Posted by Joseph Melnick on 09/18/05 04:33

Hello Paul, You wrote:
"Paul C. Jackson" <paul@example.com> wrote in message
news:_ISdne8qt5TH27beRVn-rw@comcast.com...
> I've been converting from a function bassed design to a oops bases using
> libPHP, while looping through rows my program does two other selects, and
> things quit working suddenly, I think I just converted the cases selct to
> libPHP. The odd thing is both of the inner selects return rows as reported
> by
>
> printf("<!-- rows returned are %s -->\n",$Location_result->num_rows());
> but
> printf(" <td bgcolor =\"#EDE8DF\">%s </td>\n",
> $Location_result->F("LocationName")); is blank
>
> I must be doing something dumb but just can't see it any ideas?
> full code below:
>
> class DB_LabMage extends DB_Sql {
> var $Host = "localhost";
> var $Database = "labmage";
> var $User = "xxxx";
> var $Password = "xxxx";
> }
>
> $query = "SELECT Cases, Prescriber, PtNameLast, OriginatingOffice,
> PtNameFirst FROM cases
> WHERE status = 'open'
> ORDER BY Cases DESC LIMIT $limit_begin, $limit_end";
> if( $debug == "yes") print "<!--$query -->\n";
> $cases_result = new DB_LabMage;
> $cases_result->query($query);
> if ($debug == "yes") printf("<!-- rows returned are %s -->\n",
> $cases_result->num_rows());
> while($cases_result->next_record()){
> print "<tr bgcolor =\"#EDE8DF\" >";
> print " <td bgcolor =\"#EDE8DF\">\n";
> printf(" <input type=\"submit\" name=\"Cases\" value=\"%s\"></td>\n",
> $cases_result->f("Cases"));
> $location_query =
> sprintf("SELECT LocationName FROM location, office WHERE Office = %s
> and Location = ShippingOffice",

should be:
sprintf("SELECT LocationName FROM location, office WHERE Office = \"%s\"
and Location = \"ShippingOffice\"",


> $cases_result->f("OriginatingOffice"));
> if( $debug == "yes") print "<!--$location_query -->\n";
> $Location_result = new DB_LabMage;
> $Location_result->query($location_query);
> if ($debug == "yes") printf("<!-- rows returned are %s -->\n",
> $Location_result->num_rows());
> printf(" <td bgcolor =\"#EDE8DF\">%s </td>\n",
> $Location_result->F("LocationName"));
>
> $associate_query = sprintf("SELECT Title, LastName FROM associates WHERE
> associates.AssID = %s",

WHERE associates.AssID = \"%s\"",

If associates.AssID is an INTEGER then change %s to %d


> $cases_result->f("Prescriber"));
> if( $debug == "yes") print "<!--$associate_query -->\n";
> $associate_result =new DB_LabMage;
> $associate_result->query($associate_query);
> if ($debug == "yes") printf("<!-- rows returned are %s -->\n",
> $associate_result->num_rows());
> printf( " <td>%s %s</td>\n",
> $associate_result->f("Title"),
> $associate_result->f("LastName"));
> printf( " <td colspan=\"4\" bgcolor =\"#EDE8DF\"> %s, %s</td>\n",
> $cases_result->f("PtNameLast"),
> $cases_result->f("PtNameFirst"));


The point here is that SQL strings need to be contained in quotes and these
need to be escaped.

Good luck.

Joseph Melnick
JM Web Consultants
Toronto ON Canada

• Next in forum: Re: bug or feature? (OO design/languages)
• Prev in forum: Re: file_put_contents, fwrite problem
• Thread view: Re: multi-instances search with libPHP

[Reply to this message]