warning implode: invalid arguements

[mark103]

Hi guys,

 

I have a problem with the print out method. I have got a warning implode, I have tried to get passed with the invalid arguments, but I keep getting this in nowhere I can find any situations.

 

 

however I am still getting this:

 

Warning: implode() [function.implode]: Invalid arguments passed in /home/mysite/public_html/mysite.com/members.php on line 82

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'where username='test' and passwd='test'' at line 1

 

here's line 82:

 

  if ($names = implode(',',$insert)) {

 

And here's the update code:

 

<?php
session_start();
    define('DB_HOST', 'localhost');
    define('DB_USER', 'myuser');
    define('DB_PASSWORD', 'mypass');
    define('DB_DATABASE', 'mydbname');

$errmsg_arr = array();
    $errflag = false;

    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
    if(!$link) {

die('Failed to connect to server: ' . mysql_error());
    }

    $db = mysql_select_db(DB_DATABASE);
    if(!$db) {

die("Unable to select database");
    }

   function clean($var){

return mysql_real_escape_string(strip_tags($var));
    }
  $username = clean($_GET['user']);
    $password = clean($_GET['pass']);
    $firstname = clean($_GET['firstname']);  //variable in the url you posted was firstname, not value.
    $lastname = clean($_GET['lastname']);
    $email = clean($_GET['email_address']);
    if($username == '') {
  $errmsg_arr[] = 'username ID missing';
  $errflag = true;
    }
    if($password == '') {
  $errmsg_arr[] = 'PASSWORD ID missing';
  $errflag = true;
    }

    if($errflag) {
  $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  echo implode('<br />',$errmsg_arr);
   }
   else {
  $query  = "SELECT firstname, lastname, email_address FROM members WHERE username='$username' AND passwd='$password'";
  $result=mysql_query($query) or die('Error:<br />' . $qry . '<br />' . mysql_error());

while ($row = mysql_fetch_array($result)) { 
  echo "<p id='myfirstname'>";
  echo $row['firstname'] . "</p>";
  echo "<p id='mylastname'>";
  echo $row['lastname'] . "</p>";
  echo "<p id='email_address'>";
  echo $row['email_address'] . "</p>";
  }

  $qry="SELECT * FROM members WHERE username='$username' AND passwd='$password' AND firstname='$firstname' AND lastname='$lastname'";
  $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error());

  if(mysql_num_rows($result) > 0) {
    $row = mysql_fetch_row($result);
  // echo "The information have already been updated in the database";
   }
  else {

if(isset($_GET['firstname'])) {
    $insert[] = 'firstname = \'' . clean($_GET['firstname']) .'\'';    
   }
  if(isset($_GET['lastname'])) {
    $insert[] = 'lastname = \'' . clean($_GET['lastname']) . '\'';
   }
  if(isset($_GET['email_address'])) {
    $insert[] = 'email_address = \'' . clean($_GET['email_address']) . '\'';
   }
  if ($names = implode(',',$insert)) {
  // $names = implode(',',$insert);
   }
  else {
   $sql="UPDATE members SET {$names} where username='{$username}' and passwd='{$password}'";
if (!mysql_query($sql,$link))
  {
  die('Error: ' . mysql_error());
  }
echo "The information have been updated";
  }
}
}
?>

 

 

Can someone help me how to ignore the warning implode when I did not included the $name method??

[mikecampbell]

Declare $insert beforehand. Then test to see if it's empty before imploding and using it.

 

$insert = array();
if(isset($_GET['firstname'])) {
    $insert[] = 'firstname = \'' . clean($_GET['firstname']) .'\'';    
}
if(isset($_GET['lastname'])) {
    $insert[] = 'lastname = \'' . clean($_GET['lastname']) . '\'';
}
if(isset($_GET['email_address'])) {
    $insert[] = 'email_address = \'' . clean($_GET['email_address']) . '\'';
}
if (count($insert)>0) {
   $names = implode(',',$insert);
   $sql="UPDATE members SET {$names} where username='{$username}' and passwd='{$password}'";
   ...

[mark103]

Thanks Mike, I can see the problem is being fixed. However, I need your help with the if variable.

 

I want to check with the if variable that if I have included the 'user' and 'pass' method.

 

Something like this?

 

    if($username,$password) {
   $query  = "SELECT firstname, lastname, email_address FROM members WHERE username='$username' AND passwd='$password'";
   $result=mysql_query($query) or die('Error:<br />' . $qry . '<br />' . mysql_error());
   echo "<p id='myfirstname'>";
   echo $row['firstname'] . "</p>";
   echo "<p id='mylastname'>";
   echo $row['lastname'] . "</p>";
   echo "<p id='email_address'>";
   echo $row['email_address'] . "</p>";
   }
   else {

 

When I input the username and password, I get the blank page. Not sure if the if variable is correct.

 

Any idea?

[mark103]

please can someone help????????????????

[BlueSkyIS]

what do you mean by "'user' and 'pass' method."?

 

are you trying to get to this?

 

if(isset($username) && isset($password)) {

[mark103]

well i mean that if i input the data of the username and password using with $username and $password method, then do something.

 

no, it doesn't work. I keep getting blank page. Any idea?

[Skylight_lady]

You need to explain more. I'm guessing that u can do:

if ($username == "") { do something}

 

This checks if the username is NULL.

 

But this code should really be inside what bluesky recommended.

[mark103]

well I mean when I input the username into 'user=test' and password into 'pass=whatever' then extract the data from mysql and print them out in the php page.

 

i tried this:

 

if ($username == "")

 

And this:

 

if(isset($username) && isset($password)) {

 

 

I keep getting the blank page when I have included the data into 'user' and 'pass'. I need to check with the if variable that if I included the 'user' and 'pass' method then extract the data from the database.

 

Hope you can help me with this.