Re: [PHP-DB] Newbie Question $2
Can we kill this thread? Or can you guys continue the conversation between yourselves. We now have 8 emails pertaining to the technical question, and 8 emails ranting about him asking it. I understand that some people do not believe this is the appropriate forum for that question - but personal attacks and rantings accomplish nothing other than to provide bully tactics and express your outrage at "list spamming" while spamming the list. Thank you for your consideration. - Mike On Wed, Jun 18, 2014 at 11:49 AM, Jim Giner wrote: > On 6/18/2014 2:16 PM, Aziz Saleh wrote: > >> On Wed, Jun 18, 2014 at 2:13 PM, Karl DeSaulniers >> wrote: >> >> >>> >>> Sent from losPhone >>> >>> On Jun 18, 2014, at 7:56 AM, Jim Giner >>> wrote: >>> On 6/18/2014 12:31 AM, Ethan Rosenberg, PhD wrote: > >> On 06/17/2014 12:02 PM, onatawah...@yahoo.ca wrote: >> Hi Ethan, >> >> Here are some things to clean up your code: >> >> Your line: >> >> $phn = $_POST[phone]; >> >> should use quotations as follows: >> >> $phn = $_POST['phone']; >> >> Your line: >> >> $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; >> >> Should use double quotes if you need the variable to be interpreted: >> >> $sql1 ="select Lname, Fname from Customers where Phone = $Phn "; >> >> Lastly, as people have mentioned PDO is probably the best way to go. >> Try connecting to your database with PDO. Look on Google for "PDO >> prepared statements" and use those instead of the mysql escape string >> method. >> >> Hope this helps, >> >> -Kevin >> >> Sent from Yahoo Mail on Android >> > IT WORKS!!! > > Here is the code - > > "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> > http://www.w3.org/1999/xhtml";> > > > $bla = 1; > ?> > > > > > > > > > > > error_reporting(-1); > require '/home/ethan/PHP/ethan.inc'; > $db = "Store"; > $cxn = mysqli_connect($host,$user,$password,$db); > > $phn = $_POST[phone]; > $phn = (string)$phn; > $dsh = '-'; > $Phn = > > $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$ >>> phn[6].$phn[7].$phn[8].$phn[9]; >>> > $sql1 ="select Lname, Fname from Customers where Phone = > '$Phn' "; > $result1 = mysqli_query($cxn, $sql1); > if(!$result) > { > ?> > > > No Match Found > > > } > > ?> > > rules="all" frame="box"> > > Last Name > First Name > > while($row1 = mysqli_fetch_row($result1)) > { > > $Lname = $row1[0]; > $Fname = $row1[1]; > > > > ?> > > > > } > ?> > > > > > > > As you [those that replied] accurately noted, the problem was with the > quoting. > > I appreciate all your comments, take them seriously and will use the > information contained in them for future programming. > > No matter how much skill in programming I have, I will remain a NEWBIE; > ie, someone who wishes to grrow in knowledge and acknowledges that > there > are many programmers much more skilled than I. > > Thanks again. > > Ethan > happy to hear you got it working. Sad to see that you didn't heed the >>> tips provided to you and alter your code, and that you still have errors >>> in >>> it. oh, well >>> >>> Wow. Just wow. I though when I signed up on this list that if I did what >>> Ethan did I would be shunned from the list. But I guess I was wrong. You >>> can be an ask hole on here and people will still try and help. Kudos to >>> the >>> good souls who try. >>> >>> Karl >>> -- >>> PHP Database Mailing List (http://www.php.net/) >>> To unsubscribe, visit: http://www.php.net/unsub.php >>> >>> >>> There are lots of people who have free time on their hands to teach the >> basics, which I think is a good thing. Personally, if someone doesn't care >> enough to read the manual or attempt to understand the basics, I wouldn't >> spend too much time on their problems. >> >> And despite Ethan's continual ignorance of the manual and the basic > principles espoused by those taking
Re: [PHP-DB] Newbie Question $2
On 6/18/2014 2:16 PM, Aziz Saleh wrote: On Wed, Jun 18, 2014 at 2:13 PM, Karl DeSaulniers wrote: Sent from losPhone On Jun 18, 2014, at 7:56 AM, Jim Giner wrote: On 6/18/2014 12:31 AM, Ethan Rosenberg, PhD wrote: On 06/17/2014 12:02 PM, onatawah...@yahoo.ca wrote: Hi Ethan, Here are some things to clean up your code: Your line: $phn = $_POST[phone]; should use quotations as follows: $phn = $_POST['phone']; Your line: $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; Should use double quotes if you need the variable to be interpreted: $sql1 ="select Lname, Fname from Customers where Phone = $Phn "; Lastly, as people have mentioned PDO is probably the best way to go. Try connecting to your database with PDO. Look on Google for "PDO prepared statements" and use those instead of the mysql escape string method. Hope this helps, -Kevin Sent from Yahoo Mail on Android IT WORKS!!! Here is the code - http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> http://www.w3.org/1999/xhtml";> $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$phn[6].$phn[7].$phn[8].$phn[9]; $sql1 ="select Lname, Fname from Customers where Phone = '$Phn' "; $result1 = mysqli_query($cxn, $sql1); if(!$result) { ?> No Match Found Last Name First Name > As you [those that replied] accurately noted, the problem was with the quoting. I appreciate all your comments, take them seriously and will use the information contained in them for future programming. No matter how much skill in programming I have, I will remain a NEWBIE; ie, someone who wishes to grrow in knowledge and acknowledges that there are many programmers much more skilled than I. Thanks again. Ethan happy to hear you got it working. Sad to see that you didn't heed the tips provided to you and alter your code, and that you still have errors in it. oh, well Wow. Just wow. I though when I signed up on this list that if I did what Ethan did I would be shunned from the list. But I guess I was wrong. You can be an ask hole on here and people will still try and help. Kudos to the good souls who try. Karl -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php There are lots of people who have free time on their hands to teach the basics, which I think is a good thing. Personally, if someone doesn't care enough to read the manual or attempt to understand the basics, I wouldn't spend too much time on their problems. And despite Ethan's continual ignorance of the manual and the basic principles espoused by those taking the time to respond to him we still do it. Aren't we all amazing? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Newbie Question $2
On Wed, Jun 18, 2014 at 2:13 PM, Karl DeSaulniers wrote: > > > Sent from losPhone > > > On Jun 18, 2014, at 7:56 AM, Jim Giner > wrote: > > > >> On 6/18/2014 12:31 AM, Ethan Rosenberg, PhD wrote: > >>> On 06/17/2014 12:02 PM, onatawah...@yahoo.ca wrote: > >>> Hi Ethan, > >>> > >>> Here are some things to clean up your code: > >>> > >>> Your line: > >>> > >>> $phn = $_POST[phone]; > >>> > >>> should use quotations as follows: > >>> > >>> $phn = $_POST['phone']; > >>> > >>> Your line: > >>> > >>> $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; > >>> > >>> Should use double quotes if you need the variable to be interpreted: > >>> > >>> $sql1 ="select Lname, Fname from Customers where Phone = $Phn "; > >>> > >>> Lastly, as people have mentioned PDO is probably the best way to go. > >>> Try connecting to your database with PDO. Look on Google for "PDO > >>> prepared statements" and use those instead of the mysql escape string > >>> method. > >>> > >>> Hope this helps, > >>> > >>> -Kevin > >>> > >>> Sent from Yahoo Mail on Android > >> IT WORKS!!! > >> > >> Here is the code - > >> > >> >> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> > >> http://www.w3.org/1999/xhtml";> > >> > >> > >> >> $bla = 1; > >> ?> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> >> error_reporting(-1); > >> require '/home/ethan/PHP/ethan.inc'; > >> $db = "Store"; > >> $cxn = mysqli_connect($host,$user,$password,$db); > >> > >> $phn = $_POST[phone]; > >> $phn = (string)$phn; > >> $dsh = '-'; > >> $Phn = > >> > $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$phn[6].$phn[7].$phn[8].$phn[9]; > >> > >> $sql1 ="select Lname, Fname from Customers where Phone = > >> '$Phn' "; > >> $result1 = mysqli_query($cxn, $sql1); > >> if(!$result) > >> { > >> ?> > >> > >> > >> No Match Found > >> > >> > >> >> } > >> > >> ?> > >> > >> >> rules="all" frame="box"> > >> > >> Last Name > >> First Name > >> >> > >> while($row1 = mysqli_fetch_row($result1)) > >> { > >> > >> $Lname = $row1[0]; > >> $Fname = $row1[1]; > >> > >> > >> > >> ?> > >> > >> > >> > >> >> } > >> ?> > >> > >> > > >> > >> > >> > >> As you [those that replied] accurately noted, the problem was with the > >> quoting. > >> > >> I appreciate all your comments, take them seriously and will use the > >> information contained in them for future programming. > >> > >> No matter how much skill in programming I have, I will remain a NEWBIE; > >> ie, someone who wishes to grrow in knowledge and acknowledges that there > >> are many programmers much more skilled than I. > >> > >> Thanks again. > >> > >> Ethan > > happy to hear you got it working. Sad to see that you didn't heed the > tips provided to you and alter your code, and that you still have errors in > it. oh, well > > > > Wow. Just wow. I though when I signed up on this list that if I did what > Ethan did I would be shunned from the list. But I guess I was wrong. You > can be an ask hole on here and people will still try and help. Kudos to the > good souls who try. > > Karl > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > There are lots of people who have free time on their hands to teach the basics, which I think is a good thing. Personally, if someone doesn't care enough to read the manual or attempt to understand the basics, I wouldn't spend too much time on their problems.
Re: [PHP-DB] Newbie Question $2
Sent from losPhone > On Jun 18, 2014, at 7:56 AM, Jim Giner wrote: > >> On 6/18/2014 12:31 AM, Ethan Rosenberg, PhD wrote: >>> On 06/17/2014 12:02 PM, onatawah...@yahoo.ca wrote: >>> Hi Ethan, >>> >>> Here are some things to clean up your code: >>> >>> Your line: >>> >>> $phn = $_POST[phone]; >>> >>> should use quotations as follows: >>> >>> $phn = $_POST['phone']; >>> >>> Your line: >>> >>> $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; >>> >>> Should use double quotes if you need the variable to be interpreted: >>> >>> $sql1 ="select Lname, Fname from Customers where Phone = $Phn "; >>> >>> Lastly, as people have mentioned PDO is probably the best way to go. >>> Try connecting to your database with PDO. Look on Google for "PDO >>> prepared statements" and use those instead of the mysql escape string >>> method. >>> >>> Hope this helps, >>> >>> -Kevin >>> >>> Sent from Yahoo Mail on Android >> IT WORKS!!! >> >> Here is the code - >> >> > "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> >> http://www.w3.org/1999/xhtml";> >> >> >> > $bla = 1; >> ?> >> >> >> >> >> >> >> >> >> >> >> > error_reporting(-1); >> require '/home/ethan/PHP/ethan.inc'; >> $db = "Store"; >> $cxn = mysqli_connect($host,$user,$password,$db); >> >> $phn = $_POST[phone]; >> $phn = (string)$phn; >> $dsh = '-'; >> $Phn = >> $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$phn[6].$phn[7].$phn[8].$phn[9]; >> >> $sql1 ="select Lname, Fname from Customers where Phone = >> '$Phn' "; >> $result1 = mysqli_query($cxn, $sql1); >> if(!$result) >> { >> ?> >> >> >> No Match Found >> >> >> > } >> >> ?> >> >> > rules="all" frame="box"> >> >> Last Name >> First Name >> > >> while($row1 = mysqli_fetch_row($result1)) >> { >> >> $Lname = $row1[0]; >> $Fname = $row1[1]; >> >> >> >> ?> >> >> >> >> > } >> ?> >> >> > >> >> >> >> As you [those that replied] accurately noted, the problem was with the >> quoting. >> >> I appreciate all your comments, take them seriously and will use the >> information contained in them for future programming. >> >> No matter how much skill in programming I have, I will remain a NEWBIE; >> ie, someone who wishes to grrow in knowledge and acknowledges that there >> are many programmers much more skilled than I. >> >> Thanks again. >> >> Ethan > happy to hear you got it working. Sad to see that you didn't heed the tips > provided to you and alter your code, and that you still have errors in it. > oh, well > Wow. Just wow. I though when I signed up on this list that if I did what Ethan did I would be shunned from the list. But I guess I was wrong. You can be an ask hole on here and people will still try and help. Kudos to the good souls who try. Karl -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Newbie Question $2
On 6/18/2014 12:31 AM, Ethan Rosenberg, PhD wrote: On 06/17/2014 12:02 PM, onatawah...@yahoo.ca wrote: Hi Ethan, Here are some things to clean up your code: Your line: $phn = $_POST[phone]; should use quotations as follows: $phn = $_POST['phone']; Your line: $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; Should use double quotes if you need the variable to be interpreted: $sql1 ="select Lname, Fname from Customers where Phone = $Phn "; Lastly, as people have mentioned PDO is probably the best way to go. Try connecting to your database with PDO. Look on Google for "PDO prepared statements" and use those instead of the mysql escape string method. Hope this helps, -Kevin Sent from Yahoo Mail on Android IT WORKS!!! Here is the code - http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> http://www.w3.org/1999/xhtml";> No Match Found Last Name First Name > As you [those that replied] accurately noted, the problem was with the quoting. I appreciate all your comments, take them seriously and will use the information contained in them for future programming. No matter how much skill in programming I have, I will remain a NEWBIE; ie, someone who wishes to grrow in knowledge and acknowledges that there are many programmers much more skilled than I. Thanks again. Ethan happy to hear you got it working. Sad to see that you didn't heed the tips provided to you and alter your code, and that you still have errors in it. oh, well -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Newbie Question $2
On 06/17/2014 12:02 PM, onatawah...@yahoo.ca wrote: Hi Ethan, Here are some things to clean up your code: Your line: $phn = $_POST[phone]; should use quotations as follows: $phn = $_POST['phone']; Your line: $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; Should use double quotes if you need the variable to be interpreted: $sql1 ="select Lname, Fname from Customers where Phone = $Phn "; Lastly, as people have mentioned PDO is probably the best way to go. Try connecting to your database with PDO. Look on Google for "PDO prepared statements" and use those instead of the mysql escape string method. Hope this helps, -Kevin Sent from Yahoo Mail on Android IT WORKS!!! Here is the code - "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> http://www.w3.org/1999/xhtml";> $Phn = $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$phn[6].$phn[7].$phn[8].$phn[9]; $sql1 ="select Lname, Fname from Customers where Phone = '$Phn' "; $result1 = mysqli_query($cxn, $sql1); if(!$result) { ?> No Match Found frame="box"> Last Name First Name > As you [those that replied] accurately noted, the problem was with the quoting. I appreciate all your comments, take them seriously and will use the information contained in them for future programming. No matter how much skill in programming I have, I will remain a NEWBIE; ie, someone who wishes to grrow in knowledge and acknowledges that there are many programmers much more skilled than I. Thanks again. Ethan -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Newbie Question $2
Hi Ethan, Here are some things to clean up your code: Your line: $phn = $_POST[phone]; should use quotations as follows: $phn = $_POST['phone']; Your line: $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; Should use double quotes if you need the variable to be interpreted: $sql1 ="select Lname, Fname from Customers where Phone = $Phn "; Lastly, as people have mentioned PDO is probably the best way to go. Try connecting to your database with PDO. Look on Google for "PDO prepared statements" and use those instead of the mysql escape string method. Hope this helps, -Kevin Sent from Yahoo Mail on Android
Re: [PHP-DB] Newbie Question $2
Oh a few quick things. First, you can use substr to break up the phone instead of grabbing characters- might be a little easier to read long term. Secondly, mysql_real_escape_string will return the cleaned string, but doesn't change the original variable. So you'll need $phn = mysql_real_escape_string($phn); Thirdly anytime you use a single quote the strong is interpreted literally. You'll want to switch out the single quotes with double quotes, and then wrap $phn in single quotes in order to not break your query. "Select ... Where phn = '$phn'" I'd also really suggest looking at using PDO or even the mysqli extension tho instead of just plain mysql (believe this has been deprecated). Sorry for the quick reply, on mobile. But feel free to email me directly and I'll be happy to help out more. - Mike Sent from my iPhone > On Jun 16, 2014, at 7:58 PM, Ethan Rosenberg > wrote: > > Dear List - > > I have the following code: > > The input from the form is a 10 digit string [1234567890] which is converted > to phone number format [123-456-7890] > > $phn = $_POST[phone]; > $phn = (string)$phn; > $dsh = '-'; > $Phn = > $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$phn[6].$phn[7].$phn[8].$phn[9]; > >echo $Phn; // this is folded by Thunderbird. In the script, it is //all > on one line > >mysql_real_escape_string($Phn); >$sql1 ='select Lname, Fname from Customers where Phone = $Phn '; >echo $sql1; //this always shows $phn as Phn and not as a numerical > //string. >$result1 = mysqli_query($cxn, $sql1); > > TIA > > Ethan > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Newbie Question $2
On Jun 16, 2014, at 10:05 PM, Karl DeSaulniers wrote: > On Jun 16, 2014, at 9:58 PM, Ethan Rosenberg > wrote: > >> Dear List - >> >> I have the following code: >> >> The input from the form is a 10 digit string [1234567890] which is converted >> to phone number format [123-456-7890] >> >> $phn = $_POST[phone]; >> $phn = (string)$phn; >> $dsh = '-'; >> $Phn = >> $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$phn[6].$phn[7].$phn[8].$phn[9]; >> >> echo $Phn; // this is folded by Thunderbird. In the script, it is //all >> on one line >> >> mysql_real_escape_string($Phn); >> $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; >> echo $sql1; //this always shows $phn as Phn and not as a numerical >> //string. >> $result1 = mysqli_query($cxn, $sql1); >> >> TIA >> >> Ethan >> > > Well, from first glance you're combining mysql and mysqli. > Don't know if that is wise or permissible since I think mysql has been > depreciated. > Go with mysqli. Next you may want to try... > > $sql1 = 'SELECT Lname, Fname FROM Customers WHERE Phone = '.$Phn; > > Best, > > Karl DeSaulniers > Design Drumm > http://designdrumm.com > Also, you may want to store the number in your database without the dash and just apply the dash when displaying the number in HTML. Not that this is entirely necessary, more of a personal choice. If you have a large number of phone numbers stored lets say, numbers with no dash take up less space in the grand scheme of things I guess. Best, Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Newbie Question $2
On Mon, Jun 16, 2014 at 10:58 PM, Ethan Rosenberg < erosenb...@hygeiabiomedical.com> wrote: > Dear List - > > I have the following code: > > The input from the form is a 10 digit string [1234567890] which is > converted to phone number format [123-456-7890] > > $phn = $_POST[phone]; > $phn = (string)$phn; > $dsh = '-'; > $Phn = $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$ > phn[6].$phn[7].$phn[8].$phn[9]; > echo $Phn; // this is folded by Thunderbird. In the script, it is > //all on one line > > mysql_real_escape_string($Phn); > $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; > echo $sql1; //this always shows $phn as Phn and not as a numerical > //string. > $result1 = mysqli_query($cxn, $sql1); > > TIA > > Ethan > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > This page should help you: http://www.php.net//manual/en/language.types.string.php understand the difference between single and double quotes.
Re: [PHP-DB] Newbie Question $2
On Jun 16, 2014, at 9:58 PM, Ethan Rosenberg wrote: > Dear List - > > I have the following code: > > The input from the form is a 10 digit string [1234567890] which is converted > to phone number format [123-456-7890] > > $phn = $_POST[phone]; > $phn = (string)$phn; > $dsh = '-'; > $Phn = > $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$phn[6].$phn[7].$phn[8].$phn[9]; > >echo $Phn; // this is folded by Thunderbird. In the script, it is //all > on one line > >mysql_real_escape_string($Phn); >$sql1 ='select Lname, Fname from Customers where Phone = $Phn '; >echo $sql1; //this always shows $phn as Phn and not as a numerical > //string. >$result1 = mysqli_query($cxn, $sql1); > > TIA > > Ethan > Well, from first glance you're combining mysql and mysqli. Don't know if that is wise or permissible since I think mysql has been depreciated. Go with mysqli. Next you may want to try... $sql1 = 'SELECT Lname, Fname FROM Customers WHERE Phone = '.$Phn; Best, Karl DeSaulniers Design Drumm http://designdrumm.com > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Newbie Question $2
Dear List - I have the following code: The input from the form is a 10 digit string [1234567890] which is converted to phone number format [123-456-7890] $phn = $_POST[phone]; $phn = (string)$phn; $dsh = '-'; $Phn = $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$phn[6].$phn[7].$phn[8].$phn[9]; echo $Phn; // this is folded by Thunderbird. In the script, it is //all on one line mysql_real_escape_string($Phn); $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; echo $sql1; //this always shows $phn as Phn and not as a numerical //string. $result1 = mysqli_query($cxn, $sql1); TIA Ethan -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php