Posted by Dave on 08/15/07 11:44

On 15 Aug, 11:35, Rik <luiheidsgoe...@hotmail.com> wrote:
> On Wed, 15 Aug 2007 12:26:42 +0200, Dave
>
>
>
>
>
> <david.greenh...@praybourne.co.uk> wrote:
> > On 15 Aug, 11:06, Rik <luiheidsgoe...@hotmail.com> wrote:
> >> On Wed, 15 Aug 2007 11:59:25 +0200, Dave
> >> <david.greenh...@praybourne.co.uk> wrote:
> >> > I have just set up a duplicate server running:
> >> > apache 2.54, mysql 5.04 and php 5.04
>
> >> > This is the same setup as as the server we are using now, apart from
> >> > the hardware inside. I have copied across the database and website,
> >> > with exact same permissions as the first server.
>
> >> > The problem is that part of the php code is executing but others
> >> > arent:
>
> >> > example:
> >> > ------------------------
> >> > <?php
> >> > die(mysql_error());
> >> > echo "Connected to MySQL<br />";
> >> > mysql_select_db("sales") or die(mysql_error());
> >> > echo "Connected to Database<br />";
>
> >> > $query = mysql_query("SELECT product_name FROM `code_tbl` WHERE `code`
> >> > ='P191")
>
> >> Shouldn't that be `code` = 'P191'" (notice the ending single quote).
>
> >> > or die(mysql_error());
>
> >> > But when i change it to:
> >> > -----------------
> >> > <?php
> >> > // Make the connection
> >> > mysql_connect("localhost", "user", "pass") or die(mysql_error());
> >> > echo "Connected to MySQL<br />";
> >> > mysql_select_db("sales") or die(mysql_error());
> >> > echo "Connected to Database<br />";
>
> >> > $query = mysql_query("SELECT product_name FROM `code_tbl` WHERE `code`
> >> > ='$code")
>
> >> Again, the missing ending single quote in the SQL statement. Where does
> >> $code com form BTW? You're not relying on register_globals are you? Not
> >> a
> >> good thing. So, use $code = mysql_real_escape_string($_GET['code']);
> >> first.
>
> >> > $result = mysql_fetch_array($query);
>
> >> var_dump($result);
>
> > The missing ' was a mistype in the post. I have tried adding the code
> > you suggested along with others.
>
> > 1. adding the line $code = mysql_real_escape_string($_GET['code']);
> > outputs absolutely nothing, not even "connected to database"
>
> Have you enabled display_errors? It should be done just after connecting
> to the database.
>
> > 2. Removing the single quotes around $code
>
> You shouldn't do that.
>
> > 3. Removing the last single quote from around $code (so becomes
> > '$code ) like mistype above.
>
> Shouldn't do that either.
>
> > 4. When single quotes are put back in and adding the line
> > var_dump($result);
> > outputs: array(2) { [0]=> string(0) "" ["product_name"]=> string(0)
> > "" }
>
> > 5. When manually adding the code P191 in to the php code instead of
> > $code, the ouput of var_dump is:
> > array(2) { [0]=> string(28) "Pulsar Classic Bomber
> > Jacket" ["product_name"]=> string(28) "Pulsar Classic Bomber Jacket" }
>
> Well, echo the query that gets send before actually using it, and examine
> where it differs.
>
> --
> Rik Wasmus- Hide quoted text -
>
> - Show quoted text -


Hi Rik,

I echoed the $code to the page, and it didnt show. However i have
noticed that on our internal server, register globals is on. So to
test, i turned it on our external server, and everything seems to
work.
So i guess when you asked before whether i was using register globals,
in actual fact, we was on our internal server, but i only looked at
the new server.

So now i found the problem, any pointers how to fix this, I am not too
clued up on register globals, although i am searching now...

thanks for the help
Dave.

[Back to original message]