Terion Miller wrote:
> Hey Everyone, been steaming right along for a couple days but now I'm stuck
> on writing a search function, could you all take a look at it and see what
> it could be, I will mark the line throwing the error in red, I did try just
> commenting out that line and searching for a record by OrderID that I know
> is there but it does not return anything , I am trying to search several
> tables in one db:
>
> Code:
First off, and I think I have told you this before, I highly recommend that you
escape your code with mysql_real_escape_string().
I am guessing that you are probably relying on magic_quote_gpc() to do it for
you, but is going to catch up with you some day.
> <?php
> session_start();
> include("inc/dbconn_open.php");
>
> if (empty($_SESSION['AdminLogin']) OR $_SESSION['AdminLogin'] <> 'OK' ){
> header ("Location: LogOut.php");
> }
>
> if (isset($_GET['AdminID']) && !empty($_GET['AdminID'])){
> $AdminID = $_GET['AdminID'];
> } elseif (isset($_POST['AdminID']) && !empty($_POST['AdminID'])){
> $AdminID = $_POST['AdminID'];
> } else {
> header ("Location: LogOut.php");
> }
>
> $query = "SELECT SearchWorkOrder FROM admin WHERE AdminID='$AdminID'";
> $result = mysql_query ($query);
> $row = mysql_fetch_object ($result);
> if ($row->SearchWorkOrder == "NO") {
> header ("Location:
> Welcome.php?AdminID='.$_SESSION[AdminLogin]'&msg=Sorry, you do not have
> access to that page.");
> }
>
> if (isset($_POST['WorkOrderID'])) {$WorkOrderID = $_POST['WorkOrderID'];}
> else {$WorkOrderID = '';}
> if (isset($_POST['WorkOrderName'])) {$WorkOrderName =
> $_POST['WorkOrderName'];} else {$WorkOrderName = '';}
> if (isset($_POST['CustomerName'])) {$CustomerName = $_POST['CustomerName'];}
> else {$CustomerName = '';}
> if (isset($_POST['CustomerEmail'])) {$CustomerEmail =
> $_POST['CustomerEmail'];} else {$CustomerEmail = '';}
> if (isset($_POST['SalesRep'])) {$SalesRep = $_POST['SalesRep'];} else
> {$SalesRep = '';}
> if (isset($_POST['SalesRepEmail'])) {$SalesRepEmail =
> $_POST['SalesRepEmail'];} else {$SalesRepEmail = '';}
>
> if (isset($_POST['SortBy'])) {$SortBy = $_POST['SortBy'];} else {$SortBy =
> 'WorkOrderID DESC';}
> if (isset($_POST['Page'])) {$Page = $_POST['Page'];} else {$Page = 1;}
>
> $PerPage = 30;
> $StartPage = ($Page - 1) * $PerPage;
> $OrderID = '';
>
>
> // All Orders
> $sql = "SELECT WorkOrderID FROM workorders WHERE WorkOrderID <>'' ";
> if (!empty($WorkOrderName)) {
> $sql .= "AND Advertiser LIKE '%". $WorkOrderName ."%' ";
> }
> if (!empty($WorkOrderID)) {
> $sql .= "AND WorkOrderID LIKE '%". $WorkOrderID ."%' ";
> }
> $result = mysql_query ($sql);
> while ($row = mysql_fetch_object ($result)) {
> $OrderID = $OrderID .", ". $row->WorkOrderID;
> }
>
>
>
> // Work Orders
> if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep)
> || !empty($SalesRepEmail)) {
> $sql = "SELECT WorkOrderID FROM workorderform WHERE WorkOrderID<>''
> ";
> if (!empty($CustomerName)) {
> $sql .= "AND Advertiser LIKE '%". $CustomerName ."%' ";
> }
> if (!empty($CustomerEmail)) {
> $sql .= "AND AdContactEmail LIKE '%". $CustomerEmail ."%' ";
> }
> if (!empty($SalesRep)) {
> $sql .= "AND Salesperson LIKE '%". $SalesRep ."%' ";
> }
> if (!empty($SalesRepEmail)) {
> $sql .= "AND SalespersonEmail LIKE '%". $SalesRepEmail ."%' ";
> }
> $result = mysql_query ($sql);
> while ($row = mysql_fetch_object ($result)) {
> $OrderID = $OrderID .", ". $row->WorkOrderID;
> }
> }
>
> // Homescape Builder Profile
> if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep)
> || !empty($SalesRepEmail)) {
> $sql = "SELECT WorkOrderID FROM hs_builder_profile WHERE
> WorkOrderID<>'' ";
> if (!empty($CustomerName)) {
> $sql .= "AND OrganizationName LIKE '%". $CustomerName ."%' ";
> }
> if (!empty($CustomerEmail)) {
> $sql .= "AND LeadEmail LIKE '%". $CustomerEmail ."%' ";
> }
> if (!empty($SalesRep)) {
> $sql .= "AND Salesperson LIKE '%". $SalesRep ."%' ";
> }
> if (!empty($SalesRepEmail)) {
> $sql .= "AND SalespersonEmail LIKE '%". $SalesRepEmail ."%' ";
> }
> $result = mysql_query ($sql);
> while ($row = mysql_fetch_object ($result)) {
> $OrderID = $OrderID .", ". $row->WorkOrderID;
> }
> }
>
> // Homescape Builder Spec Home
> if (!empty($CustomerName) || !empty($SalesRep) ||
> !empty($SalesRepEmail)) {
> $sql = "SELECT WorkOrderID FROM hs_spec_home WHERE WorkOrderID<>''
> ";
> if (!empty($CustomerName)) {
> $sql .= "AND CommunityName LIKE '%". $CustomerName ."%' ";
> }
> if (!empty($SalesRep)) {
> $sql .= "AND Salesperson LIKE '%". $SalesRep ."%' ";
> }
> if (!empty($SalesRepEmail)) {
> $sql .= "AND SalespersonEmail LIKE '%". $SalesRepEmail ."%' ";
> }
> $result = mysql_query ($sql);
> while ($row = mysql_fetch_object ($result)) {
> $OrderID = $OrderID .", ". $row->WorkOrderID;
> }
> }
>
> // Planet Discover Coupon
> if (!empty($CustomerName) || !empty($SalesRep) ||
> !empty($SalesRepEmail)) {
> $sql = "SELECT WorkOrderID FROM pd_coupon WHERE WorkOrderID<>'' ";
> if (!empty($CustomerName)) {
> $sql .= "AND BusinessName LIKE '%". $CustomerName ."%' ";
> }
> if (!empty($SalesRep)) {
> $sql .= "AND Salesperson LIKE '%". $SalesRep ."%' ";
> }
> if (!empty($SalesRepEmail)) {
> $sql .= "AND SalespersonEmail LIKE '%". $SalesRepEmail ."%' ";
> }
> $result = mysql_query ($sql);
> while ($row = mysql_fetch_object ($result)) {
> $OrderID = $OrderID .", ". $row->WorkOrderID;
> }
> }
>
> // Planet Discover Enhanced Listing
> if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep)
> || !empty($SalesRepEmail)) {
> $sql = "SELECT WorkOrderID FROM pd_enhanced WHERE WorkOrderID<>'' ";
> if (!empty($CustomerName)) {
> $sql .= "AND BusinessName LIKE '%". $CustomerName ."%' ";
> }
> if (!empty($CustomerEmail)) {
> $sql .= "AND Email LIKE '%". $CustomerEmail ."%' ";
> }
> if (!empty($SalesRep)) {
> $sql .= "AND Salesperson LIKE '%". $SalesRep ."%' ";
> }
> if (!empty($SalesRepEmail)) {
> $sql .= "AND SalespersonEmail LIKE '%". $SalesRepEmail ."%' ";
> }
> $result = mysql_query ($sql);
> while ($row = mysql_fetch_object ($result)) {
> $OrderID = $OrderID .", ". $row->WorkOrderID;
> }
> }
>
> // Planet Discover Right Side Text Ad
> if (!empty($CustomerName) || !empty($SalesRep) ||
> !empty($SalesRepEmail)) {
> $sql = "SELECT WorkOrderID FROM pd_textad WHERE WorkOrderID<>'' ";
> if (!empty($CustomerName)) {
> $sql .= "AND Customer LIKE '%". $CustomerName ."%' ";
> }
> if (!empty($SalesRep)) {
> $sql .= "AND Salesperson LIKE '%". $SalesRep ."%' ";
> }
> if (!empty($SalesRepEmail)) {
> $sql .= "AND SalespersonEmail LIKE '%". $SalesRepEmail ."%' ";
> }
> $result = mysql_query ($sql);
> while ($row = mysql_fetch_object ($result)) {
> $OrderID = $OrderID .", ". $row->WorkOrderID;
> }
> }
>
> if (substr($OrderID, -2) == ", ") {
> $OrderID = substr($OrderID, 0, -2);
> }
>
> if (substr($OrderID, 0, 2) == ", ") {
> $OrderID = substr($OrderID, 2);
> }
>
>
> $sql = "SELECT WorkOrderID FROM workorders WHERE WorkOrderID IN
> ($OrderID)";
Well, I was going to say this before, in all the other mysql_query() calls, but
you might want to look at having something like this for your
mysql_query() function...
Do the following for each mysql_query() call on this page. Other wise, you are
going to have the page die'ing and not have any clue where the problem is.
if ( ($result = mysql_query($sql) ) !== false ) {
$Total = ceil(mysql_num_rows($result)/$PerPage);
} else {
echo mysql_error();
}
> $result = mysql_query ($sql);
> * $Total = ceil(mysql_num_rows($result)/$PerPage);
> *
> $sql = "SELECT WorkOrderID, DATE_FORMAT(CreatedDate,'%m/%e/%y') AS
> SubmitDate, Location, AdminID, FormName, Status FROM ";
> $sql .= "workorders WHERE WorkOrderID IN ($OrderID) ORDER BY $SortBy
> LIMIT $StartPage, $PerPage";
> $result = mysql_query ($sql);
>
>
> If ($Page > 0) {$PagePrev = ($Page - 1);} else {$PagePrev = '';}
> If ($Page < $Total) {$PageNext = ($Page + 1);} else {$PageNext = '';}
> ?>
>
> the error is this one: *Warning*: mysql_num_rows(): supplied argument is not
> a valid MySQL result resource in *
> C:\Inetpub\Xampp\htdocs\SNLeader\WOSystemN\ViewOrders.php* on line *182
>
> Thanks in advance
> *
>
--
Jim Lucas
"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."
Twelfth Night, Act II, Scene V
by William Shakespeare
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
