I did wrote piece of php code to show 'product' name from a database.But nothing shows up after executing,Database is ok,i double checked database,table name,other fieldsI couldn't figure out the error so please help.
code
<?php
mysql_connect('localhost','root');
mysql_select_db('cybersoft');
$no=1;
$res=mysql_query("select product from test where 'serial'=$no ");
while($rowa=mysql_fetch_array($res))
{
echo $rowa[1];
}
?>
First of all, mysql_connect() takes three parameters.
mysql_connect('localhost', 'root', 'mypassword');
and to see an error you can use mysql_error() function
mysql_query('some query') or die(mysql_error());
Change single quote (') to ` or just remove. Quotes are used for string types.
select product from test where `serial`= $no
Remove your quotes around serial, they are not needed. This should work:
$res=mysql_query("select product from test where serial=$no");
If result is still empty, double check that there is a row with serial = 1.
$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
if (!$link) {
die('Error: ' . mysql_error());
}
mysql_select_db('cybersoft');
$res=mysql_query("select product from test where serial=" . $no);
Remove the single quotes around "serial", or make them backticks instead.
Also, you likely aren't seeing anything when you run the script because you don't have error reporting turned on. Do that in php.ini or programatically:
error_reporting(E_ALL);
Try this
mysql_connect('localhost','root');
mysql_select_db('cybersoft');
$no=1;
$res=mysql_query("select product from test where serial='$no' ");
while($rowa=mysql_fetch_array($res))
{
echo $rowa[1];
}
?>
Try this
$res=mysql_query("select product from test where serial=$no");
Related
I am trying to display an image using php. The image is stored in MYSQL table. I am able to retrieve the information from mysql in my php code, but i am having trouble displaying the image.
$db_link = mysql_connect($host_name, $user_name, $password) or die("Could not connect to $host_name");
mysql_select_db("gameportal") or die("Could not select database $db_name");
$query = "select * from gamesinfo;";
$result = mysql_query($query, $db_link) or die("Could not select");
$Row = mysql_fetch_row($result);
echo "$Row[0]<br>";
echo "$Row[1]<br>";
echo "<img src="$Row[7]" class="body" alt="" /> <br>";//image
echo "$Row[5]<br>";
Row 7 contains the location of the image (in this case a weblink). When i try to display the webpage, the page is blank, nothing shows, but when i remove that line with the pic, the webpage shows with the remaining info. What am i doing wrong?
This is the culprit:
echo "<img src="$Row[7]" class="body" alt="" /> <br>";
You use unquoted double quotes inside double quotes ;-). Try
echo "<img src='$Row[7]' class='body' alt='' /> <br>";
EDIT
The point is not the double quotes inside double quotes, but unquoted double quotes inside double quotes - this should work as well:
echo "<img src=\"$Row[7]\" class=\"body\" alt=\"\" /> <br>";
I missed this the first time but:
<?php
$db_link = mysql_connect($host_name, $user_name, $password) or die("Could not connect to $host_name");
mysql_select_db("gameportal")bor die("Could not select database $db_name");
You've got bor instead of or. Make sure to turn PHP errors on.
Try this
Images is a directory where the images are stored.
$dir="images/";
**
echo "<img src='$dir/$row[image]' width=100px height=100px>";
**
It works fine.
Not an exact answer.... but a small piece of advice. I have written an answer because I don't have the reputation for commenting. You can turn on error reporting with this line at the top of php script.
error_reporting(-1);
Such kinds of errors would be displayed on screen and you would be able to debug yourself. When your work is done you can simply do this...
error_reporting(0);
Refer this link: PHP error reporting
I have this code which doesn't work for some reason
$con = mysql_connect("$server", "$user", "$pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db('$db', $con);
// BLOCK 1
$supplier=$_POST["supplier"];
$supplierNowBalance =$_POST["supplierNowBalance"];
$supplierBalance=$supplierNowBalance - $supplier;
mysql_query("UPDATE inv SET balance='".$supplierBalance."' WHERE username='supplier' AND name='bingo'");
echo $supplierBalance;
// END OF BLOCK 1
Everything before and after the UPDATE statement works. I copied the update statement to PHPMyAdmin and it updates just fine! I don't get it. for some reason php is not running the mysql_query
Few tips: I have few of this block of code in the program so it goes through all of them posts and calculates, and updates
I have tried every possible combination for the mysql query (with and without 's )
###############ANSWER__________
Thanks for the answer but I figured it out. Apparently PHP is desperate to have double quote "" around the connection string.
On line 6, when I descrbed the database variable
mysql_select_db('$db', $con);
I had single qoute, I changed it to double qoute and bam, it worked, Thanks
mysql_select_db("$db", $con);
balance is numeric right? you shouldn't wrap it with single quotes.
mysql_query("UPDATE inv SET balance= " . $supplierBalance . " WHERE username='supplier' AND name='bingo'");
using PDO makes it invulnerable with SQL INJECTION
<?php
// other codes
$stmt = $dbh->prepare("UPDATE inv SET balance = ? WHERE username = ? AND name = ?");
$stmt->bindParam(1, $supplierBalance);
$stmt->bindParam(2, 'supplier');
$stmt->bindParam(3, 'bingo');
$stmt->execute();
// other codes
?>
Thanks for the answer but I figured it out. Apparently PHP is desperate to have double quote "" around the connection string.
On line 6, when I descrbed the database variable
mysql_select_db('$db', $con);
I had single qoute, I changed it to double qoute and bam, it worked, Thanks
mysql_select_db("$db", $con);
I'm having a problem trying to truncate the 'requestID' field from my requests table.
This is my code.
<?php
include 'mysql_connect.php';
USE fypmysqldb;
TRUNCATE TABLE requestID;
echo "Request ID table has been truncated";
?>
I'm using server side scripting so no idea what error is coming back.
Anyone got an idea?
You aren't executing queries, you're just putting SQL code inside PHP which is invalid. This assumes you are using the mysql_*() api (which I kind of suspect after viewing one of your earlier questions), but can be adjusted if you are using MySQLi or PDO.
// Assuming a successful connection was made in this inclusion:
include 'mysql_connect.php';
// Select the database
mysql_select_db('fypmysqldb');
// Execute the query.
$result = mysql_query('TRUNCATE TABLE requestID');
if ($result) {
echo "Request ID table has been truncated";
}
else echo "Something went wrong: " . mysql_error();
Take a look at the function mysql_query which performs the query execution. The code to execute a query should look something like this.
$link = mysql_connect('host', 'username', 'password') or die(mysql_error());
mysql_select_db("fypmysqldb", $link) or die(mysql_error());
mysql_query("TRUNCATE TABLE requestID", $link) or die(mysql_error());
mysql_close($link);
My code doesn't insert any records to mysql. What is wrong? I am really confused.
I have designed a form and I want to read data from text box and send to the database.
<?php
if(isset($_post["tfname"]))
{
$id=$_post["tfid"];
$name=$_post["tfname"];
$family=$_post["tffamily"];
$mark=$_post["tfmark"];
$tel=$_post["tftell"];
$link=mysql_connect("localhost","root","");
if (!$link)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("university",$link);
$insert="insert into student (sid,sname,sfamily,smark,stel) values ($id,'$name','$family',$mark,$tel)";
mysql_query($insert,$link);
}
mysql_close($link);
?>
You'd better to put quotation mark for id, mark and tel after values in your query. Also as #Another Code said, you must use $_POST instead of $_post in your code. Try this and tell me the result:
<?php
if(isset($_POST["tfname"])) {
$id=$_POST["tfid"];
$name=$_POST["tfname"];
$family=$_POST["tffamily"];
$mark=$_POST["tfmark"];
$tel=$_POST["tftell"];
$link=mysql_connect("localhost","root","");
if (!$link) {
die('Could not connect: ' . mysql_error());
} else {
mysql_select_db("university",$link);
$insert="insert into student
(sid,sname,sfamily,smark,stel) values
('$id','$name','$family','$mark','$tel')";
mysql_query($insert,$link) or die (mysql_error());
mysql_close($link);
}
} else {
die('tfname did not send');
}
?>
Use mysql_query($insert,$link) or die (mysql_error()); to fetch the error message.
With the code you've provided it could almost be anything - to do some tests... have you echo'd something to confirm you are even getting the tfname in POST? Does it select the database fine? Do the fields $id, $mark, and $tel need single quotes around them as well? We need to know more about where the code is not working to provide more help but that snippet appears as though it should be running, in the interim, please use some echo's to narrow down your problem!
Try to run the generated sql query in the sql query browser. Get the query by "echo $insert" statement.
change the $insert to:
$insert="insert into student (sid,sname,sfamily,smark,stel) values ($id,'".$name."','".$family."','".$mark."','".$tel."')";
further set ini_set('display_errors',1) so that php displays the error messages as required.
Lastly, whenever doing a mysql query, try to use or die(mysql_error()) in the query so that if somethings wrong with mysql or syntax, we are aware.
$q = mysql_query($query) or die(mysql_error());
For some reason, JavaScript/PHP wont delete my data from MySQL! Here is the rundown of the problem.
I have an array that displays all my MySQL entries in a nice format, with a button to delete the entry for each one individually. It looks like this:
<?php
include("login.php");
//connection to the database
$dbhandle = mysql_connect($hostname, $username, $password)
or die("<br/><h1>Unable to connect to MySQL, please contact support at support#michalkopanski.com</h1>");
//select a database to work with
$selected = mysql_select_db($dbname, $dbhandle)
or die("Could not select database.");
//execute the SQL query and return records
if (!$result = mysql_query("SELECT `id`, `url` FROM `videos`"))
echo 'mysql error: '.mysql_error();
//fetch tha data from the database
while ($row = mysql_fetch_array($result)) {
?>
<div class="video"><a class="<?php echo $row{'id'}; ?>" href="http://www.youtube.com/watch?v=<?php echo $row{'url'}; ?>">http://www.youtube.com/watch?v=<?php echo $row{'url'}; ?></a><a class="del" href="javascript:confirmation(<? echo $row['id']; ?>)">delete</a></div>
<?php }
//close the connection
mysql_close($dbhandle);
?>
The delete button has an href of javascript:confirmation(<? echo $row['id']; ?>) , so once you click on delete, it runs this:
<script type="text/javascript">
<!--
function confirmation(ID) {
var answer = confirm("Are you sure you want to delete this video?")
if (answer){
alert("Entry Deleted")
window.location = "delete.php?id="+ID;
}
else{
alert("No action taken")
}
}
//-->
</script>
The JavaScript should theoretically pass the 'ID' onto the page delete.php. That page looks like this (and I think this is where the problem is):
<?php
include ("login.php");
mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
mysql_select_db ($dbname)
or die("Unable to connect to database");
mysql_query("DELETE FROM `videos` WHERE `videos`.`id` ='.$id.'");
echo ("Video has been deleted.");
?>
If there's anyone out there that may know the answer to this, I would greatly appreciate it. I am also opened to suggestions (for those who aren't sure).
Thanks!
In your delete.php script, you are using this line :
mysql_query("DELETE FROM `videos` WHERE `videos`.`id` ='.$id.'");
The $id variable doesn't exists : you must initialize it from the $_GET variable, like this :
$id = $_GET['id'];
(This is because your page is called using an HTTP GET request -- ie, parameters are passed in the URL)
Also, your query feels quite strange : what about this instead :
mysql_query("DELETE FROM `videos` WHERE `videos`.`id` = '$id' ");
ie, removing the '.' : you are inside a string already, so there is nothing to concatenate (the dot operator in PHP is for concatenation of strings)
Note :
if this works on some server, it is probably because of register_globals
For more informations, see Using Register Globals
But note that this "feature" has been deprecated, and should definitely not be used !
It causes security risks
And should disappear in PHP 6 -- that'll be a nice change, even if it breaks a couple of old applications
your code has a big SQL injection hole : you should sanitize/filter/escape the $id before using it in a query !
If you video.id is a string, this means using mysql_real_escape_string
If you where using the mysqli or PDO extensions, you could also take a look at prepared statements
with an integer, you might call intval to make sure you actually get an integer.
So, in the end, I would say you should use something that looks like this :
$id = $_GET['id'];
$escaped_id = mysql_real_escape_string($id);
$query = "DELETE FROM `videos` WHERE `videos`.`id` = '$escaped_id'";
// Here, if needed, you can output the $query, for debugging purposes
mysql_query($query);
You're trying to delimit your query string very strangely... this is what you want:
mysql_query('DELETE FROM `videos` WHERE `videos`.`id` ='.$id);
But make sure you sanitize/validate $id before you query!
Edit: And as Pascal said, you need to assign $id = $_GET['id'];. I overlooked that.
In your delete.php you never set $id.
You need to check the value in $_REQUEST['id'] (or other global variable) and ONLY if it's an integer, set $id to that.
EDIT: Oh, also you need to remove the periods before and after $id in the query. You should print out your query so you can see what you're sending to the sql server. Also, you can get the SQL server's error message.
You add extra dots in the string.
Use
mysql_query("DELETE FROM `videos` WHERE `videos`.`id` ='$id'");
instead of
mysql_query("DELETE FROM `videos` WHERE `videos`.`id` ='.$id.'");
Also check how do you get the value of $id.
Thanks everyone. I used Pascal MARTIN's answer, and it comes to show that I was missing the request ($_GET) to get the 'id' from the precious page, and that some of my query was incorrect.
Here is the working copy:
<?php
include ("login.php");
$id = $_GET['id'];
mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
mysql_select_db ($dbname)
or die("Unable to connect to database");
mysql_query("DELETE FROM `videos` WHERE `videos`.`id` = $id ");
echo ("Video ".$id." has been deleted.");
?>
Thanks again!