|
|
Posted by Dave on 08/15/07 10:26
On 15 Aug, 11:06, Rik <luiheidsgoe...@hotmail.com> wrote:
> On Wed, 15 Aug 2007 11:59:25 +0200, Dave
>
>
>
>
>
> <david.greenh...@praybourne.co.uk> wrote:
> > Hi guys,
>
> > I have just set up a duplicate server running:
> > apache 2.54, mysql 5.04 and php 5.04
>
> > This is the same setup as as the server we are using now, apart from
> > the hardware inside. I have copied across the database and website,
> > with exact same permissions as the first server.
>
> > The problem is that part of the php code is executing but others
> > arent:
>
> > example:
> > ------------------------
> > <?php
> > // Make the connection
> > mysql_connect("localhost", "********", "**********") or
>
> Hmmm, seemed like a real user/pass combo to me...
>
> > die(mysql_error());
> > echo "Connected to MySQL<br />";
> > mysql_select_db("sales") or die(mysql_error());
> > echo "Connected to Database<br />";
>
> > $query = mysql_query("SELECT product_name FROM `code_tbl` WHERE `code`
> > ='P191")
>
> Shouldn't that be `code` = 'P191'" (notice the ending single quote).
>
>
>
>
>
> > or die(mysql_error());
>
> > $result = mysql_fetch_array($query);
> > echo "The name of the product is " .$result['product_name']. " ";
> > ?>
> > -----------------
>
> > This will work with no problems
>
> > But when i change it to:
> > -----------------
> > <?php
> > // Make the connection
> > mysql_connect("localhost", "user", "pass") or die(mysql_error());
> > echo "Connected to MySQL<br />";
> > mysql_select_db("sales") or die(mysql_error());
> > echo "Connected to Database<br />";
>
> > $query = mysql_query("SELECT product_name FROM `code_tbl` WHERE `code`
> > ='$code")
>
> Again, the missing ending single quote in the SQL statement. Where does
> $code com form BTW? You're not relying on register_globals are you? Not a
> good thing. So, use $code = mysql_real_escape_string($_GET['code']); first.
>
> > $result = mysql_fetch_array($query);
>
> var_dump($result);
> --
> Rik Wasmus- Hide quoted text -
>
> - Show quoted text -- Hide quoted text -
>
> - Show quoted text -
Hi Rik, thanks for the prompt reply
The missing ' was a mistype in the post. I have tried adding the code
you suggested along with others.
1. adding the line $code = mysql_real_escape_string($_GET['code']);
outputs absolutely nothing, not even "connected to database"
2. Removing the single quotes around $code
outputs: You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near '' at line 1
3. Removing the last single quote from around $code (so becomes
'$code ) like mistype above.
outputs: You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near ''' at line 1
4. When single quotes are put back in and adding the line
var_dump($result);
outputs: array(2) { [0]=> string(0) "" ["product_name"]=> string(0)
"" }
5. When manually adding the code P191 in to the php code instead of
$code, the ouput of var_dump is:
array(2) { [0]=> string(28) "Pulsar Classic Bomber
Jacket" ["product_name"]=> string(28) "Pulsar Classic Bomber Jacket" }
Dave.
Also, register globals is off.
[Back to original message]
|