chadrt Posted April 27, 2017 Share Posted April 27, 2017 (edited) PHP 5.6.30-0+deb8u1 (cli) (built: Feb 8 2017 08:50:21)Copyright © 1997-2016 The PHP GroupZend Engine v2.6.0, Copyright © 1998-2016 Zend Technologies with Zend OPcache v7.0.6-dev, Copyright © 1999-2016, by Zend Technologies mysql Ver 14.14 Distrib 5.5.54, for debian-linux-gnu (x86_64) using readline 6.3 When I first started out in PHP i would have these elaborate switch/case assemblies that would be super hard to follow so now I am wanting to make things cleaner and separate my coding a bit. Please forgive me because I get super confused when I am looking at php.net help pages all the foo and bar and I want to tear my hair out of my head. I have this... $result = mysql_query("SELECT * FROM $datatable") or die(mysql_error()); echo "<table border='1'>"; echo "<tr> <th>Date</th> <th>Dose</th> <th>INR</th> <th>Notes</th> <th>Script</th> <th>Action</th></tr>"; while($row = mysql_fetch_array( $result )) { echo "<tr> <td>"; echo $row['date']; echo "</td> <td>"; echo $row['dose']; echo " mg."; echo "</td> <td>"; echo $row['inr']; echo "</td> <td>"; echo $row['notes']; echo "</td> <td>"; echo $row['script']; echo "</td> <td>"; echo "Edit | Delete"; echo "</td></tr>"; } echo "</table>"; This works very nicely at the moment and I plan to clean it up and jazz it up some but once I enclose it in a function viewEntries() {code here} then all holy heck breaks loose when I use the viewEntries(); to call it. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 If I understand it correctly I need to have the functions defined before I try and CALL them up. So I had planned to create several functions then use them in a cleaner case/switch based on ?action=something from a $_GET['action']; Edited April 27, 2017 by chadrt Quote Link to comment Share on other sites More sharing options...
Solution requinix Posted April 27, 2017 Solution Share Posted April 27, 2017 Actually the problem is your query: mysql_query("SELECT * FROM $datatable")You're using a variable $datatable. Variables defined outside of functions are not automatically available inside functions, so $datatable is undefined and the query you execute is SELECT * FROMObviously, MySQL complains because the table name is missing. If you want the best advice for what to do then the answer depends on what this function is supposed to represent. Like, why are you moving everything into a function? Is it really just for appearance's sake? That's not that much of a reason: it's the same code just in a different place. In fact, code like that typically does not go into a function because what you're doing to display the data is highly specific to where you're displaying it, and it's unlikely that you'll want to do the exact same thing in another place. So without knowing much more, I would say to leave the code where it is. You can make it look a nicer by not doing everything within PHP; I would write that code like <?php // ... $result = mysql_query("SELECT * FROM $datatable") or die(mysql_error()); ?> <table border="1"> <tr> <th>Date</th> <th>Dose</th> <th>INR</th> <th>Notes</th> <th>Script</th> <th>Action</th> <th></th> </tr> <?php while ($row = mysql_fetch_array($result)) { ?> <tr> <td><?=$row["date"]?></td> <td><?=$row["dose"]?> mg.</td> <td><?=$row["inr"]?></td> <td><?=$row["notes"]?></td> <td><?=$row["script"]?></td> <td>Edit | Delete</td> </tr> <?php } ?> </table>Visually speaking, I think that's a big improvement upon what you have now. PHP 5.6.30-0+deb8u1 (cli) (built: Feb 8 2017 08:50:21)PHP 5.6 is dead. Time to upgrade: 7.1 if you can, 7.0 at a minimum. Better to do it now than have to deal with it later. 1 Quote Link to comment Share on other sites More sharing options...
benanamen Posted April 27, 2017 Share Posted April 27, 2017 OP, you have been posting here for 10 years. You must know by now you are using obsolete, dangerous code that has been completely removed from Php right? And you do know that outputting internal system errors to the user is only useful to hackers right? And you know you should be using prepared statements and specifying columns by name right? Quote Link to comment Share on other sites More sharing options...
chadrt Posted April 27, 2017 Author Share Posted April 27, 2017 OP, you have been posting here for 10 years. I am not a "coder" per se. Just because someone adds washer fluid or oil to their car does not make them a "mechanic". I dabble in code and every so often I get bored and I need to occupy my mind some, so I think of something I would like for myself and I just start doing it. I cobble things together from little resources I find on the net like tizag.com and from here in the forums. I have no formal training I just love tech and keeping my racing mind going. So PHP allows me to do some of that. There are times where I go a year before I look at the code again. So no I dont know what has been improved upon over the years or what is an absolute taboo in coding. You must know by now you are using obsolete, dangerous code that has been completely removed from Php right? I dont know what is considered "Dangerous" but I can learn. And no I cannot learn from the word vomit at php.net. But comments from folks like requinix those are super helpful and I can easily read thru his code to find out why he suggests a particular way. This makes me better at this hobby and is very constructive. Sorry I am not all great and powerful coder. And you do know that outputting internal system errors to the user is only useful to hackers right? The page I am building is a medication tracker that exists on a debian box on my local LAN it is in a protected directory .htaccess style and I am the only one that will ever see it. I wanted to make an app that would help me keep track of my Coumadin Therapy so I dont have another stroke in the middle of the night that nearly crippled me. I still keep it on a spreadsheet but I thought wow wouldnt this be cool if I could make it a web page and store it in a MySQL DB. So that is what I have done as well. I am the only one looking at it. And you know you should be using prepared statements and specifying columns by name right? Nope I didnt know but how about you tell me something or point me to a resource that has info like that, I have a feeling that if given a chance I would be able to learn something new. Quote Link to comment Share on other sites More sharing options...
benanamen Posted April 27, 2017 Share Posted April 27, 2017 (edited) A good start to getting current on Php is to study this PDO tutorial. https://phpdelusions.net/pdo If you should ever update your Php version to the current release your current code will not work no matter what you do to it. The mysql_* functions have been completely removed. The easiest thing you could do is install XAMPP so you can tinker on your own computer with a current LAMP stack. https://www.apachefriends.org/download.html Edited April 27, 2017 by benanamen Quote Link to comment Share on other sites More sharing options...
chadrt Posted April 28, 2017 Author Share Posted April 28, 2017 I followed a tutorial on changing out php5 for php7.0 and what do you know NOTHING works on my box at all. I had wordpress sites on there and I had a minecraft site that my daughter likes to play on and update the pages from time to time. Not even a simple phpinfo.php page will work, it tries to download it and show me the underlying code of the page. I will have to figure out where I went wrong there. But I will upgrade to php7.0 and I will take the time to read the info on using PDO. Thank you benanamen! Quote Link to comment Share on other sites More sharing options...
chadrt Posted May 27, 2017 Author Share Posted May 27, 2017 OP, you have been posting here for 10 years. You must know by now you are using obsolete, dangerous code that has been completely removed from Php right? And you do know that outputting internal system errors to the user is only useful to hackers right? And you know you should be using prepared statements and specifying columns by name right? A good start to getting current on Php is to study this PDO tutorial. https://phpdelusions.net/pdo If you should ever update your Php version to the current release your current code will not work no matter what you do to it. The mysql_* functions have been completely removed. The easiest thing you could do is install XAMPP so you can tinker on your own computer with a current LAMP stack. https://www.apachefriends.org/download.html Ok so I have taken your advise to heart! My systems that I have been working on building for myself I have completely reworked, used prepared statements, specified column names when I didn't need every row and have a very functional system. I am running php7.0 and all my sites now use that as a standard and I have even removed php5 from the system. I do have to say it was a bit of a learning curve but thanks to your push in the right direction I am now up to date and from all that I have read a lot more secure too. Funny thing I have a page that was being hacked so often that I took down the site and I am willing to bet all because of one query box that used to retrieve callsign data for amateur radios operators. I may even resurrect that system now that I have a clue what was causing the hacking. Quote Link to comment Share on other sites More sharing options...
benanamen Posted May 27, 2017 Share Posted May 27, 2017 I am very happy to hear this as I am sure every other expert on the forum is as well. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.