Johnain Posted January 6, 2008 Share Posted January 6, 2008 Hi all I have a record in my mysql table"users" keyed on a username JohnAin. this SQL statment finds it ... SELECT * FROM users WHERE username = 'JohnAin' " This does not ... SELECT * FROM users WHERE username = '".$uname."' " and this does not ... SELECT * FROM users WHERE username = '".addslashes($uname)."' " On the line before the select statement runs I echo $uname and it reads as JohnAin on the scree. Any ideas will be welcome. Regards to all John Quote Link to comment Share on other sites More sharing options...
revraz Posted January 6, 2008 Share Posted January 6, 2008 "SELECT * FROM users WHERE username = '$uname'" Quote Link to comment Share on other sites More sharing options...
Johnain Posted January 6, 2008 Author Share Posted January 6, 2008 Hi Revraz Thanks. But that didn't do it for me. Here is the code as it stands at the moment Regards John Quote Link to comment Share on other sites More sharing options...
Johnain Posted January 6, 2008 Author Share Posted January 6, 2008 .. and this time here it really is !!! Regards John [attachment deleted by admin] Quote Link to comment Share on other sites More sharing options...
revraz Posted January 6, 2008 Share Posted January 6, 2008 I don't see where you set $uname Quote Link to comment Share on other sites More sharing options...
Johnain Posted January 6, 2008 Author Share Posted January 6, 2008 Line 10 $uname=$_POST['uname']; on the "Step 2" iteration It prints to the screen ok as well on line 105 Regards Jon Quote Link to comment Share on other sites More sharing options...
Johnain Posted January 6, 2008 Author Share Posted January 6, 2008 Hi I changed line 111/112 to read if (DB::isError($check) || $check->numRows() == 0) { die("That username (".$uname.") does not exist in our database."); and the darned thing echoed out ok for me there too. it read JohnAin which is exactly the constant I used to get a successful retrieval. Phew !!! Regrds John Quote Link to comment Share on other sites More sharing options...
redarrow Posted January 6, 2008 Share Posted January 6, 2008 sort the form out action="" <<< missing <form method="post"> Quote Link to comment Share on other sites More sharing options...
Johnain Posted January 6, 2008 Author Share Posted January 6, 2008 Oh no. How embarrassing! I will Thanks and regards John Quote Link to comment Share on other sites More sharing options...
revraz Posted January 6, 2008 Share Posted January 6, 2008 If the action is itself, then there is no need to include it. Quote Link to comment Share on other sites More sharing options...
Johnain Posted January 6, 2008 Author Share Posted January 6, 2008 that is right, I realised that just after I posted, but I put it in anyway. I changed to <form method="post" action="../scripts/changeuser.php"> ... and it refinds the form (as it did before) but still comes back saying ... "That username ( JohnAin ) does not exist in our database." Which of course is not the case since a select using the constant "JohnAin" does find and retrieve the record. Regards John Quote Link to comment Share on other sites More sharing options...
Johnain Posted January 6, 2008 Author Share Posted January 6, 2008 Are there any hidden characters in a record retrieved from a table? Is the field length a consideration? Sorry to ask such basic questions, but I am a newcomer ! Regards John Quote Link to comment Share on other sites More sharing options...
Ken2k7 Posted January 6, 2008 Share Posted January 6, 2008 Could you please just post the actual snippet of code around those lines rather than just posting a few queries? Quote Link to comment Share on other sites More sharing options...
Johnain Posted January 6, 2008 Author Share Posted January 6, 2008 Hi Ken You will find the code in reply 3 above. Regards John Quote Link to comment Share on other sites More sharing options...
Johnain Posted January 6, 2008 Author Share Posted January 6, 2008 sorry, just to be clear, it is these statments that I have the problem with ... case 2: // Start step 2. User details maintenance. if (!get_magic_quotes_gpc()) { $_POST['uname'] = addslashes($_POST['uname']); } ?> <br /><h4>User maintenance - Maintain user details for ...<br /> <?echo($uname) ?></h4> <? $qry = "SELECT * FROM users WHERE username = '$uname'"; //$qry = "SELECT username, password FROM users WHERE username = '".$_POST['uname']."'"; $check = $db_object->query($qry); if (DB::isError($check) || $check->numRows() == 0) { die("That username (".$uname.") does not exist in our database."); } break; The select will find my record when I use a constant for the key, but not when I use $uname. Regards John Quote Link to comment Share on other sites More sharing options...
Ken2k7 Posted January 6, 2008 Share Posted January 6, 2008 <?php $uname = $_POST['uname']; if (!get_magic_quotes_gpc()) { $uname = addslashes($uname); } ?> <br /><h4>User maintenance - Maintain user details for ...<br /> <?echo($uname) ?></h4> <?php $qry = "SELECT * FROM users WHERE username = '$uname'"; //$qry = "SELECT username, password FROM users WHERE username = '".$_POST['uname']."'"; $check = $db_object->query($qry); if (DB::isError($check) || $check->numRows() == 0) { die("That username (".$uname.") does not exist in our database."); } ?> Quote Link to comment Share on other sites More sharing options...
Johnain Posted January 6, 2008 Author Share Posted January 6, 2008 Hi Ken Thanks for that, but it hasn't fixed the problem. I am going to work line by line though this and see if I can spot the problem. Thanks for your help Regards John Quote Link to comment Share on other sites More sharing options...
Ken2k7 Posted January 6, 2008 Share Posted January 6, 2008 In your code, you said $check->numRows(). How is it possible you're using $check for that? Quote Link to comment Share on other sites More sharing options...
revraz Posted January 6, 2008 Share Posted January 6, 2008 After this line $qry = "SELECT * FROM users WHERE username = '$uname'"; enter echo $qry; I tried it with your code, not using Objects, and it works fine here. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 6, 2008 Share Posted January 6, 2008 Since you can put in 'JohnAin' directly in the query and it works, there is something specific with the value that comes from the form. You posted this above - "That username ( JohnAin ) does not exist in our database." If that line is EXACTLY as it was output to the browser, there is leading and trailing white-space on the name. The posted code would have given (JohnAin) with no spaces. Use the trim() function before the query - $uname = trim($uname); If this does not solve it, then your browser/form in doing some character encoding, so that the query does not match the name but the name is "displayed" correctly when you echo it. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 6, 2008 Share Posted January 6, 2008 LOL. I looked at your code for the form and it is deliberately putting in a space before and after the name in the value (everyone here probably thought you were typing the name in instead of selecting it from a dropdown) - $linetext = "<option value= ' ".mysql_result($result,$i)." ' >".mysql_result($result,$i)."</option>"; Change this to - $linetext = "<option value= '".mysql_result($result,$i)."' >".mysql_result($result,$i)."</option>"; Quote Link to comment Share on other sites More sharing options...
Johnain Posted January 7, 2008 Author Share Posted January 7, 2008 Hi Guys I finally worked it out with your help. My basic error was forgetting that I was constructing a string containing an SQL statment, not the statement itself! The solution is ... $qry = "SELECT * FROM users WHERE username = "."'".$uname."'"; I hope I do not do anything as daft again ... but I bet I do Regards to you all and thanks for all of your help. John Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.