Code not working!

[DJTim666]

The following code won't display the results from the DB

 

<?php
require_once("core.php");
loggedin();

echo "<h3>Mail</h3>";
echo "MENU WILL GO HERE...<br /><br />";

if (!$act){
$sql = "SELECT * FROM messages WHERE to_name='$Yourname'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
//determine backround colour
if ($row[state] == 'read'){
	$color = "white";
}
else {
	$color = "orange";
}
echo "<table border='1'>
	<tr><td><b>From</b></td>
	<td><b>Subject</b></td>
	<td><b>Time Sent</b></td>
	<td><b>Delete?</b></td></tr>";
if (mysql_num_rows($result) == 0){
	showerror("<tr><td colspan='4'>No new messages.</td></tr></table>");
}
else {
echo "<form action='mail.php' method='post'>";
while ($row2 = mysql_fetch_array($result)){
	echo "<tr><td bgcolor='$color'><a href='profiles.php?user=" . $row2[from_name] . "'>$row2[from_name]</a></td>
		<td bgcolor='$color'><a href='$PHP_SELF?act=read'>$row2[subject]</a></td>
		<td bgcolor='$color'>$row2[time_sent]</td>
		<td bgcolor='$color'><input type='checkbox' name='delete' value='yes' /></td>";
}
echo "</form></table>";
}
}

require_once("footer.php");
?>

 

It doesn't print out an error, and there is a result in the DB.

 

--

DJ

[AndyB]

Where does $act come from?  Where does $Yourname come from?

[Fadion]

When using $row = mysql_fetch_array($result) and wanting to print the value of a specified column of the selected row, u cant use $row[column] but $row['column'].

[DJTim666]

@AndyB

They are predefined in the core.php file.

 

@GuiltyGear

You can use either one of the formats. I could use $row["w.e"] if I really wanted !

[mrjcfreak]

 

@GuiltyGear

You can use either one of the formats. I could use $row["w.e"] if I really wanted !

 

Guilty gear is correct; are you asking for help or not?

 

Reading the manual here:

http://uk.php.net/manual/en/language.types.array.php

(Scroll down to Array do's and dont's) explains you can't use $foo[bar] but rather $foo ["bar"].

You really can't do anything you really want to.

[DJTim666]

Ermm, I have used $row[w.e] and it has worked fine in the past, now all of a sudden it won't work ???

 

EDIT: I changed it and it is still not working...

[DJTim666]

Any suggestions, I really need this fixed !

[AndyB]

Sure the queries worK?

 

change:

$result = mysql_query($sql);

 

to

echo $sql;
$result = mysql_query($sql);

 

Does the echo'd query string look right? Does it produce a result when use in phpMyAdmin?

[DJTim666]

I have fixed the problem. Thanks for all the the help.

 

I do have another question though;;

 

I want the users of my site to be able to enter comments with a ' in the word (e.g. don't) but at the same time I want to use mysql_real_escape_string(); to prevent hacking. How would I go about letting my users use words like don't without having it look like this --> don\'t.

 

Please help me !

 

--

DJ

[mrjcfreak]

If magic quotes is on, then all your quotes will be escaped, hance them looking like \' - use stripslashes() to undo it - i.e. undo them just before outputting to browser, make sure they are escpaed in SQL queries....

 

Check out the manual:

http://uk.php.net/manual/en/security.magicquotes.php