Sascha Kettner wrote:
> Hi!
>
> I have the following script to be executed via post from a web-form; the
> var. Pin, msisd and knd are given by the form but however, the script is
> not working. I always get no results as if there are no matches, but
> this isnt right! This is regardless which entries i submit with the
> form!
> Any ideas to fix the problem?
>
> Thanks a lot in advance
> Regards
>
> Sascha Kettner
>
> #!/usr/bin/perl
>
> use DBI();
> #################
> # Get form Data #
> #################
>
> &parse_form;
> ####################
> # Script Variables #
> ####################
> $input{knd} = "";
> $input{pin} = "";
> $input{msisdn} = "";
>
> ########################
> # What to do on submit #
> ########################
>
> &dojob;
>
> ######################
> # Lets have a look at the db #
> ######################
>
> sub dojob {
>
> # Now retrieve data from the table.
> my $dbh = DBI->connect("DBI:mysql:database=prepaid;host=localhost",
> "root", "sascha28",
> {'RaiseError' => 1});
> my $sth = $dbh->prepare("SELECT * FROM pins WHERE pin LIKE '$input{pin}'
> OR msisdn LIKE '$input{msisdn}' OR knd LIKE '$input{knd}'");
> print <<EOF;
> Content-type: text/html
'$input(pin)' is a literal string.
The single quote will prevent it from being evaluated.
Use the $dhb->quote() function to quote and assign your variable to
another, and
then use that variable in your query without the single quotes.
my $pin=$dbh->quote($input{pin};
my $sth = $dbh->prepare("SELECT * FROM pins WHERE pin LIKE $pin ...
>
>
>
> <html>
> <!--# Include Virtual="/blank.html"-->
> <head>
> <title>MAKEPINS</title>
> <meta http-equiv="refresh" content="10;url=https:/index.html">
> </head>
> <body>
> <h1 align="center">Suche Ausgeführt</h1><hr><br><br>
> </body>
> </html>
>
> EOF
> $sth->execute();
> while (my $ref = $sth->fetchrow_hashref()) {
> print "Eintrag gefunden: pin = $ref->{'pin'}, msisdn =
> $ref->{'msisdn'}\n, knd = $ref->{'knd'}\n\n";
> }
> $sth->finish();
> # Disconnect from the database.
> $dbh->disconnect();
> exit;
> }
> ##########################
> # Get form data function #
> ##########################
>
> sub parse_form {
>
> read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
> if (length($buffer) < 5) {
> $buffer = $ENV{QUERY_STRING};
> }
> @pairs = split(/&/, $buffer);
> foreach $pair (@pairs) {
> ($name, $value) = split(/=/, $pair);
>
> $value =~ tr/+/ /;
> $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
>
> $input{$name} = $value;
> }
> }
>
> ###########
> # The end #
> ###########
>
>
> ---------------------------------------------------------------------
> Before posting, please check:
> http://www.mysql.com/manual.php (the manual)
> http://lists.mysql.com/ (the list archive)
>
> To request this thread, e-mail <[EMAIL PROTECTED]>
> To unsubscribe, e-mail <mysql-unsubscribe-##L=##[EMAIL PROTECTED]>
> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
>
>
>
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <mysql-unsubscribe-##L=##[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
