PC Nerd Posted July 6, 2006 Share Posted July 6, 2006 im using the following SQL to scource from a database(mysql)[code]$User_SQL = "SELECT User_Name, `Password` FROM Table_1 WHERE User_Name = '$User_Name' ";[/code]the User_Name is defined from a $_POST array, and i noticed that the page is sending the data like an GET statement, but i told the html to send it as POST. then i define $User_Name from the Post array. why is the data being sent like this, and how can i stop it. im pretty sure that this is the problem but i dont know how to frix itcan anyone help me P.S. i think this is the reason my problem continued after my last question. Link to comment https://forums.phpfreaks.com/topic/13824-sql-error/ Share on other sites More sharing options...
ToonMariner Posted July 6, 2006 Share Posted July 6, 2006 Can you show the html for the form please.also....are you defining$User_Name = $_POST['User_Name']if not then it would look like you are relying on register globals being ON and it is now defualt to OFF (the correct settng IMO).you could try this.....$User_SQL = "SELECT `User_Name`, `Password` FROM Table_1 WHERE User_Name = '" . $_POST['User_Name'] ."' ";$User_SQL = mysql_query($User_SQL); Link to comment https://forums.phpfreaks.com/topic/13824-sql-error/#findComment-53749 Share on other sites More sharing options...
PC Nerd Posted July 6, 2006 Author Share Posted July 6, 2006 yes, i am defining User_Name as you showed, and ive changed the $_POST[] to$_REQUEST[] but there is no differenceill post the supporting code next Link to comment https://forums.phpfreaks.com/topic/13824-sql-error/#findComment-53756 Share on other sites More sharing options...
PC Nerd Posted July 6, 2006 Author Share Posted July 6, 2006 ok, the sorounding code to the sql definition is[code]include("URL/inc files/Database link.inc"); $User_Name = $_REQUEST['User_Name']; $User_SQL = "SELECT User_Name, Password FROM Table_1 WHERE User_Name = '$User_Name' "; $result = @mysql_query($User_SQL, $DB_Server); if(!$result){ echo "Unable to perform query: $User_SQL<br>"; echo mysql_error(); } $confirm = mysql_fetch_array($result); if($confirm['User_Name'] == $_POST['User_Name'] and $confirm['Password'] == $_POST['Password']){[/code]And the login form is[code]<h3>Player Login</h3> <form action="B_A-Login.php" action="POST"> <p>Player Name: <input type=test name=User_Name></p> <p>Password: <INPUT type=password name=Password</p> <p><input type=submit value=send></p> </form>[/code]if there is anything i have missed, let me know (the inc file is not posted because i am 99% sure the error is not ther although i am new and might be wrong if you want it let me know)Thanks PC NErd Link to comment https://forums.phpfreaks.com/topic/13824-sql-error/#findComment-53758 Share on other sites More sharing options...
GingerRobot Posted July 6, 2006 Share Posted July 6, 2006 [quote]<form action="B_A-Login.php" action="POST">[/quote]Needs to be:<form action="B_A-Login.php" method="POST"> Link to comment https://forums.phpfreaks.com/topic/13824-sql-error/#findComment-53760 Share on other sites More sharing options...
PC Nerd Posted July 6, 2006 Author Share Posted July 6, 2006 thanks, that works but now the page is echoing the entire contents of the inc file, but i think ive come accros this problem before, so ill have a llok at it.thanks againPc Nerd Link to comment https://forums.phpfreaks.com/topic/13824-sql-error/#findComment-53762 Share on other sites More sharing options...
GingerRobot Posted July 6, 2006 Share Posted July 6, 2006 No problem,Im guessing that the problem with the included file is that your php is unlikely to be set up to parse .inc files, so you will have to rename it to something like file.inc.php Link to comment https://forums.phpfreaks.com/topic/13824-sql-error/#findComment-53767 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.