WordPress is a very popular option for running your web site and can be used to get your content online quickly for the world to see. This guide will walk you through installing the WordPress server software and the initial setup process.
Course Of The Month
11 days, 9 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
MySQL Query
Posted on 2010-08-25
I have set up a html form:
<FORM ACTION="http:// -----------" METHOD="post">
<INPUT TYPE='text" NAME="quest" SIZE="40" MAXLENGTH="100" VALUE="" />
etc.
and a php file that contains
$query = $_POST['quest'];
The idea is that an SQL Query is typed in as text and then that is passed to the php file which executes the query. It works sometimes, but doesn't work most of the time --- evidently that $_POST doesn't capture the query just as typed. (The php program works fine if I type the query in.
This is my first question to Experts-Exchange.
<FORM ACTION="http:// -----------" METHOD="post">
<INPUT TYPE='text" NAME="quest" SIZE="40" MAXLENGTH="100" VALUE="" />
etc.
and a php file that contains
$query = $_POST['quest'];
The idea is that an SQL Query is typed in as text and then that is passed to the php file which executes the query. It works sometimes, but doesn't work most of the time --- evidently that $_POST doesn't capture the query just as typed. (The php program works fine if I type the query in.
This is my first question to Experts-Exchange.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
7
6-
5
- +1
19 Comments
Why don't you rather use a
<textarea name="quest"></textarea>
this could be very problematic :
SIZE="40" MAXLENGTH="100"
<textarea name="quest"></textarea>
this could be very problematic :
SIZE="40" MAXLENGTH="100"
Active today
please post samples of query that works and dont work...
also please post the original (what you enter) and what you get from php (using echo statement, from the page source)
also please post the original (what you enter) and what you get from php (using echo statement, from the page source)
Active today
please post sample values after modifying your input value like arch suggested
<INPUT TYPE="text" NAME="quest" SIZE="40" MAXLENGTH="100" VALUE="" />
-->
<textarea name="quest" cols=40 rows=4></textarea>
<INPUT TYPE="text" NAME="quest" SIZE="40" MAXLENGTH="100" VALUE="" />
-->
<textarea name="quest" cols=40 rows=4></textarea>
MySQL queries have characters which you sometimes need to escape.
try using $query = mysql_escape_string($_POST
try using $query = mysql_escape_string($_POST
Here is the HTML page:
<html>
<head>
<title>AJSN</title>
</head>
<body>
<FORM ACTION="http://www.korski.net/AJSN2.php" METHOD="post">
<p>
Query:
<TEXTAREA NAME="quest" ROWS=4 COLS=40></TEXTAREA><BR>
</p>
<input TYPE="submit" NAME="submit" VALUE="Go!"/>
</form>
</body>
</html>
Here is the important part of the php file:
$query = mysql_escape_string($_POST
echo $query;
$result = mysql_query($query);
echo "<html><head><title>Premie
echo "<h1>Arnold-Jackson-Silacc
echo "<table border='2' cellspacing='0' cellpadding='6'>";
if (mysql_num_rows($result)>0
{
echo "<tr>";
//loop thru the field names to print the correct headers
$i = 0;
while ($i < mysql_num_fields($result))
{
echo "<th>". mysql_field_name($result, $i) . "</th>";
$i++;
}
echo "</tr>";
}
if($result)
{
while($row = mysql_fetch_array($result,
{
echo "<tr>";
//loop thru the fields
$i = 0;
while ($i < mysql_num_fields($result))
{echo "<td>".$row[$i]."</td>";
$i++;
}
echo "</tr>";
}
}
echo "</table></body></html>";
?>
Also, I loaded 2 images --- one working and one not working
AJSN-Worked.tiff
AJSN-DoesntWork.tiff
<html>
<head>
<title>AJSN</title>
</head>
<body>
<FORM ACTION="http://www.korski.net/AJSN2.php" METHOD="post">
<p>
Query:
<TEXTAREA NAME="quest" ROWS=4 COLS=40></TEXTAREA><BR>
</p>
<input TYPE="submit" NAME="submit" VALUE="Go!"/>
</form>
</body>
</html>
Here is the important part of the php file:
$query = mysql_escape_string($_POST
echo $query;
$result = mysql_query($query);
echo "<html><head><title>Premie
echo "<h1>Arnold-Jackson-Silacc
echo "<table border='2' cellspacing='0' cellpadding='6'>";
if (mysql_num_rows($result)>0
{
echo "<tr>";
//loop thru the field names to print the correct headers
$i = 0;
while ($i < mysql_num_fields($result))
{
echo "<th>". mysql_field_name($result, $i) . "</th>";
$i++;
}
echo "</tr>";
}
if($result)
{
while($row = mysql_fetch_array($result,
{
echo "<tr>";
//loop thru the fields
$i = 0;
while ($i < mysql_num_fields($result))
{echo "<td>".$row[$i]."</td>";
$i++;
}
echo "</tr>";
}
}
echo "</table></body></html>";
?>
Also, I loaded 2 images --- one working and one not working
AJSN-Worked.tiff
AJSN-DoesntWork.tiff
LastName is most likely a varchar so the query should be :
select * from Person where LastName = 'Arnold';
I've tried all of the suggestions so far, and nothing works for me. It must have something to do with arch-itect's comment, but I had tried the quotes many times --- both with and without dazza98's comments.
ALL of the fields are CHAR fields (including the ID field), so I don't understand why it works with the ID field (which is the primary key) but will not work with any of the other fields.
ALL of the fields are CHAR fields (including the ID field), so I don't understand why it works with the ID field (which is the primary key) but will not work with any of the other fields.
Active today
select * from Person where id=0000002
may work and interpreted as
select * from Person where id=2
but
select * from Person where LastName=Arnold
does not work, you should use
select * from Person where LastName='Arnold'
may work and interpreted as
select * from Person where id=2
but
select * from Person where LastName=Arnold
does not work, you should use
select * from Person where LastName='Arnold'
Active today
try
select * from Person where LastName=''Arnold''
or
select * from Person where LastName="Arnold"
(copy paste these queries and run, one is with double ', the other is single ")
select * from Person where LastName=''Arnold''
or
select * from Person where LastName="Arnold"
(copy paste these queries and run, one is with double ', the other is single ")
Active today
when you enter
select * from Person where LastName='Arnold'
you said it does not work, but what the you get on page (screen you posted @ 33527822)
select * from Person where LastName='Arnold'
you said it does not work, but what the you get on page (screen you posted @ 33527822)
Here is the window when using quotes around Arnold.
DoesntWork2.tiff
DoesntWork2.tiff
Here you go:
<html>
<head>
<title>Premiere Products</title>
</head>
<body>
<h1>Arnold-Jackson-Silacci-Nixon Genealogy</h1>
<form action="index.php" method="post">
<p>
DB Server : <input type="text" name="host" value="localhost"></input><br/>
Database Name: <input type="text" name="database" value="mysql"></input><br/>
DB User : <input type="text" name="user" value="root"></input><br/>
DB Password : <input type="text" name="password"></input><br/>
Query:
<textarea NAME="quest" ROWS=4 COLS=40></textarea><BR />
</p>
<input TYPE="submit" NAME="submit" VALUE="Go!"/>
</form>
<?php
$linkID = 0; // Result of mysql_connect()
function connect() {
$host = $_POST['host']; // Hostname of our MySQL server
$database = $_POST['database']; // Logical database name on that server
$user = $_POST['user']; // Database user
$password = $_POST['password']; // Database user's password
echo "Host : $host <br/>";
echo "Database : $database <br/>";
echo "Username : $user <br/>";
echo "Password : $password <br/>";
$lID = mysql_connect($host, $user, $password);
if (!$lID) {
echo("connect failed");
}
$selectResult = mysql_select_db($database, $lID);
if(!$selectResult) {
$errno = mysql_errno($lID);
$error = mysql_error($lID);
echo("cannot select database <I>".$database."</I>");
}
return $lID;
}
//Here is the important part of the php file:
$query = mysql_escape_string($_POST['quest']);
if (strlen($query) > 0) {
$linkID = connect();
echo "linkID : $linkID<br/>";
echo "Query : $query <br/>";
$result = mysql_query($query, $linkID);
echo "<table border='2' cellspacing='0' cellpadding='6'>";
if (mysql_num_rows($result)>0) {
echo "<tr>";
//loop thru the field names to print the correct headers
$i = 0;
while ($i < mysql_num_fields($result)) {
echo "<th>". mysql_field_name($result, $i) . "</th>";
$i++;
}
echo "</tr>";
}
if($result) {
while($row = mysql_fetch_array($result,MYSQL_BOTH)) {
echo "<tr>";
//loop thru the fields
$i = 0;
while ($i < mysql_num_fields($result)) {
echo "<td>".$row[$i]."</td>";
$i++;
}
echo "</tr>";
}
}
}
?>
</body>
</html>
Active today
arch-itect, what is your suggestion to fix the problem(?)
where is \\\ coming from?
comment out this line
$query = mysql_escape_string($_POST
dont use mysql_escape_string
where is \\\ coming from?
comment out this line
$query = mysql_escape_string($_POST
dont use mysql_escape_string
Sorry, didn't test with quotes.
The textarea is called "quest" so:
The textarea is called "quest" so:
<html>
<head>
<title>Premiere Products</title>
</head>
<body>
<h1>Arnold-Jackson-Silacci-Nixon Genealogy</h1>
<form action="index.php" method="post">
<p>
DB Server : <input type="text" name="host" value="localhost"></input><br/>
Database Name: <input type="text" name="database" value="mysql"></input><br/>
DB User : <input type="text" name="user" value="root"></input><br/>
DB Password : <input type="text" name="password"></input><br/>
Query:
<textarea NAME="quest" ROWS=4 COLS=40></textarea><BR />
</p>
<input TYPE="submit" NAME="submit" VALUE="Go!"/>
</form>
<?php
$linkID = 0; // Result of mysql_connect()
function connect() {
$host = $_POST['host']; // Hostname of our MySQL server
$database = $_POST['database']; // Logical database name on that server
$user = $_POST['user']; // Database user
$password = $_POST['password']; // Database user's password
echo "Host : $host <br/>";
echo "Database : $database <br/>";
echo "Username : $user <br/>";
echo "Password : $password <br/>";
$lID = mysql_connect($host, $user, $password);
if (!$lID) {
echo("connect failed");
}
$selectResult = mysql_select_db($database, $lID);
if(!$selectResult) {
$errno = mysql_errno($lID);
$error = mysql_error($lID);
echo("cannot select database <I>".$database."</I>");
}
return $lID;
}
//Here is the important part of the php file:
$query = $_POST['quest'];
if (strlen($query) > 0) {
$linkID = connect();
echo "linkID : $linkID<br/>";
echo "Query : $query <br/>";
$result = mysql_query($query, $linkID);
echo "<table border='2' cellspacing='0' cellpadding='6'>";
if (mysql_num_rows($result)>0) {
echo "<tr>";
//loop thru the field names to print the correct headers
$i = 0;
while ($i < mysql_num_fields($result)) {
echo "<th>". mysql_field_name($result, $i) . "</th>";
$i++;
}
echo "</tr>";
}
if($result) {
while($row = mysql_fetch_array($result,MYSQL_BOTH)) {
echo "<tr>";
//loop thru the fields
$i = 0;
while ($i < mysql_num_fields($result)) {
echo "<td>".$row[$i]."</td>";
$i++;
}
echo "</tr>";
}
}
}
?>
</body>
</html>
You have to add :
foreach($_POST as $name => $value){
if(get_magic_quotes_gpc()=
$_POST[$name] = stripslashes($value);
}else{
}
}
at the beginning of the php code, so finally :
(this file has to be named index.php because the post method posts to itself, or change the form action to the file)
foreach($_POST as $name => $value){
if(get_magic_quotes_gpc()=
$_POST[$name] = stripslashes($value);
}else{
}
}
at the beginning of the php code, so finally :
(this file has to be named index.php because the post method posts to itself, or change the form action to the file)
<html>
<head>
<title>Premiere Products</title>
</head>
<body>
<h1>Arnold-Jackson-Silacci-Nixon Genealogy</h1>
<form action="index.php" method="post">
<p>
DB Server : <input type="text" name="host" value="localhost"></input><br/>
Database Name: <input type="text" name="database" value="mysql"></input><br/>
DB User : <input type="text" name="user" value="root"></input><br/>
DB Password : <input type="text" name="password" value=""></input><br/>
Query:
<textarea NAME="quest" ROWS=4 COLS=40></textarea><BR />
</p>
<input TYPE="submit" NAME="submit" VALUE="Go!"/>
</form>
<?php
foreach($_POST as $name => $value){
if(get_magic_quotes_gpc()==1){
$_POST[$name] = stripslashes($value);
}else{
}
}
$linkID = 0; // Result of mysql_connect()
function connect() {
$host = $_POST['host']; // Hostname of our MySQL server
$database = $_POST['database']; // Logical database name on that server
$user = $_POST['user']; // Database user
$password = $_POST['password']; // Database user's password
echo "Host : $host <br/>";
echo "Database : $database <br/>";
echo "Username : $user <br/>";
echo "Password : $password <br/>";
$lID = mysql_connect($host, $user, $password);
if (!$lID) {
echo("connect failed");
}
$selectResult = mysql_select_db($database, $lID);
if(!$selectResult) {
$errno = mysql_errno($lID);
$error = mysql_error($lID);
echo("cannot select database <I>".$database."</I>");
}
return $lID;
}
$query = $_POST['quest'];
if (strlen($query) > 0) {
$linkID = connect();
echo "linkID : $linkID<br/>";
//$query = mysql_real_escape_string($query, $linkID);
echo "Query : $query <br/>";
$result = mysql_query($query, $linkID);
echo "<table border='2' cellspacing='0' cellpadding='6'>";
if (mysql_num_rows($result)>0) {
echo "<tr>";
//loop thru the field names to print the correct headers
$i = 0;
while ($i < mysql_num_fields($result)) {
echo "<th>". mysql_field_name($result, $i) . "</th>";
$i++;
}
echo "</tr>";
}
if($result) {
while($row = mysql_fetch_array($result,MYSQL_BOTH)) {
echo "<tr>";
//loop thru the fields
$i = 0;
while ($i < mysql_num_fields($result)) {
echo "<td>".$row[$i]."</td>";
$i++;
}
echo "</tr>";
}
}
}
?>
</body>
</html>
Featured Post
We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.
Â
(CODE)
(CODE)
Then you just need to pass your date to the function.
If i…
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month11 days, 9 hours left to enroll
623 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.