Ok Before you tell me to use mysqli I am using the depreciated methods on purpose for a webapp lesson. I am not a student, this is not homework, it is to help me teach an understanding for web application security.
I cannot figure out why this wont work. Basically, All I want to do is create a page that takes the data from the mysql database and places it into a table as shown. At this point I am open to anything.
Thank you in advance.
<html>
<head><title>Untitled</title></head>
<body>
<h1>Weblog Example</h1>
<dl>
<?php
mysql_connect("localhost","root","");
mysql_select_db("blog1");
$query ="SELECT entrytitle, entrytext,";
$query.=" DATE_FORMAT(entrydate, '%M %d, %Y') AS entrydate";
$query.=" FROM weblog ORDER BY entrydate DESC LIMIT 10";
$result=mysql_query($query);
?>
<table width="90%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td width="15%" align="center" bgcolor="#E6E6E6"><strong>Title</strong></td>
<td width="75%" align="center" bgcolor="#E6E6E6"><strong>Entry</strong></td>
<td width="15" align="center" bgcolor="#E6E6E6"><strong>Date/Time</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['entrytitle']; ?></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['entrytext']; ?></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['entrydate']; ?></td>
</tr>
<?php
}
?>
</dl>
</body>
</html>
Ok- made some minor edits- it now gives me 3 rows in the table but doesn't populate the data...
Do a var_dump on $entrytitle and $entrytext and you'll understand you error.
Data is temporary stored into $rows when you do a mysql_fetch_array.
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center" bgcolor="#FFFFFF"><? echo $rows["entrytitle"]; ?></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows["entrytext"]; ?></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows["entrytext"]; ?></td>
</tr>
<?php
}
?>
You're using the wrong variable in your while loop, you're also not referencing the correct date column from your query result.
This should give you what you're looking for:
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center" bgcolor="#FFFFFF"><?php echo $rows['entrytitle']; ?></td>
<td align="center" bgcolor="#FFFFFF"><?php echo $rows['entrytext']; ?></td>
<td align="center" bgcolor="#FFFFFF"><?php echo $rows['entrydate']; ?></td>
</tr>
<?php
}
?>
Both your $query.= should read as $query .= that alone will be an issue and will not concatenate properly because of the missing space before the dots.
You're also missing a </table> tag.
Plus, make sure that short tags are set/on, otherwise do <?php echo $rows...
instead of <? echo $rows....
You should also check for possible query errors using:
$result = mysql_query($query) or die(mysql_error());
and using error reporting.
Add error reporting to the top of your file(s) which will help find errors.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// rest of your code
Sidenote: Error reporting should only be done in staging, and never production.
I also suggest you switch to mysqli with prepared statements, or PDO with prepared statements, they're much safer.
Related
I am using a while loop to parse through my database, and I know that the information is there. It is a forum style setup, and after I add a topic and return to the main page, the new line is added, but still blank. I will include my code, I'm not quite sure what I am missing that would cause it to not bring the data from the DB. Also, I am not using PHPMyAdmin, and I believe this tutorial code was originally written for use with it, if this helps address the difference in syntax I might need to solve the problem. Thanks in advance.
mysql_connect("$host","$username","$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$sql="SELECT * FROM $tbl_name ORDER BY id DESC;";
//order result by descending
$result=mysql_query($sql);
?>
<table width="90%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td width="6%" align="center" bgcolor="#E6E6E6"><strong>#</strong></td>
<td width="53%" align="center" bgcolor="#E6E6E6"><strong>Topic</strong></td>
<td width="15%" align="center" bgcolor="#E6E6E6"><strong>Views</strong></td>
<td width="13%" align="center" bgcolor="#E6E6E6"><strong>Replies</strong></td>
<td width="13%" align="center" bgcolor="#E6E6E6"><strong>Date/Time</strong></td>
</tr>
<?php
//start looping table row
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td bgcolor="#FFFFFF"><? echo $rows['id'];?></td>
<td bgcolor="#FFFFFF"><a href="view_topic.php?id=<? echo $rows['id'];?>"><?echo $rows['topic']; ?>
</a><BR></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['view']; ?></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['reply']; ?></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['datetime']; ?></td>
</tr>
<?php
// Exit looping and close connection
}
mysql_close();
?>
Test this : replace <? by <?php
So <? echo $rows['view']; ?> by <?php echo $rows['id']; ?> idem view, reply, datetime
I am trying to view forum topics in this table. However the content of the table will not display. I don't know what I am missing from my code. It shows the table and displays the correct amount of rows but no text.
<?php
include "db.php" ?>
$sql="SELECT * FROM $tbl_name ORDER BY id DESC";
// OREDER BY id DESC is order result by descending
$result=mysql_query($sql);
?>
<table width="90%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td width="6%" align="center" bgcolor="#E6E6E6"><strong>#</strong></td>
<td width="53%" align="center" bgcolor="#E6E6E6"><strong>Topic</strong></td>
<td width="15%" align="center" bgcolor="#E6E6E6"><strong>Views</strong></td>
<td width="13%" align="center" bgcolor="#E6E6E6"><strong>Replies</strong></td>
<td width="13%" align="center" bgcolor="#E6E6E6"><strong>Date/Time</strong></td>
</tr>
<?php
// Start looping table row
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td bgcolor="#FFFFFF"><? echo $rows['id']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['topic']; ?><BR></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['view']; ?></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['reply']; ?></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['datetime']; ?></td>
</tr>
<?php
// Exit looping and close connection
}
mysql_close();
?>
<tr>
<td colspan="5" align="right" bgcolor="#E6E6E6"><strong>Create New Topic</strong> </td>
</tr>
</table>
Remove ?> after include "db.php"
<?php
include "db.php"
$sql="SELECT * FROM $tbl_name ORDER BY id DESC";
// OREDER BY id DESC is order result by descending
$result=mysql_query($sql);
?>
<table width="90%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td width="6%" align="center" bgcolor="#E6E6E6"><strong>#</strong></td>
<td width="53%" align="center" bgcolor="#E6E6E6"><strong>Topic</strong></td>
<td width="15%" align="center" bgcolor="#E6E6E6"><strong>Views</strong></td>
<td width="13%" align="center" bgcolor="#E6E6E6"><strong>Replies</strong></td>
<td width="13%" align="center" bgcolor="#E6E6E6"><strong>Date/Time</strong></td>
</tr>
<?php
// Start looping table row
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td bgcolor="#FFFFFF"><? echo $rows['id']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['topic']; ?><BR></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['view']; ?></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['reply']; ?></td>
<td align="center" bgcolor="#FFFFFF"><? echo $rows['datetime']; ?></td>
</tr>
<?php
// Exit looping and close connection
}
mysql_close();
?>
<tr>
<td colspan="5" align="right" bgcolor="#E6E6E6"><strong>Create New Topic</strong> </td>
</tr>
</table>
It's probably because your server does not have short_open_tag configuration enabled.
Because of that, the following line is not parsed as PHP code, but rather it's considered as plain text.
<? echo $rows['view']; ?>
Use this instead:
<?php echo $rows['view']; ?>
Short tags are considered a PITA in the coding world, because if you ever have to migrate your code to a server that doesn't support it, or you can't enable it, than you have to edit all your code just for that environment when you could have just gone with normal tags. However, as of 5.4.x, short hand tags are enabled by default and parsed in any PHP document. But it's good to keep in mind different environments.
Your code:
<?php
include "db.php" ?>
//--------------------------^ remove this.
So final code should look like:
<?php
include "db.php"
$sql="SELECT * FROM $tbl_name ORDER BY id DESC";
// OREDER BY id DESC is order result by descending
$result=mysql_query($sql);
?>
I am making a forum from one I borrowed online. I would like the main_forum page to show the most recently posted in topic first, and then the second most recently, etc. My code for the main_forum.php is this:
<?php
require_once 'includes/overall/header.php';
$sql="SELECT * FROM `forum_question` ORDER BY id DESC";
// OREDER BY id DESC is order result by descending
$result=mysql_query($sql);
?>
<h1>Forum</h1>
<table width=700 class="outer">
<tr>
<td width="53%" align="center" bgcolor="#E6E6E6"><strong>Topic</strong></td>
<td width="15%" align="center" bgcolor="#E6E6E6"><strong>Views</strong></td>
<td width="13%" align="center" bgcolor="#E6E6E6"><strong>Replies</strong></td>
<td width="13%" align="center" bgcolor="#E6E6E6"><strong>Date/Time</strong></td>
</tr>
<?php
// Start looping table row
if($result === FALSE) {
die(mysql_error()); // TODO: better error handling
}
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td bgcolor="#FFFFFF"><?php echo $rows['topic']; ?><BR></td>
<td align="center" bgcolor="#FFFFFF"><?php echo $rows['view']; ?></td>
<td align="center" bgcolor="#FFFFFF"><?php echo $rows['reply']; ?></td>
<td align="center" bgcolor="#FFFFFF"><?php echo $rows['datetime']; ?></td>
</tr>
<?php
// Exit looping and close connection
}
mysql_close();
?>
<tr>
<td colspan="5" align="right" bgcolor="#E6E6E6"><strong>Create New Topic</strong> </td>
</tr>
</table>
<?php
require_once 'includes/overall/footer.php';
ob_end_flush();
?>
Change your query to retrieve your posts in the order you want them. Taking a guess based on your post I would say your query should look more like:
$sql="SELECT * FROM `forum_question` ORDER BY datetime DESC";
I am trying to implement a UI which the user would be able to select entries by selecting checkboxes to delete them from the database. However, while everything looks fine and able to display, there is an error saying Notice: Undefined variable: delete in /opt/uiForm.php on line 154 whereas $delete is not readable. I am following the example given here. Am I missing anything?
<body>
<form name="frm" method="get" action="doSubmit();">
<?php
// Connect to server and select database.
mysql_connect("127.0.0.1:3306", "root", "")or die("cannot connect");
mysql_select_db("PushApplication")or die("cannot select DB");
$sql="SELECT * FROM Device";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
?>
<table width="400" border="0" cellspacing="1" cellpadding="0">
<tr>
<td><form name="form1" method="post" action="">
<table width="400" border="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td align="center" bgcolor="#FFFFFF">#</td>
<td align="center" bgcolor="#FFFFFF"><strong>ID</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>DeviceID</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>DeviceType</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Description</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>OS_Version</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Status</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center" bgcolor="#FFFFFF"><input name="checkbox[]" type="checkbox" id="checkbox[]" value="<? echo $rows['ID']; ?>"></td>
<td bgcolor="#FFFFFF"><? echo $rows['ID']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['DeviceID']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['DeviceType']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['Description']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['OS_Version']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['Status']; ?></td>
</tr>
<?php
}
?>
<tr>
<td colspan="7" align="center" bgcolor="#FFFFFF"><input name="delete" type="submit" id="delete" value="Delete"></td>
</tr>
<?php
// Check if delete button active, start this
if($delete){
for($i=0;$i<$count;$i++){
$del_id = $checkbox[$i];
$sql = "DELETE FROM Device WHERE ID='$del_id'";
$result = mysql_query($sql);
}
// if successful redirect to delete_multiple.php
if($result){
echo "<meta http-equiv=\"refresh\" content=\"0;URL=delete_multiple.php\">";
}
}
mysql_close();
?>
</table>
</form>
</td>
</tr>
</table>
</form>
</body>
</html>
You really should be using
if (!empty($_POST['delete'])) {
instead of
if ($delete) {
to avoid the notice you are getting. Also your code is prone to the so called SQL injection vulnerability which you read upon if you are considering to put it somewhere on the web.
Also you should be using method="post" instead of GET for this type of operations.
I suspect the other example was not displaying all errors.
When checking for the existence of a variable, you need to use if(!empty($delete)), because if returns an error when the variable it's checking does not exist. empty() does not.
Your code supposes that server's PHP has option register_globals = On; Which is not true by default for the late versions of PHP setup. Read this What are register_globals in PHP?
This the simple php code I am using to view contents of a forum. The problem is , it's working fine in one of my laptop but in second it do not show the output.
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$sql="SELECT * FROM $tbl_name ORDER BY id DESC";
// OREDER BY id DESC is order result by descending
$result=mysql_query($sql);
?>
<table width="90%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td width="6%" align="center" bgcolor="#E6E6E6"><strong>#</strong></td>
<td width="53%" align="center" bgcolor="#E6E6E6"><strong>Topic</strong></td>
<td width="15%" align="center" bgcolor="#E6E6E6"><strong>Views</strong></td>
<td width="13%" align="center" bgcolor="#E6E6E6"><strong>Replies</strong></td>
<td width="13%" align="center" bgcolor="#E6E6E6"><strong>Date/Time</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){ // Start looping table row
?>
<tr>
<td bgcolor="#E6E6E6"><? echo $rows['id']; ?></td>
<td bgcolor="#E6E6E6"><? echo $rows['topic']; ?><BR></td>
<td align="center" bgcolor="#E6E6E6"><? echo $rows['view']; ?></td>
<td align="center" bgcolor="#E6E6E6"><? echo $rows['reply']; ?></td>
<td align="center" bgcolor="#E6E6E6"><? echo $rows['datetime']; ?></td>
</tr>
I checked everything else and they seems fine. Data is present in the database but the it's not showing in forum. Can anybody help me in this?
operating sys : win7
time to learn debugging, pal.
Good place to start: http://www.ibm.com/developerworks/library/os-debug/
for mysql it's extremely handy to run queries this way:
$result=mysql_query($sql) or trigger_error(mysql_error()." ".$sql);
and make sure you can see all errors occurred.
if you can't as a quick fix you can add these lines at the top of the script
ini_set('display_errors',1);
error_reporting(E_ALL);
but for the production state display_errors value should be changed to 0
It is also good practice to check HTML source instead of watching rendered page in the browser. It will tell you if you have any problem with short tags or not. It's always good to know if you have any problem before going to fix it.
you should use
<?php echo $rows['id']; ?> instead of <? echo $rows['id']; ?>
short tag may be disabled.