|
Posted by ft310 on 07/13/05 00:30
Thanks for your input -- the code I provided left alll of the error checking
you recommended out but it is there.
I gather from your message that nothing is going to happen unless I
logically engage the submit function.
Is there no why to do this otherwise -- I am surprised the exchange of hthl
variables and php variable is so circuitous
Again thanks.
"Hilarion" <hilarion@SPAM.op.SMIECI.pl> wrote in message
news:db19o1$29r$1@news.onet.pl...
> > $localCounty = $_POST[ holdCounty ];
> > $localState = $_POST[ holdState ];
> > $localTest = $_POST[ County ];
>
> Should be:
>
> $localCounty = $_POST[ 'holdCounty' ];
> $localState = $_POST[ 'holdState' ];
> $localTest = $_POST[ 'County' ];
>
> or if you defined "GET" as submit method of the form:
>
> $localCounty = $_GET[ 'holdCounty' ];
> $localState = $_GET[ 'holdState' ];
> $localTest = $_GET[ 'County' ];
>
>
> > $s_sqlT2="WHERE County='".$localCounty."' AND State='".$localState."' ";
>
> You should use some escaping unless you have magic quotes turned on.
> Check what happens if someone types "'; DELETE FROM LocationsGB; --"
> in the "holdState" input field.
>
>
> > $dbt = mysql_connect( 'localhost', 'rhodeisl_ft310', 'billwilson' );
>
> You shoud test if the connection was established eg. like this:
>
> $dbt = mysql_connect( 'localhost', 'rhodeisl_ft310', 'billwilson' );
> if ($dbt===FALSE)
> {
> die( 'Error connecting to SQL server: ' . mysql_error() );
> }
>
>
> > mysql_select_db('rhodeisl_RISC',$dbt) ;
>
> Just as above:
> if (!mysql_select_db( 'rhodeisl_RISC', $dbt ))
> {
> die( 'Error switching to target database: ' . mysql_error() );
> }
>
>
> > $resultT = mysql_query( $s_sqlT0, $dbt );
>
> And again:
> $resultT = mysql_query( $s_sqlT0, $dbt );
> if ($resultT===FALSE)
> {
> die( 'Error executing query: ' . mysql_error() );
> }
>
>
> > At the end of this there is no information returned from the database.
>
> How do you check this?
>
>
> > A. The full SQL statement is constructed ($s_sqlT0) but the values
for
> > $localCounty and $localState are not there
>
> Not where? In $s_sqlT0? If so, then you are probably not passing the
> form data by POST, but by GET, or you did not submit the form
> (<input type="submit">).
>
>
> > D. holdCounty and holdState are html form text boxes and have
information
> > in them
>
> Is the HTML <form> constructed correctly? Is it submited correctly?
>
>
> > Please help -- why does that code not work?
>
> Post the HTML of the <form> and names of script files in which the
> form and the script you allready posted reside.
>
>
> Hilarion
>
>
Navigation:
[Reply to this message]
|