Jump to content

Nothing echoed from $query = SELECT


Matthew Herren

Recommended Posts

What's wrong with this. I'm trying to show the user what was posted on a "confirm" page, and then give them the option to confirm, or edit. My first problem is getting it to echo so they can see it.

 

Here is the page:http://www.beccastowing.com/formdata/auto/form1.php

 

And here is the coding for the submit.php

<?php
include 'config.php';
include 'opendb.php';
$sql="INSERT INTO`dtherren`.`auto`(
`name`,
`last`,
`mi`,
`hp`,
`cp`,
`work`,
`email`,
`add`,
`add2`,
`city`,
`state`,
`zip`,
`password`
) VALUES (
'{$_POST['name']}',
'{$_POST['last']}',
'{$_POST['mi']}',
'{$_POST['hp']}',
'{$_POST['cp']}',
'{$_POST['work']}',
'{$_POST['email']}',
'{$_POST['add']}',
'{$_POST['add2']}',
'{$_POST['city']}',
'{$_POST['state']}',
'{$_POST['zip']}',
'{$_POST['password']}')";

$query  = "SELECT name, last, mi FROM auto";
$result = mysql_query($query);

{
    echo "Name :{$row['name']} " .
         "Subject : {$row['last']} " .
         "Message : {$row['mi']} ";
}
$res=mysql_query($sql)or die(mysql_error());
?>

Should these be separate query's or what?

Link to comment
https://forums.phpfreaks.com/topic/176414-nothing-echoed-from-query-select/
Share on other sites

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/content/d/h/e/dherren/html/formdata/auto/submit.php on line 35

 

Warning: mysql_free_result(): supplied argument is not a valid MySQL result resource in /home/content/d/h/e/dherren/html/formdata/auto/submit.php on line 39

 

What if I want to echo what was just posted?

<?php
include '/home/content/d/h/e/dherren/html/scripts/config.php';
include '/home/content/d/h/e/dherren/html/scripts/opendb.php';
$sql="INSERT INTO`dtherren`.`auto`(
`name`,
`last`,
`mi`,
`hp`,
`cp`,
`work`,
`email`,
`add`,
`add2`,
`city`,
`state`,
`zip`,
`password`
) VALUES (
'{$_POST['name']}',
'{$_POST['last']}',
'{$_POST['mi']}',
'{$_POST['hp']}',
'{$_POST['cp']}',
'{$_POST['work']}',
'{$_POST['email']}',
'{$_POST['add']}',
'{$_POST['add2']}',
'{$_POST['city']}',
'{$_POST['state']}',
'{$_POST['zip']}',
'{$_POST['password']}')";

$result = mysql_query("SELECT name, last FROM auto");

while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
    printf("ID: %s  Name: %s", $row[0], $row[1]);  
}

mysql_free_result($result);

$res=mysql_query($sql)or die(mysql_error());
?>

Ok. These errors indicate, that something went wrong when executing the query.

We must now see what is the actual MySQL error message. Try changing

 

$result = mysql_query("SELECT name, last FROM auto");

 

to

 

$result = mysql_query("SELECT name, last FROM auto") or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR);

:facewall: Ok it told me no database was selected. So i changed

$result = mysql_query("SELECT name, last FROM auto");

to:

$result = mysql_query("SELECT name, last FROM `dtherren`.`auto`");

thanks MCHL, does that only do what was just posted?

 

Insert Time? How would I do that? Actualy I was just wanting to show the user the one they just posted.

And now i'm getting a new error when i tried to add more values.

Fatal error: Query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'add, add2, city, state, zip, password, FROM `dtherren`.`auto`' at line 1 in formdata/auto/submit.php on line 33

The Up-Dated Code:

<?php
include '/home/content/d/h/e/dherren/html/scripts/config.php';
include '/home/content/d/h/e/dherren/html/scripts/opendb.php';
$sql="INSERT INTO`dtherren`.`auto`(
`name`,
`last`,
`mi`,
`hp`,
`cp`,
`work`,
`email`,
`add`,
`add2`,
`city`,
`state`,
`zip`,
`password`
) VALUES (
'{$_POST['name']}',
'{$_POST['last']}',
'{$_POST['mi']}',
'{$_POST['hp']}',
'{$_POST['cp']}',
'{$_POST['work']}',
'{$_POST['email']}',
'{$_POST['add']}',
'{$_POST['add2']}',
'{$_POST['city']}',
'{$_POST['state']}',
'{$_POST['zip']}',
'{$_POST['password']}')";

$result = mysql_query("SELECT name, last, mi, hp, cp, work, email, add, add2, city, state, zip, password, FROM `dtherren`.`auto`") or trigger_error('Query failed: ' . mysql_error(), E_USER_ERROR);

while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
    printf("First: %s  Last: %s", $row[0], $row[1]);  
}

mysql_free_result($result);

$res=mysql_query($sql)or die(mysql_error());
?>

You should scrub your data prior to insertion.  Use mysql_escape_string on each post variable you are inserting.  If there is no other validation that needs to be performed, you can literally use:

 

foreach ($_POST as $key => $value) $_POST[$key] = mysql_escape_string($value);

 

As far as your query failing, I could be wrong, but I think that if you use backticks in some places, then you have to use them everywhere.  So, try:

 

SELECT `name`, `last`, `mi`, `hp`, `cp`, `work`, `email`, `add`, `add2`, `city`, `state`, `zip`, `password`, FROM `dtherren`.`auto`

 

And do you really want to store your password in plain-text?

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.