[[SOLVED] Unknown column '38' in 'where clause']

ok didnt know about the escape_string and numbers. Well, neither of those worked srry

[Please help!!!!]

please start typing :

 

['code] ['/code]

 

around your code but dont include the ' i just inserted that to show the tags

it'll make it easier for us to read.

[[SOLVED] Unknown column '38' in 'where clause']

what if you try

<?php
$sql = "SELECT * FROM `tbl_product` WHERE `pd_id` = {$id} ";
?>

 

still unknown column 38 in where clause

[[SOLVED] Unknown column '38' in 'where clause']

Im trying to query my database using the following code:

 

<?php
include ("connect.php");
$id = $_GET['id'];
$id = mysql_real_escape_string($id);

//$sql = "SELECT * FROM tbl_product WHERE pd_id = $'id'";

$sql = "SELECT * FROM `tbl_product` WHERE `pd_id` = '$id'";



$result = mysql_query ($sql) or die (mysql_error());
$row = mysql_fetch_row($result);
extract($row);

echo "<tr>";
echo "<td align = \"center\">";
echo "<a href = \"item.php?id=$pd_id\"><img src=\"$pd_path\" border=\"0\"><br>$pd_name</a>";
echo "</td>";
echo "</tr>";

 

for some reason i get the error in the title though

 

Unknown column '38' in 'where clause'

 

but when i manually enter the sql using 38 instead of id it works so im confused

all i did was copy $sql delete the begining and change id to 38 and used it in php my admin with ease.

[Uploading image results in forbidden image??]

So im trying to upload an image (exaple - schoolworkanswers.com/kaon/imges/DOGGY.jpg) but it says the file is forbidden and i think this is whats stopping me from being able to display it. All the pictures in that folder that were not uploaded using my script are not forbidden and have no problems, any suggestions??:

 

<?php
include ("connect.php");
ini_set ("display_errors", "1");
error_reporting(E_ALL);

//this returns the name of the image
$name = $_FILES['uploadfile']['name'];
//get the extension of the image
$ext = substr($name,-3);
//We will add some secruity here, make sure the extension is an image file extension
if($ext == "gif" || $ext == "jpg" || $ext == "png" || $ext == "peg"){

//The part the user selected to insert the image into
$area = $_POST['catagory'];

//get the descirption
$desc = $_POST['desc'];

//more security, make sure 'catagory' is actually a choice offered and not a mysql query (or something else entered)
if (!in_array($area, array("Sofas","Beds and Bunks","Dressers and Cabinets","Side Tables and Desks"))) {
header ("Location: index.php");
}
//set vars in here
$wantedname = $_POST['name'];

// This is the temporary file created by PHP
$uploadedfile = $_FILES['uploadfile']['tmp_name'];
//below changes the files name
if ($name != $wantedname){	
$name = $wantedname;
}

list($width,$height)=getimagesize($uploadedfile);
$newwidth = 100;
$newheight = 100;
//copy the file to were we want it now
//die($name);
//rename("$uploadedfile", "images/". $name .".". $ext);
$copied = copy($_FILES['image']['$uploadedfile'], $name .".". $ext);

if (!$copied) 
{
echo '<h1>Copy unsuccessfull!</h1>';
$errors=1;
}
$path = "images/" . $area . "/". $name .".". $ext;
//lets put it into the database
$uname = $name . "." . $ext;
$sql = "INSERT INTO tbl_product (pd_name,pd_path,pd_desc,cat_name) VALUES ('$uname','$path','$desc','$area')";

mysql_query($sql) or die (mysql_error());


}else{
header ("Location: index.php");	
}
?> 

[returning var to display message]

not 100% sure but i thought that <

input type="button" name="submit" id= "submit" value="Add To Cart >" onClick="window.location.href='<?php echo $cart_url; ?>';" class="addToCartButton"> 

was some how activating the function - since the function kind of works just not the return

[returning var to display message]

So i got two files one productdetial.php and another cart-functions.php. Product detail is going to a function (addtocart()) and i've tried to set it so if their is less then what the user has, then return $error saying that. the function kind of works, it dosnt add anymore to the cart after the user has more then whats in stock. But apparently error is not being returned because it keeps saying undifiened variable $error. Ill bold the part in cart-function.php that i added. And if anyone can figure out how to get this returning the error messaging working - ill be forever happy

productdetail.php:

<?php
require_once 'library/cart-functions.php';
if (!defined('WEB_ROOT')) {
exit;
}?>


<style type="text/css">
<!--
.boldsmall {
font-weight: bold;
font-size: xx-small;
}
.name{
padding: 8px 0px 6px 10px; 
background:url(../images/content_top.png) no-repeat;
}
-->
</style>

<?php
$product = getProductDetail($pdId, $catId);

// we have $pd_name, $pd_price, $pd_description, $pd_image, $cart_url
extract($product);
?> 
<table width="100%" border="0" cellspacing="0" cellpadding="10">
   <?php 
  if(isset($_POST['submit'])){
   if ($error){
   echo '<tr>';
echo '<td><span class="style11">$error</span></td>';
echo '</tr>';
}
}?>

<td style="padding: 8px 0px 6px 10px;"><?php echo $pd_name; ?><br></td>
<tr> 
  <td align="center"><img src="<?php echo $pd_image; ?>" border="0" alt="<?php echo $pd_name; ?>"></td>
  <td valign="middle">

Price : <?php echo displayAmount($pd_price); ?><br>
<?php
// if we still have this product in stock
// show the 'Add to cart' button
if ($pd_qty > 0) {
?>
<input type="button" name="submit" id= "submit" value="Add To Cart >" onClick="window.location.href='<?php echo $cart_url; ?>';" class="addToCartButton">
<?php
//die($cart_url);
} else {
echo 'Out Of Stock';
}
?>
  </td>
</tr> 
<tr align="left"> 
  <td colspan="2"><?php 
  $amount = getqty();
  $tempn = $pd_name . "(s)";
  echo "<span style='color: #000; font-weight: bold;  font-size: 12;'> You currently have $amount of $tempn in your cart, <a href=cart.php> view cart</a></span>"; ?></td>
</tr>

<tr align="left"> 
  <td colspan="2"><?php echo $pd_description; ?></td>
</tr>

</table>

 

cart-functions.php:

<?php
require_once 'config.php';

/*********************************************************
*                 SHOPPING CART FUNCTIONS 
*********************************************************/

function addToCart()
{
// make sure the product id exist
if (isset($_GET['p']) && (int)$_GET['p'] > 0) {
	$productId = (int)$_GET['p'];
} else {
	header('Location: index.php');
}

// does the product exist ?
$sql = "SELECT pd_id, pd_qty, pd_popular
        FROM tbl_product
		WHERE pd_id = $productId";
$result = dbQuery($sql);

if (dbNumRows($result) != 1) {
	// the product doesn't exist
	header('Location: cart.php');
} else {
	// how many of this product we
	// have in stock
	$row = dbFetchAssoc($result);
	$currentStock = $row['pd_qty'];

	$pop = $row['pd_popular'];
	$pop = $pop++;
	$update = "UPDATE `schoolw1_niftys`.`tbl_product` SET `pd_popular` = '1' WHERE `tbl_product`.`pd_id` =  $productId LIMIT 1";
	mysql_query($update)or die (mysql_error());




	if ($currentStock == 0) {
		// we no longer have this product in stock
		// show the error message
		setError('The product you requested is no longer in stock');
		header('Location: cart.php');
		exit;
	}

}		

// current session id
$sid = session_id();

// check if the product is already
// in cart table for this session
$sql = "SELECT *
        FROM tbl_cart
		WHERE pd_id = $productId AND ct_session_id = '$sid'";
$result = dbQuery($sql);
[b]$row = dbFetchAssoc($result);
if ($currentStock < $row['ct_qty']){
$error = "No more of this in stock";
$stop = "yes";
return $error;
}else{
$stop = "no";
}
if($stop != "yes"){[/b]
if (dbNumRows($result) == 0) {
	// put the product in cart table
	$sql = "INSERT INTO tbl_cart (pd_id, ct_qty, ct_session_id, ct_date)
			VALUES ($productId, 1, '$sid', NOW())";
	$result = dbQuery($sql);
} else {
	// update product quantity in cart table
	$sql = "UPDATE tbl_cart 
	        SET ct_qty = ct_qty + 1
			WHERE ct_session_id = '$sid' AND pd_id = $productId";		

	$result = dbQuery($sql);		
}	
}else{
$error = "";
return $error;
}

$row = dbFetchAssoc($result);

if ($currentStock < $row['ct_qty']){

$error = "No more of this in stock";

$stop = "yes";

return $error;

}else{

$stop = "no";

}

if($stop != "yes"){

[Showing the Client in a few days need suggestions]

I think your client will really like the admin part. Its simple and straight forward. She will be able to use it in seconds.

The home page design looks nice too. But then once you get to the products its a bit of a dissapointment. I dont think the standard link style text helps.

Theres nothing really to entice a browser to make a purchase. If I was to be really harsh I would even say people probably wont buy anything from it. Partly due to the lack of products and general content. But also because there is not one item there that jumps out, or is on offer. What you could do is put a couple of products on the home page as like special offers and make them really stand out. I would seriously consider adding more products and also offering delivery options. Maybe even throw in free delivery for some items.

Sorry to be harsh but please take it as constructive critisiscm. You might want to ask your client for a few extra days to polish it off, they would much prefere a finished piece to one that is half empty. They should understand. I know clients though can be really impatient but it just doesnt help them in the long run.

Anyway good luck with it.

 

p.s. You want to know how to improve the product section? Add more items if you can, have slightly bigger images. Also if you can try to cut away the background in the images so there is just the outline of the product itself. and contain the selections in a fancy border, and dont use standard black font for the price. Make prices slightly larger and that pink colour used on the home page. Just try to blend it in. Hope these are suggestions you are after.

 

Ok thanks. Ill edit this after i finish up some other things i got going atm and post back in a few hours asking for your opinion again

[Showing the Client in a few days need suggestions]

I cant do much about the index.php the client paid somone to design it and she likes it. As for the catagories section, well thats why i posted here i have no idea how to make that look nice. As for the tiling issue i have found that and will fix it as soon as i get some more time.

 

 

Thanks

[Showing the Client in a few days need suggestions]

i know about the injections:

 

dont upload php files or anything this is not a security test i know i'd fail that

 

and did you enter that URL manually, or did you get directed there from a link?

 

thanks

[Showing the Client in a few days need suggestions]

So im suposed to be showing my client this website in a few days. I am aware that about us and find us are both broken links, they will be last minute fixes. Right now im looking for suggestions on how to make the design look better, and how 'user friendly' it is.

 

http://schoolworkanswers.com/nifty/

 

also if you could tell me what you think of the administation panel that would be nice.

 

- feel free to add products and catagories, dont upload php files or anything this is not a security test i know i'd fail that

 

- please dont delete user accounts.

 

http://schoolworkanswers.com/nifty/admin

 

Username: test

password: test

[[SOLVED] Sometimes variable is there and sometimes not!]

I just preset $amount and it seems if the amount of rows is non existant it dosnt overwrite the variable:

 

$amount = 0;


$result = mysql_query($sql) or die (mysql_error());

while($row = mysql_fetch_array($result)){
	$amount = $row['ct_qty'];
}

return $amount;
}

[[SOLVED] Sometimes variable is there and sometimes not!]

I tried the to things below, just getting the same error.

 

Notice: Undefined variable: amount in /home/schoolw1/public_html/nifty/library/cart-functions.php on line 98

You currently have of Medium Impression Kit in your cart,

 

** Line 98 is the return amount line

 

<?php
function getqty(){
   
   $cartContent = array();

   $sid = session_id();
   
   $pid = $_GET['p'];
   $pid = mysql_real_escape_string($pid)
   $sql = "SELECT * FROM tbl_cart WHERE ct_session_id = '$sid' AND pd_id = '$pid'";
   

if(!empty($sid)){
$result = mysql_query($sql);
   
   while($row = mysql_fetch_array($result)){
      $amount = $row['ct_qty'];
   }else{
$amount = "0";
}
   return $amount;
}?>

 

<?php
function getqty(){
   
   $cartContent = array();

   $sid = session_id();
   
   $pid = $_GET['p'];
   $pid = mysql_real_escape_string($pid)
   $sql = "SELECT * FROM tbl_cart WHERE ct_session_id = '$sid' AND pd_id = '$pid'";
   

$result = mysql_query($sql) or die (mysql_error());
   
   while($row = mysql_fetch_array($result)){
      $amount = $row['ct_qty'];
   return $amount;
}?>

[[SOLVED] Sometimes variable is there and sometimes not!]

I got a peice of code which in basic is just a function with a query in it. Sometimes the variable $amount is non existant though because the the user does not have the correct session. This is a simple placement error of my if statment im sure, i just cant tell were i should move the else statment, or the if statment. Anyone got ideas?

 

<?php
function getqty(){

$cartContent = array();

$sid = session_id();

$pid = $_GET['p'];
$pid = mysql_real_escape_string($pid)
$sql = "SELECT * FROM tbl_cart WHERE ct_session_id = '$sid' AND pd_id = '$pid'";

if ($result = mysql_query($sql)){

while($row = mysql_fetch_array($result)){
	$amount = $row['ct_qty'];
}
}else{
	$amount = "0";
}
return $amount;
}?>

[Resizing Image]

I have the following code:

 

<?php

ini_set ("display_errors", "1");
error_reporting(E_ALL);

//this returns the name of the image
$name = $_FILES['uploadfile']['name'];
//get the extension of the image
$ext = substr($name,-3);
//We will add some secruity here, make sure the extension is an image file extension
if($ext == "gif" || $ext == "jpg" || $ext == "png" || $ext == "peg"){

//The part the user selected to insert the image into
$area = $_POST['catagory'];
//more security, make sure 'catagory' is actually a choice offered and not a mysql query (or something else entered)
if (!in_array($area, array("Sofas","Beds and Bunks","Dressers and Cabinets","Side Tables and Desks"))) {
header ("Location: index.php");
}
//set vars in here
$wantedname = $_POST['name'];

// This is the temporary file created by PHP
$uploadedfile = $_FILES['uploadfile']['tmp_name'];

//below changes the files name
if ($name != $wantedname){	
$name = $wantedname;
}

list($width,$height)=getimagesize($uploadedfile);
$newwidth = 100;
$newheight = 100;
//copy the file to were we want it now
//die($name);
rename("$uploadedfile", "images/" . $area . "/". $name . $ext);

//lets resize it now!!
$path = "images/$area"."/". $name . "." . $ext;
$src = imagecreatefromjpeg($path);
list($width,$height)=getimagesize($path);
$tmp=imagecreatetruecolor($newwidth,$newheight);
imagecopyresampled($tmp,$src,0,0,0,0,$newwidth,$newheight,$width,$height);


}else{
header ("Location: index.php");	
}
?> 

 

and i had it working, but no for some reason it dosnt work i get these following errors:

 

 

Warning: imagecreatefromjpeg(images/Sofas/noonewouldusethis.jpg) [function.imagecreatefromjpeg]: failed to open stream: No such file or directory in /home/schoolw1/public_html/kaon/upload.php on line 39

 

Warning: getimagesize(images/Sofas/noonewouldusethis.jpg) [function.getimagesize]: failed to open stream: No such file or directory in /home/schoolw1/public_html/kaon/upload.php on line 40

 

Warning: imagecopyresampled(): supplied argument is not a valid Image resource in /home/schoolw1/public_html/kaon/upload.php on line 42

[[SOLVED] strstr not working]

Bah, curse my bad vison dont mind this i figured out i forgot the "!" infront of strstr

 <?php

if ($_POST['preview']){
	   $website = $_POST['website'];
	$name = $_POST['name'];
	$adress = $_POST['adress'];
	$email = $_POST['email'];
	$phone = $_POST['phone']; 

	if (strstr($website,"http://") ){
			   $website = "http://" . $website;
			   }

	?>
        

[Reload page with new data using a form.]

I was not saying your wrong, i was taking a guess, im not sure how exactly to do this and almost nothin on jquery and javascript. Ill try it though

[Reload page with new data using a form.]

do people not need javascript enabled for that to work? I know there is a way to do this in php i've seen this done before. - i dont know any jquery.

[Reload page with new data using a form.]

I got a form on a page (ill post code below) and it has two buttons a Preview button, and a submit button i know how to setup the submit button, but i want the Preview button to reload the page and put the info the in the text boxes to variables, but i dont know how to go about it, heres my form:

 

<table width="780" border="0" cellpadding="5" cellspacing="5">
  



    <tr>

      <td><div align="center"></div></td>
    </tr>
    <tr bgcolor="#E6E6E6">
      <td height="138" align="center"><div align="center" class="style1"><html>
<title>Registration Page</title>
<body>
<h1>Stayner.ca Buisness Register</h1>
<p><br />
</p>
<form id="form1" name="form1" method="post" action="index.php">
<table border="0" align="left" cellpadding="3" cellspacing="0">
  <tr>
    <td>Buisness Name:</td>
    <td><input name="name" type="text" id="name" value="<? echo $form->value("user"); ?>" maxlength="30" /></td>
  </tr>
  <tr>
    <td>Buisness Adress:</td>
    <td><input name="adress" type="text" id="adress" value="<? echo $form->value("pass"); ?>" maxlength="30" /></td>
  </tr>
  <tr>
    <td> Contact Email:</td>
    <td><input name="email" type="text" id="email" value="<? echo $form->value("email"); ?>" maxlength="50" /></td>
  </tr>
  <tr>
    <td> Contact Phone:</td>
    <td><input name="phone" type="text" id="phone" value="<? echo $form->value("email"); ?>" maxlength="50" /></td>
  </tr>
  <tr>
    <td>Website:</td>
    <td><input name="website" type="text" id="website" value="<? echo $form->value("email"); ?>" maxlength="50" /></td>
  </tr>
</table><p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>

  <label>
    <input type="submit" name="preview" id="preview" value="Preview Display" />
  </label>
  <label> 
    <input type="submit" name="submit" id="submit" value="Submit Buisness" />
  </label>
</form>
<p> </p></td>
    </tr>
  </table>

 

 

[[SOLVED] So i dont really know much HTML]

well you certianally cleaned up my code, however if you look at (http://www.stayner.ca/TEST/index2.php the "1" is still far away from the 2.

[[SOLVED] So i dont really know much HTML]

I know about 100 times more php then html because i didnt really learn html. But i got the following code that needs rearranged. if you look at (www.stayner.ca/TEST/) about one quarter the way down the page, near the "Questions Answers" part there are numbers ( currently 1  2 3 4) problem is 1 is spaced super far from the rest of the numbers I have located the problem to the part that displays: "Pages    1      2 3 4"  is apart of the "Questions Answers" table so i need to rearrange this and create a new table for the numbers. But i dont really know php and was hoping somone could do it for me?:

 

<td height="226" colspan="5" rowspan="4" valign="top" background="images/index-3_13.gif"><br>
  <table width="467" border="0" align="center" cellpadding="5" cellspacing="5">
  <tr>
    <td width="366" bgcolor="#E6E6E6"><div align="left"><strong>Question:</strong></div></td>
    <td width="85" bgcolor="#E6E6E6"><div align="center"><strong>Answered?</strong></div></td>
  </tr>
  <tr><?php
  if(isset($_GET['page'])) {
  $page = $_GET['page'];
}else{
  $page = 1;
}
  $tolimit = 4;
  $showend = $page * $tolimit;
  $showstart =  $showend - 4;
  //Get all Topics (Parentid = 0)
$getthreads="SELECT * FROM forumtutorial_posts WHERE parentid ='0' ORDER BY parentid DESC LIMIT $showstart, $tolimit";
$findamount = mysql_query($getthreads) or die (mysql_error());//for showing the four newest posts

//the code below will be used to determine how many pages to show
$query= "SELECT COUNT(*) as cnt  FROM forumtutorial_posts";//efficant way of counting rows
$query2 = mysql_query($query) or die (mysql_error());//because we dont want to call it yet we set it to another variable
$row = mysql_fetch_array($query2);
$num_rows=$row['cnt'];



$pagestoshow = floor($num_rows/$tolimit);
//grab all the content
while($r=mysql_fetch_array($findamount))
{   
//the format is $variable = $r["nameofmysqlcolumn"]; - makes it easier to call later CAUSE IM LAZY!!
$answer=$r["answered"];
$title=$r["title"];
$id=$r["postid"];

if ($answer == 0){
$answer = "no";
}else{
$answer = "yes";
}

?>

<td bgcolor="#FFFFFF"><div align="left" class="style17"><a href="showquestion.php?page=<?=$id?>"><?=$title?></a></div></td>
<td bgcolor="#FFFFFF"><div align="center" class="style17"><?=$answer?></div></td> </tr>
   
     <?php
}
print "<td>Page: </td>";


for ($i = 1; $i <= $pagestoshow; $i++){
print "<td><a href= 'index.php?page=$i'> $i </a></td>";
}   

  ?> 
    
</tr>

  <tr>
<?php if ($session->logged_in){?>
    <td bgcolor="#FFFFFF">Have a question you would like answered?, <a href="questionform.php">Click Here</a></td>
    <?php }else{?>

 <td bgcolor="#FFFFFF">You must be logged in to ask a question, to log in <a href="login.php">Click Here</a></td>
 <?php } ?>
    <td bgcolor="#FFFFFF"><div align="center">N/A</div></td>
  </tr>
</table>  
  <strong><br>
</strong></td>
  </tr>
<tr>

[My Query Lies!]

Well mabey my title exagerates a little much, but in the end im not getting the proper numbers. Im trying to paginate or whatever its called with four topics on a page. I have done this before and i know my only problem is getting the number of topics from my database, can somone figure out were i messed up?:

 

 <?php  if(isset($_GET['id'])) {
  $page = $_GET['id'];
}else{
  $page = 1;
}
  $tolimit = 4;
  $showend = $page * $tolimit;
  $showstart =  $showend - 4;
  //Get all Topics (Parentid = 0)
$getthreads="SELECT * FROM forumtutorial_posts WHERE parentid ='0' ORDER BY parentid DESC LIMIT $showstart, $tolimit";
$findamount = mysql_query($getthreads) or die (mysql_error());
$num_rows = mysql_num_rows($findamount);
print sizeof($num_rows);
$pagestoshow = floor($tolimit/$num_rows);
//grab all the content
while($r=mysql_fetch_array($findamount))
{   
//the format is $variable = $r["nameofmysqlcolumn"]; - makes it easier to call later CAUSE IM LAZY!!
$answer=$r["answered"];
$title=$r["title"];
$id=$r["postid"];

if ($answer == 0){
$answer = "no";
}else{
$answer = "yes";
}

?>

<td bgcolor="#FFFFFF"><div align="left" class="style17"><a href="showquestion.php?page=<?=$id?>"><?=$title?></a></div></td>
<td bgcolor="#FFFFFF"><div align="center" class="style17"><?=$answer?></div></td> </tr>
   
     <?php
}
print "<td>Page: </td>";


for ($i = 1; $i <= $pagestoshow; $i++){
print "<td><a href= 'index.php?page=$i'> $i </a></td>";

 

 

P.S idk what these #160 things are they just appeared on their own.

[[SOLVED] why is my array empty??]

using your code to set vars i could do this right:

 

 if ($a = mysql_fetch_assoc($q)) {
            $title = $a['title'];
$message = $a['post'];

[[SOLVED] why is my array empty??]

yes

[[SOLVED] why is my array empty??]

well now i get output:

 

Array ( [postid] => 59 [answered] => 0 [area] => [author] => test [title] => test => test [showtime] => March 3, 2009, 4:06 pm [realtime] => 1236121616 [lastposter] => test [numreplies] => 0 [parentid] => 0 [lastrepliedto] => 0 [locked] => 0 )