed_program'];
$feedback = $row['feedback'];
$inregistrare_clienti = $row['inregistrare_clienti'];
}
there are 8 columns so your code runs 8 times but if run while loop it will only run once
I'm trying to fetch couple of single data in my server database but this is throwing some errors. The incoming data is correct. The search function just don't get completed.
Here's the code:
<?php
if($_SERVER['REQUEST_METHOD']=='POST'){
define('HOST','xxxxxxxxxxx');
define('USER','xxxxxxxxxxxx');
define('PASS','xxxxxxxxx');
define('DB','xxxxxxxxxx');
$con = mysqli_connect(HOST,USER,PASS,DB);
$post_id = $_POST['id'];
$buyer_mobile = $_POST['mobile'];
$buyer_name = $_POST['name'];
$sql = "select mobile from flatowner where id='$post_id'";
$res = mysqli_query($con,$sql);
$owner_mobile = $row['mobile'];
$sql = "select name from user where mobile='$owner_mobile'";
$r = mysqli_query($con,$sql);
$owner_name = $row['name'];
$sql = "INSERT INTO flat_booking (post_id,owner_mobile,owner_name,buyer_mobile,buyer_name) VALUES ('$post_id','$owner_mobile','$owner_name','$buyer_mobile','$buyer_name')";
if(mysqli_query($con,$sql)){
echo "Success";
}
else{
echo "error";
}
mysqli_close($con);
}else{
echo 'error1';
}
What am I doing wrong here? Maybe this:
$owner_mobile = $row['mobile'];
Thanks in advance!
create table flatower and add mobile column
$post_id = 1;
$sql = "select mobile from flatowner where id='$post_id'";
$res = mysql_query($con,$sql);
$row = mysql_fetch_array($res);
$owner_mobile = $row[0]['mobile'];
Your problem is this line:
$owner_mobile = $row['mobile'];
You have not created the $row variable. For this you would need to do something such as:
Do this first:
<?php
$row = array();
while ($result = mysqli_fetch_assoc($res))
{
$row[] = $result;
}
?>
This allows you to do this:
<?php
foreach ($row as $r)
{
var_dump($r); print "<br />"; // One row from the DB per var dump
}
?>
I have been developing a social network, and a key function is to be able to post on other users' profiles. However, my current code will only show one post. Also, it seems to be the first post that is shown. I have tested this by creating new accounts, and writing a test post. The code does show this first post, but if I try it again, only the first post is visible. The code is as follows:
The code to send post to database:
$person = "profile.php?id={$id}";
$post = $_POST['post'];
if($post != "")
{
$data_added = date("Y-m-d");
$added_by = $session_username;
$user_posted_to = $id;
$post = preg_replace("#[^0-9a-z]#i", "", $post);
$sqlCommand = "INSERT INTO posts VALUES ('',
'$post',
'$data_added',
'$added_by',
'$user_posted_to')";
$commandQuery = mysql_query($sqlCommand) or die ("Couldn't send post");
}
else
{
echo "You have to fill in the post form...";
}
The code to retrieve it (and display it):
$getPosts = mysql_query("SELECT *
FROM posts
WHERE user_posted_to='$id'
ORDER BY id DESC LIMIT 15") or die("Couldn't find any posts");
while($row = mysql_fetch_array($getPosts))
{
$id = $row['id'];
$body = $row['body'];
$date_added = $row['date_added'];
$added_by = $row['added_by'];
$user_posted_to = $row['user_posted_to'];
$querya = mysql_query("SELECT *
FROM members
WHERE username='$added_by' LIMIT 1");
while($row = mysql_fetch_array($querya))
{
$user_added = $row['id'];
}
$user_added = "profile.php?id={$user_added}";
}
echo "
<div>
<h3><a href='$user_added'>$added_by</a> - $date_added </h3>
<p> $body</p>
</div><br />
";
If anyone needs some more of the code, like my database connection, just comment.
In your while cicle you fill in some variables but you do not use them.
You use echo only outside the cycle, so just once, and thus you print only the values of the last istance of the while cycle.
Try
$getPosts = mysql_query("SELECT * FROM posts WHERE user_posted_to='$id' ORDER BY id DESC LIMIT 15") or die("Couldn't find any posts");
while($row = mysql_fetch_array($getPosts)){
$id = $row['id'];
$body = $row['body'];
$date_added = $row['date_added'];
$added_by = $row['added_by'];
$user_posted_to = $row['user_posted_to'];
$querya = mysql_query("SELECT * FROM members WHERE username='$added_by' LIMIT 1");
while($row = mysql_fetch_array($querya)){
$user_added = $row['id'];
}
$user_added = "profile.php?id={$user_added}";
echo "
<div><h3><a href='$user_added'>$added_by</a> - $date_added </h3><p> $body</p></div><br />";
}
<?php
$tid = $_GET['tid'];
$id = $_SESSION['userid'];
$sql1 = "SELECT * FROM topics WHERE id='$tid' LIMIT 1";
$res1 = mysqli_query($connect, $sql1) or die(mysqli_error($connect));
while ($row = mysqli_fetch_array($res1, MYSQLI_ASSOC)) {
$title = $row['topic_title'];
$creator = $row['topic_creator'];
}
$sql = "SELECT * FROM users WHERE id='$creator' LIMIT 1";
$user_query = mysqli_query($connect, $sql) or die(mysqli_error($connect));
while ($row = mysqli_fetch_array($user_query, MYSQLI_ASSOC)) {
$name = $row["first"].$row["last"];
}
echo $name;
?>
I'm a little new to PHP, but I've done things exactly like this, but this time I'm getting an error. Everything here works except for $name. I checked my SQL tables and made sure users exist and that there's first and a last area. I don't see what else could be wrong.
Notice: Undefined variable: name in * on line **
Thank you.
Try this code on for size:
<?php
$tid = $_GET['tid'];
$id = $_SESSION['userid'];
$tid = mysqli_escape_string($connect, $tid);
$sql1 = "SELECT * FROM topics WHERE id='{$tid}' LIMIT 1";
$res1 = mysqli_query($connect, $sql1) or die(mysqli_error($connect));
// Check for rows first.
if($res1 and mysqli_num_rows($res1)){
// Use if as while is pointless on LIMIT 1
if($row = mysqli_fetch_array($res1, MYSQLI_ASSOC)) {
$title = $row['topic_title'];
$creator = $row['topic_creator'];
$creator = mysqli_escape_string($connect, $creator);
$sql = "SELECT * FROM users WHERE id='{$creator}' LIMIT 1";
$user_query = mysqli_query($connect, $sql) or die(mysqli_error($connect));
// Check for rows first.
if($user_query and mysqli_num_rows($user_query)){
// Use if as while is pointless on LIMIT 1
if ($row = mysqli_fetch_array($user_query, MYSQLI_ASSOC)) {
$name = $row["first"].$row["last"]; // NO HIT!
}
echo $name;
}else{
echo 'no rows found (query 2).';
}
}
}else{
echo 'no rows found (query 1).';
}
?>
Variable $name is undefined because the $name = ...; line is not reached. So make sure you $sql query actually returns results. It has to in order to define $name.