Php mysql syntax help?
-
basically i get the following error returned "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1" and my code is " <?php include'conn.php'; $value=$_post['usid']; $query="SELECT * FROM users WHERE uid =$value "; $result = mysql_query($query) or die(mysql_error()); $info = mysql_fetch_array($result); $id = $info['UID']; $name = $info['username']; $pass = $info['password']; echo '<br>'; echo '<table border="1">'; echo '<tr><td>ID:</td>'; echo '<td>'; echo $id; echo '</td><br>'; echo '<td>username:</td><td>'; echo $name; echo '</td>'; echo '<td>password:</td><td>'; echo $pass; echo '</td>'; ?>" how ever when the script has a set id to lookup it works fine so im a bit confused I.e this works " <?php include'conn.php'; $value=1; $query="SELECT * FROM users WHERE uid =$value "; $result = mysql_query($query) or die(mysql_error()); $info = mysql_fetch_array($result); $id = $info['UID']; $name = $info['username']; $pass = $info['password']; echo '<br>'; echo '<table border="1">'; echo '<tr><td>ID:</td>'; echo '<td>'; echo $id; echo '</td><br>'; echo '<td>username:</td><td>'; echo $name; echo '</td>'; echo '<td>password:</td><td>'; echo $pass; echo '</td>'; ?>" and the form elements name is usid any help will be great
-
Answer:
To access HTTP parameters, you need to use capital letters, eg -> $_POST['usid'] instead of $_post['usid'] Also, your SQL above will fail if the parameter is missing (or submitted via a GET request). Generally, it's more flexible to use $_REQUEST['usid'] Worse, you want to cast the $_POST['usid'] to an (int) value rather than simply using it. If a malicious user manually posted a usid value of '1; DROP TABLE users' you would lose all your user data.
Bat at Yahoo! Answers Visit the source
Other answers
I think post should al be in capital letters: $_POST['.....']. And also try to use include with parenthesis: include('.....');
temp
Related Q & A:
- How To Build Business Directory Using Php Mysql?Best solution by Stack Overflow
- How to prevent duplicate entries in MySQL and PHP?Best solution by Stack Overflow
- How to write a query for PHP and MySQL?Best solution by Stack Overflow
- how to create a new syntax in java?Best solution by Stack Overflow
- How to create a table in PHP with MySQL?Best solution by Stack Overflow
Just Added Q & A:
- How many active mobile subscribers are there in China?Best solution by Quora
- How to find the right vacation?Best solution by bookit.com
- How To Make Your Own Primer?Best solution by thekrazycouponlady.com
- How do you get the domain & range?Best solution by ChaCha
- How do you open pop up blockers?Best solution by Yahoo! Answers
For every problem there is a solution! Proved by Solucija.
-
Got an issue and looking for advice?
-
Ask Solucija to search every corner of the Web for help.
-
Get workable solutions and helpful tips in a moment.
Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.