subject:"\[PHP\] mysql question #2"

Re: [PHP] mysql question #2

2008-02-14 Thread Richard Heyes


At any rate, just seeing this tells me that you've got a real mess on
your hands...


Or you could say, "You're going to have some fun cleaning that".

--
Richard Heyes
http://www.websupportsolutions.co.uk

Knowledge Base and Helpdesk software hosted for you - no
installation, no maintenance, new features automatic and free

 ** New Helpdesk demo now available **

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql question #2

2008-02-14 Thread Richard Lynch

On Sun, February 10, 2008 12:12 pm, nihilism machine wrote:
>   public function select_one($sql) {

>   if ($this->auto_slashes) {
>   return stripslashes($ret);

If you have to call stripslashes() on data coming FROM MySQL, then you
have really messed up...

You've put in data that was escaped TWICE, probably with Magic Quotes
"ON" followed by addslashes (or mysql_real_escape_string).

At any rate, just seeing this tells me that you've got a real mess on
your hands...

>   } else {
>   return $ret;
>   }
>   }
>
> how can i get the contents of a column in the returned row say for
> something called "Email" as the column name. here is my code now:

Since it's only returning ONE piece of data, how confused can it be?

$this->whatever['Email'] = $result;

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql question #2

2008-02-10 Thread Zoltán Németh

2008. 02. 10, vasárnap keltezéssel 13.12-kor nihilism machine ezt írta:
> Ok, I read the php.net info. so with this function though:
> 
>   public function select_one($sql) {
>   $this->last_query = $sql;
>   $r = mysql_query($sql);
>   if (!$r) {
>   $this->last_error = mysql_error();
>   return false;
>   }
>   if (mysql_num_rows($r) != 1) {
>   return false;   
>   }
>   $ret = mysql_result($r, 0);
>   mysql_free_result($r);
>   if ($this->auto_slashes) {
>   return stripslashes($ret);
>   } else {
>   return $ret;
>   }
>   }
> 
> 
> how can i get the contents of a column in the returned row say for  
> something called "Email" as the column name. here is my code now:
> 
>  // Attempt to login a user
>   public function CheckValidUser($Email, $Password) {
>   $PasswordEncoded = $this->encode($Password);
>   $sql = "SELECT * FROM CMS_Users WHERE Email='$Email' AND  
> Password='$PasswordEncoded'";
>   $result = $this->DB->select_one($sql);
>   if ($result) {
>   // User info stored in Sessions
>   $_SESSION['Status'] = "loggedIn";
>   $_SESSION['ID'] = $row['ID'];
>   $_SESSION['Email'] = $row['Email'];
>   $_SESSION['AdminLevel'] = $row['AdminLevel'];
>   $_SESSION['FirstName'] = $row['FirstName'];
>   $_SESSION['LastName'] = $row['LastName'];
>   return true;
>   } else {
>   return false;
>   }
>   }
> 

it seems to me you do not want a real 'select_one' but instead a
'select_one_row'

like this:

public function select_one_row($sql) {
$this->last_query = $sql;
$r = mysql_query($sql);
if (!$r) {
$this->last_error = mysql_error();
return false;
}
if (mysql_num_rows($r) != 1) {
return false;   
}
$ret = mysql_fetch_assoc($r);
mysql_free_result($r);
if ($this->auto_slashes) {
return array_map('stripslashes', $ret);
} else {
return $ret;
}
}

and then you would call it in your code like:

public function CheckValidUser($Email, $Password) {
$PasswordEncoded = $this->encode($Password);
$sql = "SELECT * FROM CMS_Users WHERE Email='$Email'
AND  
Password='$PasswordEncoded'";
$row = $this->DB->select_one_row($sql);
if ($row) {
// User info stored in Sessions
$_SESSION['Status'] = "loggedIn";
$_SESSION['ID'] = $row['ID'];
$_SESSION['Email'] = $row['Email'];
$_SESSION['AdminLevel'] = $row['AdminLevel'];
$_SESSION['FirstName'] = $row['FirstName'];
$_SESSION['LastName'] = $row['LastName'];
return true;
} else {
return false;
}
}


note the changes:
- use of mysql_fetch_assoc in the select_one_row function
- putting the return value of the function into $row and then using that
between the if function

// this above might contain bugs as I just wrote it up here in my mailer

greets
Zoltán Németh

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql question #2

2008-02-10 Thread Nathan Nobbe

On Feb 10, 2008 1:12 PM, nihilism machine <[EMAIL PROTECTED]> wrote:

> Ok, I read the php.net info. so with this function though:
>
>public function select_one($sql) {
>$this->last_query = $sql;
>$r = mysql_query($sql);
>if (!$r) {
>$this->last_error = mysql_error();
>return false;
>}
>if (mysql_num_rows($r) != 1) {
>return false;
>}
>$ret = mysql_result($r, 0);
>mysql_free_result($r);
>if ($this->auto_slashes) {
>return stripslashes($ret);
>} else {
>return $ret;
>}
>}


as the function stands you wont be able to.  you can alter it
though:

   public function select_one($sql, $columnName) {
   $this->last_query = $sql;
   $r = mysql_query($sql);
   $ret = false;  ///  default return value is
false
   if (!$r) {
   $this->last_error = mysql_error();
   return false;
   }
   if (mysql_num_rows($r) != 1) {
   return false;
   }
   $result = mysql_fetch_assoc($r);
   if(isset($result[$columnName])) {
  $ret = $result[$columnName]);
   }
   mysql_free_result($r);
   if ($this->auto_slashes) {
   return stripslashes($ret);
   } else {
   return $ret;
   }
   }

note: i just hacked that together in my mail client :)

-nathan

[PHP] mysql question #2

2008-02-10 Thread nihilism machine


Ok, I read the php.net info. so with this function though:

public function select_one($sql) {
$this->last_query = $sql;
$r = mysql_query($sql);
if (!$r) {
$this->last_error = mysql_error();
return false;
}
if (mysql_num_rows($r) != 1) {
return false;   
}
$ret = mysql_result($r, 0);
mysql_free_result($r);
if ($this->auto_slashes) {
return stripslashes($ret);
} else {
return $ret;
}
}


how can i get the contents of a column in the returned row say for  
something called "Email" as the column name. here is my code now:


// Attempt to login a user
public function CheckValidUser($Email, $Password) {
$PasswordEncoded = $this->encode($Password);
		$sql = "SELECT * FROM CMS_Users WHERE Email='$Email' AND  
Password='$PasswordEncoded'";

$result = $this->DB->select_one($sql);
if ($result) {
// User info stored in Sessions
$_SESSION['Status'] = "loggedIn";
$_SESSION['ID'] = $row['ID'];
$_SESSION['Email'] = $row['Email'];
$_SESSION['AdminLevel'] = $row['AdminLevel'];
$_SESSION['FirstName'] = $row['FirstName'];
$_SESSION['LastName'] = $row['LastName'];
return true;
} else {
return false;
}
}

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql question #2

Re: [PHP] mysql question #2

Re: [PHP] mysql question #2

Re: [PHP] mysql question #2

[PHP] mysql question #2

5 matches

Site Navigation

Mail list logo

Footer information