[PHP-DB] getting data back when inserting
I was wondering if somone might be able to suggest a command to me...I am inserting data into a MySQL database that has an auto-incrementing primary field. When I insert the data I would like to somehow get the value of the auto-incrementing primary field. I thought I could just run a SELECT statement on some of the data that I am inserting, but the problem is that it could have a duplicate already in the database. Anyone know of a command or something to point me in the direction I am looking to go? Thanks, Aaron -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] getting data back when inserting
Thanks a bunch...thats exactly what I was looking for. Aaron Stefan [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] You should easily use mysql_insert_id(); otherwise you could use something like: SELECT max(id) FROM ... But I think the first command is what you're looking for. Stefan -Ursprüngliche Nachricht- Von: Aaron Todd [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 1. Dezember 2004 17:01 An: [EMAIL PROTECTED] Betreff: [PHP-DB] getting data back when inserting I was wondering if somone might be able to suggest a command to me...I am inserting data into a MySQL database that has an auto-incrementing primary field. When I insert the data I would like to somehow get the value of the auto-incrementing primary field. I thought I could just run a SELECT statement on some of the data that I am inserting, but the problem is that it could have a duplicate already in the database. Anyone know of a command or something to point me in the direction I am looking to go? Thanks, Aaron -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] mysqldump
I have created a PHP script that looks like:
?php
$filename = /var/www/html/db_backup_ . date(n-j-y)..sql;
exec('mysqldump -u * -p* database $filename');
?
For some reason this doesnt work and I cant figure out why. There is no
error that comes back. When I run the mysqldump command from the server
console it produces the file fine. I have read a few other posts out there
about this same thing which resulted in the location the file was being
saved. But I have gone through my server and found nothing. Does anyone
have any suggestions for regarding this.
Thanks,
Aaron
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] mysqldump
As far as I know...yes. Thats what I have seen on every post I have looked
at and also, thats the way it worked from the console. It wouldnt work with
no space.
Thanks for your reply,
Aaron
David Orlovich [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
also ... I notice you have a space after the -u - should that be there?
David.
On 10/11/2004, at 6:59 AM, Aaron Todd wrote:
I have created a PHP script that looks like:
?php
$filename = /var/www/html/db_backup_ . date(n-j-y)..sql;
exec('mysqldump -u * -p* database $filename');
?
For some reason this doesnt work and I cant figure out why. There is no
error that comes back. When I run the mysqldump command from the server
console it produces the file fine. I have read a few other posts out
there
about this same thing which resulted in the location the file was being
saved. But I have gone through my server and found nothing. Does anyone
have any suggestions for regarding this.
Thanks,
Aaron
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] mysqldump
Jason,
I tried the double quotes but that didn't seem to matter. I also put the
command string in a variable and then am running the variable with exec.
Still it doesnt work.
$filename = /home/virtual/site341/fst/var/www/html/db_backup_ .
date(n-j-y)..sql;
$command = /home/virtual/site341/fst/usr/bin/mysqldump -u * -p*
database $filename;
echo $command;
exec($command);
Thanks for your post,
Aaron
Jason Wong [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
On Tuesday 09 November 2004 17:59, Aaron Todd wrote:
I have created a PHP script that looks like:
?php
$filename = /var/www/html/db_backup_ . date(n-j-y)..sql;
exec('mysqldump -u * -p* database $filename');
?
For some reason this doesnt work and I cant figure out why. There is no
error that comes back. When I run the mysqldump command from the server
console it produces the file fine. I have read a few other posts out
there
about this same thing which resulted in the location the file was being
saved. But I have gone through my server and found nothing. Does anyone
have any suggestions for regarding this.
Try using double quotes.
Also just like performing SQL queries, it's a very good idea to build up
the
command you want executed, store it in a string ($cmd), then echo it to
see
whether it looks good, then exec($cmd).
--
Jason Wong - Gremlins Associates - www.gremlins.biz
Open Source Software Systems Integrators
* Web Design Hosting * Internet Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-db
--
/*
Save the bales!
*/
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: Session confusion
Stuart, I am fairly new to PHP, but it is my understanding that you have to run the session_start() command on every page that you want to be part of the session and to access the session variables. Here is a link of a tutorial about using sessions: http://www.phpfreaks.com/tutorials/41/3.php Look for the word MUST in red and read that paragraph. It should tell you what you need to know. Hope that helps, Aaron Stuart Felenstein [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Back to my multi page form again ;) I am going to try it with Session variables . So, one thing is confusing me. The page requires the user to be logged in and is being tracked via authentication. Do I still need to do a session_start();, at the beginning of the form process ? Stuart -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Database Backup
Andrew, I like the idea of using the crontab even though I have never used it before. I guess the first thing I need to do is make my script. Thanks for the link to mysqldump, I think it will be usefull. Do you happen to know how I might be able to push a file to another server using FTP? Just playing around the past few days I have created a script that will get the contents of the table and bring up a download window so I can download it into an Excel file. It doesnt use mysqldump, but it works. But I need it to send the file to my FTP server automaticly. Any suggestions?? Thanks, Aaron Andrew Kreps [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] On Tue, 5 Oct 2004 16:33:08 -0400, Aaron Todd [EMAIL PROTECTED] wrote: What is everyone doing to backup a MySQL database. Just in case...I'd like to backup mine, but I was wondering if there was a way to do it without going to a page and clicking a button. Is there a way to run a php script on a time schedule and then push a backup file to an FTP server or something. Anyone out there doing anything like this? Personally, I go straight to the source. http://dev.mysql.com/doc/mysql/en/mysqldump.html You can write a PHP script that runs the dump, compresses the file and FTP's the file anywhere you like. As Martin mentioned, You can run this PHP script from your crontab or Task Scheduler by invoking the interpreter from the command line, i.e. '/usr/local/bin/php /home/mydir/scripts/backupDB.php'. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Ascending and Descending records
I have a page that shows data from a MySQL database in a table form. I'd like to give this page the ability to be able to sort a column when the user clicks on the header cell that contains the name of the column. I'd also like the ability to do both Ascending and Descending with the same link much like just using Excel. Does anyone know of a good source for accomplishing this? Thanks, Aaron -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Database Backup
What is everyone doing to backup a MySQL database. Just in case...I'd like to backup mine, but I was wondering if there was a way to do it without going to a page and clicking a button. Is there a way to run a php script on a time schedule and then push a backup file to an FTP server or something. Anyone out there doing anything like this? Thanks, Aaron -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Limiting records per page
I have written a script that will display the contents of a MYSQL database that starting to fill up. I would like to be able to only show about 20 records per page and then at the bottom of the page there will be buttons to move to the nest page which gets the next 20 records. I understand the LIMIT command, but I am questioning how all of this is going to work. I am unsure of how to change the SQL query on same page like that. Can anyone give me some suggestions. Thanks, Aaron -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Insert Query PROBLEMS
I'm trying to run an INSERT query on my mysql database and it isnt working.
Here is the query:
$updatequery = UPDATE `users`
SET
('company','fname','lname','address1','address2','city','state','zip','phone','extension','fax','email')
=
('.$_POST['company'].','.$_POST['fname'].','.$_POST['lname'].','.$_POST['address1'].','.$_POST['address2'].','.$_POST['city'].','.$_POST['state'].','.$_POST['zip'].','.$_POST['phone'].','.$_POST['extension'].','.$_POST['fax'].','.$_POST['email'].')
WHERE `ID`='.$_GET['record'].';
When I echo this it looks fine, but nothing in the database reflects the
change. I have tried cutting it down to only the first 2 colums and then it
works. But I cant see a syntax error that would cause this not to work.
Does anyone have any idea why this might not be working.
Thanks,
Aaron
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Zip Code Fields
Just curious, but what kind of field is everyone using to store a Zip Code. I set mine to Medium Integer with a max of 5 digits, but for zip codes that begins with 0 the 0 is knocked off. The only solutiuon I can think of is to make the field a text field. Does anyone have a better solution? Thanks, Aaron -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: sendmail
I dont know how to be more specific. It just doesnt work. There is no error. The program runs and sometimes it sends the email and sometimes it doesnt. I've looked at all the log files that I know about and havent seen anything that looks like an email error. Is there any other troubleshooting that I can do to get more information on what I am doing? Thanks, Aaron Manuel Lemos [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, On 08/03/2004 11:16 AM, Aaron Todd wrote: Is there any tweaking with mail()? I have it working, but it seems to not always send the email. Mainly one right after the other. I filling a web form and then sending the data off to my email. But then I do a refresh to clear the form and do it again with different data and it doesnt work. Any ideals on this? It doesnt work is vague. What happens? Does it show any error? The message does not arrive? -- Regards, Manuel Lemos PHP Classes - Free ready to use OOP components written in PHP http://www.phpclasses.org/ PHP Reviews - Reviews of PHP books and other products http://www.phpclasses.org/reviews/ Metastorage - Data object relational mapping layer generator http://www.meta-language.net/metastorage.html -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: sendmail
Is there any tweaking with mail()? I have it working, but it seems to not always send the email. Mainly one right after the other. I filling a web form and then sending the data off to my email. But then I do a refresh to clear the form and do it again with different data and it doesnt work. Any ideals on this? Thanks, Aaron Aaron Todd [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] So far, I have been doing ok with PHP. I feel that I have picked it up rather easily. But now I need some help. I am trying to use the sendmail functions to send data entered in a form to my email address. Currently its not working at all. I am getting a Fatal Error: Call to undefined function: sendmail() in /home/virtual/site341/fst/var/www/html/register.php on line 87 I havent found very much info on the sendmail function so I was shooting in the dark with it. I did read in the manual some stuff about seting it u in the php.ini file that just went over my head. Can anyone enlighten me on this function. Thanks, Aaron -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] sendmail
So far, I have been doing ok with PHP. I feel that I have picked it up rather easily. But now I need some help. I am trying to use the sendmail functions to send data entered in a form to my email address. Currently its not working at all. I am getting a Fatal Error: Call to undefined function: sendmail() in /home/virtual/site341/fst/var/www/html/register.php on line 87 I havent found very much info on the sendmail function so I was shooting in the dark with it. I did read in the manual some stuff about seting it u in the php.ini file that just went over my head. Can anyone enlighten me on this function. Thanks, Aaron -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: sendmail
Thanks to you both...Matt M. and Philip Thompson. Your suggestion of using the mail() function instead worked perfectly. Thanks again, Aaron Aaron Todd [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] So far, I have been doing ok with PHP. I feel that I have picked it up rather easily. But now I need some help. I am trying to use the sendmail functions to send data entered in a form to my email address. Currently its not working at all. I am getting a Fatal Error: Call to undefined function: sendmail() in /home/virtual/site341/fst/var/www/html/register.php on line 87 I havent found very much info on the sendmail function so I was shooting in the dark with it. I did read in the manual some stuff about seting it u in the php.ini file that just went over my head. Can anyone enlighten me on this function. Thanks, Aaron -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] REG_BADRPT error
Hello,
I am getting an REG_BADRPT error when I use ereg.
The line of code that errors is:
if (!ereg('^(?=.*[0-9]+.*)(?=.*[a-zA-Z]+.*)[0-9a-zA-Z]{8,}$', $pass)){
I got this regex from regexlib.com and tried to impliment it, but no matter
what I do it always returns the error. I did a google search and the only
suggestion I found was to make sure that the variable contains data. So I
echoed the variable and it did have data in it. Does anyone know why I
might be getting this?
Thanks,
Aaron
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: REG_BADRPT error
Hello,
Ive been trying a few things and finally I did get rid of the error. I
changed the code to:
if (!ereg('^(!?=.*[0-9]+.*)(!?=.*[a-zA-Z]+.*)[0-9a-zA-Z]{6,}$', $pass)){
Notice the ! before the two ?
This got rid of the error, but it still isnt working the way I want it to.
That line should validate the variable $pass, which should be greater than 6
characters and contain at least one numbers and one letter. That line
should be true if $pass does not equil 6 characters and contain at least one
numbers and one letter.
Can someone correct me on this. I am new to PHP so I am still trying to get
the hang of it.
Any help will be appreciated.
Thanks,
Aaron
Aaron Todd [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hello,
I am getting an REG_BADRPT error when I use ereg.
The line of code that errors is:
if (!ereg('^(?=.*[0-9]+.*)(?=.*[a-zA-Z]+.*)[0-9a-zA-Z]{8,}$', $pass)){
I got this regex from regexlib.com and tried to impliment it, but no
matter
what I do it always returns the error. I did a google search and the only
suggestion I found was to make sure that the variable contains data. So I
echoed the variable and it did have data in it. Does anyone know why I
might be getting this?
Thanks,
Aaron
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Re: REG_BADRPT error
Thanks for the help. Being new to PHP I was unaware that I could use some
perl compatible regexes here. That will help me out a lot.
Thanks again,
Aaron
Justin Patrin [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
In this case, it seems like you're looking for a lot of different and
exclusive things at once. I would suggest not using a huge regex as
they can be hard to create, harder to read, and impossible to
maintain. That said, I do use regexes in some of my code, just not for
something this simple. ;-) I generally use Perl Compatible Regexes as
I understand them better. Try:
if(strlen($pass) 6 || !preg_match('/[a-z]/i', $pass) ||
!preg_match('/[0-9]/', $pass)) {
//bad password
}
On Mon, 19 Jul 2004 11:10:47 -0400, Aaron Todd [EMAIL PROTECTED]
wrote:
Hello,
Ive been trying a few things and finally I did get rid of the error. I
changed the code to:
if (!ereg('^(!?=.*[0-9]+.*)(!?=.*[a-zA-Z]+.*)[0-9a-zA-Z]{6,}$',
$pass)){
Notice the ! before the two ?
This got rid of the error, but it still isnt working the way I want it
to.
That line should validate the variable $pass, which should be greater
than 6
characters and contain at least one numbers and one letter. That line
should be true if $pass does not equil 6 characters and contain at least
one
numbers and one letter.
Can someone correct me on this. I am new to PHP so I am still trying to
get
the hang of it.
Any help will be appreciated.
Thanks,
Aaron
Aaron Todd [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hello,
I am getting an REG_BADRPT error when I use ereg.
The line of code that errors is:
if (!ereg('^(?=.*[0-9]+.*)(?=.*[a-zA-Z]+.*)[0-9a-zA-Z]{8,}$',
$pass)){
I got this regex from regexlib.com and tried to impliment it, but no
matter
what I do it always returns the error. I did a google search and the
only
suggestion I found was to make sure that the variable contains data.
So I
echoed the variable and it did have data in it. Does anyone know why
I
might be getting this?
Thanks,
Aaron
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
!DSPAM:40fbe26957361384218867!
--
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder
paperCrane --Justin Patrin--
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Begining PHP...Have Questions
I am just starting out with PHP and I have created a simple login program
that is supposed to check users input with a mysql database. I am doing 5
verifications before the program is completed...Check for the Submit button,
check for a valid email address(which is the username), check for a valid
password, check to see if the username exists in the database, and finally
check to see if the password matches the database for the coresponding
username. Currently you dont get access to a site you only get told what
your password is in the database.
Everything is technically working, but its not perfect and I think I need
some help. I have entered 2 records in the database for testing purposes.
When I put in username1 and password1 it works. The program returns the
coresponding password. When I change to username2 and still put in
password1 it will return password1.
I have done some debuging and I am unsure of what is really happening. My
code is below. Would anyone be able to tell me what I am doing wrong.
Thanks,
Aaron
html
body
?php
if ($submit) {
//VALID USERNAME/EMAIL ADDRESS
if
(!ereg('^[-!#$%\'*+\\./0-9=?A-Z^_`a-z{|}~]+'.'@'.'[!#$%\'*+\\/0-9=?A-Z^_`a
-z{|}`]+\.'.'[-!#$%\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $username)) {
$error = You must enter a valid email address for your username.br;
echo $errorbr;
} else {
$db = mysql_connect(localhost, username, password);
mysql_select_db(database,$db);
$query = SELECT * FROM users WHERE email LIKE '.$username.';
echo $querybr;
$result = mysql_query($query,$db);
$num_rows = mysql_num_rows($result);
echo There are $num_rows records matching $usernamebr;
//VALID PASSWORD
echo Entered User Name: $usernamebr;
echo Entered Password: $passwbr;
if (strlen($passw) 6 || !preg_match('/[a-z]/i', $passw) ||
!preg_match('/[0-9]/', $passw)) {
$error = Invalid Password. Must be greater than six characters
containing at least one number.br;
echo $errorbr;
} else {
//USERNAME/EMAIL ADDRESS IN DATABASE
if (!$num_rows){
$error = Username was not found. Please Register.;
echo $errorbr;
die(mysql_error());
} else {
//ENTERED PASSWORD IN DATABASE
if (!$passw = mysql_result($result,0,pass)){
$error = Invalid Password.br;
echo $errorbr;
} else {
printf(Password is %sbr\n, mysql_result($result,0,pass));
}
}
}
}
} else {
?
form method=post action=?php echo $PHP_SELF?
User Name:input type=Text name=usernamebr
Password:input type=Text name=passwbr
input type=Submit name=submit value=Enter information
/form
?php
} // end if
?
/body
/html
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Begining PHP...Have Questions
Jon,
Thanks for the info. I did change the LIKE to =. This was done just for my
debugging. I do have it set to = on a normal basis.
I am a little unsure what you mean at the end of your reply about register
globals. Are you saying that everywhere I use $username to refer to the
users inputed username I should use $_POST['username'] instead? Or are you
suggesting to use this in one location.
Thanks again for the reply,
Aaron
Jonathan Haddad [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
if you have shell access, please do the following
describe users;
select * from users;
also, why are you using LIKE instead of =?
use this instead:
$query = SELECT * FROM users WHERE email = '.$username.';
i would also suggest turning off register globals and using
$_POST['username'] and not $username. (i'm assuming it's on given your
code)
Jon
Aaron Todd wrote:
I am just starting out with PHP and I have created a simple login program
that is supposed to check users input with a mysql database. I am doing
5
verifications before the program is completed...Check for the Submit
button,
check for a valid email address(which is the username), check for a valid
password, check to see if the username exists in the database, and
finally
check to see if the password matches the database for the coresponding
username. Currently you dont get access to a site you only get told what
your password is in the database.
Everything is technically working, but its not perfect and I think I need
some help. I have entered 2 records in the database for testing
purposes.
When I put in username1 and password1 it works. The program returns the
coresponding password. When I change to username2 and still put in
password1 it will return password1.
I have done some debuging and I am unsure of what is really happening.
My
code is below. Would anyone be able to tell me what I am doing wrong.
Thanks,
Aaron
html
body
?php
if ($submit) {
//VALID USERNAME/EMAIL ADDRESS
if
(!ereg('^[-!#$%\'*+\\./0-9=?A-Z^_`a-z{|}~]+'.'@'.'[!#$%\'*+\\/0-9=?A-Z^_`
a
-z{|}`]+\.'.'[-!#$%\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $username)) {
$error = You must enter a valid email address for your
username.br;
echo $errorbr;
} else {
$db = mysql_connect(localhost, username, password);
mysql_select_db(database,$db);
$query = SELECT * FROM users WHERE email LIKE '.$username.';
echo $querybr;
$result = mysql_query($query,$db);
$num_rows = mysql_num_rows($result);
echo There are $num_rows records matching $usernamebr;
//VALID PASSWORD
echo Entered User Name: $usernamebr;
echo Entered Password: $passwbr;
if (strlen($passw) 6 || !preg_match('/[a-z]/i', $passw) ||
!preg_match('/[0-9]/', $passw)) {
$error = Invalid Password. Must be greater than six characters
containing at least one number.br;
echo $errorbr;
} else {
//USERNAME/EMAIL ADDRESS IN DATABASE
if (!$num_rows){
$error = Username was not found. Please Register.;
echo $errorbr;
die(mysql_error());
} else {
//ENTERED PASSWORD IN DATABASE
if (!$passw = mysql_result($result,0,pass)){
$error = Invalid Password.br;
echo $errorbr;
} else {
printf(Password is %sbr\n, mysql_result($result,0,pass));
}
}
}
}
} else {
?
form method=post action=?php echo $PHP_SELF?
User Name:input type=Text name=usernamebr
Password:input type=Text name=passwbr
input type=Submit name=submit value=Enter information
/form
?php
} // end if
?
/body
/html
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Begining PHP...Have Questions
That makes great sence, however when I tried using $_POST in my SQL
statement it would not work.
This works fine:
$query = SELECT * FROM users WHERE email='.$username.';
But this one doesnt at all:
$query = SELECT * FROM users WHERE email=',$_POST['username'],';
It does however work for all the echo commands and It is also correct when
I echo the statement:
echo SELECT * FROM users WHERE email=',$_POST['username'],';
Am I missing something?
Thanks again,
Aaron
Justin Patrin [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
You should generally $_POST for all posted variables, $_GET for all
get variables (in the query string / url), and the other
superglobals for other such things. If you don't care if it's POST,
GET, or a cookie, you can use $_REQUEST.
register_globals is a setting in your php.ini. It's best practice to
set this to off. What this means for you is that variables sent by
the user are not registered as global variables. i.e. $username will
no longer work, you have to use $_POST['username']. Search the php
lists for lots more discussion on this matter.
For more on superglobals:
http://www.php.net/manual/en/language.variables.predefined.php
For the list archives, click the Archive links here:
http://www.php.net/mailing-lists.php
On Mon, 19 Jul 2004 13:27:15 -0400, Aaron Todd [EMAIL PROTECTED]
wrote:
Jon,
Thanks for the info. I did change the LIKE to =. This was done just
for my
debugging. I do have it set to = on a normal basis.
I am a little unsure what you mean at the end of your reply about
register
globals. Are you saying that everywhere I use $username to refer to the
users inputed username I should use $_POST['username'] instead? Or are
you
suggesting to use this in one location.
Thanks again for the reply,
Aaron
Jonathan Haddad [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
if you have shell access, please do the following
describe users;
select * from users;
also, why are you using LIKE instead of =?
use this instead:
$query = SELECT * FROM users WHERE email = '.$username.';
i would also suggest turning off register globals and using
$_POST['username'] and not $username. (i'm assuming it's on given your
code)
Jon
Aaron Todd wrote:
I am just starting out with PHP and I have created a simple login
program
that is supposed to check users input with a mysql database. I am
doing
5
verifications before the program is completed...Check for the Submit
button,
check for a valid email address(which is the username), check for a
valid
password, check to see if the username exists in the database, and
finally
check to see if the password matches the database for the
coresponding
username. Currently you dont get access to a site you only get told
what
your password is in the database.
Everything is technically working, but its not perfect and I think I
need
some help. I have entered 2 records in the database for testing
purposes.
When I put in username1 and password1 it works. The program returns
the
coresponding password. When I change to username2 and still put in
password1 it will return password1.
I have done some debuging and I am unsure of what is really
happening.
My
code is below. Would anyone be able to tell me what I am doing
wrong.
Thanks,
Aaron
html
body
?php
if ($submit) {
//VALID USERNAME/EMAIL ADDRESS
if
(!ereg('^[-!#$%\'*+\\./0-9=?A-Z^_`a-z{|}~]+'.'@'.'[!#$%\'*+\\/0-9=?A-Z^_`
a
-z{|}`]+\.'.'[-!#$%\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $username)) {
$error = You must enter a valid email address for your
username.br;
echo $errorbr;
} else {
$db = mysql_connect(localhost, username, password);
mysql_select_db(database,$db);
$query = SELECT * FROM users WHERE email LIKE '.$username.';
echo $querybr;
$result = mysql_query($query,$db);
$num_rows = mysql_num_rows($result);
echo There are $num_rows records matching $usernamebr;
//VALID PASSWORD
echo Entered User Name: $usernamebr;
echo Entered Password: $passwbr;
if (strlen($passw) 6 || !preg_match('/[a-z]/i', $passw) ||
!preg_match('/[0-9]/', $passw)) {
$error = Invalid Password. Must be greater than six
characters
containing at least one number.br;
echo $errorbr;
} else {
//USERNAME/EMAIL ADDRESS IN DATABASE
if (!$num_rows){
$error = Username was not found. Please Register.;
echo $errorbr;
die(mysql_error());
} else {
//ENTERED PASSWORD IN DATABASE
if (!$passw = mysql_result($result,0,pass)){
$error = Invalid Password.br;
echo $errorbr;
} else {
printf(Password is %sbr\n,
mysql_result($result,0,pass
[PHP-DB] Re: Begining PHP...Have Questions
Thanks to everyone so far who has responded, but the other posts are going
down a different road than what I currently need.
In my code below I am building a login page. I am continuing to do
different things to debug this problem myself and I think I have narrowed it
down a bit. Like I said in my previous post...the program does work without
error, it just doesnt produce the expected results. When I enter username1
and password 1 I get pasword1. When I enter username2 and password2 I get
password2. When I enter username2 and password1 I get password2. This isnt
a very effective login program.
If you look at the last if statement:
if (!$_POST['passw'] = mysql_result($result,0,pass)){
$error = Invalid Password.br;
echo $errorbr;
} else {
printf(Password is %sbr\n, mysql_result($result,0,pass));
}
I am trying to validate what is entered in the form with what is in the
database. That looks like good code to me, but like I said before, when I
enter username2 and password1 I get password2. I think $result should only
contain the row that username2 is in so the pass field should have
password2. I believe it does. But If I put password1 in the form and the
program checks to see if it is equil to password2 it should echo the error.
You may be able to tell, but I am getting really confused by this.
If anyone can help with this I would really appreciate it.
Aaron
Aaron Todd [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I am just starting out with PHP and I have created a simple login program
that is supposed to check users input with a mysql database. I am doing 5
verifications before the program is completed...Check for the Submit
button,
check for a valid email address(which is the username), check for a valid
password, check to see if the username exists in the database, and finally
check to see if the password matches the database for the coresponding
username. Currently you dont get access to a site you only get told what
your password is in the database.
Everything is technically working, but its not perfect and I think I need
some help. I have entered 2 records in the database for testing purposes.
When I put in username1 and password1 it works. The program returns the
coresponding password. When I change to username2 and still put in
password1 it will return password1.
I have done some debuging and I am unsure of what is really happening. My
code is below. Would anyone be able to tell me what I am doing wrong.
Thanks,
Aaron
html
body
?php
if ($submit) {
//VALID USERNAME/EMAIL ADDRESS
if
(!ereg('^[-!#$%\'*+\\./0-9=?A-Z^_`a-z{|}~]+'.'@'.'[!#$%\'*+\\/0-9=?A-Z^_`a
-z{|}`]+\.'.'[-!#$%\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $username)) {
$error = You must enter a valid email address for your
username.br;
echo $errorbr;
} else {
$db = mysql_connect(localhost, username, password);
mysql_select_db(database,$db);
$query = SELECT * FROM users WHERE email LIKE '.$username.';
echo $querybr;
$result = mysql_query($query,$db);
$num_rows = mysql_num_rows($result);
echo There are $num_rows records matching $usernamebr;
//VALID PASSWORD
echo Entered User Name: $usernamebr;
echo Entered Password: $passwbr;
if (strlen($passw) 6 || !preg_match('/[a-z]/i', $passw) ||
!preg_match('/[0-9]/', $passw)) {
$error = Invalid Password. Must be greater than six characters
containing at least one number.br;
echo $errorbr;
} else {
//USERNAME/EMAIL ADDRESS IN DATABASE
if (!$num_rows){
$error = Username was not found. Please Register.;
echo $errorbr;
die(mysql_error());
} else {
//ENTERED PASSWORD IN DATABASE
if (!$passw = mysql_result($result,0,pass)){
$error = Invalid Password.br;
echo $errorbr;
} else {
printf(Password is %sbr\n, mysql_result($result,0,pass));
}
}
}
}
} else {
?
form method=post action=?php echo $PHP_SELF?
User Name:input type=Text name=usernamebr
Password:input type=Text name=passwbr
input type=Submit name=submit value=Enter information
/form
?php
} // end if
?
/body
/html
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Begining PHP...Have Questions
Jon,
The table contains 2 fields...email and pass. My plan is to use the email
address as the username.
$query = SELECT * FROM users WHERE email='.$username.';
I used this query because a persons whole email address should be unique. I
didnt feel it was necessary to add the AND password= because there shouldnt
ever be 2 of the same exact email address' in the table.
Thanks again,
Aaron
Jonathan Haddad [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
You want to use $_POST['username'] instead of $username everywhere you
have a POST variable. I believe this became the standard around PHP4.2.
Can you give us the table def and the results of that select? Also, can
you copy that query ( echo $querybr;) into your next reply?
I think you're query looked something like this before:
SELECT * from user where username LIKE ?
That would select the entire table. You could do it like this:
SELECT * from user WHERE username = '{$_POST['username']} AND password =
'{$_POST['password']}
that will only return the row that matches both the username and
password - so if 1 row is returned it must be the login info. That'll
cut down on the PHP code you need to write.
Aaron Todd wrote:
Jon,
Thanks for the info. I did change the LIKE to =. This was done just for
my
debugging. I do have it set to = on a normal basis.
I am a little unsure what you mean at the end of your reply about
register
globals. Are you saying that everywhere I use $username to refer to the
users inputed username I should use $_POST['username'] instead? Or are
you
suggesting to use this in one location.
Thanks again for the reply,
Aaron
Jonathan Haddad [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
if you have shell access, please do the following
describe users;
select * from users;
also, why are you using LIKE instead of =?
use this instead:
$query = SELECT * FROM users WHERE email = '.$username.';
i would also suggest turning off register globals and using
$_POST['username'] and not $username. (i'm assuming it's on given your
code)
Jon
Aaron Todd wrote:
I am just starting out with PHP and I have created a simple login
program
that is supposed to check users input with a mysql database. I am
doing
5
verifications before the program is completed...Check for the Submit
button,
check for a valid email address(which is the username), check for a
valid
password, check to see if the username exists in the database, and
finally
check to see if the password matches the database for the coresponding
username. Currently you dont get access to a site you only get told
what
your password is in the database.
Everything is technically working, but its not perfect and I think I
need
some help. I have entered 2 records in the database for testing
purposes.
When I put in username1 and password1 it works. The program returns
the
coresponding password. When I change to username2 and still put in
password1 it will return password1.
I have done some debuging and I am unsure of what is really happening.
My
code is below. Would anyone be able to tell me what I am doing wrong.
Thanks,
Aaron
html
body
?php
if ($submit) {
//VALID USERNAME/EMAIL ADDRESS
if
(!ereg('^[-!#$%\'*+\\./0-9=?A-Z^_`a-z{|}~]+'.'@'.'[!#$%\'*+\\/0-9=?A-Z^_
`
a
-z{|}`]+\.'.'[-!#$%\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $username)) {
$error = You must enter a valid email address for your
username.br;
echo $errorbr;
} else {
$db = mysql_connect(localhost, username, password);
mysql_select_db(database,$db);
$query = SELECT * FROM users WHERE email LIKE '.$username.';
echo $querybr;
$result = mysql_query($query,$db);
$num_rows = mysql_num_rows($result);
echo There are $num_rows records matching $usernamebr;
//VALID PASSWORD
echo Entered User Name: $usernamebr;
echo Entered Password: $passwbr;
if (strlen($passw) 6 || !preg_match('/[a-z]/i', $passw) ||
!preg_match('/[0-9]/', $passw)) {
$error = Invalid Password. Must be greater than six characters
containing at least one number.br;
echo $errorbr;
} else {
//USERNAME/EMAIL ADDRESS IN DATABASE
if (!$num_rows){
$error = Username was not found. Please Register.;
echo $errorbr;
die(mysql_error());
} else {
//ENTERED PASSWORD IN DATABASE
if (!$passw = mysql_result($result,0,pass)){
$error = Invalid Password.br;
echo $errorbr;
} else {
printf(Password is %sbr\n,
mysql_result($result,0,pass));
}
}
}
}
} else {
?
form method=post action=?php echo $PHP_SELF?
User Name:input type=Text name=usernamebr
Password:input type=Text name=passwbr
input type=Submit name=submit value=Enter information
/form
?php
} // end if
?
/body
/html
Re: Re[2]: [PHP-DB] Begining PHP...Have Questions
That explains it. I did look at the manual and it did show . instead of ,
It just didnt even hit me. One of those kick yourself mistakes.
Thanks,
Aaron
Pablo M. Rivas [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hello Aaron,
why are you using , instead of . ?
$query = SELECT * FROM users WHERE email=',$_POST['username'],';
is this a typo?...
this sould be:
$query = SELECT * FROM users WHERE email='.$_POST['username'].';
or $query = SELECT * FROM users WHERE
email='{$_POST['username']}';
mhhh.. do you whant to know wy echo works and $query= not?
read the manual... (string functions, echo) and (Language
reference, String Operators)
in echo case, you are giving more than 1 argument:
echo blahblablah,$variable,blahblahblah;
in $xx=blahblahblah,$variable,blahblahblah you are getting a
parse error.
AT That makes great sence, however when I tried using $_POST in my SQL
AT statement it would not work.
AT This works fine:
AT $query = SELECT * FROM users WHERE email='.$username.';
AT But this one doesnt at all:
AT $query = SELECT * FROM users WHERE email=',$_POST['username'],';
AT It does however work for all the echo commands and It is also correct
when
AT I echo the statement:
AT echo SELECT * FROM users WHERE email=',$_POST['username'],';
AT Am I missing something?
AT Thanks again,
AT Aaron
--
Best regards,
Pablo
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
