Solved

trouble with PHP/sql syntax

Posted on 2011-09-08
13
197 Views
Last Modified: 2012-05-12
In PHP, I"m trying to use a query something like this:

$query = mssql_query("SELECT     CUSTOMER
FROM         SSCUSTOM
WHERE     (CUSTOMER LIKE '%$customer%')
 ");

I've tried various combinations of punctuation to properly offset the $customer variable, but nothing has worked.  Can someone help?

thanks.
0
Comment
Question by:kennmurrah
  • 5
  • 3
  • 2
  • +2
13 Comments
 
LVL 2

Expert Comment

by:shdwmage
ID: 36504710
Try this
$query = 'SELECT customer FROM sscustomer WHERE (Customer like %' . $customer . '%)';

$result = @mdsql_query($query);

Open in new window

0
 
LVL 2

Expert Comment

by:shdwmage
ID: 36504716
err MSsql not Mdsql fat fingers sorry.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 36504925
This is the format that I'm using on a working example.  I'm assuming that your field and table names are the correct case.  Depends on whether you have set up your database to be case sensitive or not.
$query = mssql_query("SELECT CUSTOMER FROM SSCUSTOM WHERE CUSTOMER LIKE '%$customer%'");

Open in new window

0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 27

Accepted Solution

by:
Lukasz Chmielewski earned 500 total points
ID: 36505121
Or if Dave's won't work, try this:


$query = mssql_query("SELECT CUSTOMER FROM SSCUSTOM WHERE CUSTOMER LIKE '%".$customer."%'");

Open in new window

0
 
LVL 27

Expert Comment

by:Lukasz Chmielewski
ID: 36505132
... of course I'm sure Dave is right :P
0
 

Author Comment

by:kennmurrah
ID: 36505215
I just noticed that I'm getting the error: "Warning: mysql_fetch_array(): supplied resource is not a valid MySQL result resource in /var/www/psilookup/2.php on line 11" ....

<?php
$connect = mssql_connect("psi", "php", "holistic") or die ("couldn't
connect");

mssql_select_db('[PS11_0_2]', $connect);

$query = mssql_query("SELECT CUSTOMER FROM SSCUSTOM WHERE CUSTOMER LIKE '%".$customer."%'");

	 if ($row = mysql_fetch_array($query)) { 
do { 
	$customer = $row["CUSTOMER"];
	$url_customer = urlencode($customer);
	
 echo "<a href=\"3.php?customer=$url_customer\">" . $customer . "</a><br>";
// echo "<a href=\"3.php?customer=$url_customer\">" . $customer .  "</a><br>";
}
 while($row = mysql_fetch_array($result)); } else {print "<p> No matches found.";} 
 
 ?>

Open in new window


so I'm really confused now.

0
 
LVL 2

Expert Comment

by:shdwmage
ID: 36505385
I believe it has to do with your if statement.  you aren't performing the query and saving it anywhere.
0
 
LVL 2

Expert Comment

by:shdwmage
ID: 36505387
Nevermind, i read it wrong.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 36505407
!! You can't mix MySQL and MS SQL, they are two different databases and drivers.
0
 
LVL 2

Expert Comment

by:shdwmage
ID: 36505413
I am not sure if this makes a difference or not:

You have MSSQL in one location and MYSQL in the other.

<?php
$connect = mssql_connect("psi", "php", "holistic") or die ("couldn't connect");

mssql_select_db('[PS11_0_2]', $connect);

$query = mssql_query("SELECT CUSTOMER FROM SSCUSTOM WHERE CUSTOMER LIKE '%".$customer."%'");

if ($row = mssql_fetch_array($query)) { 
	do { 
		$customer = $row["CUSTOMER"];
		$url_customer = urlencode($customer);
		echo "<a href=\"3.php?customer=$url_customer\">" . $customer . "</a><br>";
		// echo "<a href=\"3.php?customer=$url_customer\">" . $customer .  "</a><br>";
		}
		while($row = mysql_fetch_array($result)); 
	} 
	else {
		print "<p> No matches found.";
		} 

?>

Open in new window

0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 36505418
Here's the correction but that code does not look complete.
<?php
$connect = mssql_connect("psi", "php", "holistic") or die ("couldn't
connect");

mssql_select_db('[PS11_0_2]', $connect);

$query = mssql_query("SELECT CUSTOMER FROM SSCUSTOM WHERE CUSTOMER LIKE '%".$customer."%'");

         if ($row = mysql_fetch_array($query)) { 
do { 
        $customer = $row["CUSTOMER"];
        $url_customer = urlencode($customer);
        
 echo "<a href=\"3.php?customer=$url_customer\">" . $customer . "</a><br>";
// echo "<a href=\"3.php?customer=$url_customer\">" . $customer .  "</a><br>";
}
 while($row = mssql_fetch_array($result)); } else {print "<p> No matches found.";} 
 
 ?>

Open in new window

0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 36516439
Warning: mysql_fetch_array(): supplied resource is not a valid MySQL result ...

This almost always means the query failed.  MySQL is not a black box.  It can and will fail, sometimes for reasons that are outside of your control, and your programming needs to test for success whenever you make a call to MySQL.  When a query fails you will want to know why.

To understand why, you need to see the contents of mysql_error().  Here is a little code snippet with some teaching examples for a few of the basics in PHP + MySQL.  As you can see, it will help you visualize the query string and any errors that might occur.

If you want a good learning resource on the subject, this book is very readable and has excellent examples.
http://www.sitepoint.com/books/phpmysql4/

HTH, ~Ray
<?php // RAY_mysql_example.php
error_reporting(E_ALL);


// THE ABSOLUTE MINIMUM YOU MUST UNDERSTAND TO USE PHP AND MYSQL
// MAN PAGE: http://php.net/manual/en/ref.mysql.php
// MAN PAGE: http://php.net/manual/en/mysql.installation.php
// MAN PAGE: http://php.net/manual/en/function.mysql-connect.php
// MAN PAGE: http://php.net/manual/en/function.mysql-select-db.php
// MAN PAGE: http://php.net/manual/en/function.mysql-real-escape-string.php
// MAN PAGE: http://php.net/manual/en/function.mysql-query.php
// MAN PAGE: http://php.net/manual/en/function.mysql-errno.php
// MAN PAGE: http://php.net/manual/en/function.mysql-error.php
// MAN PAGE: http://php.net/manual/en/function.mysql-num-rows.php
// MAN PAGE: http://php.net/manual/en/function.mysql-fetch-assoc.php
// MAN PAGE: http://php.net/manual/en/function.mysql-fetch-array.php
// MAN PAGE: http://php.net/manual/en/function.mysql-insert-id.php



// CONNECTION AND SELECTION VARIABLES FOR THE DATABASE
$db_host = "localhost"; // PROBABLY THIS IS OK
$db_name = "??";        // GET THESE FROM YOUR HOSTING COMPANY
$db_user = "??";
$db_word = "??";


// OPEN A CONNECTION TO THE DATA BASE SERVER
if (!$db_connection = mysql_connect("$db_host", "$db_user", "$db_word"))
{
    $errmsg = mysql_errno() . ' ' . mysql_error();
    echo "<br/>NO DB CONNECTION: ";
    echo "<br/> $errmsg <br/>";
}

// SELECT THE MYSQL DATA BASE
if (!$db_sel = mysql_select_db($db_name, $db_connection))
{
    $errmsg = mysql_errno() . ' ' . mysql_error();
    echo "<br/>NO DB SELECTION: ";
    echo "<br/> $errmsg <br/>";
    die('NO DATA BASE');
}
// IF THE SCRIPT GETS THIS FAR IT CAN DO QUERIES




// ESCAPE AN EXTERNAL DATA FIELD FOR USE IN MYSQL QUERIES
$safe_username = mysql_real_escape_string($_POST["username"]);




// CREATE AND SEND A SELECT QUERY AND TEST THE RESULTS
$sql = "SELECT id FROM my_table WHERE username='$safe_username'";
$res = mysql_query($sql);

// IF mysql_query() RETURNS FALSE, SHOW THE ERROR
if (!$res)
{
    $errmsg = mysql_errno() . ' ' . mysql_error();
    echo "<br/>QUERY FAIL: ";
    echo "<br/>$sql <br/>";
    die($errmsg);
}
// IF WE GET THIS FAR, THE QUERY SUCCEEDED AND WE HAVE A RESOURCE-ID IN $res SO WE CAN NOW USE $res IN OTHER MYSQL FUNCTIONS




// DETERMINE HOW MANY ROWS OF RESULTS WE GOT
$num = mysql_num_rows($res);
if (!$num)
{
    echo "<br/>QUERY FOUND NO DATA: ";
    echo "<br/>$sql <br/>";
}
else
{
    echo "<br/>QUERY FOUND $num ROWS OF DATA ";
    echo "<br/>$sql <br/>";
}




// ITERATE OVER THE RESULTS SET TO SHOW WHAT WE FOUND
while ($row = mysql_fetch_assoc($res))
{
    var_dump($row);
}




// A WAY OF DETERMINING HOW MANY ROWS WE HAVE IN A TABLE
$sql = "SELECT COUNT(*) FROM my_table";
$res = mysql_query($sql);

// IF mysql_query() RETURNS FALSE, GET THE ERROR REASONS
if (!$res)
{
    $errmsg = mysql_errno() . ' ' . mysql_error();
    echo "<br/>QUERY FAIL: ";
    echo "<br/>$sql <br/>";
    die($errmsg);
}
// GET THE RESULTS SET ROW IN AN ARRAY WITH A NUMERIC INDEX - POSITION ZERO IS THE COUNT
$row = mysql_fetch_array($res, MYSQL_NUM);
$num = $row[0];
$fmt = number_format($num);
echo "<br/>THERE ARE $fmt ROWS IN THE TABLE";




// MAKING AN INSERT QUERY AND TESTING THE RESULTS
$sql = "INSERT INTO my_table (username) VALUES ('$safe_username')";
$res = mysql_query($sql);

// IF mysql_query() RETURNS FALSE, GET THE ERROR REASONS
if (!$res)
{
    $errmsg = mysql_errno() . ' ' . mysql_error();
    echo "<br/>QUERY FAIL: ";
    echo "<br/>$sql <br/>";
    die($errmsg);
}
// GET THE AUTO_INCREMENT ID OF THE RECORD JUST INSERTED - PER THE DB CONNECTION
$id  = mysql_insert_id($db_connection);
echo "<br/>YOU JUST INSERTED A RECORD WITH AUTO_INCREMENT ID = $id";

Open in new window

0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 36562962
Interesting.  The answer accepted from Roads_Roads produces EXACTLY the same query string as the answer that was offered up by DaveBaldwin earlier.  Here is the code that proves it.  It is usually a good idea to test the code posted here at EE before you assume that something is right or wrong.

However the most important part about this question is understanding how to visualize errors.  In order to do that you would never create the query string in the same statement as the function call.  You would create the query string separately in its own variable, so you can print it out in case you get an error.
<?php // RAY_temp_kennmurrah.php
error_reporting(E_ALL);

$db = "SELECT CUSTOMER FROM SSCUSTOM WHERE CUSTOMER LIKE '%$customer%'";
$rr = "SELECT CUSTOMER FROM SSCUSTOM WHERE CUSTOMER LIKE '%".$customer."%'";

echo $db;
echo "<br/>";
echo $rr;

Open in new window

0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows gives you an overview on SQL Server 2016 row level security. You will also get to know the usages of row-level-security and how it works
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Using examples as well as descriptions, and references to Books Online, show the documentation available for date manipulation functions and by using a select few of these functions, show how date based data can be manipulated with these functions.
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now