Quantcast

Forums | MacLife

You are not logged in.

Pages: 1

 

#1 2003-12-03 3:59 pm

jdsmith575
Member
From: Texas Tech Univ.
Registered: 2001-04-09
Posts: 741
Website

A little PHP/MySQL help please

I'm working on an app that pulls date info from a database and displays it. Here's the code that I am stuck on.

Code:

if(isset($HTTP_POST_VARS['submit']))
{
     $query_result = mysql_query("select start as startf, date_format(start, '%M %e, %Y') as start, date_format(end, '%M %e, %Y') as end, line1, line2, line3, url, description from casnr_look where month(start) = {$HTTP_POST_VARS['month']} and dayofmonth(start) >= dayofmonth(curdate()) or month(end) = {$HTTP_POST_VARS['month']} and month(start) = {$HTTP_POST_VARS['month']} - 1 and dayofmonth(end) >= dayofmonth(curdate()) order by startf");
}
else
{
     $query_result = mysql_query("select start as startf, date_format(start, '%M %e, %Y') as start, date_format(end, '%M %e, %Y') as end, line1, line2, line3, url, description, month(start) as month from casnr_look where month(start) = month(curdate()) and dayofmonth(start) >= dayofmonth(curdate()) or month(end) = month(curdate()) and month(start) = month(curdate()) - 1 and dayofmonth(end) >= dayofmonth(curdate()) order by startf");
}

It works properly with the ELSE part of the statement, but not the IF. It has something to do with the use of $HTTP_POST_VARS, because all I did was paste it in there. I must be using it improperly, but I haven't found a fix yet. I keep getting this error, when I run through the IF part.

Code:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/html/casnr_look/view.php on line 40

Can anyone see offhand what i've got wrong?

Help me MacAddict, you're my only hope.

(Oh, and if you want to play with it, http://gom034.agsc.ttu.edu/casnr_look/view.php , there you go.)

I use a Mac because I'm just better than you are.

Offline

 

#2 2003-12-03 5:01 pm

Basseq
Fixxy of F&S fame
From: D.C.
Registered: 2002-12-18
Posts: 3125
Website

Re: A little PHP/MySQL help please

Well, the $HTTP_POST_VARS is the problem...

Make sure the variables are evaluating in the sql statement. Sometimes I find just assigning the post var to another variable (like $month) works.

Basseq is me, John Whittet.
(Finishing the remainder of the thought expressed in the post has been left as an exercise for the reader.)

Offline

 

#3 2003-12-03 6:59 pm

Scott
Zombie Gorilla
From: Oregon
Registered: 2002-12-07
Posts: 3446
Website

Re: A little PHP/MySQL help please

eek

Post vars straight into a query?  Lord no!

There is a handful of ways to wipe, break or gain access to your database if you don't scrub the vars first!

http://www.greatgamesexperiment.com/images/logo_kit/468x60-Blue.gif

Offline

 

#4 2003-12-04 11:20 am

jdsmith575
Member
From: Texas Tech Univ.
Registered: 2001-04-09
Posts: 741
Website

Re: A little PHP/MySQL help please

I'll remember that.

The MySQL book I'm using said to do that, for security measures.

I use a Mac because I'm just better than you are.

Offline

 

#5 2003-12-04 1:21 pm

jdsmith575
Member
From: Texas Tech Univ.
Registered: 2001-04-09
Posts: 741
Website

Re: A little PHP/MySQL help please

I think I found the problem. It turns out that $HTTP_POST_VARS['month'] is empty, because I was actually sending ['month_start']. blush Silly me.

Thanks for the tip about not using $HTTP_POST straight into my queries.

I use a Mac because I'm just better than you are.

Offline

 

 

Pages: 1

Board footer

Powered by PunBB 1.2.6
© Copyright 2002–2005 Rickard Andersson