Professional Web Applications Themes

"i have gone crazy mfing crazy i have gone crazy" - MySQL

the database looks like this the database is called username_tpp (not really just using username as a sub) the table is called home it has field 1 : varchar(50) | latin1_swedish_ci | no attributes | null = no | default = (nothing) | extra = (nothing) | action = primary key | comments = h field 2 : text | latin1_swedish_ci | no attributes | null = no | default = (nothing) | extra = (nothing) | action = text | comments = b all i am trying to achive is to have someone post what they want to appear ...

  1. #1

    Default "i have gone crazy mfing crazy i have gone crazy"

    the database looks like this

    the database is called
    username_tpp (not really just using username as a sub)
    the table is called
    home
    it has
    field 1 : varchar(50) | latin1_swedish_ci | no attributes | null = no |
    default = (nothing) | extra = (nothing) | action = primary key |
    comments = h

    field 2 : text | latin1_swedish_ci | no attributes | null = no |
    default = (nothing) | extra = (nothing) | action = text | comments = b

    all i am trying to achive is to have someone post what they want to
    appear on their website on this page as in the header and the body of
    their site (i will do xhtml formating to make it look nicer if the
    script ever works)

    <?php // update_site.php
    // This script adds a entry to the database.

    // Address error handling.
    ini_set ('display_errors', 1);
    error_reporting (E_ALL & ~E_NOTICE);

    if (isset ($_POST['submit'])) { // Handle the form.

    // Connect and select.
    if ($dbc = mysql_connect ('localhost', username', password)) {

    if (!mysql_select_db ('username_tpp')) {
    die ('<p>Could not select the database because:
    <b>' . mysql_error()
    .. '</b></p>');
    }

    } else {
    die ('<p>Could not connect to MySQL because: <b>' .
    mysql_error() .
    '</b></p>');
    }

    // Define the query.
    $query = "INSERT INTO home (1) VALUE ('{$_POST['header']}')";
    "INSERT
    INTO home (2) VALUE '{$_POST['body']}'";

    // Execute the query.
    if (mysql_query ($query)) {
    print '<p>The blog entry has been added.</p>';
    } else {
    print "<p>Could not add the entry because: <b>" .
    mysql_error() .
    "</b>. The query was $query.</p>";
    }

    mysql_close();

    }

    // Display the form.
    ?>
    <form action="update_site.php" method="post">
    <p>Page Header: <input type="text" name="header" size="40"
    maxsize="100" /></p>
    <p>Page Body :&nbsp;&nbsp;
    <textarea name="body" cols="40" rows="5"></textarea></p>
    <input type="submit" name="submit" value="Update My Website" />
    </form>

    i get this error...

    Could not add the entry because: You have an error in your SQL syntax;
    check the manual that corresponds to your MySQL server version for the
    right syntax to use near '1) VALUE ('hello')' at line 1. The query was
    INSERT INTO home (1) VALUE ('hello').

    then i have another script that is not working
    either which is:

    this is the script for their home page that retirves the data that this
    one posts into the table.

    <?php // index.php
    // This script retrieves header and body text from the database.

    // Address error handing.
    ini_set ('display_errors', 1);
    error_reporting (E_ALL & ~E_NOTICE);

    // Connect and select.
    if ($dbc = mysql_connect ('localhost', 'username', 'password')) {

    if (!mysql_select_db ('username_tpp')) {
    die ('<p>Could select the database because: <b>' .
    mysql_error() .
    '</b></p>');
    }

    } else {

    die ('<p>Could not connect to MySQL because: <b>' .
    mysql_error() .
    '</b></p>');

    }

    // Define the query.
    $query = 'SELECT * FROM home';

    if ($r = mysql_query ($query)) { // Run the query.
     [/ref][/ref]

    // Retrieve and print every record.
    while ($row = mysql_fetch_array ($r)) {
    print "<p><h3>{$row['1']}</h3>
    {$row['2']}<br />
    </p><hr />\n";
    }

    } else { // Query didn't run.

    die ('<p>Could create the table because: <b>' . mysql_error() .
    "</b>.
    The query was $query.</p>");

    } // End of query IF.

    mysql_close(); // Close the database connection.
    ?>

    could you please help me ive been debugging for days now and my head is
    going to explode

    -thank you, philip (kirewire.com, leetmachines.com, pealtech.com,
    leetbargains.com)

    kkddrpg@gmail.com Guest

  2. #2

    Default Re: "i have gone crazy mfing crazy i have gone crazy"

    com wrote: 
    <lots of code snipped> 

    Are your columns actually named '1' and '2'? These aren't normal column
    names - normally you name them something descriptive, like 'name', or
    'firstname', etc. In fact, these are invalid names according to the SQL
    standard, although you might coax MySQL to accept them.

    What does the actual CREATE TABLE statement you used look like?

    --
    ==================
    Remove the "x" from my email address
    Jerry Stuckle
    JDS Computer Training Corp.
    net
    ==================
    Jerry Guest

  3. #3

    Default Re: "i have gone crazy mfing crazy i have gone crazy"


    Jerry Stuckle wrote: 
    > <lots of code snipped> 
    >
    > Are your columns actually named '1' and '2'? These aren't normal column
    > names - normally you name them something descriptive, like 'name', or
    > 'firstname', etc. In fact, these are invalid names according to the SQL
    > standard, although you might coax MySQL to accept them.
    >
    > What does the actual CREATE TABLE statement you used look like?
    >
    > --
    > ==================
    > Remove the "x" from my email address
    > Jerry Stuckle
    > JDS Computer Training Corp.
    > net
    > ==================[/ref]

    Is 'value' valid sql?. I thought you had to use 'values' regardless of
    how much data you're inserting

    strawberry Guest

  4. #4

    Default Re: "i have gone crazy mfing crazy i have gone crazy"

    strawberry wrote: 
    >>
    >><lots of code snipped>
    >> 
    >>
    >>Are your columns actually named '1' and '2'? These aren't normal column
    >>names - normally you name them something descriptive, like 'name', or
    >>'firstname', etc. In fact, these are invalid names according to the SQL
    >>standard, although you might coax MySQL to accept them.
    >>
    >>What does the actual CREATE TABLE statement you used look like?
    >>
    >>--
    >>==================
    >>Remove the "x" from my email address
    >>Jerry Stuckle
    >>JDS Computer Training Corp.
    >>net
    >>==================[/ref]
    >
    >
    > Is 'value' valid sql?. I thought you had to use 'values' regardless of
    > how much data you're inserting
    >[/ref]

    Good eye - I missed that one completely! You are totally, 100% and
    beyond any doubt at all, correct! :-)

    --
    ==================
    Remove the "x" from my email address
    Jerry Stuckle
    JDS Computer Training Corp.
    net
    ==================
    Jerry Guest

  5. #5

    Default Re: "i have gone crazy mfing crazy i have gone crazy"

    its from a books supporting website that code i got rid of the create
    table part i described exactly how the data base is i made the database
    in phpmyadmin
    Jerry Stuckle wrote: 
    > >
    > >
    > > Is 'value' valid sql?. I thought you had to use 'values' regardless of
    > > how much data you're inserting
    > >[/ref]
    >
    > Good eye - I missed that one completely! You are totally, 100% and
    > beyond any doubt at all, correct! :-)
    >
    > --
    > ==================
    > Remove the "x" from my email address
    > Jerry Stuckle
    > JDS Computer Training Corp.
    > net
    > ==================[/ref]

    so Guest

  6. #6

    Default Re: "i have gone crazy mfing crazy i have gone crazy"

    what i am trying to say here is

    // Define the query.
    $query = "INSERT INTO home (1) VALUE ('{$_POST['header']}')";
    "INSERT
    INTO home (2) VALUE '{$_POST['body']}'";

    the name of the table is home
    and that table whas two fields 1 and 2 and field 1 is a varchar 50 for
    the header and field to is text for the body of my site and 'header'
    and 'body' are the values im useing b/c those are the names of the
    fields in the form

    so Guest

  7. #7

    Default Re: "i have gone crazy mfing crazy i have gone crazy"

    "so many sites so little time" <com> wrote:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    This ain't cool. Please use your real name here.
     

    1. this is invalid PHP: you assign the first string literal to $query
    but the second is just standing there. Don't you get a PHP syntax
    error here? I didn't look into PHP for a long time, but the curly
    braces around $_POST[foo] look suspicious. It's much better style
    to create the query string with sprintf().

    2. this is invalid SQL: INSERT INTO table [(columns)] VALUES (values)
    ~~~
    3. this is a strange schema. Did you call the columns of table `home`
    `1` and `2`? Really? Bad thing!

    4. if you have two columns `1` and `2`, you should insert values into
    both columns at once. Otherwise you will get two totally unrelated
    records in table `home`.

    5. this opens the door for SQL injection. You must NEVER use GET/POST
    variables without escaping them correctly.


    XL
    --
    Axel Schwenke, Senior Software Developer, MySQL AB

    Online User Manual: http://dev.mysql.com/doc/refman/5.0/en/
    MySQL User Forums: http://forums.mysql.com/
    Axel Guest

Similar Threads

  1. "MediaController" Component Acting Crazy!
    By jOEL in forum Macromedia Flash
    Replies: 0
    Last Post: December 9th, 08:44 PM
  2. I think i am going crazy
    By chris in forum PHP Development
    Replies: 4
    Last Post: October 7th, 11:05 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139