turpentyne

cool! thanks!

I'm trying to pull data to display on a page and I seem to be missing something in the where clause. I've verified I've named the right table, column and that a record exists. The caps are the same. The spelling is the same. I get this error: Unknown column '$id' in 'where clause' $id = $_GET['id']; require ('databaseconnect.php'); $result = mysql_query('SELECT * FROM descriptors WHERE $id = plant_id'); if (!$result) { die(mysql_error()); } while ($row = mysql_fetch_array($result)) { //etc. etc.

That's what I was missing. The coma/period. But now I'm curious about whether or not I need to set that cookie. I'm following a tutorial that had it in the code. Is it not necessary? I thought it was there in case I sign out, but don't close the window or something like that.

I'm stumped on this one. New to sessions and cookies. When somebody logs out, the browser goes to logout.php. It logs them out, but the page shows this error: Warning: setcookie() expects parameter 3 to be long, string given in /data/21/2/40/160/2040975/user/2235577/htdocs/logout.php on line 23 you are now logged out. <?php session_start(); if(!($_SESSION[id])){ $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_server['PHP_SELF']); // check for trailing slash if ((subst($url, -1) == '/') OR (substr($url, -1) == '\\') ){ $url = substr($url, 0, -1); } $url .= '/index.php'; header("Location: $url"); exit(); } else { $_SESSION = array(); session_destroy(); setcookie ('PHPSESSID'. '', time()-300, '/', '', 0); } $page_title ='logged out!'; echo ' you are now logged out';

hmmm. I think I figured it out. I opened sessions on the redirect page, but on the login page I hadn't. Seems to work now.

I did that. Just didn't paste that part. Any other ideas?

I'm building a login page that then redirects to a new page. But it seems the session isn't working. But I don't know much about sessions, so I'm not sure what I might be doing wrong. The login page sets the session with this code: // Fetch the result - This will tell us whether this user exists $userExists = mysql_fetch_assoc($doQuery); // If user exists log them in if($userExists){ mysql_free_result($doQuery); mysql_close(); // Set the SESSION variables $_SESSION['first_name'] = $userExists['first_name']; $_SESSION['id'] = $userExists['id']; The page that it redirects to is this: <?php session_start(); if(isset($_SESSION['id'])) { echo "<html><body><p> You are now logged in,{$_SESSION['ID']}.</p>"; } else { echo 'something went wrong'; exit(); } ob_end_flush(); ?>

Ok, I'm a total newbie and I took a chance on writing a script off the top of my head to see how far I'd get. It wasn't very far. I have a search page that pulls results from a mysql database. next to each result is a link to see the complete info. This should go to a result page that pulls all the info from four different tables that match that ID and echoes it on the page. I should get one result and the fields I choose to show. But my while loop is reprinting the same item 20 or so times. Here's the quick script I tried. Don't cringe. I was trying this just off the top of my head: <html> <head> <title>login </title> </head> <body> <? include("header.php"); ?> <?php if (isset($_GET['id'])) { $plantid = $_GET['id']; require_once('databaseAccess.php'); $sql = "SELECT * FROM descriptors, plantae, relationships, habits WHERE plantae.plant_name LIKE '%$plantid%' AND descriptors.plant_id LIKE '%$plantid%' AND habits.plant_id LIKE '%$plantid%' AND habits.plant_id LIKE '%$plantid%'"; $result = mysql_query($sql) or die(mysql_error()); while($row = mysql_fetch_array($result)) { echo '<table><tr> <td align="left">' . $row['scientific_name'] . '</td> <td align="left">' . $row['common_name'] . '</td> <td align="left">' . $row['leaf_shape'] . '</td> <td align="left">test' . $row['leaf_margin'] . '</td> <td align="left">' . $row['leaf_color'] . '</td> </tr>'; } echo '</table>'; } else { echo 'you have reached this page in error'; } ?> <? include("footer.php"); ?>

thanks! That link solved it.

cool! After a good night's sleep I ended up finding most of the syntax errors. But one thing's got me confused (being a newbie) What's the difference between escape_data and mysql_real_escape_string? Escape_data is used in some tutorials, but it didn't work when I used it. other than that, the script seems to work, but I've got myself stuck in a corner on the header.php. I get this error: Cannot modify header information - headers already sent by ... header.php:74) in ... login2.php on line 56 Does that mean line 74 of header.php? All that's there is the start of some css for navigation at the top of the page

I've got a syntax error, but I can't for the life of me see where there's a problem. unexpected T_VARIABLE, expecting ',' or ';' ... on line 35 <? include("header.php"); ?> <html> <head> <title>login </title> </head> <body> <?php // this is the login page require ('databaseconnect.php'); // set the page title if (isset($_POST['submitted'])) { $e = escape_data($_POST['username']); } else { echo '<p> >font color="red" size="+1> You forgot to enter your user name</font></p>'; $e = FALSE; } // validate password if (!empty($_POST['password'])) { $p = escape_data($_POST['password']); } else { $p = FALSE; echo '<p><font color="red" size="+1:>You forgot to enter your password!</font></p>; } if($e && $p) { $query = "SELECT ID, first_name FROM table WHERE (username='$e' AND password=SHA('$p') AND active IS NULL"; $result = mysql_query($query) or trigger_error("Query: $query\n<br /> MySQL Error: " . mysql_error()); if (@mysql_num_rows($result) ==1) { $row = mysql_fetch_array ($result, MYSQL_NUM); mysql_free_result($result); mysql_close(); $_SESSION['first_name'] = $row[1]; $_SESSION['id'] = $row[0]; // start defining url $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); // check for trailing slash illegal access attempts if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) { $url = substr ($url, 0, -1); // chop off slash } $url .= '/index.php'; ob_end_clean(); //delete the buffer header(:location: $url"); exit(); } else { // no match made echo '<p> >font color="red"size="+1"> Either the user name and password are not correct or you have not activated your account. </font></p>'; } mysql_close(); } ?> <h1>Login</h1> <p> your browser must allow cookies to log in.</p> <form action="login.php" method="post"> <fieldset> <p><b>User name: <input type="text" name="username" size="20" maxlength="20" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?> /></p> <p><b> Password: <input type="password" name="password" size="20" maxlength="20" /></p> <div> align="center"><input type="submit" name="submit" value="Login" /></div> <input type="hidden" name="submitted" value="TRUE" /> </fieldset> </form> <? include("footer.php"); ?>

I have a php search page that takes form data to create its queries, then reload the original search page. The form is long, so there are numerous $_POST's to convert to variables for use in the query. I've looked at "extract" and a few other code snippets. But it's a form and I don't want any security issues. I'm hoping there's a "foreach" solution, but I'm a beginner. What's a proper way to to simplify this: $s1 = $_POST["s1"]; $s2 = $_POST["s2"]; $s3 = $_POST["s3"]; $s4 = $_POST["s4"]; $s5 = $_POST["s5"]; $s6 = $_POST["s6"]; $s7 = $_POST["s7"]; $s8 = $_POST["s8"]; $s9 = $_POST["s9"]; $s10 = $_POST["s10"]; $s11 = $_POST["s11"]; $s12 = $_POST["s12"];

I'm trying to figure out something that's quite a bit beyond my meager knowledge of PHP, and not sure exactly what's the best way. Kind of confused and lost in the woods without a map. I have a paginated PHP results page that builds its query based on $_GET variables from a previous search page. Then I'm putting down one side of the page, a form full of options to refine the search results. What I want to happen is, when somebody selects something on the "refine search" form, it autosubmits and adds that variable to the URL as "&variable="chosenItem" - but also to say in which table to search for that variable. Then I want the page to reload, change the PHP query to include the tables to join and search variables. Holy cow this is alot to figure out in my head! I've gotten as far as turning most of the query into variables, but not sure if there's a more sensible way to do this or what. Something like this: $select = 'Select Maintable.*, table2.*, table4.*' //this would change based on which tables were in the url $_GET $from = 'from Maintable.field1' $on = 'on table1.id=table.2' $where = 'WHERE x=x AND y=y AND z=z //this also would change based on the url $_GET //then $query = ($SELECT $FROM $WHERE) Beyond this, I have no idea how to get the variables into the url to begin with, nor if this will work. Maybe I'm trying too hard. Maybe there's some simple ways to do this that somebody can explain.

Ok, let me throw a little more into the mix and see if that still works. It's a database of 300,000 entries x 4 tables. The 4 tables are for different categories. A table for description, one for uses, etc. Is it still fast to just rerun the same query with added search words, like you suggest, or is there a quicker way? This is where I'm wondering if temp tables work or some other method so the query isn't searching the entire database again. Or maybe it takes just as long or longer to build the temp table and search that?

I'm ready for the next step on my site, which is learning how to filter results down with a second search. The scenario is: A viewer searches for a plant by 4 variables to describe the leaf. After submit, they go to the results page, with 200 paginated results. (This is where I've gotten to) Now, on that same page, they choose to further narrow their results by searching those 200 results for plants that have purple flowers. Maybe they get 40 results and can use another variable to narrow further - and so on. What's the best way to set this up? I've been looking into temporary tables, but it seems to be a challenge because the table deletes the moment they leave that page or close the connection? Sessions seem like another possibility, but I read there's security issues. What's the best way to set this up? Just re-query the database with the entire set of variables from both the first and second searches? is it quicker to build some type of permanent table with a timestamp that I can use to delete it after the user has gone away?

I'm trying to figure out how to create a temporary table of a query join, so I can paginate the results. I kind of made half of this up as i was going along - which is dangerous for a beginner like me. I'm getting this error, and no results on the page: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource on line 179 also, is there a way to combine the two queries (create temp and insert from/into) $sql2 = "CREATE TEMPORARY TABLE temp_search (plant_id INT PRIMARY KEY AUTO_INCREMENT, scientific_name VARCHAR(75), common_name VARCHAR(75), leaf_shape VARCHAR(75))"; $sqlx = "SELECT descriptors.leaf_shape ,plantae.scientific_name, plantae.common_name FROM descriptors INNER JOIN plantae ON (descriptors.plant_id = plantae.plant_name) WHERE descriptors.leaf_shape LIKE 'auriculate' AND descriptors.leaf_venation LIKE '%$select3%' AND descriptors.leaf_margin LIKE '%$select4%' INTO temp_search (leaf_shape, scientific_name, common_name)"; $sql = "SELECT * FROM temp_search ORDER BY scientific_name ASC LIMIT $start, $limit"; $result = mysql_query($sql); while($row = mysql_fetch_array($result)) { echo $row['scientific_name'] . $row['common_name'] . $row['leaf_shape'] ; }

I know that it'll be a database that eventually has 300,000 entries, with different categories of information over 5 different tables (not sharded, just some keys) There will definitely be joins. In fact the very first search I've been working is an inner join. When searches are done, they will be narrowing down by numerous variables. It sounds like the website wolf_dude is pretty much what I was thinking. But if temporary tables can be held onto when somebody starts filtering down their search results, maybe that's the way to go. I certainly want the searches to go as fast as possible.

Bear with me, as I'm still quite new at PHP. I'm trying to figure out the best way to build a search function for a database that will eventually be quite large. The path of the search I'm building is to go from a straight-forward javascript and html search page, to a paginated search result. Then the user can narrow down those query results based on a new search of their results. In trying to get the pagination to work across several pages(unsuccessfuly, I might add), I've been learning about sessions and temporary tables. But, because the database will be very large, I'm wondering if they are the wrong way. Sessions have a time limit, and temporary tables delete once the connection is closed. Is it possible/feasible to build a permanent table that puts in the search variables, with a unique id and use this to manage the searches, pagination and all that? Then, at some point in the process, I can put code to delete the corresponding row (or even make it a saveable search). Maybe somebody sees where I'm going with this and can describe it better than me? I'm just thinking off the cuff at the moment. Maybe there's some terminology that will help me find a tutorial. Any bit helps. thanks!

ah... makes sense to add isset. unfortunately I still have the same problem. only one record, and no pagination.

Hmm. I think I've just run into a whole different problem now. I didn't notice I hadn't capitalized $_POST. Once I did, now the query only pulls one record, and has no pagination links at the bottom. uh-oh. (it should pull 6 records, at 2 per page) The Session script is not at the top of page 1, because that's just a simple html form that sends to the second page made with php. I dropped in the var_dump( $_SESSION) and it shows the variable is filled. So maybe that part is ok?

I have a search page that then submits to a php page that queries the database. I've been struggling to figure out how to paginate it, but I think I've narrowed down the problem. I didn't realize $_POST results didn't pass through when people clicked the pagination links at the bottom. I verified this by replacing the LIKE variable with a specific word and it worked. I'm trying to learn how to set up sessions, thinking this might solve my problem. Doesn't seem to be working. Can I get some suggestions on how to do this? What's happening now is that it's pulling a random 8 pages that have nothing to do with the original query. I start my entire page with: <?php session_start(); $_SESSION['leafshape'] = $_post['select1']; $_SESSION['leafcolor'] = $_post['select2']; $_SESSION['leafvein'] = $_post['select3']; $_SESSION['leafmargin'] = $_post['select4']; $leafshape = $_SESSION['leafshape']; $leafcolor = $_SESSION['leafcolor']; $leafvein = $_SESSION['leafvein']; $leafmargin = $_SESSION['leafmargin']; and I'm setting up the queries like this: $query = "SELECT COUNT(*) as num FROM descriptors JOIN plantae ON (descriptors.plant_id = plantae.plant_name) WHERE descriptors.leaf_shape LIKE '{$_SESSION['leafshape']}' AND descriptors.leaf_venation LIKE '{$_SESSION['leafvein']}' AND descriptors.leaf_margin LIKE '{$_SESSION['leafmargin']}'"; I also tried replacing the '{$_SESSION['leafshape']}' in the query with the assigned variable $leafshape

I'm still completely lost on this. I've looked at tutorials. I've read books. I'm missing something and I don't know what. The best guess I can come up with is that the _post variables that were searched for do not pass through correctely (or at all?) when I click on the pagination links on the bottom. I've had the same thing happen on a couple different scripts. please please, can somebody help? I'm struggling to understand what I'm doing here.

I'm trying to figure out some pagination on a left joined query, and not having any luck. The query seems to be pulling the entire database, so I went into the query's WHERE and added the table name "descriptors." Now I'm getting this error with the below query: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /data/21/2/40/160/2040975/user/2235577/htdocs/leafsearch4.php on line 35 also: Unknown column 'descriptors.leaf_shape' in 'where clause' I thought this was syntax, but maybe I'm missing something. $query = "SELECT COUNT(*) as num FROM descriptors LEFT JOIN plantae ON (descriptors.plant_id = plantae.plant_name) WHERE `descriptors.leaf_shape` LIKE '%$select1%' AND `descriptors.leaf_venation` LIKE '%$select3%' AND `descriptors.leaf_margin` LIKE '%$select4%'"; $total_pages = mysql_fetch_array(mysql_query($query));

I've got a page with pagination set up, but I can't figure out where I went wrong with the links at the bottom. When I do a search, it generates the proper number of links, but clicking on the links goes to a page with a whole row of 20 links at the bottom and no results on the page. (my search should show 3 pages with 2 records on each page) I've looked through the tutorial here and one in a book on pagination. Not seeing what's wrong. I'd narrow this down if I knew where it was causing the problem. pagination links are at the very bottom of the code. <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta content="text/html; charset=ISO-8859-1" http-equiv="content-type"><title>search.html</title></head> <body> <center> <p>The results of your search:</p> <br> </center> require ('databaseconnect.php'); $select = mysql_select_db($db, $con); if(!$select){ die(mysql_error()); } $display = 2; if (isset($_GET['np'])) { $num_pages = $_GET['np']; } else { $data = "SELECT COUNT(*) FROM descriptors LEFT JOIN plantae ON (descriptors.plant_id = plantae.plant_name) WHERE `leaf_shape` LIKE '%$select1%' AND `leaf_venation` LIKE '%$select3%' AND `leaf_margin` LIKE '%$select4%'"; $result = mysql_query ($data); if (!$result) { die("Oops, my query failed. The query is: <br>$data<br>The error is:<br>".mysql_error()); } $row = mysql_fetch_array($result, MYSQL_NUM); // row 41 $num_records = $row[0]; if ($num_records > $display) { $num_pages = ceil ($num_records/$display); } else { $num_pages = 1; } } if (isset($_GET['s'])) { $start = $_GET['s']; } else { $start = 0; } if(isset($_POST[submitted])) { // Now collect all info into $item variable $shape = $_POST['select1']; $color = $_POST['select2']; $vein = $_POST['select3']; $margin = $_POST['select4']; // This will take all info from database where row tutorial is $item and collects it into $data variable row 55 $data = mysql_query("SELECT `descriptors`.* ,`plantae`.* FROM `descriptors` LEFT JOIN `plantae` ON (`descriptors`.`plant_id` = `plantae`.`plant_name`) WHERE `leaf_shape` LIKE '%$select1%' AND `leaf_venation` LIKE '%$select3%' AND `leaf_margin` LIKE '%$select4%' ORDER BY `plantae`.`scientific_name` ASC LIMIT $start, $display"); //chs added this in... row 72 echo '<table align="center" cellspacing="0" cellpading-"5"> <tr> <td align="left"><b></b></td> <td align="left"><b></b></td> <td align="left"><b>Leaf margin</b></td> <td align="left"><b>Leaf venation</b></td> </tr> '; // This creates a loop which will repeat itself until there are no more rows to select from the database. We getting the field names and storing them in the $row variable. This makes it easier to echo each field. while($row = mysql_fetch_array($data)){ echo '<tr> <td align="left"> <a href="link.php">View plant</a> </td> <td align="left"> <a href="link.php">unknown link</a> </td> <td align="left">' . $row['scientific_name'] . '</td> <td align="left">' . $row['common_name'] . '</td> <td align="left">' . $row['leaf_shape'] . '</td> </tr>'; } echo '</table>'; } if ($num_pages > 1) { echo '<br /><p>'; $current_page = ($start/$display) + 1; // row 100 if ($current_page != 1) { echo '<a href="leafsearch2a.php?s=' . ($start - $display) . '&np=;' . $num_pages . '">Previous</a> '; } for ($i = 1; $i <= $num_pages; $i++) { if($i != $current_page) { echo '<a href="leafsearch2a.php?s=' . (($display * ($i - 1))) . '$np=' . $num_pages . '">' . $i . '</a>'; } else { echo $i . ' '; } } if ($current_page != $num_pages) { echo '<a href="leafsearch2a.php?s=' . ($start + $display) . '$np=' . " " . $num_pages . '"> Next</a>'; } } ?> </body></html>

whoah! wait. got a little lucky. But still problems with the pagination. I suppose I'll need to post a new topic for that. I changed the code to: $data = "SELECT COUNT(*) FROM descriptors LEFT JOIN plantae ON (descriptors.plant_id = plantae.plant_name) WHERE `leaf_shape` LIKE '%$select1%' AND `leaf_venation` LIKE '%$select3%' AND `leaf_margin` LIKE '%$select4%'"; $result = mysql_query ($data);