php-windows Digest 3 Apr 2004 17:42:36 -0000 Issue 2193
Topics (messages 23350 through 23359):
Re: quotes in mysql
23350 by: Tony Devlin
23351 by: Ignatius Reilly
Update multiple records from a text field
23352 by: kaizer boab
23353 by: Justin Patrin
23354 by: kaizer boab
23355 by: Justin Patrin
23356 by: kaizer boab
23357 by: kaizer boab
23358 by: Justin Patrin
23359 by: kaizer boab
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
You can use addslashes .. which would be
$check = addslashes($check);
Then when you extract the information from the database to be displayed you
want to you
would need to stripslashes as such
$check = stripslashes($check);
It's typically a good idea to always add/strip slashes on any field where
you think a ' or " might be used.
Tony Devlin
V. President / CTO
Airewaves Broadband
69 Robert Smalls Prkwy.
Suite 4B
Beaufort, SC 29902
[EMAIL PROTECTED]
http://www.airewaves.com
tel: (843) 379-2473
fax: (800) 861-6301
mobile: (678) 480-4959
-----Original Message-----
From: Sudeep Sarath [mailto:[EMAIL PROTECTED]
Sent: Friday, April 02, 2004 3:16 AM
To: Php-windows mailing list
Subject: [PHP-WIN] quotes in mysql
Hi friends,
I have a 'textarea' in my php page and i need to put the details typed in
that textarea box to my MySQL database. The content in the textarea box
is(for example) : I'm a good boy.
and insert string is:
insert into table_name (describe) values('" . $check . "')
where check is the variable that stores the POST data of textarea. Also the
field "describe" is of a text datatype.
what happens is that i can't take the content string to the database.
B'cause it contains I'm (a single quote in between I and m) which confuses
mySql that string terminates after I. Is there any solution for this problem
as we cannot tell the users "dont put quotes in textarea".
....SuDeEp...
Win an evening with the Indian cricket captain: Yahoo! India Promos.
--- End Message ---
--- Begin Message ---
Not so. No stripslashes required.
If you add slashes when writing your PHP query, slashes will NOT be sent to
the DB.
In other words:
$name = addslashes( "O'Reilly" ) ;
$query = "
INSERT ...
SET name = '{$name}'
" ;
// etc.
will simply store "O'Reilly" in the DB. The desired result.
Never store anything else than "pure" data in the DB: no slashes, no URL
encoding, etc.
Ignatius
_________________________
----- Original Message -----
From: "Tony Devlin" <[EMAIL PROTECTED]>
To: "'Sudeep Sarath'" <[EMAIL PROTECTED]>; "'Php-windows mailing
list'" <[EMAIL PROTECTED]>
Sent: Friday, April 02, 2004 3:22 PM
Subject: RE: [PHP-WIN] quotes in mysql
You can use addslashes .. which would be
$check = addslashes($check);
Then when you extract the information from the database to be displayed you
want to you
would need to stripslashes as such
$check = stripslashes($check);
It's typically a good idea to always add/strip slashes on any field where
you think a ' or " might be used.
Tony Devlin
V. President / CTO
Airewaves Broadband
69 Robert Smalls Prkwy.
Suite 4B
Beaufort, SC 29902
[EMAIL PROTECTED]
http://www.airewaves.com
tel: (843) 379-2473
fax: (800) 861-6301
mobile: (678) 480-4959
-----Original Message-----
From: Sudeep Sarath [mailto:[EMAIL PROTECTED]
Sent: Friday, April 02, 2004 3:16 AM
To: Php-windows mailing list
Subject: [PHP-WIN] quotes in mysql
Hi friends,
I have a 'textarea' in my php page and i need to put the details typed in
that textarea box to my MySQL database. The content in the textarea box
is(for example) : I'm a good boy.
and insert string is:
insert into table_name (describe) values('" . $check . "')
where check is the variable that stores the POST data of textarea. Also the
field "describe" is of a text datatype.
what happens is that i can't take the content string to the database.
B'cause it contains I'm (a single quote in between I and m) which confuses
mySql that string terminates after I. Is there any solution for this problem
as we cannot tell the users "dont put quotes in textarea".
....SuDeEp...
Win an evening with the Indian cricket captain: Yahoo! India Promos.
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Hi everybody,
I have built a shopping cart using tables. I am able to add items and remove
items from the cart. The problem I am having is updating the quantities in
the cart.
When users view the cart they can see the quantity in a text field. I want
to allow users to type in the quantities they want in this box and then
submit the form to display the new quantities.
The problem is when the form is submitted only one of the quantity fields is
updated, the others remain unchanged. I have tried to use a while loop to
make it update all the quantities but it doesn't seem to work. Below is the
script I am using to UPDATE the quantites. Can anyone help me?
Thanx in advance.
<?php
$trackerId = $HTTP_POST_VARS['trackerId'];
$albumId = $HTTP_POST_VARS['albumId'];
$qty = $HTTP_POST_VARS['qty'];
mysql_select_db($database_con_ayrsrock, $con_ayrsrock);
$queryQty= "SELECT qty FROM cart WHERE trackerId = $trackerId AND albumId =
$albumId";
$rsQty = mysql_query($queryQty);
while ($row_rsQty = mysql_fetch_array($rsQty))
{
$newQty = $qty;
mysql_query("update cart set qty = $newQty where trackerId = $trackerId and
albumId = $albumId");
}
; ?>
--- End Message ---
--- Begin Message ---
Kaizer Boab wrote:
Hi everybody,
I have built a shopping cart using tables. I am able to add items and remove
items from the cart. The problem I am having is updating the quantities in
the cart.
When users view the cart they can see the quantity in a text field. I want
to allow users to type in the quantities they want in this box and then
submit the form to display the new quantities.
The problem is when the form is submitted only one of the quantity fields is
updated, the others remain unchanged. I have tried to use a while loop to
make it update all the quantities but it doesn't seem to work. Below is the
script I am using to UPDATE the quantites. Can anyone help me?
Thanx in advance.
<?php
$trackerId = $HTTP_POST_VARS['trackerId'];
$albumId = $HTTP_POST_VARS['albumId'];
$qty = $HTTP_POST_VARS['qty'];
mysql_select_db($database_con_ayrsrock, $con_ayrsrock);
$queryQty= "SELECT qty FROM cart WHERE trackerId = $trackerId AND albumId =
$albumId";
$rsQty = mysql_query($queryQty);
while ($row_rsQty = mysql_fetch_array($rsQty))
{
$newQty = $qty;
mysql_query("update cart set qty = $newQty where trackerId = $trackerId and
albumId = $albumId");
}
; ?>
Looks like you're naming all of your quantity text boxes "qty". You need
to use different var names to make multuple values come back. For
instance you could use "qty[]" to have the results come back in an
array. Or you could use qty[x] where x is a specific # so that you know
which product to update.
--
paperCrane <Justin Patrin>
--- End Message ---
--- Begin Message ---
Hi Justin,
I only have the one qty field in the View Cart page. It is part of a loop to
pull out all the quantities from the cart. It is retrieved via the script
below:
<?php
// Query the cart table and select all the items from the table.
$resultCart = mysql_query("SELECT * FROM cart, products WHERE
cart.albumId = products.albumId AND cart.trackerId = $trackerId ORDER by
products.albumTitle ASC");
while($row_rsCart = mysql_fetch_array($resultCart))
{
$cost = $row_rsCart['albumPrice'] * $row_rsCart['qty'];
$cost = number_format ($cost, 2);
$subTotal = number_format ($subTotal, 2);
$subTotal += $cost;
?>
<tr>
<td align="left"><?php echo $row_rsCart['albumArtist'];?></td>
<td align="left"><?php echo $row_rsCart['albumTitle'];?></td>
<td align="right"><?php echo $cost;?></td>
<td align="right
<input name="qty" type="text" size="2" value="<?php echo
$row_rsCart['qty'];?>" />
</td>
</tr>
<?php }// END while loop;?>
Since the qty text field is only one box in a loop, naming it won't help. Is
there another way I could achieve the update?
Thanx for your help.
> Looks like you're naming all of your quantity text boxes "qty". You need
> to use different var names to make multuple values come back. For
> instance you could use "qty[]" to have the results come back in an
> array. Or you could use qty[x] where x is a specific # so that you know
> which product to update.
>
> --
> paperCrane <Justin Patrin>
--- End Message ---
--- Begin Message ---
Kaizer Boab wrote:
Hi Justin,
I only have the one qty field in the View Cart page. It is part of a loop to
pull out all the quantities from the cart. It is retrieved via the script
below:
<?php
// Query the cart table and select all the items from the table.
$resultCart = mysql_query("SELECT * FROM cart, products WHERE
cart.albumId = products.albumId AND cart.trackerId = $trackerId ORDER by
products.albumTitle ASC");
while($row_rsCart = mysql_fetch_array($resultCart))
{
$cost = $row_rsCart['albumPrice'] * $row_rsCart['qty'];
$cost = number_format ($cost, 2);
$subTotal = number_format ($subTotal, 2);
$subTotal += $cost;
?>
<tr>
<td align="left"><?php echo $row_rsCart['albumArtist'];?></td>
<td align="left"><?php echo $row_rsCart['albumTitle'];?></td>
<td align="right"><?php echo $cost;?></td>
<td align="right
<input name="qty" type="text" size="2" value="<?php echo
$row_rsCart['qty'];?>" />
</td>
</tr>
<?php }// END while loop;?>
Since the qty text field is only one box in a loop, naming it won't help. Is
there another way I could achieve the update?
Thanx for your help.
Looks like you're naming all of your quantity text boxes "qty". You need
to use different var names to make multuple values come back. For
instance you could use "qty[]" to have the results come back in an
array. Or you could use qty[x] where x is a specific # so that you know
which product to update.
--
paperCrane <Justin Patrin>
You need to use what I said in my reply. Change name="qty" to
name="qty[]" or name="qty[some database id]".
--
paperCrane <Justin Patrin>
--- End Message ---
--- Begin Message ---
I have changed it to name="qty[]" . How would I reference it on my
processing script?
"Justin Patrin" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Kaizer Boab wrote:
>
> > Hi Justin,
> >
> > I only have the one qty field in the View Cart page. It is part of a
loop to
> > pull out all the quantities from the cart. It is retrieved via the
script
> > below:
> >
> > <?php
> > // Query the cart table and select all the items from the table.
> > $resultCart = mysql_query("SELECT * FROM cart, products WHERE
> > cart.albumId = products.albumId AND cart.trackerId = $trackerId ORDER by
> > products.albumTitle ASC");
> > while($row_rsCart = mysql_fetch_array($resultCart))
> > {
> > $cost = $row_rsCart['albumPrice'] * $row_rsCart['qty'];
> > $cost = number_format ($cost, 2);
> > $subTotal = number_format ($subTotal, 2);
> > $subTotal += $cost;
> > ?>
> > <tr>
> > <td align="left"><?php echo
$row_rsCart['albumArtist'];?></td>
> > <td align="left"><?php echo
$row_rsCart['albumTitle'];?></td>
> > <td align="right"><?php echo $cost;?></td>
> > <td align="right
> > <input name="qty" type="text" size="2" value="<?php echo
> > $row_rsCart['qty'];?>" />
> > </td>
> > </tr>
> > <?php }// END while loop;?>
> >
> > Since the qty text field is only one box in a loop, naming it won't
help. Is
> > there another way I could achieve the update?
> >
> > Thanx for your help.
> >
> >
> >
> >>Looks like you're naming all of your quantity text boxes "qty". You need
> >>to use different var names to make multuple values come back. For
> >>instance you could use "qty[]" to have the results come back in an
> >>array. Or you could use qty[x] where x is a specific # so that you know
> >>which product to update.
> >>
> >>--
> >>paperCrane <Justin Patrin>
>
> You need to use what I said in my reply. Change name="qty" to
> name="qty[]" or name="qty[some database id]".
>
> --
> paperCrane <Justin Patrin>
--- End Message ---
--- Begin Message ---
I have changed it to name="qty[]" . How would I reference it on my
processing script?
"Justin Patrin" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Kaizer Boab wrote:
>
> > Hi Justin,
> >
> > I only have the one qty field in the View Cart page. It is part of a
loop to
> > pull out all the quantities from the cart. It is retrieved via the
script
> > below:
> >
> > <?php
> > // Query the cart table and select all the items from the table.
> > $resultCart = mysql_query("SELECT * FROM cart, products WHERE
> > cart.albumId = products.albumId AND cart.trackerId = $trackerId ORDER by
> > products.albumTitle ASC");
> > while($row_rsCart = mysql_fetch_array($resultCart))
> > {
> > $cost = $row_rsCart['albumPrice'] * $row_rsCart['qty'];
> > $cost = number_format ($cost, 2);
> > $subTotal = number_format ($subTotal, 2);
> > $subTotal += $cost;
> > ?>
> > <tr>
> > <td align="left"><?php echo
$row_rsCart['albumArtist'];?></td>
> > <td align="left"><?php echo
$row_rsCart['albumTitle'];?></td>
> > <td align="right"><?php echo $cost;?></td>
> > <td align="right
> > <input name="qty" type="text" size="2" value="<?php echo
> > $row_rsCart['qty'];?>" />
> > </td>
> > </tr>
> > <?php }// END while loop;?>
> >
> > Since the qty text field is only one box in a loop, naming it won't
help. Is
> > there another way I could achieve the update?
> >
> > Thanx for your help.
> >
> >
> >
> >>Looks like you're naming all of your quantity text boxes "qty". You need
> >>to use different var names to make multuple values come back. For
> >>instance you could use "qty[]" to have the results come back in an
> >>array. Or you could use qty[x] where x is a specific # so that you know
> >>which product to update.
> >>
> >>--
> >>paperCrane <Justin Patrin>
>
> You need to use what I said in my reply. Change name="qty" to
> name="qty[]" or name="qty[some database id]".
>
> --
> paperCrane <Justin Patrin>
--- End Message ---
--- Begin Message ---
Kaizer Boab wrote:
I have changed it to name="qty[]" . How would I reference it on my
processing script?
"Justin Patrin" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Kaizer Boab wrote:
Hi Justin,
I only have the one qty field in the View Cart page. It is part of a
loop to
pull out all the quantities from the cart. It is retrieved via the
script
below:
<?php
// Query the cart table and select all the items from the table.
$resultCart = mysql_query("SELECT * FROM cart, products WHERE
cart.albumId = products.albumId AND cart.trackerId = $trackerId ORDER by
products.albumTitle ASC");
while($row_rsCart = mysql_fetch_array($resultCart))
{
$cost = $row_rsCart['albumPrice'] * $row_rsCart['qty'];
$cost = number_format ($cost, 2);
$subTotal = number_format ($subTotal, 2);
$subTotal += $cost;
?>
<tr>
<td align="left"><?php echo
$row_rsCart['albumArtist'];?></td>
<td align="left"><?php echo
$row_rsCart['albumTitle'];?></td>
<td align="right"><?php echo $cost;?></td>
<td align="right
<input name="qty" type="text" size="2" value="<?php echo
$row_rsCart['qty'];?>" />
</td>
</tr>
<?php }// END while loop;?>
Since the qty text field is only one box in a loop, naming it won't
help. Is
there another way I could achieve the update?
Thanx for your help.
Looks like you're naming all of your quantity text boxes "qty". You need
to use different var names to make multuple values come back. For
instance you could use "qty[]" to have the results come back in an
array. Or you could use qty[x] where x is a specific # so that you know
which product to update.
--
paperCrane <Justin Patrin>
You need to use what I said in my reply. Change name="qty" to
name="qty[]" or name="qty[some database id]".
--
paperCrane <Justin Patrin>
Just try a print_r to see how it comes out and work from there. ;-)
You'll have an array of values.
--
paperCrane <Justin Patrin>
--- End Message ---
--- Begin Message ---
This has still got me stumped.
I tried the following script to update the table but I'm still experiencing
the same result, only one row updates, the rest remain unchanged.
while (list($k, $v) = each($qty))
{
$newQty = $v;
$update = "update cart set qty = $newQty WHERE trackerId = $trackerId AND
albumId = $albumId";
mysql_query($update);
}
I then tried changing my form field names on my View Cart page to
name="albumId[]" and name="trackerId[]" as well. I could view the results
using the array_multisort function with this script:
echo("<table border=\"1\">\n");
for ($i=0; $i < count($trackerId); $i++) {
echo("<tr><td>$qty[$i]</td><td>$albumId[$i]</td><td>$trackerId[$i]</td>\n");
}
echo("</table>\n");
But I am still confused as to how to get the script to update more than one
row.
> >>You need to use what I said in my reply. Change name="qty" to
> >>name="qty[]" or name="qty[some database id]".
> >>
> >>--
> >>paperCrane <Justin Patrin>
>
> Just try a print_r to see how it comes out and work from there. ;-)
>
> You'll have an array of values.
>
> --
> paperCrane <Justin Patrin>
--- End Message ---
