Jump to content

Recommended Posts

PHP 5.2.17

MySQL 5.5.14

 

I get the simple test one column data to display OK with the following script when it first loads, except that that the table displays before I can even enter a 'CALL' in the text input field.

 

<?php

require '/myserverpathhere/kqr_mysqli.php';

// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }


// define variables and set to empty values

$call = "";

if ($_SERVER["REQUEST_METHOD"] == "POST")
{
  $call = test_input($_POST["call"]);
}

function test_input($data)
{
  $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
  return $data;
}

?>

<html>
<head><title></title>
</head>
<body>

<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
CALL: <input type="text" name="call"> <input type="submit">
</form>
</body>
</html>

<?php

$sql = "SELECT * FROM qsolog";


$result = mysqli_query($con,$sql);

echo "<table border='1'>
<tr>
<th>CALL</th>
</tr>";

while($row = mysqli_fetch_array($result))
  {
  echo "<tr>";
  echo "<td>" . $row['call'] . "</td>";
  echo "</tr>";
  }
echo "</table>";

mysqli_close($con);
?> 

 

In addition to this issue, with previous versions of the script I was unable to query with an actual 'CALL' without getting an error.

 

I tried substituting this in the $sql Query:

 

$sql = "SELECT * FROM qsolog WHERE call = '4F9HXB' ";

 

That is an actual 'CALL' the displays when the page loads as mentioned previously (only one 'CALL' in the test dB Table).

 

I get this error:

 

Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given <snip> on line 54

 

I've also tried this:

 

$sql = "SELECT * FROM qsolog WHERE call = '$call' ";

 

... but get the same error.

 

Even tried this:

 

$sql = "SELECT * FROM qsolog WHERE call = '$_POST[call]' ";

 

...yielding the same error.

 

And this:

 

$sql = "SELECT * FROM qsolog WHERE call = '$_POST['call']' ";

 

...with this error:

 

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING <snip> on line 44

 

My brain is FRIED trying to figure out what is wrong...even just using ONE table column and ONE record to K.I.S.S. ;-(

 

Any help is appreciated (and how to prevent the Table cells from displaying BEFORE I actually submit any 'CALL' Query).

 

Thanks very much.

 

-FreakingOUT

 

 

 

 

 

 

 

 

 

Link to comment
https://forums.phpfreaks.com/topic/285897-boolean-who-from-where-headbanger/
Share on other sites

The error means your query failed. In this case because CALL is a mysql reserved word, so you need to enclose it in backticks.

$sql = "SELECT * FROM qsolog WHERE `call` = '$call' ";

Also you need to sanitize the post data with mysqli_real_escape_string() and not with htmlentities() prior to using it in the query. Or use a prepared statement.

 

Check data has been posted before attempting to query and output the table

The error means your query failed. In this case because CALL is a mysql reserved word, so you need to enclose it in backticks.

$sql = "SELECT * FROM qsolog WHERE `call` = '$call' ";

Also you need to sanitize the post data with mysqli_real_escape_string() and not with htmlentities() prior to using it in the query. Or use a prepared statement.

 

Check data has been posted before attempting to query and output the table

 

Thank you, Barand.  I had tried backticks with 'call' before, but apparently NOT with the '$call' combination.  That works.

 

I inserted this into the PHP:

 

$sql = "SELECT * FROM qsolog WHERE 'call' = '$call' ";

 

mysqli_real_escape_string($con,$call);

 

...but entering the valid CALL (guess I need to change that column name even though I was surprised it worked in the Table), yielded no output.

 

What am I doing wrong?  For multiple column queries like WHERE 'call' = 'something' AND anothercolumn = 'something', do I need to use  mysqli_real_escape_string($con,$call) for each one, or can I somehow combine all of them?

 

Thanks!

 

-FreakingOUT

Oooops:

 

mysqli_real_escape_string($con,$call);

 

That comes before the $sql = "SELECT ....... line:

 

===

$sql = "SELECT * FROM qsolog WHERE 'call' = '$call' ";

mysqli_real_escape_string($con,$call);

$result = mysqli_query($con,$sql);

echo "<table border='1'>
<tr>
<th>CALL</th>
</tr>";

while($row = mysqli_fetch_array($result))
  {
  echo "<tr>";
  echo "<td>" . $row['call'] . "</td>";
  echo "</tr>";
  }
echo "</table>";

===

Sorry, not enough sleep here.  This is the sequence, but still not yielding output from the text input field query:

 

===

mysqli_real_escape_string($con,$call);

$sql = "SELECT * FROM qsolog WHERE 'call' = '$call' ";

$result = mysqli_query($con,$sql);

echo "<table border='1'>
<tr>
<th>CALL</th>
</tr>";

while($row = mysqli_fetch_array($result))
  {
  echo "<tr>";
  echo "<td>" . $row['call'] . "</td>";
  echo "</tr>";
  }
echo "</table>";

===

 

-FreakingOUT

a) if you are using the mysqli functions, you must use them for everything (you cannot mix in a mysql (no i) function.)

 

b) the mysql(i)_real_escape_string function returns the value that has been escaped. you must assign that returned value to a variable that then gets used in the query statement.

 

c) back-ticks ` are not the same as single-quotes '. it would be much better to rename your database column so that it doesn't use a reserved mysql keyword. back-ticks go around identifiers (database, table, and column names) when you use reserved keywords or other values that need special handling as identifiers. single-quotes go around literal string data inside a query statement.

Edited by mac_gyver


$call = mysqli_real_escape_string($con,$call);
$sql = "SELECT * FROM qsolog WHERE `call` = '$call' ";
$result = mysqli_query($con,$sql);

if (!$result) echo mysqli_error($con);

if (mysqli_num_rows($result) == 0 ) {
    echo "No records found<br>";
}
else {
   // display results
}

 

Edited by Barand
$call = mysqli_real_escape_string($con,$call);
$sql = "SELECT * FROM qsolog WHERE `call` = '$call' ";
$result = mysqli_query($con,$sql);

if (!$result) echo mysqli_error($con);

if (mysqli_num_rows($result) == 0 ) {
    echo "No records found<br>";
}
else {
   // display results
}

 

 

(Barand) I did this:

 

echo "<table border='1'>

<tr>

<th>CALL</th>

</tr>";

 

$call = mysqli_real_escape_string($con,$call);

$sql = "SELECT * FROM qsolog WHERE `call` = '$call' ";

$result = mysqli_query($con,$sql);

 

if (!$result) echo mysqli_error($con);

 

if (mysqli_num_rows($result) == 0 ) {

    echo "No records found<br>";

}

else {

 

 

//while($row = mysqli_fetch_array($result))

//  {

  echo "<tr>";

  echo "<td>" . $row['call'] . "</td>";

  echo "</tr>";

  }

echo "</table>";

 

Here's what happens:

 

1. When the page loaded, "the No records found" displayed BEFORE I entered text in the Query field.

 

2. When I did enter the text ("CALL"), the record did not display - only the <th>CALL</th> header.

 

(mac-gyver) OMG... I had never seen the `backtick` underneath the ~ key before (DUH!).  Talk about an eye opener - Thanks!!!

 

-FreakingOUT

what do you see when you do a 'view source' in your browser of the resultant output?

 

Miracle of Miracles - the search query now works, but when the page initially loads, the "No records found" still displays prematurely.

 

Here is the Brower source display:

 

===

<html>

<head><title></title>

</head>

<body>

 

<form method="post" action="/oqrs/kqrnewtest1c.php">

CALL: <input type="text" name="call"> <input type="submit">

</form>

</body>

</html>

 

<table border='1'>

<tr>

<th>CALL</th>

</tr><tr><td>4F9HXB</td></tr></table>

===

 

Here is the revised php code (Thanks to you and Barand) that "almost works" except for the "No records found" issue:

 

<?php

 

require '/home/eric/domains/k6vva.com/kqr_mysqli.php';

 

// Check connection

if (mysqli_connect_errno())

  {

  echo "Failed to connect to MySQL: " . mysqli_connect_error();

  }

 

 

// define variables and set to empty values

 

$call = "";

 

if ($_SERVER["REQUEST_METHOD"] == "POST")

{

  $call = test_input($_POST["call"]);

}

 

function test_input($data)

{

  $data = trim($data);

  $data = stripslashes($data);

  $data = htmlspecialchars($data);

  return $data;

}

 

?>

 

<html>

<head><title></title>

</head>

<body>

 

<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">

CALL: <input type="text" name="call"> <input type="submit">

</form>

</body>

</html>

 

<?php

 

//mysqli_real_escape_string($con,$call);

 

//$sql = "SELECT * FROM qsolog WHERE `call` = '$call' ";

 

//$result = mysqli_query($con,$sql);

 

echo "<table border='1'>

<tr>

<th>CALL</th>

</tr>";

 

$call = mysqli_real_escape_string($con,$call);

$sql = "SELECT * FROM qsolog WHERE `call` = '$call' ";

$result = mysqli_query($con,$sql);

 

if (!$result) echo mysqli_error($con);

 

if (mysqli_num_rows($result) == 0 ) {

    echo "No records found<br>";

}

else {

 

while($row = mysqli_fetch_array($result))

{

  echo "<tr>";

  echo "<td>" . $row['call'] . "</td>";

  echo "</tr>";

  }

echo "</table>";

}

 

//mysqli_close($con);

?>

 

Thanks,

 

-FreakingOUT

This is strange...

 

I added one more column header:

 

<th>CALL</th>
<th>DATE</th>

 

And one more column to display:

 

    echo "<td>" . $rows['call'] . "</td>";
    echo "<td>" . $rows['qsodate'] . "</td>";

 

... but now get absolutely no output displaying after the search query.

 

Any thoughts?

 

Thanks.

 

-FreakingOUT

FOUND THE PROBLEM...

 

    echo "<td>" . $rows['call'] . "</td>";
    echo "<td>" . $rows['qsodate'] . "</td>";

 

Should be:

 

    echo "<td>" . $row['call'] . "</td>";
    echo "<td>" . $row['qsodate'] . "</td>";

 

I had copied it from a previous version of the script ;-(

 

Please excuse the bandwidth.

 

Only the premature "No records found" issue remains.

 

-FreakingOUT

you can get php to help you find things like the $rows variable by setting php's error_reporting to E_ALL and display_errors to ON (in your php.ini is the best place to set these.)

 

you no records found is due to a lack of program LOGIC in your code. when the code is (first) requested without a search term, what do you want the page to do? it's up to the LOGIC that you write to control what happens for that case.

I just tried this to see if "No records found" would ONLY display IF no records were actually found based upon a Valide Search entry.

 

The results display fine with the Valid 'CALL' entered, but if some other 'CALL' (not actually in the dB Table), then "No records found" does not show.

 

$call = mysqli_real_escape_string($con,$call);

$sql = "SELECT * FROM qsolog WHERE `call` = '$call' ";

$result = mysqli_query($con,$sql);

if (!$result) echo mysqli_error($con);

if (mysqli_num_rows($result) >= 0 ) {


while($row = mysqli_fetch_array($result))
{
  echo "<tr>";

    echo "<td>" . $row['call'] . "</td>";
    echo "<td>" . $row['timeon'] . "</td>";

  echo "</tr>";
  }
echo "</table>";}
else {
if (mysqli_num_rows($result) == 0 ) {
    echo "No records found<br>";
}


}

 

At least I got rid of the "No records found" displaying as soon as the page loaded.

 

-FreakingOUT

you can get php to help you find things like the $rows variable by setting php's error_reporting to E_ALL and display_errors to ON (in your php.ini is the best place to set these.)

 

you no records found is due to a lack of program LOGIC in your code. when the code is (first) requested without a search term, what do you want the page to do? it's up to the LOGIC that you write to control what happens for that case.

 

The PHP is on my ISP's server - I don't think I have access to the php.ini file?

 

Now is just discovered that:

 

if (mysqli_num_rows($result) >= 0 ) {

 

...should have been >= 1

 

but that yields a new error.

 

I think I need to go on a lonnnnnnnng drive.

 

Everyone's efforts here have been greatly appreciated, but I need to go clear the head ;-(

 

Thanks,

 

-FreakingOUT

the LOGIC conditions you just wrote are incorrect (by not posting a copy/paste solution for you to use, we are trying to get you to think like a programmer.) if there are zero rows, in the >= 0 test, you don't want the code to loop as there won't be anything to loop over. also, since the if(){} contains an equal to zero condition, the else{} won't ever be executed for the equal to zero condition.

 

when the search term is empty, what do you want your page and your code to do? you have do define this first, not just try an make the messages go away.

 

and please post your code in the forum using the forum's


bbcode tags (the edit form's <> button).
 

Edited by mac_gyver

reply to your reply made while i was typing the above.

 

a) you should be learning php, developing and debugging php code on a local development system. apache/php/mysql can be installed on any current pc/laptop.

 

b) you likely have access to a local php.ini on your hosting server where you can put your own settings.

 

c) slow down, randomly trying things doesn't lead to solutions in programming. you must first define what you want, then write the code (see part of my reply above about what you want to do if the search term is empty.)

Edited by mac_gyver

Thanks for the advice, mac_gyver.

 

I will come back laterand RE-READ your admonitions, and try to chill out a bit here.  Just tried something else (attempting to think somewhat 'logically', but that did not pan out - includinng >== 1 this time).

 

-FreakingOUT

P.S.

 

I know what I want the page to do:

 

1. When it first comes up, to have ONLY the text input box and 'SUBMIT QUERY' button.

 

2. If a 'CALL' is entered into the text field and the button pushed:

 

A. For a valid 'CALL' with a record (or more for that 'CALL') in  the dB Table, to display the data in an HTML Table.

 

B. If the 'CALL' query is for one with NO records in the dB Table, the to display the "No records found' text

 

3. To never have the page load with the "No records found" text since no query has yet been submitted :^)

 

-FreakingOUT .. .and heading OUT into the sunshine and blue skies for a while !!!

(mac_gyver):

 

Umh, never made it on the lonnnnnng drive (a short one, but much later) as other 'stuff' came up ;-(

 

I've re-read all our helpful comments, and figured out how to NOT have the <th></th> part display until a bona fide 'CALL' search is done.  Whew.

 

Emailed my ISP with a query about the php.ini file, and have been looking for a good PHP Editor.  Any suggestions welcomed.

 

10 years ago I did have a local machine Apache/PHP/MySQL installation and that is on the "To Do" list as am just coming back 'into the fold' (albeit was still a 'NOOB' back  then).

 

From what I can determine at this point, the easiest thing would be to have any 'results' (valid search or not) display on a 2nd page, but want to try and avoid that.  Tried the 'No records found' code in several different positions, but just can not seem to crack this nut.

 

Apparently my 'logic' is flawed, but using this for the bona fide dB search part still seems to make sense:

 

if (mysqli_num_rows($result) >= 1 )

 

At this point, at least 2 of the 3 objectives are now being met on a single page.  Ultimately, there will be 8 to 10 columns of data, and fortunately I know how to add  these now .

 

Hopefully I'm posting the exisitng code properly this time!

 

Thanks again for your input. 

 

-FreakingOUT

 

RE:

===

<?php

require '/myserverpath/kqr_mysqli.php';

// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }


// define variables and set to empty values

$call = "";

if ($_SERVER["REQUEST_METHOD"] == "POST")
{
  $call = test_input($_POST["call"]);
}

function test_input($data)
{
  $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
  return $data;
}

?>

<html>
<head><title></title>
</head>
<body>

<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
CALL: <input type="text" name="call"> <input type="submit">
</form>
</body>
</html>

<?php

$call = mysqli_real_escape_string($con,$call);

$sql = "SELECT * FROM qsolog WHERE `call` = '$call' ";

$result = mysqli_query($con,$sql);

if (!$result) echo mysqli_error($con);

if (mysqli_num_rows($result) >= 1 ) {

echo "<table border='1'>
<tr>
<th>CALL</th>
<th>DATE</th>

</tr>"; 

while($row = mysqli_fetch_array($result))

{
  echo "<tr>";

	echo "<td>" . $row['call'] . "</td>";
	echo "<td>" . $row['qsodate'] . "</td>";

  echo "</tr>";
}

echo "</table>";

}

//if (mysqli_num_rows($result) == 0 ) {
//    echo "No records found<br>";
//}


mysqli_close($con);
?>

 

In other words

Display form

if a call value was posted
    query table
    if no records
        display no records
    else
        display results
    end if
end if

Yes... "almost":

Display form <--- (But  WITHOUT 'No Records found' showing on initial page load)

if a call value was posted
    query table
    if no records
        display no records
    else
        display results
    end if
end if

I shall keep at it here.

 

Thanks again for your input.

 

-FreakingOUT

> I shall keep at it here.

 

Logically (to me), this should work, but I still get the UNWANTED  "No records found" displaying on initial page loading.

<?php

require '/myserverpath/kqr_mysqli.php';

// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }

// define variables and set to empty values

$call = "";

if ($_SERVER["REQUEST_METHOD"] == "POST")
{
  $call = test_input($_POST["call"]);
}

function test_input($data)
{
  $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
  return $data;
}

?>

<html>
<head><title></title>
</head>
<body>

<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
CALL: <input type="text" name="call"> <input type="submit">
</form>
</body>
</html>

<?php

$call = mysqli_real_escape_string($con,$call);

$sql = "SELECT * FROM qsolog WHERE `call` = '$call' ";

$result = mysqli_query($con,$sql);

if (!$result) echo mysqli_error($con);

if (mysqli_num_rows($result) == 0 ):
    echo "No records found<br>";
else:
if (mysqli_num_rows($result) >= 1 ):
echo "<div style ='font:11px Arial,tahoma,sans-serif;color:#ff0000'>";
echo "<table border='1' cellpadding='3' cellspacing='3'>
<tr>
<th>EXPD</th>
<th>IOTA</th>
<th>ISLAND NAME</th>
<th>CALL</th>
<th>DATE</th>
<th>UTC</th>
<th>BAND</th>
<th>MODE</th>
</tr>"; 
while($row = mysqli_fetch_array($result)) {
  echo "<tr>";
	echo "<td>" . $row['mycall'] . "</td>";
	echo "<td>" . $row['iota'] . "</td>";
	echo "<td>" . $row['islandname'] ."</td>";
	echo "<td>" . $row['call'] . "</td>";
	echo "<td>" . $row['qsodate'] . "</td>";
	echo "<td>" . $row['timeon'] . "</td>";
	echo "<td>" . $row['band'] . "</td>";
	echo "<td>" . $row['mode'] . "</td>";
}
endif;
echo "</table>";
echo "</div>";
endif;

mysqli_close($con);
?>

-FreakingOUT

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.