Posts by Will Gresham

On the phoneupdate1.php page, update it to something similar to the following:

//Connecting to MYSQL
MySQL_connect("$host","$user","$pass");

//Select the database we want to use
mysql_select_db($db) or die("Could not find database");

// Check to see if the link from the previous page was clicked
if(isset($_REQUEST['id'])) {
  // Check that the id value in the URL is a number
  if(is_numeric($_REQUEST['id'])) {
    mysql_query("SELECT * FROM people WHERE id = `$id`") or die(mysql_error);
    if(mysql_num_rows > 0) {
      // add the SQL data to an array using mysql_fetch_assoc or mysql_fetch_assoc
    } else {
      echo 'No Record';
    }
  }
}

// ***** This part will process when you Click on "Submit" button *****
// continue with the script

The problem there is that you have gone to a new page, all data in $row will have been lost. You either need to send the data between the pages in the URL query string or re-query the database on phoneupdate1.php, for example:
if(is_numeric($_REQUEST)) {
SELECT * FROM people WHERE id = `$id`
}

A couple of problems with your current code:

mysql_fetch_row returns a row in a numerical array, you would need to use $row[0], $row[1] for displaying the data, to use what you are, you will need to use mysql_fetch_assoc to call the cells by the column names.

There is a slight problem here:

if (mysql_num_rows($result) > 0) {

while($row=mysql_fetch_row($result)){

echo "ID : .$row['id'] <br/>";
echo "First Name : $row['fname'] <br/>";
echo "Last Name : $row['lname'] <br/>";
echo "Phone Number : $row['phone_num'] <br/>";
echo "Extension : $row['ext'] <br/>";
echo "Title : $row['title'] <br/>";
echo "Department : $row['dept'] <br/>";
echo "Fax Number : $row['fax'] <hr>";

// Add a link with a parameter(id) and it's value.
echo '<a href="phoneupdate1.php?id='.$row['id'].'">Update</a>';
}
[B]else { 
    // no 
    // print status message 
    echo "No rows found!";
	} [/B]
}

You have put it as this:
If {
While {
End While }
Else {}
End If }

It should be:

if (mysql_num_rows($result) > 0) {
  while($row=mysql_fetch_row($result)){
    echo "ID : .$row['id'] <br/>";
    echo "First Name : $row['fname'] <br/>";
    echo "Last Name : $row['lname'] <br/>";
    echo "Phone Number : $row['phone_num'] <br/>";
    echo "Extension : $row['ext'] <br/>";
    echo "Title : $row['title'] <br/>";
    echo "Department : $row['dept'] <br/>";
    echo "Fax Number : $row['fax'] <hr>";
    // Add a link with a parameter(id) and it's value.
    echo '<a href="phoneupdate1.php?id='.$row['id'].'">Update</a>';
  }
} else { 
  // no 
  // print status message 
  echo "No rows found!";
}

I'm afraid I cant see any other problems with the actual code, …

Do other PHP pages work?

add error_reporting(E_ALL); to the top of the page to override any php.ini config which may be blocking errors from displaying.

add this before the while():

if(mysql_num_rows($result)<1) {
echo 'No Results';
} else {
// while statement here
}

This will determine if the query is returning a result

If you mean the popup window that appears in your browser asking for a username and password, this relies on the htaccess and htpasswd files, was it this you are looking for or another type of login box?

I can't say I have heard of that function before, may be worth looking into for future projects :)

In response to the point about add/strip slashes, here is an example:

You have HTML tags and attributes you want to add to the db, such as <a href='somelink' title='sometitle'> Using the query to get the data would pick up the ' in the string and return an error as some of the content of the data would be interpreted as PHP, not good.

when you add the data to the database either use the addslashes function to change ' to \' so that PHP ignores them when reading from the db or do the same manually.

When you echo the data back, change the echo($data) to echo(stripslashes($data)).

magic_quotes is not the best function out there as it can cause slashes to be added in places they are not needed. read http://en.wikipedia.org/wiki/Magic_quotes for details on that subject.

The linebreaks can't be seen as most software packages hide them by default (they look like a backwards P and a T) PHP however will pick them up and use them in a similar way to a newline command.

If you type this into a text editor with a line break and then copy/paste it into the database, this will also be moved into the SQL field and PHP will echo a new line as well as the code.

Another thing, when getting HTML from the db, you will want to think about how you are doing this, currently with the echo statement you have you may encounter problems with quotes (') if you use them later. I would suggest looking into storing HTML in a database as well as the stripslashes/addslashes functions.

You should change

if($_POST['submit'])

to

if(isset($_POST['usern']))

OR


if(isset($_POST['pass']))

Also, I would remove the $db = from the select db function as it is not needed here.

If you are using the same name for the array in both instances, try unsetting it first:

$arrayName='';

Once you have executed a second query you then need to reload the data from the query into the array.

on the page that sets the cookies/sessions, add this to the top:

<meta http-equiv="refresh" content="5"/>

This will reload the page and clear POST data. Looking again, the header function probably will not work in this instance.

header('Location: URL');

Make sure that you put this at the top of the file before any HTML tags.

try doing this:

// Then i would have the line here, to be run again - second instance
$result = mysql_query($sqlQuery,$connect);
if(mysql_num_rows($result)>0) {
//Process second instance
} else {
echo 'No Data';
}

This will tell you if the query is actually fetching a row, if it is, make sure that you put the result into an array before trying to use it:

$data = mysql_fetch_array($result);

Using the back button to go to a page form data was submitted to will cause this, to solve it, once the login script has been run either use a header redirect or a meta redirect to clear the POST data.

So long as the PHP code comes before anything else in the file, the HTML/CSS should not effect it. If there is any HTML before the PHP then the headers are sent and cannot be modified with the header function.

Can you post the entire source here in [ /CODE] tags?[CODE ] [ /CODE] tags?

Have a look at the source code through your browser to see if there are any errors hidden beneath tables/elements.

If there are not add something similar to the following to see if the SQL query is causing an issue:

if($login_check>0) {
  header('Location:./portfolio.php');
} else {
  echo 'Login Failed';
}

There doesnt seem to be a problem with the code, but for the header function, try to use a relative link and not http://localhost:

header('Location:./portfolio.php');

On the page that it is not working is the PHP code on there or is it in a seperate file. Also, does the script return an error such as 'Headers already sent by...'?

It is the mysql_free_result function you would use, example below:

$connect = mysql_connect("server", "username", "password");
if (!$connect) {
  die('Could not connect: ' . mysql_error());
}
mysql_select_db("dbName",$connect);

$sqlQuery = "SELECT * from table";
$result = mysql_query($sqlQuery,$connect);
// Do something with the result

// Free result
mysql_free_result($result);

What error (if any) does the script return?

Are you adding the PHP code to the top of the HTML/CSS file or using an include function? Can you post the code here?

The header function must be used before any output is printed, i.e before the opening HTML tag, make sure there is no HTML code or echo/print functions before the header one.