Re: [PHP] Why doesn't this simple query work?
On Wednesday 25 July 2001 23:05, Seb Frost wrote: Thanks for the suggestion but it's too ugly for me :-) I'll just stick with using '. I don't forsee a problem. $query = SELECT shoodID FROM shoots WHERE location='$location'; wget http://foo.bar/yourscript.php?location=xy';delete+from+shoots+where+location+!=+' Use Addslashes or magic_quotes_gpc. -- Christian Reiniger LGDC Webmaster (http://lgdc.sunsite.dk/) ...to paraphrase Churchill, while representative democracy may be terrible, it's still the best system that large corporations can buy. - David Weinberger JOHO January 25, 2000 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Why doesn't this simple query work?
Driving me mad. Works if I put a string in quote marks instead of the variable $location. $result = mysql_query(SELECT shootID FROM shoots WHERE (location=$location)); This should work shouldn't it? If it's a problem with the variable being embedded in the query what's the easiest way to overcome this? $location is a string variable, yes? If so, then your statement needs to look like this: $result = mysql_query(SELECT shootID FROM shoots WHERE (location=\$location\)); Note the escaped quotes around $location. Chris
Re: [PHP] Why doesn't this simple query work?
hmmm i think you need to always have quotes around string regardless of if they are variables . . . $result = mysql_query(SELECT shootID FROM shoots WHERE (location='$location')); - Original Message - From: Seb Frost [EMAIL PROTECTED] To: php-general [EMAIL PROTECTED] Sent: Thursday, July 26, 2001 3:10 AM Subject: [PHP] Why doesn't this simple query work? Driving me mad. Works if I put a string in quote marks instead of the variable $location. $result = mysql_query(SELECT shootID FROM shoots WHERE (location=$location)); This should work shouldn't it? If it's a problem with the variable being embedded in the query what's the easiest way to overcome this? cheers, seb -Original Message- From: Sheridan Saint-Michel [mailto:[EMAIL PROTECTED]] Sent: 19 July 2001 14:50 To: php-general Subject: Re: [PHP] REGEXP I am not sure if I am understanding you... but if you just want to return the boundary try preg_match(|boundary=\([^\].+)\|Uis, $text, $regs ); $boundary = $regs[1]; I am guessing that you want the boundary from the lines to avoid regexp (too lazy) but now I want to use it. The final result I would need is: B42DA66C4EC07C9B572A58FC so that I can search If you are looking for something else let me know Sheridan -Original Message- From: Adrian D'Costa [mailto:[EMAIL PROTECTED]] Sent: Saturday, July 14, 2001 2:54 AM To: php general list Subject: [PHP] REGEXP Hi, I am trying to capture the Header from a mail for my webmail using php and pop3. The header is something like this: Content-Type: multipart/mixed; boundary=B42DA66C4EC07C9B572A58FC When I use preg_split(/[\d;]*/, $buffer), I get Content-Type: multipart/mixed; What I want is to return the whole line split by the ;. I usually try to avoid regexp (too lazy) but now I want to use it. The final result I would need is: B42DA66C4EC07C9B572A58FC so that I can search in the body of the message for the rest of the parts. Any pointers would be helpful. Adrian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Why doesn't this simple query work?
IMHO $query = SELECT shoodID FROM shoots WHERE location=\$location\; and even $query = SELECT shoodID FROM shoots WHERE location='$location'; sometimes cause SQL Syntax Error, because the variable $location may contain quote characters (')()... since i experienced the same thing i've been doing like this... (the reason is just that i did with 2 byte japanese characters?) $query = sprintf( 'SELECT shootID FROM shoots WHERE location=%s', AddSlashes( $location ) ); going well, but is this code too ugry? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Why doesn't this simple query work?
True, that's because mySQl doesn't understand it without the signle quotes, or any descent database for that matter. BC -Original Message- From: Jon Yaggie [mailto:[EMAIL PROTECTED]] Sent: woensdag 25 juli 2001 22:12 To: [EMAIL PROTECTED] Subject: Re: [PHP] Why doesn't this simple query work? hmmm i think you need to always have quotes around string regardless of if they are variables . . . $result = mysql_query(SELECT shootID FROM shoots WHERE (location='$location')); - Original Message - From: Seb Frost [EMAIL PROTECTED] To: php-general [EMAIL PROTECTED] Sent: Thursday, July 26, 2001 3:10 AM Subject: [PHP] Why doesn't this simple query work? Driving me mad. Works if I put a string in quote marks instead of the variable $location. $result = mysql_query(SELECT shootID FROM shoots WHERE (location=$location)); This should work shouldn't it? If it's a problem with the variable being embedded in the query what's the easiest way to overcome this? cheers, seb -Original Message- From: Sheridan Saint-Michel [mailto:[EMAIL PROTECTED]] Sent: 19 July 2001 14:50 To: php-general Subject: Re: [PHP] REGEXP I am not sure if I am understanding you... but if you just want to return the boundary try preg_match(|boundary=\([^\].+)\|Uis, $text, $regs ); $boundary = $regs[1]; I am guessing that you want the boundary from the lines to avoid regexp (too lazy) but now I want to use it. The final result I would need is: B42DA66C4EC07C9B572A58FC so that I can search If you are looking for something else let me know Sheridan -Original Message- From: Adrian D'Costa [mailto:[EMAIL PROTECTED]] Sent: Saturday, July 14, 2001 2:54 AM To: php general list Subject: [PHP] REGEXP Hi, I am trying to capture the Header from a mail for my webmail using php and pop3. The header is something like this: Content-Type: multipart/mixed; boundary=B42DA66C4EC07C9B572A58FC When I use preg_split(/[\d;]*/, $buffer), I get Content-Type: multipart/mixed; What I want is to return the whole line split by the ;. I usually try to avoid regexp (too lazy) but now I want to use it. The final result I would need is: B42DA66C4EC07C9B572A58FC so that I can search in the body of the message for the rest of the parts. Any pointers would be helpful. Adrian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Why doesn't this simple query work?
how about $location = addslashes($location); $query = select shoodID from shoots where location = '$location'; or $query = select shoodID from shoots where location = '. addslashes($location) .'; Both are \'clean\' :) -Original Message- From: Moriyoshi Koizumi [mailto:[EMAIL PROTECTED]] Sent: July 26, 2001 4:59 AM To: [EMAIL PROTECTED] Subject: Re: [PHP] Why doesn't this simple query work? IMHO $query = SELECT shoodID FROM shoots WHERE location=\$location\; and even $query = SELECT shoodID FROM shoots WHERE location='$location'; sometimes cause SQL Syntax Error, because the variable $location may contain quote characters (')()... since i experienced the same thing i've been doing like this... (the reason is just that i did with 2 byte japanese characters?) $query = sprintf( 'SELECT shootID FROM shoots WHERE location=%s', AddSlashes( $location ) ); going well, but is this code too ugry? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] how do you write queries in php codes? (was Re: [PHP] Why doesn't this simple query work?)
yes, both of yours make the same result too, and are clean :-) and i wonder what the best way is, to put queries into php code... there's a more complicated sample, $a=addslashes($a); $b=addslashes($b); $c=addslashes($c); if( $another_table ) { $another_table=','.$another_table; } $query = select abc,def,ghi from table1,table2 $another_table where abc='$a' and def='$b' and ghi='$c' ; and i prefer because i often confuse php variables with columns if( $another_table ) { $another_table=','.$another_table; } $query = sprintf( 'select abc,def,ghi from table1,table2 %s where abc=%s and def=%s and ghi=%s', $another_table, addslashes($a), addslashes($b), addslashes($c) ); but i think the latter loses some good php features... then, does anyone have good idea? [EMAIL PROTECTED] wrote: how about $location = addslashes($location); $query = select shoodID from shoots where location = '$location'; or $query = select shoodID from shoots where location = '. addslashes($location) .'; Both are \'clean\' :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] how do you write queries in php codes? (was Re: [PHP] Why doesn't this simple query work?)
Its however you prefer it (or whatever is easier to type usually). sprintf is usable, depends on if you have a c or perl background, and its second nature. For me, I use editplus on windows which gives color coding (www.editplus.com), if I do $query = select abc,def,ghi from table1,table2. $another_table . where abc='. $a .'; I can immediately see the $another_table, and $a are variables. Use a color coded editor - it makes life a lot easier. Lawrence. -Original Message- From: Moriyoshi Koizumi [mailto:[EMAIL PROTECTED]] Sent: July 26, 2001 10:28 AM To: [EMAIL PROTECTED] Subject: [PHP] how do you write queries in php codes? (was Re: [PHP] Why doesn't this simple query work?) yes, both of yours make the same result too, and are clean :-) and i wonder what the best way is, to put queries into php code... there's a more complicated sample, $a=addslashes($a); $b=addslashes($b); $c=addslashes($c); if( $another_table ) { $another_table=','.$another_table; } $query = select abc,def,ghi from table1,table2 $another_table where abc='$a' and def='$b' and ghi='$c' ; and i prefer because i often confuse php variables with columns if( $another_table ) { $another_table=','.$another_table; } $query = sprintf( 'select abc,def,ghi from table1,table2 %s where abc=%s and def=%s and ghi=%s', $another_table, addslashes($a), addslashes($b), addslashes($c) ); but i think the latter loses some good php features... then, does anyone have good idea? [EMAIL PROTECTED] wrote: how about $location = addslashes($location); $query = select shoodID from shoots where location = '$location'; or $query = select shoodID from shoots where location = '. addslashes($location) .'; Both are \'clean\' :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]