php-windows Digest 17 Oct 2003 12:54:42 -0000 Issue 1960
Topics (messages 21797 through 21804):
Re: [PHP] $_POST in MySQL query issue...
21797 by: BAO RuiXian
Re: $_POST in MySQL query issue...
21798 by: DvDmanDT
21799 by: Lang Sharpe
Re: [PHP-DB] $_POST in MySQL query issue...
21800 by: Peter Beckman
Re: [PHP-DB] Re: [PHP] $_POST in MySQL query issue...
21801 by: Peter Beckman
failed to open stream: HTTP
21802 by: Disko_kex
Re: Error calling php_info
21803 by: Donatas
Check mail format
21804 by: MeAndI
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Adam Reiswig wrote:
$table="elements";
$sql="insert into $table set Name = '$elementName'";
This works with register_globals set to on. But, I want to be able to
turn that off. My code then, I am guessing, be something as follows:
$table="elements";
$sql="insert into $table set Name = '$_POST["elementName"]'";
I see you can achieve this by two ways:
1. Take out all the inside quotes (single or double) like the following:
$sql="insert into $table set Name = $_POST[elementName]";
2. Use a temporary variable for $_POST[elementName], like $elementName
= $_POST[elementName], then continute use your original SQL sentence
when the register_globals was on.
Best
Bao
Unfortunately this and every other combination I can think of,
combinations of quotes that is, does not work. I believe the source of
the problem is the quotes within quotes within quotes. I also tried:
--- End Message ---
--- Begin Message ---
$sql="insert into $table set Name = '".$_POST["elementName"]."'";
or even better:
$sql="insert into ".$table." set Name = '".$_POST["elementName"]."'";
But the method both Jake and Bao suggested will also work (temporary var)...
--
// DvDmanDT
MSN: [EMAIL PROTECTED]
Mail: [EMAIL PROTECTED]
"Adam Reiswig" <[EMAIL PROTECTED]> skrev i meddelandet
news:[EMAIL PROTECTED]
> Greetings to all. I am trying for the life of me to place a $_POST[]
> variable in my MySQL query. I am running the latest stable versions of
> PHP, MySQL and Apache 2 on my Win2kPro machine. My register_globals are
> set to off in my php.ini. My code I am attempting create is basically
> as follows:
>
> $table="elements";
> $sql="insert into $table set Name = '$elementName'";
>
> This works with register_globals set to on. But, I want to be able to
> turn that off. My code then, I am guessing, be something as follows:
>
> $table="elements";
> $sql="insert into $table set Name = '$_POST["elementName"]'";
>
> Unfortunately this and every other combination I can think of,
> combinations of quotes that is, does not work. I believe the source of
> the problem is the quotes within quotes within quotes. I also tried:
>
> $sql='insert into $table set Name = '.$_POST["elementName"];
> or
> $sql="insert into $table set Name = ".$_POST['elementName'];
>
> and several other variations.
>
> Can anyone give me some pointers to inserting $_POST[] statements inside
> of query statements? I am sure there must be a way but I have spent a
> lot of time on this and am really stumped here. Thanks for any help.
>
> -Adam Reiswig
>
> PS if anything here is not clear to you, please let me know and I'll
> clarify as I can. Thanks again.
--- End Message ---
--- Begin Message ---
> $sql="insert into $table set Name = '$_POST["elementName"]'";
The problem with this is that you need to use curly braces around the
variable being substituted in the string. Also use single quotes around the
array index.
$sql="insert into $table set Name = '{$_POST['elementName']}'";
See the manual.. (Variable parsing section)
http://php.net/manual/en/language.types.string.php
Lang
Adam Reiswig wrote:
> Greetings to all. I am trying for the life of me to place a $_POST[]
> variable in my MySQL query. I am running the latest stable versions of
> PHP, MySQL and Apache 2 on my Win2kPro machine. My register_globals are
> set to off in my php.ini. My code I am attempting create is basically
> as follows:
>
> $table="elements";
> $sql="insert into $table set Name = '$elementName'";
>
> This works with register_globals set to on. But, I want to be able to
> turn that off. My code then, I am guessing, be something as follows:
>
> $table="elements";
> $sql="insert into $table set Name = '$_POST["elementName"]'";
>
> Unfortunately this and every other combination I can think of,
> combinations of quotes that is, does not work. I believe the source of
> the problem is the quotes within quotes within quotes. I also tried:
>
> $sql='insert into $table set Name = '.$_POST["elementName"];
> or
> $sql="insert into $table set Name = ".$_POST['elementName'];
>
> and several other variations.
>
> Can anyone give me some pointers to inserting $_POST[] statements inside
> of query statements? I am sure there must be a way but I have spent a
> lot of time on this and am really stumped here. Thanks for any help.
>
> -Adam Reiswig
>
> PS if anything here is not clear to you, please let me know and I'll
> clarify as I can. Thanks again.
--- End Message ---
--- Begin Message ---
On Thu, 16 Oct 2003, Adam Reiswig wrote:
> $sql="insert into $table set Name = '$_POST["elementName"]'";
>
> Unfortunately this and every other combination I can think of,
> combinations of quotes that is, does not work. I believe the source of
> the problem is the quotes within quotes within quotes. I also tried:
>
> $sql='insert into $table set Name = '.$_POST["elementName"];
> or
> $sql="insert into $table set Name = ".$_POST['elementName'];
You need to quote the Name.
$sql = 'insert into '.$table.' set Name = "'.addslashes($_POST['elementName']).'"';
You've done everything here that you need, no extra variables, no nothing.
Register_Globals is bad -- if you can avoid using it, do so.
Performance-wise, it is better to use single quotes and concat the
variables outside of the quoted line. Better performance, less problems
with variables not being expanded correctly.
Beckman
---------------------------------------------------------------------------
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---------------------------------------------------------------------------
--- End Message ---
--- Begin Message ---
On Fri, 17 Oct 2003, BAO RuiXian wrote:
> I see you can achieve this by two ways:
>
> 1. Take out all the inside quotes (single or double) like the following:
>
> $sql="insert into $table set Name = $_POST[elementName]";
This is bad. Using no quotes MAY work, but it is considered a "BARE WORD"
and not an actual string.
$sql='insert into '.$table.' set Name = "'.addslashes($_POST['elementName']).'"';
is the (more) correct way to do this.
> 2. Use a temporary variable for $_POST[elementName], like $elementName
> = $_POST[elementName], then continute use your original SQL sentence
> when the register_globals was on.
Waste (albeit very minor) of variable space. Concat them.
Beckman
---------------------------------------------------------------------------
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---------------------------------------------------------------------------
--- End Message ---
--- Begin Message ---
Hi.
This has always been working for me, and now it isnt?
<?php
$handle = fopen ("http://www.lokalguiden.se/test.txt";, "r");
?>
I get this warning:
Warning: fopen(http://www.lokalguiden.se/test.txt): failed to open
stream: HTTP request failed! ^ in c:\inetpub\wwwroot\lgd\test.php on
line 2
I just change from apache to IIS. Please help..
--- End Message ---
--- Begin Message ---
Getting CHM version of PHP manual would be the right thing to do. It's
index/search is the best way to learn about functions you need.
Good luck ;)
Donny
Yosvel Reyes wrote:
Hi All:
Enviroment: php 4.xx Apache 2.0 Internet Explorer 6.0 Windows OS
I'm Just a php beginner and I'm testing some code like
<?
php_info();
?>
and this code just not work for me i got the following error
Fatal error: Call to undefined function: php_info() in D:\Program
Files\Apache Group\Apache2\htdocs\Etecsa\index.php on line 2
I have taken this sample code from a php book so I suppose it will work
fine...
Any Suggestion???
Thanks in advance
==========================================
Lic. Yosvel Reyes Fonfria
[EMAIL PROTECTED]
tel: (053)42 205428
Who try and try again, triumph!!!
==========================================
--- End Message ---
--- Begin Message ---
Hi,
I just want to know how I can recognize that the e-mail address inserted by
the user is correct or not.
E.g.
[EMAIL PROTECTED] -> correct e-mail address
[EMAIL PROTECTED] or user-server.com -> incorrect email addresses
please help
Thanks
--- End Message ---
