ankur0101 Posted April 22, 2009 Share Posted April 22, 2009 Hi, I have made an application of online exam result system. Here is its code : index.php - First Page <?php // Connection to database include("includes/settings.php"); if(isset($_POST['submit'])) { $roll_no = $_POST['roll_no']; $sql1 = mysql_query("SELECT roll_no FROM resulttable WHERE roll_no = $roll_no"); $row1 = mysql_num_rows($sql1); if($row1 == 0) { echo 'Error, ID does not exist'; } else { header('Location: result.php?roll_no='.$roll_no); } } ?> <html> <head> <title>PHP Exam Result System</title></head> <body> <table width="664" height="260" border="0" align="center"> <tr> <td height="88"> </td> </tr> <tr> <td><p> </p> <form id="form1" name="form1" method="post" action="index.php"> <div align="center"> <label>Roll Number : <input type="text" name="roll_no" id="roll_no" /> </label> <label> <input type="submit" name="submit" id="submit" value="search" /> </label> </div> </form> <p align="center"> <p> </p></td> </tr> <tr> <td> </td> </tr> </table> </body> </html> result.php - A page where all results will be displayed. <?php // Connection to database include("includes/settings.php"); $roll_no = $_GET['roll_no']; $sql1 = mysql_query("SELECT * FROM resulttable WHERE roll_no = $roll_no") or die(mysql_error()); $row1 = mysql_fetch_array($sql1); $result_name = $row1['name']; $result_roll_number = $row1['roll_no']; $result_accounts_l = $row1['accounts_l']; $result_accounts_ll = $row1['accounts_ll']; $result_accounts_lll = $row1['accounts_lll']; $result_mpp = $row1['mpp']; $result_economy = $row1['economy']; $result_taxation = $row1['taxation']; $result_computer = $row1['computer']; $total_marks_set1 = ($result_accounts_l + $result_accounts_ll + $result_accounts_lll); $total_marks_set2 = ($result_mpp + $result_economy + $result_taxation); $total_marks_set = ($total_marks_set1 + $total_marks_set2); ?> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PHP Exam Result System</title> </head> <body> <table width="664" height="260" border="0" align="center"> <tr> <td height="88"><div align="center">College Banner Here.</div></td> </tr> <tr> <td><p align="center">College name will be here.</p> <table width="649" height="232" border="0"> <tr> <td colspan="4"><div align="center">Name : <?php echo $result_name ?></div></td> </tr> <tr> <td colspan="2"><div align="right">Roll Number : </div></td> <td colspan="2"> <?php echo $result_roll_number ?></td> </tr> <tr> <td width="156"><div align="right">Accounts I : </div></td> <td width="160"><?php echo $result_accounts_l ?> / 100</td> <td width="160"><div align="right">Economics : </div></td> <td width="155"><?php echo $result_economy ?> / 100</td> </tr> <tr> <td><div align="right">Accounts II : </div></td> <td><?php echo $result_accounts_ll ?> / 100</td> <td><div align="right">MPP : </div></td> <td><?php echo $result_mpp ?> / 100</td> </tr> <tr> <td><div align="right">Accounts III : </div></td> <td><?php echo $result_accounts_lll ?> / 100</td> <td><div align="right">Taxation : </div></td> <td><?php echo $result_taxation ?> / 100</td> </tr> <tr> <td height="31" colspan="2">Total marks obtained out of 600 : <?php echo $total_marks_set ?></td> <td colspan="2">Percentage : <?php echo ($total_marks_set / 7) ?> %</td> </tr> <tr> <td height="30" colspan="2"> </td> <td colspan="2"> </td> </tr> </table> <div align="center"></div> <p align="center"> </p> <p align="center"> </p> <p> </p></td> </tr> <tr> <td> </td> </tr> </table> </body> </html> Q1 When I type result.php?roll_no=1 , it shows the result of that student having roll number 1. But when I type result.php, it shows an error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 Well, how can I avoid this ERROR and redirect it to index.php ? Q2 When we type 1 in textbox of index.php, it perfectly shows result of roll number 1, but when I type nothing and just press "Submit" button, it shows following ERROR Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in D:\xampp\htdocs\PHPresult\index.php on line 8 Error, ID does not exist I want to avoid this ERROR and I want to put error message as The Roll number field is blank, please enter your roll number. Q3 When I type some alpha character in Roll number text field, it again shows same ERROR. So I want to fix this problem. So finally what I have to do to fix them ? ??? ??? Link to comment https://forums.phpfreaks.com/topic/155200-how-to-fix-holes-in-my-application/ Share on other sites More sharing options...
alefmk Posted April 22, 2009 Share Posted April 22, 2009 $roll_no = $_GET['roll_no']; This is the error... if there is no roll_no into url, than youll have UNDEFINED variable for $roll_no.. Try this way if (isset($_GET['roll_no'])) { $roll_no = $_GET['roll_no']; } else $roll_no = 1; And for god sakes, check that roll_no is NUMBER!!! Hope this helps Link to comment https://forums.phpfreaks.com/topic/155200-how-to-fix-holes-in-my-application/#findComment-816474 Share on other sites More sharing options...
ankur0101 Posted April 22, 2009 Author Share Posted April 22, 2009 I did it, But as I said in Q1, how can I avoid this ERROR and redirect it to index.php ? Link to comment https://forums.phpfreaks.com/topic/155200-how-to-fix-holes-in-my-application/#findComment-816479 Share on other sites More sharing options...
alefmk Posted April 22, 2009 Share Posted April 22, 2009 if (isset($_GET['roll_no'])) { $roll_no = $_GET['roll_no']; } else $roll_no = 1; becomes if (isset($_GET['roll_no'])) { $roll_no = $_GET['roll_no']; } else { header('Location: index.php'); } Link to comment https://forums.phpfreaks.com/topic/155200-how-to-fix-holes-in-my-application/#findComment-816493 Share on other sites More sharing options...
ankur0101 Posted April 22, 2009 Author Share Posted April 22, 2009 Hey, thanks for that, its working What about Q2 and Q3 ? How can I solve them ? Link to comment https://forums.phpfreaks.com/topic/155200-how-to-fix-holes-in-my-application/#findComment-816499 Share on other sites More sharing options...
alefmk Posted April 22, 2009 Share Posted April 22, 2009 Q2 is solved with the code i presented to you. Q3 can be solved with some validation stuff.... if (is_numeric($variable)) { // DO SOME PROCESSING FOR NUMERICS } else { echo "Variable $variable is not numeric"; } Link to comment https://forums.phpfreaks.com/topic/155200-how-to-fix-holes-in-my-application/#findComment-816506 Share on other sites More sharing options...
ankur0101 Posted April 23, 2009 Author Share Posted April 23, 2009 Q2 is solved with the code i presented to you. Q3 can be solved with some validation stuff.... if (is_numeric($variable)) { // DO SOME PROCESSING FOR NUMERICS } else { echo "Variable $variable is not numeric"; } In which page I have to put this code ? Link to comment https://forums.phpfreaks.com/topic/155200-how-to-fix-holes-in-my-application/#findComment-817233 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.