|
Posted by shimmyshack on 02/15/07 22:46
On 15 Feb, 22:25, "edward_sanders" <edward_sand...@bellsouth.net>
wrote:
> Ok, I was asked what the SELECT statement in my mysql was to get
> an idea about the problem. I see that I might have some security risks if
> I actually used this design on the web. So, for now it is for instructional
> purposes and the actual code that I might leave on the web would
> include several refinements.
> The problem is with this syntax here:
>
> // Display the text of each joke in the paragraph
> while ( $row = mysql_fetch_array($result)) {
> $jokeid = $row["ID"];
> echo ($row["ID"]);
> $deletejoke=$jokeid;
> $joketext = $row["JokeText"];
> $thispage = $_SERVER["PHP_SELF"];
> echo("<p>$joketext " .
> "<A HREF='$thispage?deletejoke=$jokeid'>" .
> "Delete this Joke</a></p>");
> }
>
> What I'm doing is taking a row from the database, which includes,
> ID - primary key, JokeText and JokeData (not used here).
> mysql_fetch_array($result)
> which grabs one row at a time of the db. This works,
> $joketext = $row["JokeText"];
> but when I try to grab the ID it doesn't like that syntax. At this line,
> "<A HREF='$thispage?deletejoke=$jokeid'>" .
> The value of deletejoke is never getting assigned to by
> $jokeid. Question
> )> Can anyone help me figure out why that would not work...
> why the ID field isn't being passed to the variable $jokeid ???
>
> While it might be good to improve this code before publishing, I
> cannot figure out why that line is not working. I'll include the entire
> php code below, now.
>
> <?php
> // Display form if the user selects the option to add a joke
> if (isset($_GET['addjoke'])) :
> ?>
> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" METHOD="POST">
> <p>Type your joke here:</p><br />
> <TEXTAREA NAME="joke" ROWS=10 COLS=40 WRAP>
> </TEXTAREA><BR />
> <INPUT TYPE=SUBMIT NAME="submitjoke" VALUE="SUBMIT">
> </FORM>
>
> <?php
> else:
>
> //echo ("This is a test <br />"); this was used for debugging
>
> // Connect to the database server
> $dbcnx = mysql_connect("localhost", "user", "password");
> if ( !$dbcnx) {
> echo("<p>Unable to connect to the " .
> "database server at this time.</p>");
> exit();
> } /* else { some lines used for debugging here
> echo("I connected");
> } */
>
> // Select the jokes database
> if (!mysql_select_db("jokes", $dbcnx)) {
> echo("<p>Unable to connect to the jokes" .
> "database at this time.</p>");
> exit();
> }
>
> // If a joke has been submitted,
> // add it to the database
> $joketext = $_POST['joke'];
> if ("SUBMIT" == $_POST['submitjoke']) {
> $sql = "INSERT INTO jokes SET " .
> "JokeText='$joketext', " .
> "JokeDate=CURDATE()";
> if (mysql_query($sql)) {
> echo("<p>Your joke has been added.</p>");
> } else {
> echo ("<p>Error adding submitted joke: " .
> mysql_error() . "</p>");
> }
> }
> // If a joke has been deleted,
> // remove it from the database
> if (isset($_GET['deletejoke'])) {
> $deletejoke=$_GET['deletejoke'];
> echo("<p>The joke to delete is number $deletejoke");
> $sql = "DELETE FROM jokes " .
> "WHERE ID=$deletejoke";
> if (mysql_query($sql)) {
> echo("<p>The joke has been deleted.</p>");
> } else {
> echo("<p>Error deleting joke: " .
> mysql_error() . "</p>");
> }
> }
>
> echo("<p>Here are all the jokes " .
> "in our database: </p>");
>
> // Request the text of all the jokes
> $result = mysql_query("SELECT JokeText FROM jokes");
>
> if ( !$result ) {
> echo ("<p>Error performing query: " .
> mysql_error() . "</p>");
> exit();
> }
>
> echo("<blockquote>");
> // Display the text of each joke in the paragraph
> while ( $row = mysql_fetch_array($result)) {
> $jokeid = $row["ID"];
> echo ($row["ID"]);
> $deletejoke=$jokeid;
> $joketext = $row["JokeText"];
> $thispage = $_SERVER["PHP_SELF"];
> echo("<p>$joketext " .
> "<A HREF='$thispage?deletejoke=$jokeid'>" .
> "Delete this Joke</a></p>");
> }
> echo("</blockquote>");
>
> // When clicked, this link will load this page
> // with the joke submission form displayed.
> ?>
> <p><a href="<?php echo $_SERVER['PHP_SELF']; ?>?addjoke=1">
> Add a Joke, by clicking here!</a></p>
>
> <?php
> endif;
> ?>
>
>
>
> "shimmyshack" <matt.fa...@gmail.com> wrote in message
>
> news:1171496329.713416.196210@a34g2000cwb.googlegroups.com...
>
>
>
> > On 14 Feb, 23:11, "edward_sanders" <edward_sand...@bellsouth.net>
> > wrote:
> >> I meant to add that I am using PHP 5.2.x and
> >> mysql 5
> >> Thanks,
> >> Bruce
>
> >> "edward_sanders" <edward_sand...@bellsouth.net> wrote in message news:...
> >> > Hi,
> >> > This is a newbie question. I am using a text for learning
> >> > php/mysql.
> >> > The example is that of a mysql
> >> > database of jokes. Before we get to joins there is a
> >> > simple table with 3 fields, ID field (primary key, integer),
> >> > JokeText, and JokeDate. In the program for some
> >> > reason the code is not retrieving the ID for each
> >> > row from the db. It gets the JokeText field just fine.
> >> > Let me include the snippets below.
>
> >> > This is where each row (each joke) is to be displayed.
> >> > Note that the ID is used to give the option of deleting a
> >> > joke from the db. The link tag is supposed to get that
> >> > ID passed to the link but that isn't happening. Please help.
> >> <snip>
> >> > // Display the text of each joke in the paragraph
> >> > }
>
> >> > Thanks in advance for any help,
> >> > Bruce
>
> <snip>
>
>
>
> > You should be using POST since the user is changing the application,
> > the last thing you want is for someone's browser to prefetch all those
> > delete links.
Hiya, here is the select statement:
$result = mysql_query("SELECT JokeText FROM jokes");
notice that it doesnt have a star in it. so as per my previous
posting, use this instead:
$result = mysql_query("SELECT * FROM jokes");
now you WILL be returning a whole row, not just one of the columns.
[Back to original message]
|