php-general Digest 5 Aug 2011 19:09:09 -0000 Issue 7430
Topics (messages 314370 through 314390):
Re: Sending a message
314370 by: Negin Nickparsa
314371 by: wil prim
314372 by: Negin Nickparsa
314373 by: wil prim
314374 by: Negin Nickparsa
314375 by: Negin Nickparsa
314376 by: Negin Nickparsa
314377 by: David Holmes
314378 by: wil prim
314379 by: Negin Nickparsa
314380 by: Negin Nickparsa
314381 by: wil prim
314382 by: Negin Nickparsa
314383 by: Jim Lucas
314384 by: wil prim
314385 by: Negin Nickparsa
Re: saving sessions
314386 by: Florian Müller
314389 by: Jen Rasmussen
Re: testing
314387 by: David Robley
Re: You can play with PHP 5.4.0 alpha3 on Windows, EasyPHP 5.4 alpha3 is out!
314388 by: Sharl.Jimh.Tsin
using pg_query in a function not working
314390 by: Marc Fromm
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-gene...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
in previous pages you must have a login page and in login page you must
store the username and then in next steps you have username in
$_SESSION['user']
now if it is not your problem then what is the problem?
--- End Message ---
--- Begin Message ---
Well my problem is when i click submit, the $_SESSION['user'] ('from' part of the table in my db) is blank, so im guessing the $_SESSION variable didnt pass through.
On Aug 04, 2011, at 10:11 PM, Negin Nickparsa <nickpa...@gmail.com> wrote:
in previous pages you must have a login page and in login page you must
store the username and then in next steps you have username in
$_SESSION['user']
now if it is not your problem then what is the problem?
--- End Message ---
--- Begin Message ---
you must check setting your session with this one:
if(isset($_SESSION['user']))
{
// Identifying the user
$user = $_SESSION['user'];
// Information for the user.
}
tell me what you have done in login page?
--- End Message ---
--- Begin Message ---
This is the login.php which checks the form on the login page.
<?php
session_start();
include('connect.php');
$user=$_POST['user'];
$pass=$_POST['pass'];
$sql="SELECT * FROM members WHERE username='$_POST[user]' and password='$_POST[pass]'";
$result=mysql_query($sql, $con);
$count=mysql_num_rows($result);
if ($count==1){
session_start();
$_SESSION['user'] = $user;
}
else{
echo 'Wrong Username or Password';
}
?>
On Aug 04, 2011, at 10:23 PM, Negin Nickparsa <nickpa...@gmail.com> wrote:
you must check setting your session with this one:
if(isset($_SESSION['user']))
{
// Identifying the user
$user = $_SESSION['user'];
// Information for the user.
}
tell me what you have done in login page?
--- End Message ---
--- Begin Message ---
did you set the <form method='post'>
?
--- End Message ---
--- Begin Message ---
in this line password='$_POST[pass]'";
you have error change it to password='$_POST['pass']'";
--- End Message ---
--- Begin Message ---
well,sorry change it to password=$pass (better)
also check your errors by php yourpage.php
it is more better to not stock in errors like this one
--- End Message ---
--- Begin Message ---
Your code is full of security errors .. You should use mysql escape
string(google it ) to protect your database from beiÿng hacked
David Holmes
twitter @mrstanfan
owner of the exclusive StanFan.com
Whats Your StanFan?
-----Original Message-----
From: wil prim <wilp...@me.com>
Date: Sat, 06 Aug 2011 04:49:32
To: PHP MAILINGLIST<php-gene...@lists.php.net>; Philly
Holbrook<pholbro...@gmail.com>
Subject: [PHP] Sending a message
Ok so I have tried to create a sort of messaging system on my website and I
have run into some problems storing who the message is from, ill try to take
you through step by step what I am trying to do.
step #1 (messages.php): <--This is where the member will view the recent
messages that have been posted
<div id='messages'>
<?php
include 'connect.php';
session_start();
$_SESSION['user']=$user;
//store sql queries
$sql="SELECT * FROM entries";
$result=mysql_query($sql, $con);
$count=mysql_num_rows($result);
if ($count<1){
echo 'There are no messages yet!';
}
while ($row=mysql_fetch_array($result)){
echo 'From: ' .$row['from'];
echo '<br/>';
echo 'Subject: ' .$row['subject'];
echo '<br/>';
echo 'Message: ' .$row['body'];
echo '<hr/>';
}
?>
</div>
Step #2 (create_message.php):<-- This is where the user creates a new message
<h2> Create new message</h2>
<table border='0' width='100%' cellpadding='3px'
style='text-align: top;'>
<form method='post' action='insert_message.php'>
<tr width='100%' height='30%' style='margin-top: 0px;'>
<td> Subject </td>
<td> <input type='text' name='subject' maxlength='30'></td>
</tr>
<tr width='100%' height='30%'>
<td> Body </td>
<td><textarea name='body' style='height: 200px; width:
400px;'></textarea></td>
</tr>
<tr>
<td colspan='2' align='center'><input type='submit'
name='new_message' value='Send!'/> </td>
</tr>
</form>
</table>
Step #3 (insert_message.php)<-- this is where my problem is (trying to insert
$_SESSION['user'] into table ['from'])
<?php
include 'connect.php';
session_start();
$user=$_SESSION['user'];
if ($_POST['new_message']){
include 'connect.php';
session_start();
$_SESSION['user']=$user;
$body=$_POST['body'];
$subject=$_POST['subject'];
$date=' ';
$sql="INSERT INTO `entries` (
`id` ,
`from` ,
`subject` ,
`body` ,
`date`
)
VALUES (
NULL , '$user', '$subject', '$body', '$date'
)";
if (mysql_query($sql,$con)){
echo 'Inserted!';
echo $user;
}
else
echo 'Not Inserted';
}
?>
Hope i dont piss anyone off with such a long message, I just really need help
on this.
Thanks!
--- End Message ---
--- Begin Message ---
Woot! Got it! There was a page in between that stored $_SESSION['user']=$user rather than other way around! Thank you! and yea I will secure it!
On Aug 04, 2011, at 10:37 PM, David Holmes <dholmes1...@gmail.com> wrote:
Your code is full of security errors .. You should use mysql escape string(google it ) to protect your database from beiÿng hacked
David Holmes
twitter @mrstanfan
owner of the exclusive
StanFan.com
Whats Your StanFan?
-----Original Message-----
From: wil prim <
wilp...@me.com>
Date: Sat, 06 Aug 2011 04:49:32
To: PHP MAILINGLIST<
php-gene...@lists.php.net>; Philly Holbrook<
pholbro...@gmail.com>
Subject: [PHP] Sending a message
Ok so I have tried to create a sort of messaging system on my website and I have run into some problems storing who the message is from, ill try to take you through step by step what I am trying to do.
step #1 (messages.php): <--This is where the member will view the recent messages that have been posted
<div id='messages'>
<?php
include 'connect.php';
session_start();
$_SESSION['user']=$user;
//store sql queries
$sql="SELECT * FROM entries";
$result=mysql_query($sql, $con);
$count=mysql_num_rows($result);
if ($count<1){
echo 'There are no messages yet!';
}
while ($row=mysql_fetch_array($result)){
echo 'From: ' .$row['from'];
echo '<br/>';
echo 'Subject: ' .$row['subject'];
echo '<br/>';
echo 'Message: ' .$row['body'];
echo '<hr/>';
}
?>
</div>
Step #2 (create_message.php):<-- This is where the user creates a new message
<h2> Create new message</h2>
<table border='0' width='100%' cellpadding='3px' style='text-align: top;'>
<form method='post' action=''>
<tr width='100%' height='30%' style='margin-top: 0px;'>
<td> Subject </td>
<td> <input type='text' name='subject' maxlength='30'></td>
</tr>
<tr width='100%' height='30%'>
<td> Body </td>
<td><textarea name='body' style='height: 200px; width: 400px;'></textarea></td>
</tr>
<tr>
<td colspan='2' align='center'><input type='submit' name='new_message' value='Send!'/> </td>
</tr>
</form>
</table>
Step #3 (insert_message.php)<-- this is where my problem is (trying to insert $_SESSION['user'] into table ['from'])
<?php
include 'connect.php';
session_start();
$user=$_SESSION['user'];
if ($_POST['new_message']){
include 'connect.php';
session_start();
$_SESSION['user']=$user;
$body=$_POST['body'];
$subject=$_POST['subject'];
$date=' ';
$sql="INSERT INTO `entries` (
`id` ,
`from` ,
`subject` ,
`body` ,
`date`
)
VALUES (
NULL , '$user', '$subject', '$body', '$date'
)";
if (mysql_query($sql,$con)){
echo 'Inserted!';
echo $user;
}
else
echo 'Not Inserted';
}
?>
Hope i dont piss anyone off with such a long message, I just really need help on this.
Thanks!
--- End Message ---
--- Begin Message ---
or if you want to do this risky and none secure thing try this:
$query="select * from members where user='".$_POST['user']."'and
pass=password('$pas')";
well first you must check errors in mysql
then storing in session
also it is better to use:
$user=mysql_real_escape_string($_POST['user']);
then write the query
--- End Message ---
--- Begin Message ---
well I wonder!
with error syntaxes now it is working? or without them?
--- End Message ---
--- Begin Message ---
I think Ill just use the better secured one, thanks!
On Aug 04, 2011, at 10:41 PM, Negin Nickparsa <nickpa...@gmail.com> wrote:
or if you want to do this risky and none secure thing try this:$query="select * from members where user='"$_POST['user']."'and pass=password('$pas')";
well first you must check errors in mysql
then storing in session
also it is better to use:
$user=mysql_real_escape_string($_POST['user']);
then write the query
--- End Message ---
--- Begin Message ---
it is better to use this one:
http://www.php.net/mysql_real_escape_string
if you don't use this by inputting just a qoute or this input '--'
a hacker can easily hack your syntax
in another steps your site will send a message like:
error in mysql on this line lob lob ..
in this part he will find your server that it is my sql:D
he/she will try anither syntaxes and by errors he/she finds your table names
and ...:D
you know how bad:D
then obey the security rules
--- End Message ---
--- Begin Message ---
On 8/5/2011 9:49 PM, wil prim wrote:
Ok so I have tried to create a sort of messaging system on my website and I have
run into some problems storing who the message is from, ill try to take you
through step by step what I am trying to do.
*step #1 *(messages.php):<--This is where the member will view the recent
messages that have been posted
<div id='messages'>
<?php
include 'connect.php';
session_start() should be called before anything else on the page is
done. move this to the first line after your opening <?php tag.
session_start();
First... from one of your other emails, you explain that by the time you
get to this page, your user has already logged in. But in the next
line, you are AFAICT setting the $_SESSION['user'] to a null value. Try
commenting this line out and see what happens.
$_SESSION['user']=$user;
//store sql queries
$sql="SELECT * FROM entries";
You should change this a little. I realize their isn't much to go wrong
with this SQL statement, but you never know...
$result=mysql_query($sql, $con);
$result = mysql_query($sql, $con) OR
die('SQL ERROR: '. mysql_errno($con) .'<br />'. mysql_error($con));
$count=mysql_num_rows($result);
if ($count<1){
echo 'There are no messages yet!';
}
I think you are missing an ELSE clause here...
while ($row=mysql_fetch_array($result)){
echo 'From: ' .$row['from'];
echo '<br/>';
echo 'Subject: ' .$row['subject'];
echo '<br/>';
echo 'Message: ' .$row['body'];
echo '<hr/>';
}
?>
</div>
*Step #2* (create_message.php):<-- This is where the user creates a new message
<h2> Create new message</h2>
<table border='0' width='100%' cellpadding='3px' style='text-align: top;'>
<form method='post' action='insert_message.php'>
<tr width='100%' height='30%' style='margin-top: 0px;'>
<td> Subject</td>
<td> <input type='text' name='subject' maxlength='30'></td>
</tr>
<tr width='100%' height='30%'>
<td> Body</td>
<td><textarea name='body' style='height: 200px; width: 400px;'></textarea></td>
</tr>
<tr>
<td colspan='2' align='center'><input type='submit' name='new_message'
value='Send!'/> </td>
</tr>
</form>
</table>
*Step #3 *(insert_message.php)<-- this is where my problem is (trying to insert
$_SESSION['user'] into table ['from'])
This script is riddled with security issues and errors.
<?php
include 'connect.php';
Again with the session_start() thing. Move it to the top.
session_start();
Why do this? Just use $_SESSION['user'] where you would use $user...
$user=$_SESSION['user'];
This is going to cause a NOTICE error. Check out isset()
if ($_POST['new_message']){
You including this file for a second time. Does it need to?
include 'connect.php';
Calling this a second time, just for good measure??? Remove it.
session_start();
Again, you are clearing your $_SESSION['user'] variable.
$_SESSION['user']=$user;
If you are going to assign the values to new variables, I would suggest
tossing htmlspecialchars() around each one.
$body=$_POST['body'];
$subject=$_POST['subject'];
$date=' ';
Also, before you go using those variables above in your SQL below, you
should wrap a call to mysql_real_escape_string() around them.
$sql="INSERT INTO `entries` (
`id` ,
`from` ,
`subject` ,
`body` ,
`date`
)
VALUES (
NULL , '$user', '$subject', '$body', '$date'
)";
Refer to my suggestion about about adding the OR die() portion to the
following command.
if (mysql_query($sql,$con)){
echo 'Inserted!';
echo $user;
}
else
echo 'Not Inserted';
}
?>
Hope i dont piss anyone off with such a long message, I just really need help on
this.
Thanks!
--- End Message ---
--- Begin Message ---
lol wow ok thanks, Im very new to coding, started html about 2 months ago, so ty for letting me know the security of the language! is there any place where i can read (other than the php manual), about a tutorial on security?
On Aug 04, 2011, at 10:49 PM, Negin Nickparsa <nickpa...@gmail.com> wrote:
it is better to use this one:
if you don't use this by inputting just a qoute or this input '--'
a hacker can easily hack your syntax
in another steps your site will send a message like:
error in mysql on this line lob lob ..
in this part he will find your server that it is my sql:D
he/she will try anither syntaxes and by errors he/she finds your table names
and ...:D
you know how bad:D
then obey the security rules
--- End Message ---
--- Begin Message ---
well,what is the problem with these manuals :) ?
google these ones:
security exploits that are SQL injection, Cross Site Scripting(xss) and
Cross Site Request Forgery
many security issues you can find
also
for your code problems try this site:
stackoverflow.com
previous times when I had these problems people in this list was too angry
about me:D
by posting emails about array like $_POST
LOL! one of those angry people told me this site I am thankful to him:)
I am happy on this Site
be a member in there;)
they will answer your code issues in just a second:)
--- End Message ---
--- Begin Message ---
But please do not use cookies to store a password as code! Cookies are human
readable with some add-ons....
Check like this:
if someone registers, insert it into a table:
<?php
$username = mysql_real_escape_string($_POST["username"]);
$password = md5($_POST["password"]);
mysql_query("INSERT INTO USER VALUES('" . $username . "','" . $password . "')");
header('location: register_success.php');
?>
Then, if someone wants to log in, use like this:
<?php
$username = mysql_real_escape_string($_POST["username"]);
$password = md5($_POST["password"]);
$sel = "SELECT * FROM USER WHERE USERNAME = '" . $username . "' AND PASSWORD =
'" . $password . "'";
$unf = mysql_query($sel);
$count = mysql_num_rows($unf);
if ($count == 1) {
header('location: login_success.php');
}
else {
echo "Login not successful!";
}
?>
If you want to store something into cookies, use a name which is not good
understandable, like a shortcut for a logical sentense:
Titcftmws ("This is the cookie for the main webSite") or something ^^
In there, you can save username and password, but PLEASE save the password at
least md5()-encryptet, so not everyone can save it.
Now you can check like this:
<?php
if ($_COOKIE['Titcftmws'] == mysql_real_escape_string($_POST["username"]) . "|"
. md5($_POST["password"])) {
//in the cookie is for the user with username 'jack' and password 'test'
this value: "jack|098f6bcd4621d373cade4e832627b4f6"
echo "you are logged in";
}
else {
echo "not logged in!";
}
?>
This is as far as I know a quite high level of security, in comparisions with
other ways.
Regs, Flo
> From: midhungir...@gmail.com
> Date: Fri, 5 Aug 2011 08:20:11 +0530
> To: wilp...@me.com
> CC: php-gene...@lists.php.net
> Subject: Re: [PHP] saving sessions
>
> On Sat, Aug 6, 2011 at 7:56 AM, wil prim <wilp...@me.com> wrote:
>
> > Hello, im new to the whole storing sessions thing and I really dont know
> > how to ask this question, but here it goes. So on my site when someone logs
> > in the login.php file checks for a the username and password in the table i
> > created, then if it finds a match it will store a $_SESSION [] variable. To
> > be exact the code is as follows:
> > if ($count=='1')
> > {
> > session_start();
> > $_SESSION['user']=$user; // $user is the $_POST['user'] from the login
> > form
> > header('location: login_success.php');
> > }
> >
> > Now what i would like to know is how do i make my website save new changes
> > the user made while in their account?
> >
> > thanks!
> >
> >
>
> You will have to store the user account related data in the database for
> persistence.... Or if the site not having a 'user account system' you may
> use cookies to store the settings...
>
>
>
> Midhun Girish
--- End Message ---
--- Begin Message ---
In addition to the info below, I would caution you to do some research on
password hashing.
MD5 and SHA-1 are both known to be compromised because they are too fast.
OWASP (Open Web Application Security Project) is a great resource for
security research.
There are many hashes available, if you have PHP 5.3+ look into bCrypt
(built into PHP 5.3+ as CRYPT).
The CRYPT_BLOWFISH option is the best choice.
A good article is here:
http://yorickpeterse.com/articles/use-bcrypt-fool/
Otherwise, use this code to see a list of your available algorithms. You
also want to make sure
to research salting and stretching of your hash if you are unable to use
bCrypt.
<?php print_r(hash_algos()); ?>
You might also want to look into PHPASS if you have a version of PHP
previous to 5.3.
Although it will default to using MD5 for older versions, the salting and
stretching of the hash are what make it more
secure, not the algorithm itself (seems to be a bit of controversy on this
point).
* Note that if you use PHPASS, once you do upgrade to 5.3+, it will default
to the CRYPT_BLOWFISH option.
Cheers!
Jen
-----Original Message-----
From: Florian Müller [mailto:florip...@hotmail.com]
Sent: Friday, August 05, 2011 1:35 AM
To: midhungir...@gmail.com; php-gene...@lists.php.net
Subject: RE: [PHP] saving sessions
But please do not use cookies to store a password as code! Cookies are human
readable with some add-ons....
Check like this:
if someone registers, insert it into a table:
<?php
$username = mysql_real_escape_string($_POST["username"]);
$password = md5($_POST["password"]);
mysql_query("INSERT INTO USER VALUES('" . $username . "','" . $password .
"')");
header('location: register_success.php');
?>
Then, if someone wants to log in, use like this:
<?php
$username = mysql_real_escape_string($_POST["username"]);
$password = md5($_POST["password"]);
$sel = "SELECT * FROM USER WHERE USERNAME = '" . $username . "' AND PASSWORD
= '" . $password . "'";
$unf = mysql_query($sel);
$count = mysql_num_rows($unf);
if ($count == 1) {
header('location: login_success.php');
}
else {
echo "Login not successful!";
}
?>
If you want to store something into cookies, use a name which is not good
understandable, like a shortcut for a logical sentense:
Titcftmws ("This is the cookie for the main webSite") or something ^^
In there, you can save username and password, but PLEASE save the password
at least md5()-encryptet, so not everyone can save it.
Now you can check like this:
<?php
if ($_COOKIE['Titcftmws'] == mysql_real_escape_string($_POST["username"]) .
"|" . md5($_POST["password"])) {
//in the cookie is for the user with username 'jack' and password 'test'
this value: "jack|098f6bcd4621d373cade4e832627b4f6"
echo "you are logged in";
}
else {
echo "not logged in!";
}
?>
This is as far as I know a quite high level of security, in comparisions
with other ways.
Regs, Flo
> From: midhungir...@gmail.com
> Date: Fri, 5 Aug 2011 08:20:11 +0530
> To: wilp...@me.com
> CC: php-gene...@lists.php.net
> Subject: Re: [PHP] saving sessions
>
> On Sat, Aug 6, 2011 at 7:56 AM, wil prim <wilp...@me.com> wrote:
>
> > Hello, im new to the whole storing sessions thing and I really dont know
> > how to ask this question, but here it goes. So on my site when someone
logs
> > in the login.php file checks for a the username and password in the
table i
> > created, then if it finds a match it will store a $_SESSION [] variable.
To
> > be exact the code is as follows:
> > if ($count=='1')
> > {
> > session_start();
> > $_SESSION['user']=$user; // $user is the $_POST['user'] from the login
> > form
> > header('location: login_success.php');
> > }
> >
> > Now what i would like to know is how do i make my website save new
changes
> > the user made while in their account?
> >
> > thanks!
> >
> >
>
> You will have to store the user account related data in the database for
> persistence.... Or if the site not having a 'user account system' you may
> use cookies to store the settings...
>
>
>
> Midhun Girish
--- End Message ---
--- Begin Message ---
Daniel Brown wrote:
> On Thu, Aug 4, 2011 at 10:39, Jim Giner <jim.gi...@albanyhandball.com>
> wrote:
>>
>> Mailing list, newsgroup, either one - something's changed in the last
>> week or so to interrupt the smooth (or semi-smooth) functioning of it.
>> The only messages I'm seeing currently are the ones in this single topic.
>> Why is that???
>
> Actually, we haven't changed anything at all. It's always been
> temperamental, but it's always just been a small additional offering.
> As Ash said, this is a mailing list, not a newsgroup. The fact that
> we offer a newsgroup interface at all is by all means eligible for
> discontinuation, since only about six people use it in any given year.
>
/me wonders who the other five are :-)
Cheers
--
David Robley
"I've mixed up my gloves," Tom said intermittently.
Today is Boomtime, the 71st day of Confusion in the YOLD 3177.
--- End Message ---
--- Begin Message ---
在 2011-08-05五的 11:35 +0800,EasyPHP写道:
> Hi
>
> PHP 5.4 alpha 3 is now included in a the Wamp package EasyPHP 5.4 alpha3.
> Enjoy!
>
>
> Website : www.easyphp.org
> Screenshots : www.easyphp.org/screenshots.php
> Facebook page : www.facebook.com/easywamp
> Twitter : www.twitter.com/easyphp
>
Woo,so quickly.i am using PHP alpha 1 on my CentOS server by compiling
from source tarball.
--
Best regards,
Sharl.Jimh.Tsin (From China **Obviously Taiwan INCLUDED**)
Using Gmail? Please read this important notice:
http://www.fsf.org/campaigns/jstrap/gmail?10073.
--- End Message ---
--- Begin Message ---
I have to sql statements in functions to use in my code. Even though the echo
statements show the sql is valid the sql does not seem to execute and I get the
error, "PHP Warning: pg_fetch_object() expects parameter 1 to be resource,
boolean given in . . . line 154 . . ."
Line 154: while($val = pg_fetch_object($student))
##############################
Function Calls:
$insert = recordSentList($empid, $list, "printed"); // No record gets inserted
into the table
$student = getStudent($list);
while($val = pg_fetch_object($student)) //No records get listed
{
##############################
Functions:
function recordSentList($empid, $list, $method){
$today = date("m/d/Y", strtotime("now"));
$sql = "INSERT INTO lists_sent (
lists_sent_employers_id,
lists_sent_type,
lists_sent_date,
lists_sent_method)
VALUES (
'$empid',
'$list',
'$today',
'$method')";
echo "$sql<br />"; // slq statement looks accurate
$result = pg_query($conn,$sql);
echo "Insert Errors: " . pg_errormessage($conn) . "<br />";
//No errors are reported
return $result;
}
function getStudent($list){
$removaldate = date("m/d/Y",mktime(0, 0, 0, date("m")-3,
date("d")-7, date("Y")));
$sql = "SELECT * FROM students WHERE ";
if($list == "child_care_list"){
$sql .= "child_care_list > '" . $removaldate .
"' ";
$sql .= "AND child_care_list IS NOT NULL ";
$sql .= "ORDER BY student_lname ASC,
student_fname ASC";
} elseif ($list == "day_labor_list") {
$sql .= "day_labor_list > '" . $removaldate .
"' ";
$sql .= "AND day_labor_list IS NOT NULL ";
$sql .= "ORDER BY student_lname ASC,
student_fname ASC";
} else {
$sql .= "tutor_list > '" . $removaldate . "' ";
$sql .= "AND tutor_list IS NOT NULL ";
$sql .= "ORDER BY student_lname ASC,
student_fname ASC";
}
echo "$sql<br />"; // slq statement looks accurate
$result = pg_query($conn,$sql);
echo "Select Errors: " . pg_errormessage($conn) . "<br />";//No
errors are reported
echo "Rows: " . pg_num_rows($result) . "<br />";//No number is
displayed
if ((!$result) or (empty($result))){
return false;
}
return $result;
}
Marc Fromm
Information Technology Specialist II
Financial Aid Department
Western Washington University
Phone: 360-650-3351
Fax: 360-788-0251
--- End Message ---
