Re: [PHP] function not returning query
On Tue, 2009-11-24 at 23:27 -0800, Allen McCabe wrote:
If I were to loop through my inputs, I could just exclude any
problematic names, eg.:
foreach ($_POST as $var = $val)
{
if ($var != filter.x || $var != filter.y)
{
$var = $val;
}
}
Like that?
On Tue, Nov 24, 2009 at 2:34 AM, Ashley Sheridan
a...@ashleysheridan.co.uk wrote:
On Tue, 2009-11-24 at 02:11 -0800, Allen McCabe wrote:
I am! Will these extra query variables cause any problems or
should I use standard submit inputs?
Thanks Ashley!
On Tue, Nov 24, 2009 at 1:10 AM, Ashley Sheridan
a...@ashleysheridan.co.uk wrote:
On Mon, 2009-11-23 at 21:53 -0800, Allen McCabe
wrote:
Okay, suddenly I got it to filter the results, but I
still can't figure out
where this part of the query is coming from, at the end
of the query string
in the URL, I have this filter.x=0filter.y=0.
No where in my form do I have a field named filter.x or
filter.y. I DO
however, have 3 forms (I don't want to mess with AJAX),
my set up looks like
this:
Filter by:
User - [username dropdown v] Order by [database fields
v] Asc/Desc
[Ascend v] - Go
School - [school dropdown v] Order by [database fields
v] Asc/Desc
[Ascend v] - Go
Show - [show dropdown v] Order by [database fields v]
Asc/Desc [Ascend v]
- Go
There are actually two order by fields, but this gives
you the idea. Each of
the three lines is a separate form, each with a unique
name all with a get
method, but all three Go buttons are named filter, I
didn't think to try
changing it until now, but is this perhaps where the
filter.x and filter.y
are coming from? I have never seen this before in a query.
Oh, now the filter that was working spontaneously gives
me the error I have
been getting all along, this is so frustrating.
To those who asked, yes I am connected to the database; I
forgot to mention
that the else part of my if statement works, as long as I
don't try to
filter my results it works.
Here is an example of the URL that my filter function
(via one of the 3
forms) outputs:
http://lpacmarketing.hostzi.com/afy/orders/default.php?filterby=schoolschoolid=36orderby1=order_idasc_desc_order1=Descendorderby2=pmt_recd_dateasc_desc_order2=Descendfilter.x=13filter.y=8filter=Go
On Mon, Nov 23, 2009 at 8:03 PM, Philip Thompson
philthath...@gmail.comwrote:
On Nov 23, 2009, at 6:22 PM, Allen McCabe wrote:
Hi, thanks for reading, I hope you can help:
In my main file for an orders page I have the
following code:
if (isset($_GET['filterby']))
{
$resultOrders = adminFilterQuery();
$numberOfOrders = mysql_num_rows($resultOrders);
}
else
{
$resultOrders = mysql_query(SELECT * FROM
afy_order;) or
die(mysql_error(Could not query the database!));
$numberOfOrders = mysql_num_rows($resultOrders);
}
You reduce this part by one line by putting the
following after the else
statement and removing the other 2:
$numberOfOrders = mysql_num_rows ($resultOrders);
Also, these queries don't need a semi-colon (;) to end
the query. PHP
handles this part. Remove them.
adminFilterQuery() is a custom function that is
supposed to return a
mysql_query, here are the last few lines of this
function:
$query = SELECT * FROM afy_order WHERE school_id =
'{$school}' ORDER BY
{$order_by_param};;
$result = mysql_query($query);
return $result;
l am getting this error
Re: [PHP] function not returning query
On Nov 25, 2009, at 4:32 AM, Ashley Sheridan wrote:
On Tue, 2009-11-24 at 23:27 -0800, Allen McCabe wrote:
If I were to loop through my inputs, I could just exclude any
problematic names, eg.:
foreach ($_POST as $var = $val)
{
if ($var != filter.x || $var != filter.y)
{
$var = $val;
}
}
Like that?
!--snip--
Not really, what if someone else decided they wanted to throw in their
own form field values in the hope of breaking your system? It's much
better to be specifically looking for certain form fields and certain
field values/ranges. For example, if you had some fields that would
filter something by cost, you might have two form fields named 'max' and
'min' which would be ranges for the cost. You should check that these
fields only contain numbers for example before processing them. Any data
coming from the client-side is untrustworthy and should be regarded as
tainted until you can prove otherwise.
Thanks,
Ash
The system Ash is referring to is a whitebox approach. You know what you should
get in, so only accept those values. A simple thing to accomplish what you're
trying to do, Allen, would be to create an array of required/accepted fields...
?php
$acceptable = array('green', 'blue', 'red');
foreach ($_POST as $var = $val) {
if (in_array ($var, $acceptable)) {
// Do whatever here
} else {
// Not acceptable - throw error message or do nothing
}
}
?
Hope that helps.
~Philip
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] function not returning query
On Mon, 2009-11-23 at 21:53 -0800, Allen McCabe wrote:
Okay, suddenly I got it to filter the results, but I still can't figure out
where this part of the query is coming from, at the end of the query string
in the URL, I have this filter.x=0filter.y=0.
No where in my form do I have a field named filter.x or filter.y. I DO
however, have 3 forms (I don't want to mess with AJAX), my set up looks like
this:
Filter by:
User - [username dropdown v] Order by [database fields v] Asc/Desc
[Ascend v] - Go
School - [school dropdown v] Order by [database fields v] Asc/Desc
[Ascend v] - Go
Show - [show dropdown v] Order by [database fields v] Asc/Desc [Ascend v]
- Go
There are actually two order by fields, but this gives you the idea. Each of
the three lines is a separate form, each with a unique name all with a get
method, but all three Go buttons are named filter, I didn't think to try
changing it until now, but is this perhaps where the filter.x and filter.y
are coming from? I have never seen this before in a query.
Oh, now the filter that was working spontaneously gives me the error I have
been getting all along, this is so frustrating.
To those who asked, yes I am connected to the database; I forgot to mention
that the else part of my if statement works, as long as I don't try to
filter my results it works.
Here is an example of the URL that my filter function (via one of the 3
forms) outputs:
http://lpacmarketing.hostzi.com/afy/orders/default.php?filterby=schoolschoolid=36orderby1=order_idasc_desc_order1=Descendorderby2=pmt_recd_dateasc_desc_order2=Descendfilter.x=13filter.y=8filter=Go
On Mon, Nov 23, 2009 at 8:03 PM, Philip Thompson
philthath...@gmail.comwrote:
On Nov 23, 2009, at 6:22 PM, Allen McCabe wrote:
Hi, thanks for reading, I hope you can help:
In my main file for an orders page I have the following code:
if (isset($_GET['filterby']))
{
$resultOrders = adminFilterQuery();
$numberOfOrders = mysql_num_rows($resultOrders);
}
else
{
$resultOrders = mysql_query(SELECT * FROM afy_order;) or
die(mysql_error(Could not query the database!));
$numberOfOrders = mysql_num_rows($resultOrders);
}
You reduce this part by one line by putting the following after the else
statement and removing the other 2:
$numberOfOrders = mysql_num_rows ($resultOrders);
Also, these queries don't need a semi-colon (;) to end the query. PHP
handles this part. Remove them.
adminFilterQuery() is a custom function that is supposed to return a
mysql_query, here are the last few lines of this function:
$query = SELECT * FROM afy_order WHERE school_id = '{$school}' ORDER BY
{$order_by_param};;
$result = mysql_query($query);
return $result;
l am getting this error when I try to filter my query using a form in
tandem
with the quey building function:
*Warning*: mysql_num_rows(): supplied argument is not a valid MySQL
result
resource
where the line is the one where I use the mysql_num_rows function.
What am I missing here?
Thanks!
Do you get this warning with both queries? Make sure that your queries are
using a valid mysql connection. You may also consider using a database class
to perform the repetitive tasks so that you really only have to be concerned
with the queries you're writing...?
?php
class database {
public function query ($sql) {
$result = mysql_query ($sql);
if ($result === false) {
die ('Uh oh!');
}
return $result;
}
public function numRows ($result) {
return mysql_num_rows ($result);
}
}
$db = new database();
$result = $db-query('SELECT * FROM afy_order');
$numRows = $db-numRows($result);
?
Of course this is just a simple example, but you get the idea. Hope that
stirs your brain!
~Philip
My guess would be that you're submitting the form using an image button,
which would send the x and y coordinates of the click within the button.
Thanks,
Ash
http://www.ashleysheridan.co.uk
Re: [PHP] function not returning query
On Tue, 2009-11-24 at 02:11 -0800, Allen McCabe wrote:
I am! Will these extra query variables cause any problems or should I
use standard submit inputs?
Thanks Ashley!
On Tue, Nov 24, 2009 at 1:10 AM, Ashley Sheridan
a...@ashleysheridan.co.uk wrote:
On Mon, 2009-11-23 at 21:53 -0800, Allen McCabe wrote:
Okay, suddenly I got it to filter the results, but I still can't
figure out
where this part of the query is coming from, at the end of the
query string
in the URL, I have this filter.x=0filter.y=0.
No where in my form do I have a field named filter.x or filter.y. I
DO
however, have 3 forms (I don't want to mess with AJAX), my set up
looks like
this:
Filter by:
User - [username dropdown v] Order by [database fields v] Asc/Desc
[Ascend v] - Go
School - [school dropdown v] Order by [database fields v] Asc/Desc
[Ascend v] - Go
Show - [show dropdown v] Order by [database fields v] Asc/Desc
[Ascend v]
- Go
There are actually two order by fields, but this gives you the
idea. Each of
the three lines is a separate form, each with a unique name all
with a get
method, but all three Go buttons are named filter, I didn't think
to try
changing it until now, but is this perhaps where the filter.x and
filter.y
are coming from? I have never seen this before in a query.
Oh, now the filter that was working spontaneously gives me the
error I have
been getting all along, this is so frustrating.
To those who asked, yes I am connected to the database; I forgot to
mention
that the else part of my if statement works, as long as I don't try
to
filter my results it works.
Here is an example of the URL that my filter function (via one of
the 3
forms) outputs:
http://lpacmarketing.hostzi.com/afy/orders/default.php?filterby=schoolschoolid=36orderby1=order_idasc_desc_order1=Descendorderby2=pmt_recd_dateasc_desc_order2=Descendfilter.x=13filter.y=8filter=Go
On Mon, Nov 23, 2009 at 8:03 PM, Philip Thompson
philthath...@gmail.comwrote:
On Nov 23, 2009, at 6:22 PM, Allen McCabe wrote:
Hi, thanks for reading, I hope you can help:
In my main file for an orders page I have the following code:
if (isset($_GET['filterby']))
{
$resultOrders = adminFilterQuery();
$numberOfOrders = mysql_num_rows($resultOrders);
}
else
{
$resultOrders = mysql_query(SELECT * FROM afy_order;) or
die(mysql_error(Could not query the database!));
$numberOfOrders = mysql_num_rows($resultOrders);
}
You reduce this part by one line by putting the following after
the else
statement and removing the other 2:
$numberOfOrders = mysql_num_rows ($resultOrders);
Also, these queries don't need a semi-colon (;) to end the query.
PHP
handles this part. Remove them.
adminFilterQuery() is a custom function that is supposed to
return a
mysql_query, here are the last few lines of this function:
$query = SELECT * FROM afy_order WHERE school_id = '{$school}'
ORDER BY
{$order_by_param};;
$result = mysql_query($query);
return $result;
l am getting this error when I try to filter my query using a
form in
tandem
with the quey building function:
*Warning*: mysql_num_rows(): supplied argument is not a valid
MySQL
result
resource
where the line is the one where I use the mysql_num_rows
function.
What am I missing here?
Thanks!
Do you get this warning with both queries? Make sure that your
queries are
using a valid mysql connection. You may also consider using a
database class
to perform the repetitive tasks so that you really only have to
be concerned
with the queries you're writing...?
?php
class database {
public function query ($sql) {
$result = mysql_query ($sql);
if ($result === false) {
die ('Uh oh!');
}
return $result;
}
public function numRows ($result) {
return mysql_num_rows ($result);
}
[PHP] function not returning query
Hi, thanks for reading, I hope you can help:
In my main file for an orders page I have the following code:
if (isset($_GET['filterby']))
{
$resultOrders = adminFilterQuery();
$numberOfOrders = mysql_num_rows($resultOrders);
}
else
{
$resultOrders = mysql_query(SELECT * FROM afy_order;) or
die(mysql_error(Could not query the database!));
$numberOfOrders = mysql_num_rows($resultOrders);
}
adminFilterQuery() is a custom function that is supposed to return a
mysql_query, here are the last few lines of this function:
$query = SELECT * FROM afy_order WHERE school_id = '{$school}' ORDER BY
{$order_by_param};;
$result = mysql_query($query);
return $result;
l am getting this error when I try to filter my query using a form in tandem
with the quey building function:
*Warning*: mysql_num_rows(): supplied argument is not a valid MySQL result
resource
where the line is the one where I use the mysql_num_rows function.
What am I missing here?
Thanks!
Re: [PHP] function not returning query
Likely your query failed due to an error.
Try adding an or die(mysql_error()) to the end of your mysql_query
statement to see what that error maybe
Bastien
Sent from my iPod
On Nov 23, 2009, at 7:22 PM, Allen McCabe allenmcc...@gmail.com wrote:
Hi, thanks for reading, I hope you can help:
In my main file for an orders page I have the following code:
if (isset($_GET['filterby']))
{
$resultOrders = adminFilterQuery();
$numberOfOrders = mysql_num_rows($resultOrders);
}
else
{
$resultOrders = mysql_query(SELECT * FROM afy_order;) or
die(mysql_error(Could not query the database!));
$numberOfOrders = mysql_num_rows($resultOrders);
}
adminFilterQuery() is a custom function that is supposed to return a
mysql_query, here are the last few lines of this function:
$query = SELECT * FROM afy_order WHERE school_id = '{$school}'
ORDER BY
{$order_by_param};;
$result = mysql_query($query);
return $result;
l am getting this error when I try to filter my query using a form
in tandem
with the quey building function:
*Warning*: mysql_num_rows(): supplied argument is not a valid MySQL
result
resource
where the line is the one where I use the mysql_num_rows function.
What am I missing here?
Thanks!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] function not returning query
On Nov 23, 2009, at 6:22 PM, Allen McCabe wrote:
Hi, thanks for reading, I hope you can help:
In my main file for an orders page I have the following code:
if (isset($_GET['filterby']))
{
$resultOrders = adminFilterQuery();
$numberOfOrders = mysql_num_rows($resultOrders);
}
else
{
$resultOrders = mysql_query(SELECT * FROM afy_order;) or
die(mysql_error(Could not query the database!));
$numberOfOrders = mysql_num_rows($resultOrders);
}
You reduce this part by one line by putting the following after the else
statement and removing the other 2:
$numberOfOrders = mysql_num_rows ($resultOrders);
Also, these queries don't need a semi-colon (;) to end the query. PHP handles
this part. Remove them.
adminFilterQuery() is a custom function that is supposed to return a
mysql_query, here are the last few lines of this function:
$query = SELECT * FROM afy_order WHERE school_id = '{$school}' ORDER BY
{$order_by_param};;
$result = mysql_query($query);
return $result;
l am getting this error when I try to filter my query using a form in tandem
with the quey building function:
*Warning*: mysql_num_rows(): supplied argument is not a valid MySQL result
resource
where the line is the one where I use the mysql_num_rows function.
What am I missing here?
Thanks!
Do you get this warning with both queries? Make sure that your queries are
using a valid mysql connection. You may also consider using a database class to
perform the repetitive tasks so that you really only have to be concerned with
the queries you're writing...?
?php
class database {
public function query ($sql) {
$result = mysql_query ($sql);
if ($result === false) {
die ('Uh oh!');
}
return $result;
}
public function numRows ($result) {
return mysql_num_rows ($result);
}
}
$db = new database();
$result = $db-query('SELECT * FROM afy_order');
$numRows = $db-numRows($result);
?
Of course this is just a simple example, but you get the idea. Hope that stirs
your brain!
~Philip
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] function not returning query
Okay, suddenly I got it to filter the results, but I still can't figure out
where this part of the query is coming from, at the end of the query string
in the URL, I have this filter.x=0filter.y=0.
No where in my form do I have a field named filter.x or filter.y. I DO
however, have 3 forms (I don't want to mess with AJAX), my set up looks like
this:
Filter by:
User - [username dropdown v] Order by [database fields v] Asc/Desc
[Ascend v] - Go
School - [school dropdown v] Order by [database fields v] Asc/Desc
[Ascend v] - Go
Show - [show dropdown v] Order by [database fields v] Asc/Desc [Ascend v]
- Go
There are actually two order by fields, but this gives you the idea. Each of
the three lines is a separate form, each with a unique name all with a get
method, but all three Go buttons are named filter, I didn't think to try
changing it until now, but is this perhaps where the filter.x and filter.y
are coming from? I have never seen this before in a query.
Oh, now the filter that was working spontaneously gives me the error I have
been getting all along, this is so frustrating.
To those who asked, yes I am connected to the database; I forgot to mention
that the else part of my if statement works, as long as I don't try to
filter my results it works.
Here is an example of the URL that my filter function (via one of the 3
forms) outputs:
http://lpacmarketing.hostzi.com/afy/orders/default.php?filterby=schoolschoolid=36orderby1=order_idasc_desc_order1=Descendorderby2=pmt_recd_dateasc_desc_order2=Descendfilter.x=13filter.y=8filter=Go
On Mon, Nov 23, 2009 at 8:03 PM, Philip Thompson philthath...@gmail.comwrote:
On Nov 23, 2009, at 6:22 PM, Allen McCabe wrote:
Hi, thanks for reading, I hope you can help:
In my main file for an orders page I have the following code:
if (isset($_GET['filterby']))
{
$resultOrders = adminFilterQuery();
$numberOfOrders = mysql_num_rows($resultOrders);
}
else
{
$resultOrders = mysql_query(SELECT * FROM afy_order;) or
die(mysql_error(Could not query the database!));
$numberOfOrders = mysql_num_rows($resultOrders);
}
You reduce this part by one line by putting the following after the else
statement and removing the other 2:
$numberOfOrders = mysql_num_rows ($resultOrders);
Also, these queries don't need a semi-colon (;) to end the query. PHP
handles this part. Remove them.
adminFilterQuery() is a custom function that is supposed to return a
mysql_query, here are the last few lines of this function:
$query = SELECT * FROM afy_order WHERE school_id = '{$school}' ORDER BY
{$order_by_param};;
$result = mysql_query($query);
return $result;
l am getting this error when I try to filter my query using a form in
tandem
with the quey building function:
*Warning*: mysql_num_rows(): supplied argument is not a valid MySQL
result
resource
where the line is the one where I use the mysql_num_rows function.
What am I missing here?
Thanks!
Do you get this warning with both queries? Make sure that your queries are
using a valid mysql connection. You may also consider using a database class
to perform the repetitive tasks so that you really only have to be concerned
with the queries you're writing...?
?php
class database {
public function query ($sql) {
$result = mysql_query ($sql);
if ($result === false) {
die ('Uh oh!');
}
return $result;
}
public function numRows ($result) {
return mysql_num_rows ($result);
}
}
$db = new database();
$result = $db-query('SELECT * FROM afy_order');
$numRows = $db-numRows($result);
?
Of course this is just a simple example, but you get the idea. Hope that
stirs your brain!
~Philip
