Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 5 years ago.
Improve this question
I'm learning PDO. Why is the below not working? Where is my mistake / error?
I just want the query to retrieve the highest number from seconds column
..................................................
if ($_SERVER['HTTP_X_FORWARD_FOR']) {
$ipaddress = $_SERVER['HTTP_X_FORWARD_FOR'];
} else {
$ipaddress = $_SERVER['REMOTE_ADDR'];
}
$user = "open";
$password = "r23sSF32";
$database_name = "open2";
$hostname = "localhost";
$dsn = 'mysql:dbname=' . $database_name . ';host=' . $hostname;
$conn = new PDO($dsn, $user, $password);
$sql = "SELECT MAX( seconds ) AS seconds FROM `opentill` WHERE ipaddress='$ipaddress'";
$conn->query($sql) as $row
$largests = $row['seconds'];
Try using prepared statements instead. Here's an example (untested):
$stmt = $conn->prepare("SELECT MAX( seconds ) AS seconds FROM `opentill` WHERE ipaddress = :ipaddress");
$stmt->bindParam(":ipaddress", $ipaddress); // Note: bindParam binds to the REFERENCE of the variable passed, only evaluated when execute() is called
$stmt->execute();
$result = $stmt->fetchColumn();
$result now contains that column value.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 5 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
<?php
$server = "localhost";
$username = "root";
$password = "";
$database = "jaka_crud_ci";
mysqli_connect($server, $username, $password, $database);
$query = "SELECT * FROM pembeli";
$result = mysqli_query($query)
while ( $buyer = mysqli_fetch_assoc($result)){
echo $buyer ["nama_pembeli"];
echo $buyer ["nama_barang"];
echo $buyer ["nama_retribusi"];
}
?>
code above displaying syntax error, unexpected 'while' (T_WHILE). How it will be free from error? Help me
Put a semicolon at the end of
$result = mysqli_query($query);
And you got the syntax wrong for mysqli_query, the correct one is,
mysqli_query($connection_variable, $query)
So for your case it will be like,
$con = mysqli_connect($server, $username, $password, $database);
and then use it like,
$result = mysqli_query($con, $query);
Please update below line
$result = mysqli_query($query)
to
$result = mysqli_query($query);
; is missing in that line. That's why the error occurred.
You are missing ; after mysqli_query($query) . Updated code is as below.
<?php
$server = "localhost";
$username = "root";
$password = "";
$database = "jaka_crud_ci";
mysqli_connect($server, $username, $password, $database);
$query = "SELECT * FROM pembeli";
$result = mysqli_query($query);
while ( $buyer = mysqli_fetch_assoc($result)){
echo $buyer ["nama_pembeli"];
echo $buyer ["nama_barang"];
echo $buyer ["nama_retribusi"];
}
?>
its pretty simple syntax error,You are missing ; after mysqli_query($query)
You can also use the php command line options to check the sytax errors
php -l filename
-l Provides a convenient way to perform only a syntax check on the given PHP code. On success, the text No syntax errors detected in <filename> is written to standard output
it will show if there any sytax error in the give filename
More Detail :http://php.net/manual/en/features.commandline.options.php
i hope this is helpful
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 6 years ago.
Improve this question
So basically I got this code right here:
<?php
include_once 'dbconfig2.php';
$con = new DB_con();
$table = "users";
if(isset($_GET['profile_id']))
{
$sql=mysql_query("SELECT * FROM users WHERE user_id=".$_GET['profile_id']);
$result=mysql_fetch_array($sql);
}
?>
I am clueless as to how I would make it so if the user_id is not existent in the records, they cannot view their profile but it leads them to another messsage or piece of code.
If the user_id doesn't exist, there won't be any rows in the result. When you try to read a row with mysql_fetch_array(), it returns FALSE. So you can simply test $result:
if (!$result) {
die("Invalid profile ID");
}
Try to use prepared statements using mysqli, in order to avoid sql injection.
By way of example:
$mysqli = new mysqli("localhost", "root", "root", "test");
if ($mysqli->connect_errno) {
echo "connect_error". $mysqli->connect_error;
}
$id = $_GET['profile_id'];
$result = $mysqli->prepare('SELECT name FROM users WHERE user_id = ?');
$result->bind_param("i", $id);
$result->execute();
$result->bind_result($col1);
$result->fetch();
$is_valid_profile = (!$col1) ? 'Invalid profile' : 'Valid profile';
echo $is_valid_profile;
$result->close();
http://php.net/manual/en/mysqli.prepare.php
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
$query = sqlsrv_query("select * from sessions where password='$password' AND username='$username'");
$rows = sqlsrv_num_rows($query);
if ($rows == 1) {
$_SESSION['login_user']=$username;
header("location: profile.php");
} else {
$error = "Username or Password is invalid";
}
Hi, I have this code but it's written in mysql and I want it to work in sqlserver so I changed mysql_query into sqlsrv_query and it didn't work properly, and I changed mysql_num_rows into sqlsrv_num_rows and it didn't work either so can anyone help me and tell me how to write them please?
You are missing the connection parameter to sqlsrv_query. While you're at it, you might as well use bind variables instead of string substitution to help guard against SQL-Injection attacks.
$serverName = "serverName\instancename";
$connectionInfo =
array( "Database"=>"dbName", "UID"=>"username", "PWD"=>"password" );
$conn = sqlsrv_connect( $serverName, $connectionInfo);
$params = array($username, $password);
$stmt = sqlsrv_query
($conn,
'select * from sessions where password=? AND username=?',
$params);
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
I have been reading many different pieces of code an I am confused as to why the $echo row[0] at the bottom of my code here does not return anything.
$dbhost = 'localhost';
$uname = $_POST["uname"];
//***create connection object
$connection = mysql_connect($dbhost, "bc572fsdf", "abcdfsds") or die(mysql_error());
$dbname = "bc57db";
mysql_select_db($dbname) or die(mysql_error());
//***select a random security question
//*** need this to import session variables
session_start();
echo ($_SESSION["ValidUser"] . "\n");
$rq = array('q1', 'q2', 'q3');
$rand_key = array_rand($rq, 1);
echo $rq[$rand_key];
$question = $rq[$rand_key];
$qtoanswer = mysql_query("select '$question' from users where uname = '$uname'");
if (!$qtoanswer) {
echo "Could not run query:" . mysql_error();
exit;
}
echo $qtoanswer;
$row = mysql_fetch_row($qtoanswer);
echo $row[0];
?>
The fault is in this line:
$qtoanswer = mysql_query("select '$question' from users where uname = '$uname'");
You should be using grave marks for the column name, such as:
$qtoanswer = mysql_query("select `$question` from users where uname = '$uname'");
^ ^
Also, you should be using MySQLi/PDO, so you can prepare this, or at the very least, escape $uname.
Because you cannot echo a array....try var_dump or print_r, or use a loop:
foreach($row[] as $result) {
echo $row[], '<br>';
}
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I tried to copy How to Check if value exists in a MySQL database and make my own, but for some reason it wont work...
This is what I got:
<?php
$host = '127.0.0.1';
$username = 'root';
$password = '';
$dbname = 'multiplayer';
$con=mysqli_connect($host, $username, $password, $dbname);
$check_player_ip=mysqli_query($con, 'SELECT `player_ip` FROM `playerdata` WHERE username = "remco" AND active = 0');
if (mysqli_num_rows($check_player_ip) == 0) {
//didnt find anything
} else{
//found something
}
?>
I get this error:
Parse error: syntax error, unexpected '$check_player_ip' (T_VARIABLE) in C:\xampp\htdocs\test.php on line 1
Solution
If you get the T_VARIABLE error, check the varriable before this rule. You may forgot the place the ';' xD
Thanks for all support!
You are mixing MySQL APIs, they do not mix together. mysql_num_rows
Use mysqli_num_rows()
Also make sure your DB connection is also mysqli_* and not mysql_*
EDIT after you've edited your question.
You need to pass DB connection to your query:
$check_player_ip=mysqli_query($con,'SELECT...`
$con being your DB connection. Change accordingly.
Plus WHERE username = remco - the word remco needs to be wrapped in quotes, it's a string and not an int.
WHERE username = 'remco'
Sidenote:
Your present code is open to SQL injection.
Use prepared statements, or PDO with prepared statements.
Edit 2:
Try inverting the quotes:
$check_player_ip=mysqli_query($con, "SELECT `player_ip` FROM `playerdata` WHERE username = 'remco' AND active = 0");
if (mysqli_num_rows($check_player_ip) == 0) {
//didnt find anything
}
Try this:
<?php
$host = '127.0.0.1';
$username = 'root';
$password = '';
$dbname = 'multiplayer';
$con = new mysqli( $host, $username, $password, $dbname );
/* Check Connection */
if ( $con->connect_error ) {
printf( "Connect failed: %s\n", $con->connect_error );
exit();
}
/* Query - Returns a resultset */
if ( $result = $con->query('SELECT `player_ip` FROM `playerdata` WHERE username = "remco" AND active = 0 ') ) {
if ( $result->num_rows <= 0 ) {
//didnt find anything
printf("No player");
} else {
//found something
printf("Select returned %d rows.\n", $result->num_rows);
}
/* free result set */
$result->close();
}
/* close connection */
$con->close();
?>
you should execute that mysqli query...
while($rows = mysql_arrayAssoc($ursql)){
$data[]=$rows;
}
if($something== $data['attribute']) //attribute(id,name...)
echo "ok some data is in"
else
echo "no matching data"
I hope it help you :)