On Wed, Dec 15, 2010 at 17:21, Don Wieland <d...@dwdataconcepts.com> wrote:
> Hello,
> I originally had a line that built a static array:
> $instruments =
> array('Leader','Singer','Piano','Synth','A-Guitar','E-Guitar','Bass','Drums','Perc','Sax','Flute','Sound/AV','Pastor','Producer');
> Then I decided I wanted this dynamic and to pull it form the DB. So I
> thought this would bring back similar results:
> $queryi = "SELECT Instrument FROM Instruments WHERE `acct_id` =
> '".$_SESSION['ACCT']."' ORDER BY `id_Sort`";
> echo $queryi;
> $resultsi = mysql_query($queryi) or die("Error performing query");
> $instruments = mysql_fetch_array ($resultsi);
> Does not. What am i missing here? Thanks!

    Some notes:

    Try adding a mysql_error() call to your 'or die()' condition:

        or die('Error performing query.  MySQL said: '.mysql_error());

    Change mysql_fetch_array() to mysql_fetch_assoc() and run it
through a while() loop to print things out and make sure it appears as
you expect:

        while ($instruments = mysql_fetch_assoc($resultsi)) {

    Always, ALWAYS sanitize input --- specifically anything that
exists or is manipulable via any part of the $_REQUEST family ($_GET,
$_POST, $_COOKIE, $_SESSION).  For your code:

        $queryi = "SELECT Instrument FROM Instruments WHERE `acct_id`
= '".mysql_real_escape_string($_SESSION['ACCT'])."' ORDER BY

</Daniel P. Brown>
Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting
(866-) 725-4321

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to