Jump to content

mattbrown

Members
  • Posts

    6
  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

mattbrown's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. After a little bit more messing around and comparing this to my other functions the answer has become obvious $link = mysql_connect("$hostname" , "$username" , "$password")or die(mysql_error()); mysql_select_db('barkersgifts'); needs to be before the line where mysql_real_escape_string() is used, for obvious reasons.
  2. I have made a function to run a simple search facility on my site but for some reason the mysql queries are not getting put together right heres the function: [code]function search($searchStr, $searchBy) { //Declare our globals global $hostname, $username, $password; //Find out what we're searching for and construct the query switch ($searchBy) { case 1: //Search by barcode $searchQuery = sprintf("SELECT productCode, image, price, name, sale_price, stock_level FROM bgy_CubeCart_inventory WHERE productCode='%s'", mysql_real_escape_string($searchStr)); break; case 2: //Search by title $searchQuery = sprintf("SELECT productCode, image, price, name, sale_price, stock_level FROM bgy_CubeCart_inventory WHERE name LIKE '%%%s%%'", mysql_real_escape_string($searchStr)); break; case 3: //Search by description $searchQuery = sprintf("SELECT productCode, image, price, name, sale_price, stock_level FROM bgy_CubeCart_inventory WHERE description LIKE '%%%s%%'", mysql_real_escape_string($searchStr)); break; case 4: //Search by barcode, title, description $searchQuery = sprintf("SELECT productCode, image, price, name, sale_price, stock_level MATCH (productCode, name, description) AGAINST ('%s') FROM bgy_CubeCart_inventory", mysql_real_escape_string($searchStr)); break; } //Connect to the database and run the query $link = mysql_connect("$hostname" , "$username" , "$password")or die(mysql_error()); mysql_select_db('barkersgifts'); $searchResult = mysql_query($searchQuery); mysql_close($link); if (mysql_num_rows($searchResult)) { return $searchResult; } else { return "No Results Found"; } } [/code] if i change [code]$searchQuery = sprintf("SELECT productCode, image, price, name, sale_price, stock_level FROM bgy_CubeCart_inventory WHERE productCode='%s'", mysql_real_escape_string($searchStr));[/code] to [code]$searchQuery = sprintf("SELECT productCode, image, price, name, sale_price, stock_level FROM bgy_CubeCart_inventory WHERE productCode='$searchStr'",);[/code] Then it works ok but using mysql_real_escape_string() the query that get constructed is as follows SELECT productCode, image, price, name, sale_price, stock_level FROM bgy_CubeCart_inventory WHERE productCode='' I have used mysql_real_escape_string() in other functions and it seems to work just fine :-S any help would be very much appreciated
  3. so at present i have in the page $change_pass_result changepass($oldfromform, $new1fromform ,$new2fromform) and if one of them are not set then $change_pass_result will be false?
  4. Hi ok im just writing a lil function to deal with changing a password and i think ive gone brain dead the function gets 3 variables passed to it and i want it to check them like this 1 are variables $old, $new1, $new2 set 2 do variables $new1 and $new2 match if so { do my stuff } so i put if((isset($old && $new1 && $new2))&&($new1 == $new)) { i know ive made a silly mistake could somebody please put me out of my misery, maybe ive been sitting at this laptop too long :-(
  5. Excellent Thanks [img src=\"style_emoticons/[#EMO_DIR#]/smile.gif\" style=\"vertical-align:middle\" emoid=\":smile:\" border=\"0\" alt=\"smile.gif\" /] I'll give it a go tomorrow
  6. Hi, I've recently been testing out some stuff for a website I plan to build and would like to include what sounds like a simple feature but I can't seem to find any info about how other poeple have gone about this. Basically on the site there is a login system using PHP/MySQL all pretty standard stuff really but what i would like to do is have a list of currently logged in users and their usernames on the front page, similar to the bottom of the front page of most PHPBB forums. At first the solution seems simple, I though I'd just make a value change in the users row of the database when they log in then have it change back when they log out but as we all know just about everyone just closes the browser window thus leaving the database value set to logged in. The only other idea I've had but not tested yet is to have the time the user logged in stored to the database then every time they load a page have this field updated. This would make it possible to for some kind of sql query to only return the username in rows that have a timestame no older than 5 minutes of the current time but this seems very messy and surely would result in way to many database connections. So please if anybody has any ideas or information please let me know Many Thanks Matt
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.