There's an error at line $id=$_GET['id']; said that Notice: Undefined index: id in D:\XAMPP\htdocs\view_topic.php on line 101. I tried to change " $_GET " to " $_POST " but the error is still the same. Any help ?
I am trying to retrieve the id from the database and listed all the forum topic posted by users. Others php file can run smoothly. I got problem retrieving id of the post.
<?php
$host="localhost";
$username="root";
$password="";
$db_name="db";
$tbl_name="forum_question";
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// get value of id that sent from address bar
$id=$_GET['id'];
$sql="SELECT * FROM $tbl_name WHERE id='$id'";
$result=mysql_query($sql);
$rows=mysql_fetch_array($result);
?>
Always make use of the isset construct when assigning data to variables from outside world
if(isset($_GET['id']))
{
$id=$_GET['id'];
$sql="SELECT * FROM $tbl_name WHERE id='$id'";
$result=mysql_query($sql);
$rows=mysql_fetch_array($result);
}
else
{
echo "ID was not set. Let me go and check the form again !";
}
?>
This variable has to be set in your URL. You have to check if it's present:
<?php
$host = "localhost";
$username = "root";
$password = "";
$db_name = "db";
$tbl_name = "forum_question";
// Connect to server and select databse.
$db = new mysqli($host, $username, $password, $db_name);
// get value of id that sent from address bar
$id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
if($id <> 0) {
// TODO
// 404 Not Found
} else {
$sql = "SELECT * FROM $tbl_name WHERE id='$id'";
$row = $db->query($sql)->fetch_assoc();
// TODO
// Do Something with Data
}
Your URL must then be http://example.com/path/to/script.php?id=42
I added (int), so no sql injections are possible.
I replaced mysql_* by MySQLi, see comment to your question.
I removed quotes from variables in your query, you don't need them.
Related
<?php
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="hsp_property"; // Database name
$tbl_name="project_directory"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
//Get values from form
$id = $_POST['id'];
$hospital = $_POST['hospital'];
$project = $_POST['project'];
$state = $_POST['state'];
$status = $_POST['status'];
$da_status = $_POST['da_status'];
$pm = $_POST['pm'];
$budgett = $_POST['budgett'];
$budgetat = $_POST['budgetat'];
$pdapproval = $_POST['pdapproval'];
$pdcs = $_POST['pdcs'];
$pdcd = $_POST['pdcd'];
$pdcf = $_POST['pdcf'];
$pnm = $_POST['pnm'];
$prm = $_POST['prm'];
$comments = $_POST['comments'];
// update data in mysql database
$sql="UPDATE $tbl_name SET Hospital='$hospital', Project='$project', State='$state',Project_Status='$status',DA_Status='$da_status',Project_Manager='$pm',Budget_Total='$budgett',Budget_Approved='$budgetat',Project_Approval_Dates='$pdapproval',Project_Contstruction_Dates='$pdcs',Project_Contract_Dates='$pdcd',Project_Current_Dates='$pdcf',Program_Next_Milestone='$pnm',Program_Milestone='$prm',Comments='$comments' WHERE id='$id'";
$result=mysql_query($sql);
// if successfully updated.
if ($result) {
header ('Location: ../project_directory.php');
}
else {
echo 'Error';
}
?>
The above is some code to update a MySQL db, i'm running WAMP to test the website before I'll upload.
I've been using the phpeasysteps tutorial as php and mysql is new to me. It's been working all ok until now.
Would love to know what i'm doing wrong, the PhpEasySteps tutorial might be a tad old as i've had to update a few elements of the initial code to get it to work..
Replace echo 'Error'; with echo mysql_error(); to see why you didn't get a result and then slap yourself for misspelling a column name or something most likely easily overlooked. If you still can't figure it out, post the error. And if you go that far, post the result of SHOW CREATE TABLE project_directory
You need to add $link_identifier to your mysql_select_db database selection,
Syntax: bool mysql_select_db ( string $database_name [, resource $link_identifier = NULL ] )
$link = mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name", $link)or die("cannot select DB");
You can use mysql_error(); function to find the mysql related errors.
i'm going to update a row into mysql database. the senarius is: taking the values from a form and redirect to another file and set the form values to database using update statement. the problem is that mysql_query return value 1 and does not return any error but when i check the database through phpmyadmin my database doesn't affected.
here is the code
<?php
$host="localhost";
$username="root";
$password="";
$db_name="login_takrim";
$tbl_name="takrim_users";
// Connect to server and select databse.
mysql_connect("c$host","$username","$password") or die("can not connect");
mysql_select_db($db_name) or die(mysql_error());
// username and password sent from form
$myusername=$_POST["txtusername"];
$mypassword=$_POST["txtpassword"];
$myemail=$_POST["txtemail"];
// To protect MySQL injection
$myusername=stripslashes($myusername);
$myemail=stripslashes($myemail);
$mypassword=stripslashes($mypassword);
$myemail=mysql_real_escape_string($myemail);
$myusername=mysql_real_escape_string($myusername);
$mypassword=mysql_real_escape_string($mypassword);
echo "$myusername $mypassword $myemail";// test to see i get the form value on the php server.
$sql="UPDATE $tbl_name SET username = '$myusername' and password = '$mypassword' and email= '$myemail' where showname='hussein'";
$result=mysql_query($sql) or die(mysql_error());//does not return error
echo $result;
if($result==false)
{
echo "no";
}
else
{
//header("location:setEmail.php");
echo "yes";
}
?>
query may excuted correctly may be there was no matching records just do like this
<?php
$host="localhost";
$username="root";
$password="";
$db_name="login_takrim";
$tbl_name="takrim_users";
// Connect to server and select databse.
mysql_connect("c$host","$username","$password") or die("can not connect");
mysql_select_db($db_name) or die(mysql_error());
// username and password sent from form
$myusername=$_POST["txtusername"];
$mypassword=$_POST["txtpassword"];
$myemail=$_POST["txtemail"];
// To protect MySQL injection
$myusername=stripslashes($myusername);
$myemail=stripslashes($myemail);
$mypassword=stripslashes($mypassword);
$myemail=mysql_real_escape_string($myemail);
$myusername=mysql_real_escape_string($myusername);
$mypassword=mysql_real_escape_string($mypassword);
echo "$myusername $mypassword $myemail";// test to see i get the form value on the php server.
$sql="UPDATE $tbl_name SET username = '$myusername', password = '$mypassword',email= '$myemail' where showname='hussein'";
$result=mysql_query($sql) or die(mysql_error());//does not return error
if(mysql_num_rows($result) > 0)
{
//header("location:setEmail.php");
echo "yes";
}
else
{
echo "no";
}
?>
Chage your UPDATE statement like this
$sql="UPDATE $tbl_name SET `username` = '$myusername',`password` = '$mypassword',`email`= '$myemail' where `showname`='hussein'";
Disclaimer: Stop using mysql_* functions as they are deprecated. Switch to MySQLi or PDO instead.
You have an extra c here (before $host):
mysql_connect("c$host","$username","$password") or die("can not connect");
I've got two different sites. What I'd like to do is to automatically run a script that sends some of the data inserted into the database in site 1 when a user registers and updates a table in the database for site 2 so that an account is automatically created in site 2 using the same details.
I'm at the stage of trying to create a query that will update the database. I'm the self-made type so don't know that well what I'm doing. Got this query from somewhere but can't make it work. Can anyone tell what's wrong with it? It's not executing the query.
Thanks!
Eugenie
<?php
$host = "localhost"; // Host name
$username = "----"; // Mysql username
$password = "----"; // Mysql password
$db_name1 = "------"; // Database name
$db_name2 = "-----"; // Database name
$tbl_name1 = "-----"; // Table name
$tbl_name2 = "---"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name1")or die("cannot select DB");
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name2")or die("cannot select DB");
$query = "USE $db_name2
UPDATE $db_name2.dbo.$tbl_name2
SET email=d2.email FROM $db_name1.dbo.$tbl_name1 d2
WHERE d2.uid = $tbl_name1.uid";
$result = mysql_query($query) or die ("could't execute query.");
?>
<?php
$host = "localhost"; // Host name
$username = "----"; // Mysql username
$password = "----"; // Mysql password
$db_name1 = "------"; // Database name
$db_name2 = "-----"; // Database name
$tbl_name1 = "-----"; // Table name
$tbl_name2 = "---"; // Table name
$conn = mysql_connect($host, $username, $password);
mysql_select_db($db_name1, $conn) or die("cannot select DB");
mysql_select_db($db_name2, $conn) or die("cannot select DB");;
$query1 = "SELECT * FROM `" . $db_name1.$tb1_name1 . "` ";
$query2 = "SELECT * FROM `" . $db_name2.$tb1_name2 . "` ";
You can fetch data of above query from both database as below
$result1 = mysql_query($query1);
while($row = mysql_fetch_assoc($result1)) {
$data1[] = $row;
}
$result2 = mysql_query($query2);
while($row = mysql_fetch_assoc($result2)) {
$data2[] = $row;
}
print_r($data1);
print_r($data2);
?>
Suggestion: Try shifting to mysqli or PDO since mysql is depreciated now.
Recall the documentation for mysql_connect:
Returns a MySQL link identifier on success or FALSE on failure.
... and the documentation for the second parameter for mysql_query:
The MySQL connection. If the link identifier is not specified, the last link opened by mysql_connect() is assumed. If no such link is found, it will try to create one as if mysql_connect() was called with no arguments. If no connection is found or established, an E_WARNING level error is generated.
... should solve your problem. Example:
$link1 = mysql_connect( ... ); // For db 1.
$link2 = mysql_connect( ... ); // For db 2.
$result1 = mysql_query( "some query for db 1", $link1 );
$result2 = mysql_query( "some query for db 2", $link2 );
Well,
first of all, you're not connecting to two different databases, but using two different schemas in the same database. So only a mysql_connect should be used.
Also, if you're using full qualified names to access your tables you don't need to call mysql_select_db, nor the 'use db_name' mysql command.
Your query string is wrong. After USE $db_name2 you should have a semi-colon, and the update sentence is not correct.
Code could be somthing like that:
mysql_connect(...)
$query = "update $db2.$table2, $db1.$table1
I've spent quite a long time trying to figure out why this block of code is not working. After logging in (on an html page that uses post to send the data to this php document) it says: "cannot select the database!!" (without quotes). Please help! Thank you!
<?php
$host="localhost";
$username="root";
$password="";
$db_name="firstTestLogins";
$tbl_name="members";
mysql_connect("$host", "$username, $password") or die("cannot connect to the database!!");
mysql_select_db("firstTestLogins") or die("cannot select the database!!");
$username=$_POST['username'];
$password=$_POST['password'];
$username=stripslashes($username);
$password=stripslashes($password);
$username=mysql_real_escape_string($username);
$password=mysql_real_escape_string($password);
$password = md5($password);
echo "This is a debug statement. User = $username and password = $password <br><br><br>";
if(!($sql="SELECT * FROM $tbl_name WHERE username = '$username' and password = '$password")) {die(mysql_error());}
$result = mysql_query($sql);
$test3 = mysql_num_rows(/*$result*/mysql_query($sql));
echo "$test3";
if(mysql_num_rows(/*$result*/mysql_query($sql))) { //should be true because only one row should match the user and pass
$_SESSION['username'] =1;
$_SESSION['password'] =1;
header("location:login_success.php");
}
else {
echo "The incorrect username or password was inserted";
}
?>
This is wrong:
mysql_connect("$host", "$username, $password");
it needs to be
mysql_connect($host, $username, $password);
you will see the exact problem by outputting mysql_error().
mysql_select_db("firstTestLogins")
or die("cannot select the database! ".mysql_error());
please change the code from:
mysql_select_db("firstTestLogins") or die("cannot select the database!!");
to:
mysql_select_db("firstTestLogins") or die(mysql_error());
This will help you to figure out why MYSQL cannot select the DB
In addition to the comments about selecting the database:
if(!($sql="SELECT * FROM $tbl_name WHERE username = '$username' and password = '$password")) {die(mysql_error());}
Silly doing a test with a mysql_error if the $sql string isn't being set... this won't generate a mysql error
You're also missing a closing ' in your $sql
$sql="SELECT * FROM $tbl_name WHERE username = '$username' and password = '$password'";
$result = mysql_query($sql);
if(!$result)
die(mysql_error());
Only thing I can think of is that the firstTestLogins database either doesn't exist on the database or is not accessible by the username/password combination you're using.
SOLUTION: I was pointed at the wrong database thanks for the help.
the count below returns 0 but when i run it manually there is a result.
by manually i mean copying the SQL that is echo'd by my code and pasting it into the mySQL command.
<?
$host="localhost"; // Host name
$username="userName"; // Mysql username
$password="userPW"; // Mysql password
$db_name="dbName"; // Database name
$tbl_name="userBase"; // Table name
// Connect to server and select databse.
$link=mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$user=$_POST['user'];
$pass=$_POST['pass'];
// To protect MySQL injection (more detail about MySQL injection)
$user = stripslashes($user);
$pass = stripslashes($pass);
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
$salt = substr($pass, 0, 1);
$encrypted_pswd = crypt($pass, $salt);
$sql="SELECT * FROM $tbl_name WHERE user=\"$user\" and pass=\"$encrypted_pswd\";";
echo $sql."<br>";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
echo "count=".$count."<br>";
?>
Try:
$sql = sprintf("SELECT * FROM %s WHERE user='%s' and pass='%s'", $tbl_name, $user, $encrypted_pswd);