Re: Question about MySql, need help AllYourBase #49496 06/25/09 07:47 AM
Joined: Oct 2006 Posts: 1,720 Dunlop_Phaete Band 7
Dunlop_Phaete Band 7 Joined: Oct 2006 Posts: 1,720	Post yur queries Ith. Former KGB Member

Re: Question about MySql, need help

Dunlop_Phaete #49529 06/25/09 11:59 AM

Joined: Nov 2005

Posts: 1,876

Likes: 10

France

Arkh

KGB Supreme Court Justice
KGB Supreme Knight

Arkh

KGB Supreme Court Justice
KGB Supreme Knight

Joined: Nov 2005

Posts: 1,876

Likes: 10

France

Ok. So first thing, in PHP : use PDO. Nothing less.
Something like that :

Code:

<?php
// Change these vars with your server infos
$DB_HOST = 'yourDbHost';
$DB_NAME = 'yourDatabaseName';
$DB_USER = 'user';
$DB_PASS = 'pass';

try{
  // Instanciate a PDO object
  $db = new PDO('mysql:dbname='.$DB_NAME.';host='.$DB_HOST);
  // Get a PDO statement
  $stmt = $db->prepare('your SQL query here');
  // Fetch all results, may be bad if there's a shitload of data
  $data = $stmt->fetchAll();
}
catch(PDOException $e){
  echo 'PDO error';
  die();
}
catch(Exception $e){
  echo 'ouch';
  die(); // That's bad, I know
}
// You should write a proper exception handler which will log all the errors into a file
// We start outputting html here, you better put the html part in a different file which you'll include
?>
<table>
<?php foreach($data AS $tuple){ ?>
  <tr>
    <td><?=$tuple['column1']?></td>
    <!-- Add more column if needed -->
  </tr>
<?php }?>
<table>

Last edited by Arkh; 06/25/09 12:00 PM.

Re: Question about MySql, need help Arkh #49543 06/25/09 01:12 PM
Joined: Sep 2008 Posts: 102 Ithkrul OP KGB Champion
OP Ithkrul KGB Champion Joined: Sep 2008 Posts: 102	As Im just starting this...what is a PDO. The only query Im concerned with right now is SELECT * FROM registree Thats what is required, will add more queries as time permits. Most likely will just make another query on the primary keys. Code: <table> <?php foreach($data AS $tuple){ ?> <tr> <td><?=$tuple['column1']?></td> <!-- Add more column if needed --> </tr> <?php }?> <table> This is HTML output part and the creation of the tabular data on a new webpage correct? Last edited by Ithkrul; 06/25/09 01:16 PM.

Re: Question about MySql, need help Ithkrul #49548 06/25/09 02:03 PM
Joined: Nov 2005 Posts: 1,876 Likes: 10 France Arkh KGB Supreme Court Justice KGB Supreme Knight
Arkh KGB Supreme Court Justice KGB Supreme Knight Joined: Nov 2005 Posts: 1,876 Likes: 10 France	PDO is a method to connect to databases with php. A good method, not like what you'll find in stupid tutorials. So, you just copy-pasta your query where there's a "your query here" and the part you quoted is what will be output. Depending on the number of fields you have in your table, just add more columns. If you have fields like ID, name, desc you do that : Code: <table> <?php foreach($data AS $tuple){ ?> <tr> <td><?=$tuple['ID']?></td> <td><?=$tuple['name']?></td> <td><?=$tuple['desc']?></td> </tr> <?php }?> <table>

Re: Question about MySql, need help

Arkh #49553 06/25/09 02:30 PM

Joined: Sep 2008

Posts: 102

Ithkrul

KGB Champion

Ithkrul

KGB Champion

Joined: Sep 2008

Posts: 102

Code:

<?php
mysql_connect("localhost", "database", "password") or die(mysql_error());
echo "Connected to MySQL<br />";
mysql_select_db("database") or die(mysql_error());
echo "Connected to Database<br />";


$result = mysql_query("SELECT * FROM registree") or die(mysql_error());  
$row = mysql_fetch_array( $result );

// Print out the contents of the entry 
echo "<table border='1'>";
echo "	<tr> 
	<th>Name</th> 
	<th>Address1</th> 
	<th>Address2</th> 
	<th>Email</th> 
	<th>Phone</th>
	<th>SpecAsc</th>
	<th>unccID</th>
	<th>Volunteer</th>
	<th>Session</th>
	</tr>";

while($row = mysql_fetch_array( $result )) 
{
echo " <tr><td> ";
	echo $row['name'];
echo " </td><td> ";
	echo $row['address1'];
echo " </td><td> ";
	echo $row['address2'];
echo " </td><td> ";
	echo $row['email'];
echo " </td><td> ";
	echo $row['phoneNo'];
echo " </td><td> ";
	echo $row['specAsc'];
echo " </td><td> ";
	echo $row['unccId'];
echo " </td><td> ";
	echo $row['volunteer'];
echo " </td><td> ";
	echo $row['session'];
echo " </td><tr> ";
}
echo "</table>";


?>

Well I just ended up using this and it seems to work fine. Ill look at PDO instancing at a later date. Ill go back and "variableize" it later. Ive been spending too much time on this as it is and my partner is clueless. So a two person job is now a me job.

And as annoying and outdated as Tutorials are. I have basically done this whole project from like 10 different tutorials. Since my professor is borderline terribad and the text is just front to back creating ER diagrams and Schemas.

So my next question would be, how could I look up the data by searching one particular field and still have it list all the data associated with it? Like have a search box for name, and pull up all the data with people that have that name

Last edited by Ithkrul; 06/25/09 02:54 PM.

Re: Question about MySql, need help Ithkrul #49574 06/25/09 05:51 PM
Joined: Nov 2005 Posts: 586 Longshanks KGB (F3) Vice-Chancellor Crowfall Faction
Longshanks KGB (F3) Vice-Chancellor Crowfall Faction Joined: Nov 2005 Posts: 586	Just change you query by adding a where clause. Been a while since I did PHP .. but something like: select * from registree where name = $_POST['NameOfYourTextbox']; 'NameOfYourTextbox' would be whatever you named the <input> html tag on your form. A better practice would be to assign the posted value from the textbox to a local variable first, as such: $myval = $_POST['NameOfYourTextbox']; SELECT * FROM registree where name = $myval; Other than grabbing the posted vaiable & adding it to a where clause, you should be able to use the rest of the code you posted to display the new filtered result set.

Re: Question about MySql, need help Longshanks #49575 06/25/09 06:14 PM
Joined: Sep 2008 Posts: 102 Ithkrul OP KGB Champion
OP Ithkrul KGB Champion Joined: Sep 2008 Posts: 102	is it possible to add multiple options for doing searches. Such as Code: $myval1 = $_POST['fname']; $myval2 = $_POST['lname']; $myval3 = $_POST['phoneNo']; $myval4 = $_POST['email']; SELECT * FROM registree WHERE fname=$myval1 or lname=$myval2 or phoneNo=$myval3 or email=$myval4; where im posting the variables from a form, like a search box? like if i want to search all people with the first name ithkrul or want to search all people with the last name katir. My concern is, can I use 'or' like this? and what are the annomalies possibly faced when searching like this? or should i only concern myself with doing searches via primary key. Also new question concerning secure logins. ok so i have a log in via php, but if i just copy and paste the to the url it takes me to what should be password only? basically http://ccis004.uncc.edu/~chaconia/admin.php and http://ccis004.uncc.edu/~chaconia/admin.php?password-blahblah&username=blahblah take me to the same "admin" page regardless Last edited by Ithkrul; 06/25/09 06:17 PM.

Re: Question about MySql, need help Ithkrul #49585 06/25/09 08:49 PM
Joined: Nov 2005 Posts: 586 Longshanks KGB (F3) Vice-Chancellor Crowfall Faction
Longshanks KGB (F3) Vice-Chancellor Crowfall Faction Joined: Nov 2005 Posts: 586	You sure can do that ... you just just have to figure out your logical AND\|OR's ... primary keys are typically hidden from the end user, you use these for performing updates or in JOINs from parent to child tables. For the login ... you have to check for the password post form variable if it is not there ... meaning someone went directly to the process page ... you should redirect to an error page, or back to the login page & present the user with some message. Use an if statement around your processing logic for the password lookup.

Re: Question about MySql, need help Longshanks #49587 06/26/09 12:06 AM
Joined: Nov 2005 Posts: 1,876 Likes: 10 France Arkh KGB Supreme Court Justice KGB Supreme Knight
Arkh KGB Supreme Court Justice KGB Supreme Knight Joined: Nov 2005 Posts: 1,876 Likes: 10 France	Everytime you use mysql_* php function or use raw form input data, baby raptor Jesus kills a puppy.

Re: Question about MySql, need help Arkh #49604 06/26/09 06:10 AM
Joined: Apr 2009 Posts: 68 Zarad Zhuul KGB Champion
Zarad Zhuul KGB Champion Joined: Apr 2009 Posts: 68	obviously for this type of assignment he is not wanting to safeguard against sql injection... Generally for the search queuries..you can use something like this (I'm not a php guy..so no guarantees on syntax) $myval1 = $_POST['fname']; $myval2 = $_POST['lname']; $myval3 = $_POST['phoneNo']; $myval4 = $_POST['email']; $myWhereMaker = " where 1=1 "; if ($myval1 != "") $myWhereMaker = $myWhereMaker + " and fname like %"+$myval1+"%"; if ($myval2 != "") $myWhereMaker = $myWhereMaker + " and lname like %"+$myval2+"%"; if ($myval3 != "") $myWhereMaker = $myWhereMaker + " and phoneno like %"+$myval3+"%"; if ($myval4 != "") $myWhereMaker = $myWhereMaker + " and email like %"+$myval4+"%"; $result = mysql_query("SELECT * FROM registree" + $myWhereMaker Generally you don't pass user/pass in a querystring either ...instead use a submit form..the request should be the same regardless..and like he says..if you dont have a value when you check the request..then redirect the page back to the login..or error

Page 2 of 4

Link Copied to Clipboard

The KGB Oracle Forums The KGB Great Hall of History (ARCHIVE) Darkfall Members Forum Question about MySql, need help

The Knights of Glory and Beer (C) 2021All Rights Reserved

The Knights of Glory and Beer (C) 2021
All Rights Reserved