Quick Script Review

[proggR]

I'm changing my site from text files to a database and wrote out the scripts on paper here at work. I just wanted to get someone to look them over to see if there's any gaping holes at all. There's also a few things I'm not 100% sure about in the script so if someone brings them up I'll know I was wrong

Normally I wouldn't just dump code but in this case I just need

 

<?php
*****UPDATE PAGE*****
connect(){
$host = 'localhost';
$user = 'root';
$passwd = 'password';

$conn = mysql_connect($host, $user, $passwd) or die ("Could not connect to the database");
$db = 'database_name';
mysql_connect($db);
}

disconnect(){
mysql_close($db);
}

//declare variables
$file = $_POST["date"]."_".$_POST["course"]."_".$_POST["title"].".php";
$path= "Class/".$filename;

$title = $_POST["title"];

$description = $_POST["description"];

$content = $_POST["content"]; //assigns the content of form.php to the variable content

$course= $_POST["course"];

$rss = "<item> \n<title>".$title."</title> \n<description>".$description."</description> \n
<link>http://127.0.0.1/".$filename."</link> \n </item>";

$header = "<?xml version=\"1.0\"?> \n<rss version=\"2.0\"> \n<channel> \n";

$footer = "</channel> \n</rss>";
//end declaring variables


connect();

$query = "INSERT INTO table VALUES (null, $title, $content, $course, $file)";//
mysql_query($query) or die ("Could not update database records");

disconnect();


**********************************************************************
*****GET INFO**********************************************************
***note, this is a separate file from the first section and grabs the values to include them***
**********************************************************************
get_some($keyword){
$limit_start = ($page-1)*5;
$query = "SELECT file FROM table WHERE course=$keyword LIMIT $limit_start,5"
$response  = mysql_query($query);
$counter = 0;
while($row=mysql_fetch_array($result)){
	$path[$counter]=$row['file'];//if I'm only grabbing one column I probably don't need to make $row an array like this
	$counter = $counter+1;
}

}

get_all(){
$limit_start = ($page-1)*5;
$query = "SELECT file FROM table LIMIT $limit_start,5"
$response  = mysql_query($query);
$counter = 0;
while($row=mysql_fetch_array($result)){
	$path[$counter]=$row['file'];//if I'm only grabbing one column I probably don't need to make $row an array like this
	$counter = $counter+1;
}

}

//start actual script
if(isset($_GET["page"])){
$page=$_GET["page"];
}
else{
$page=1;	
}


connect();
if(isset($_GET["keyword"])){
$keyword = $_GET["keyword"];
get_some($keyword);
$symbol = "?keyword=".$keyword."&";//used to switch between pages with only that keyword being used, not all
}
else{
get_all();
$symbol="?";
}

disconnect();




******INCLUDE VALUES*******
foreach ($path as $value){
include("Folder/".$value);
echo "<br";
}


?>

 

And I just noticed that It sees the ?> in my XML section as the end of the PHP code. Sorry for the confusion there. It doesn't affect the actual script at home I don't think (the RSS feed updates fine).

[lemmin]

mysql_connect($db) should be myslq_select_db($db, $conn)

I don't see $filename declared anywhere.

All of your select statements use $response as the result, but then you use $result with mysql_fetch_array().

[proggR]

Oops. The original scrip had $filename but I switched it to $file, but aparently not thoroughly.

Same with the $response/$result thing.

The select_db was one of the things i wasn't sure on. Thanks.

Anything else?

[budimir]

It looks good, except you didn't select DB.

 

Write the code, and you will se the errors you'll get. Then it's mutch easier to troubleshoot...

[proggR]

Lol ok. Its my first attempt at database but I figure that even though my scripts for text files work, its probably better in the long run to switch to db now before i actually have data entered