3

I'm new to working with PHP and a mySQL DB. I"m trying to make a user input there user name(UN) to enter this one part of my site. I have a mySQL DB(test) with a users table called "test". I know that I'm connecting ok, because I tested it by creating a simple page to open the DB and list all the users(from the UN field), or select a specific one. I then created a page called "input.php" for a test of getting input. As seen here> 

<html>
 <body>
 <form action="test.php" method="get">
 UN: <input type="text" name="U">
 <input type="submit">
 </form>
 </body>
 </html>

The input from above goes to "test.php" below where it is checked with current data in my DB.

<?php
$hostname = "test.db.some#.somehost.com";
    $username = "test";
    $dbname = "test";
$password = "password";
$usertable = "test";
$yourfield = "UN";
    mysql_connect($hostname, $username, $password) OR DIE ("Unable to 
        connect to database! Please try again later.");
    mysql_select_db($dbname);
$query = "SELECT * FROM $usertable WHERE $yourfield = $_GET["U"]";
    $result = mysql_query($query);
    if ($result) {
        while($row = mysql_fetch_array($result)) {
                $name = $row["$yourfield"];
                echo "Hello: $name<br>";
            }
    }
    else {
        echo "User dosen't exit!";
    }
    mysql_close();
?>

And this is the error I get> *Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/content/81/11107981/html/test.php on line 20*

I know I'm close, but I want the cigar. ;)

Improve this question

4 Answers 4

Reset to default
1

I think the problem is that you don't escape the quotes in the query:

Try the following: 

$u = $_GET['u'];
$query = "SELECT * FROM $usertable WHERE $yourfield = " . $u;
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

mysql_* are deprecated. You should avoid them.

Change 

mysql_connect($hostname, $username, $password) OR DIE ("Unable to 
    connect to database! Please try again later.");

to

$connection = mysql_connect($hostname, $username, $password) OR DIE ("Unable to 
connect to database! Please try again later.");

,

$query = "SELECT * FROM $usertable WHERE $yourfield = $_GET["U"]";

to

$query = "SELECT * FROM $usertable WHERE $yourfield = '".$_GET["U"]."'";

And

mysql_close();

to 

mysql_close($connection);
Improve this answer

6 Comments

mysql_* deprecated as PHP 5.5.0, and will be removed in the future.
Wow, thanks for the fast response #1 :D #2 it works now. Yes, I must be using an old example of working with mysql code that my web host provided for me. May mucho Karma smile upon you. :)
Good to know that it helped. Probably, you can accept this answer then ;)
Oh, but I'm having different problem now. When I enter a user name that is in the dB it works, but when I enter a user name this is not in the dB it doesn't do anything, just blank page. Its supposed to come back with an error. Its not getting to the final else statement for some reason.
because it is still executing the code under if condition. Write echo "i am here" outside while loop & you will come to know.
|
0

You should write the query like this instead:

$query = "SELECT * FROM $usertable WHERE $yourfield = '" . $_GET["U"] . "'";

Or you can write it like this:

$query = "SELECT * FROM $usertable WHERE $yourfield = '{$_GET["U"]}'";
Improve this answer

Comments

0

your first problem is solved but here is the solution to your second problem along with the help to convert this code to mysqli

<?php
$hostname = "test.db.some#.somehost.com";
$username = "test";
$dbname = "test";
$password = "password";
$usertable = "test";
$yourfield = "UN";
$connect   =  mysqli_connect($hostname, $username, $password) OR DIE ("Unable to 
    connect to database! Please try again later.");
mysqli_select_db($dbname);

/* You can combine the above two lines in oen in mysqli by giving db name as fourth parameter
 mysqli_connect($hostname, $username, $password, $dbname)

*/

$query = "SELECT * FROM $usertable WHERE $yourfield = $_GET["U"]";
$result = mysqli_query($query);
$rowSelected   = mysqli_num_rows($result);
if ($rowSelected ) {
    while($row = mysqli_fetch_array($result)) {
            $name = $row["$yourfield"];
            echo "Hello: $name<br>";
        }
}
else {
    echo "User dosen't exit!";
}
mysqli_close($connect);
?>

mysql_query or mysqli_query will return the resource .. and that will be true irrespective of whether rows are fetched or not ..what you need to check if there is any data that is being fetched in actual .. so use mysqli_num_rows(mysqli version of mysql_num_rows)

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.