[PHP] Possible query problem

2003-10-28 Thread Frank Tudor 
Yestery day I got help from several of you on my function.

I tried to get complicated today and so here it is.

I am working on a peice of code where if a condition of a
database entery is 0 then it will take you to one page if it is
one it will take you to another page.

Here is the function:

$payment1 = $_POST[payment];

function payment(){
global $payment1;
if ($payment1 == 0){
header ('Location: http://ftudor/test/test_page.html');

}
elseif ($payment1 == 1) {
header ('Location: http://ftudor/test/test_page2.html');

}
}

payment(); 

It works (thanks to many) but I have another problem.

Basically the user will have to supply a username and password,
then the sql statement will go through something like this:

$query=SELECT payment FROM payment WHERE
dln='.$_POST[dln].' = payment.dln='.$_POST[dln].' and
users.password='.$_POST[password].';

then it should return a 0 or a 1 and that will go into the
function and route a user to the right page.

Since I don't have a payment processing tool in place I have to
hfake a condition.

The page just cycles into itself and keeps promting for username
and password over and over.

Do you think it's my sql?

Frank


__
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Possible query problem

2003-10-28 Thread Pablo Gosse 
On Tuesday, October 28, 2003 8:50 AM Frank Tudor wrote:

 $query=SELECT payment FROM payment WHERE
dln='.$_POST[dln].' = payment.dln='.$_POST[dln].' and
users.password='.$_POST[password].';

Okay, there seem to be a few problems here.

The first issue is:

users.password

Using this means you are referencing a table which you've identified as
users, however there is no such table in your query.  If the password
field is part of the payment table, then you would reference it as
payment.password.

However if the password field is part of a users table, then you need to
perform a join here, as you will be attempting to get the data from two
tables.

The second issue is here:

WHERE dln='.$_POST[dln].' = payment.dln='.$_POST[dln]

You're first comparind dln to $_POST['dln'], and then to payment.dln and
then to $_POST['dln'] again.

What fields is it you're trying to compare?  Each where clause in sql
must be joined with an and, or, like, etc.

So perhaps you were trying for something like this:

WHERE dln = '.$_POST[dln].' and payment.dln = '.$_POST[dln]

However, if this were the case you're essentially asking the same thing
twice.

So, based on your query, I suspect you're trying for something like
this:

$query = 'select payment from payment where dln = \''.$_POST['dln'].'\'
and password = \''.$_POST['password'].'\'';

However, this again assumes that the password and dln fields are in the
same table.  If they're in separate tables then you'll need to perform a
join.

Hope this helps.

Cheers,
Pablo

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Possible query problem

2003-10-28 Thread Jay Blanchard 
[snip]
$query=SELECT payment FROM payment WHERE
dln='.$_POST[dln].' = payment.dln='.$_POST[dln].' and
users.password='.$_POST[password].';
[/snip]

Breaking the above apart ...
$query=
SELECT payment 
FROM payment 
WHERE dln='.$_POST[dln].' 
= payment.dln='.$_POST[dln].'
and users.password='.$_POST[password].';

It appears that you have one too many  dln='.$_POST[dln].'

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Possible query problem

2003-10-28 Thread Chris Shiflett 
I didn't look into your problem, but I want to mention one thing that stands
out to me.

--- Frank Tudor [EMAIL PROTECTED] wrote:
 $query=SELECT payment FROM payment WHERE
 dln='.$_POST[dln].' = payment.dln='.$_POST[dln].' and
 users.password='.$_POST[password].';

Never, ever build an SQL query using data directly from the client. You place
yourself at the mercy of every user of your site and their creative potential.
This code constitutes a security vulnerability.

Filter all data, assign it to another variable (so you know it has been
filtered), and then build your query using the filtered data:

$clean['dln'] = '';
if ($_POST['dln'] looks like a valid value)
{
 $clean['dln'] = $_POST['dln'];
}

$sql = ... {$clean['dln']} ...;

Something similar to that anyway.

Hope that helps.

Chris

=
My Blog
 http://shiflett.org/
HTTP Developer's Handbook
 http://httphandbook.org/
RAMP Training Courses
 http://www.nyphp.org/ramp

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php