On 21/06/15 20:14, Mark Murphy wrote:
> But what does your application do when it gets an invalid SQL statement?
> Maybe it is telling the attacker something important about your database so
> that they can compromise it with the appropriate injection.
It just defaults to the first news article in
But what does your application do when it gets an invalid SQL statement?
Maybe it is telling the attacker something important about your database so
that they can compromise it with the appropriate injection.
On 2:36PM, Sun, Jun 21, 2015 Lester Caine wrote:
> On 21/06/15 18:55, Richard wrote:
>
On 21/06/15 18:55, Richard wrote:
>>> OK - this had no chance of success since publish_date_desc is
>>> >> processed using the _desc ( or _asc ) and any invalid data
>>> >> stripped
>>> >>
>>> >>
>>> >> &sort_mode=publish_date_desc%20or%20(1,2)=(select*from(select%20n
>>> >> ame_const(CHAR(111,10
> Date: Sunday, June 21, 2015 12:39:06 PM -0400
> From: Aziz Saleh
>
> On Sun, Jun 21, 2015 at 9:19 AM, Lester Caine
> wrote:
>
>> OK - this had no chance of success since publish_date_desc is
>> processed using the _desc ( or _asc ) and any invalid data
>> stripped
>>
>>
>> &sort_mode=publi
On Sun, Jun 21, 2015 at 9:19 AM, Lester Caine wrote:
> OK - this had no chance of success since publish_date_desc is processed
> using the _desc ( or _asc ) and any invalid data stripped
>
>
> &sort_mode=publish_date_desc%20or%20(1,2)=(select*from(select%20name_const(CHAR(111,108,111,108,111,115,
On 16/05/15 14:51, Karl DeSaulniers wrote:
> Interesting. I program in MySQL on a hosting plan by a third party.
> I have heard/read MySQL is not an enterprise solution, but
> for the basic business with say less than 100,000 customers,
> it does the job and well. Larger than that I had hear Postg
On May 16, 2015, at 8:42 AM, Lester Caine wrote:
> On 16/05/15 10:00, Karl DeSaulniers wrote:
>> That does clarify things a bit better on both the @ question
>> and prepared statements. Thank you for the link as well.
>>
>> So new question.. what is the best type of database to use
>> for someon
On 16/05/15 10:00, Karl DeSaulniers wrote:
> That does clarify things a bit better on both the @ question
> and prepared statements. Thank you for the link as well.
>
> So new question.. what is the best type of database to use
> for someone who wants to start small and grow big?
>
> My findings
On May 16, 2015, at 3:51 AM, Lester Caine wrote:
> On 15/05/15 06:21, Karl DeSaulniers wrote:
>> Oh ok. Now it makes a little more sense.
>> I have worked in ASP before, but I am programming in PHP and MySQL at the
>> moment.
>>
>> I am going to look into Prepared Statements. Thanks for your
On 15/05/15 06:21, Karl DeSaulniers wrote:
> Oh ok. Now it makes a little more sense.
> I have worked in ASP before, but I am programming in PHP and MySQL at the
> moment.
>
> I am going to look into Prepared Statements. Thanks for your feedback.
Just to clarify things a little here and explai
-Kevin Waddell
Proverbs 3:5-6
On Fri, 5/15/15, Ruprecht Helms wrote:
Subject: Re: [PHP-DB] SQL Injection
To: php-db@lists.php.net
Date: Friday, May 15, 2015, 10:16 AM
On 15.05.2015 07:21, Karl DeSaulniers wrote:
> On May 14, 2015, at
On 15.05.2015 07:21, Karl DeSaulniers wrote:
On May 14, 2015, at 11:11 PM, Onatawahtaw wrote:
Hi Karl,
If you look at the link you provided you'll notice that some of the code is for
ASP.net and some is for PHP.
I have looked in the link. Most problems by inject an sql-Code is to add
so
On May 14, 2015, at 11:11 PM, Onatawahtaw wrote:
> Hi Karl,
>
> If you look at the link you provided you'll notice that some of the code is
> for ASP.net and some is for PHP. What of the two are you programming in? If
> you are programming in ASP.net you are asking your question to the wrong
Hi Karl,
If you look at the link you provided you'll notice that some of the code is for
ASP.net and some is for PHP. What of the two are you programming in? If you are
programming in ASP.net you are asking your question to the wrong mailing list
as this list is for PHP. If you are programming
On May 14, 2015, at 8:37 PM, Jigme Datse Yli-Rasku
wrote:
> On 15/05/14 18:19 , Karl DeSaulniers wrote:
>> On May 14, 2015, at 8:09 PM, Aziz Saleh wrote:
>>
>>>
>>>
>>> On Thu, May 14, 2015 at 9:05 PM, Karl DeSaulniers
>>> wrote:
>>> Hello Everyone,
>>> Have a quick question. Was reading s
On 15/05/14 18:19 , Karl DeSaulniers wrote:
On May 14, 2015, at 8:09 PM, Aziz Saleh wrote:
On Thu, May 14, 2015 at 9:05 PM, Karl DeSaulniers wrote:
Hello Everyone,
Have a quick question. Was reading some material and wanted some Players
perspective.
I know w3schools is not the de-facto on
On May 14, 2015, at 8:09 PM, Aziz Saleh wrote:
>
>
> On Thu, May 14, 2015 at 9:05 PM, Karl DeSaulniers
> wrote:
> Hello Everyone,
> Have a quick question. Was reading some material and wanted some Players
> perspective.
> I know w3schools is not the de-facto on everything, so I wanted to kno
On Thu, May 14, 2015 at 9:05 PM, Karl DeSaulniers
wrote:
> Hello Everyone,
> Have a quick question. Was reading some material and wanted some Players
> perspective.
> I know w3schools is not the de-facto on everything, so I wanted to know
> how reliable is the information on this page.
>
> http:/
On Jan 15, 2013, at 5:25 AM, Amit Tandon wrote:
SELECT orderid
FROM ORDERS_TABLE
WHERE orderstatus IN ( 'Cancelled', 'New'", 'Denied',
'Expired' , 'Failed' , 'Pending' , 'Refunded' , 'Reversed' , 'Under
Review'
, 'Voided') AND orderdate < '".mysqli_real_escape_s
SELECT orderid
FROM ORDERS_TABLE
WHERE orderstatus IN ( 'Cancelled', 'New'", 'Denied',
'Expired' , 'Failed' , 'Pending' , 'Refunded' , 'Reversed' , 'Under Review'
, 'Voided') AND orderdate < '".mysqli_real_escape_string($
yesterday);
Another option would be to use e
On Mon, Jun 18, 2012 at 6:26 PM, Matijn Woudt wrote:
> On Mon, Jun 18, 2012 at 11:56 PM, Dee Ayy wrote:
>> I would like a query that lists records where a column has not taken
>> on a specific value when grouped by another column.
>>
>> N V
>> n1 v1
>> n1 v2
>> n2 v1
>> n2 v2
>> n2 v3
>> n3 v1
>
On Mon, Jun 18, 2012 at 11:56 PM, Dee Ayy wrote:
> I would like a query that lists records where a column has not taken
> on a specific value when grouped by another column.
>
> N V
> n1 v1
> n1 v2
> n2 v1
> n2 v2
> n2 v3
> n3 v1
>
> If v3 has ever been set for N, do not list N. So the result wo
Chris your answer is the better solution, I thinked that the option suggest
by Martin was fine.
anywhere, tanks for help us to improve us code.
Gerardo.
2009/3/16 Chris
> Martin Zvarík wrote:
>
>> Is it smart to use all of this on one page?
>> Or should I rather do one SQL and let PHP count it
Martin Zvarík wrote:
Is it smart to use all of this on one page?
Or should I rather do one SQL and let PHP count it?
$q = $DB->q("SELECT COUNT(*) FROM comments");
$int_total = $DB->frow($q);
$q = $DB->q("SELECT COUNT(*) FROM comments WHERE approved IS NULL");
$int_waiting = $DB->frow($q);
$q
mignon hunter wrote:
> Hi Christopher
>
> One other question. Our current site is written in jsp with
> Oracle. I'd like to use PHP. Do you have any thoughts on this?
My recommendation is to utilize the existing skills you have; this
echoes Fergus's comment. However, PHP is very popular and if
casionally.
Oracle is the db on most of the site - a little mysql too.
--- On Fri, 11/7/08, Christopher Jones <[EMAIL PROTECTED]> wrote:
From: Christopher Jones <[EMAIL PROTECTED]>
Subject: Re: [PHP-DB] sql injections/best practises
To: [EMAIL PROTECTED]
Cc: php-db@lists.php.net
Da
On Mon, Nov 10, 2008 at 8:49 AM, mignon hunter <[EMAIL PROTECTED]> wrote:
> One other question. Our current site is written in jsp with Oracle. I'd like
> to use PHP. Do you have any thoughts on this?
Your post, mignon, was pretty clearly directed to Christopher, but I
hope neither of you will be
thank you so much Fergus for all this great info - this will get me started.
--- On Sat, 11/8/08, Fergus Gibson <[EMAIL PROTECTED]> wrote:
From: Fergus Gibson <[EMAIL PROTECTED]>
Subject: Re: [PHP-DB] sql injections/best practises
To: php-db@lists.php.net
Date: Saturday, November 8,
Thank you Christopher - this gives me some much needed direction.
--- On Fri, 11/7/08, Christopher Jones <[EMAIL PROTECTED]> wrote:
From: Christopher Jones <[EMAIL PROTECTED]>
Subject: Re: [PHP-DB] sql injections/best practises
To: [EMAIL PROTECTED]
Cc: php-db@lists.php.net
On Fri, Nov 7, 2008 at 3:39 PM, Christopher Jones
<[EMAIL PROTECTED]> wrote:
>
> mignon hunter wrote:
>> I'm am trying to find some definitive best practises on database
>> connections with php on both mysql and oracle.
Most security issues come back to a simple concept. Assume anything
in your s
mignon hunter wrote:
> I'm am trying to find some definitive best practises on database connections
with php on both mysql and oracle.
>
> I'm starting to redesign a corporate website and am trying to find out more
about security and the best practises for database queries and user input form
http://www.php.net/manual/en/function.number-format.php
bastien
> Date: Sun, 16 Dec 2007 17:17:41 +0600
> From: [EMAIL PROTECTED]
> To: php-db@lists.php.net
> Subject: [PHP-DB] sql problem
>
> my problem in the following code
>
> INSERT INTO `test` (
Bryan wrote:
SELECT * FROM productgroup WHERE groupid = $productid
AND label = 'Cats' ORDER BY title
SELECT * FROM productgroup WHERE groupid = $productid
AND label != 'Cats' ORDER BY label,title
I'd like to find a way to combine these 2 statements. I want to list out
all the products, ordere
How about a union?
SELECT * FROM productgroup WHERE groupid = $productid
AND label = 'Cats' ORDER BY title
UNION
SELECT * FROM productgroup WHERE groupid = $productid
AND label != 'Cats' ORDER BY label,title
Also, for long-term maintenance, it would probably be better to list the
columns rather
Yeah, that's a bit of an important piece of information. Some tricks do work
across versions of SQL, but not always.
Something else you can try is creating an artificial column to sort by. Excuse
the code, it's been ages since I've worked with MS SQL so syntax is probably
off, but just to dem
I think there's one small piece of data I left out. I'm working with
php/mssql, not mysql. I'll move to mysql when I get everything else
built. Mssql 2000 doesn't seem to like the = sign in the order by
clause. It looks like both of you so far have come up with the same
syntax though so it must
I think there's one small piece of data I left out. I'm working with
php/mssql, no mysql. I'll move to mysql when I get everything else
built. Mssql 2000 doesn't seem to like the = sign in the order by
clause. It looks like both of you so far have come up with the same
syntax though so it must
Try this:
SELECT * FROM productgroup WHERE groupid = $productid
ORDER BY label = 'Cats' DESC, title
The test SQL I did to make sure I understood it was this (against our Users
table):
select * from users order by first = 'Bob' DESC, first, last
It put all the "Bob"s first, sorting them by firs
Bryan wrote:
SELECT * FROM productgroup WHERE groupid = $productid
AND label = 'Cats' ORDER BY title
SELECT * FROM productgroup WHERE groupid = $productid
AND label != 'Cats' ORDER BY label,title
I'd like to find a way to combine these 2 statements. I want to list out
all the products, ordere
Hi Laitha,
And with backslashes before them ??
jm
- Original Message -
From: "Lasitha Alawatta" <[EMAIL PROTECTED]>
To:
Sent: Thursday, March 22, 2007 2:06 PM
Subject: [PHP-DB] SQL unexpected T_CONSTANT_ENCAPSED_STRING Error
Hi All,
I have a sql script unable to execute. Because
Thanks Everyone...
After I sent that...I got thinking about doing both queries in one statement.
So thats what I did.
Its working fine...
Here is the updated code:
'$tstamp' and
egw_cal.cal_id=egw_cal_dates.cal_id", $db);
if ($event = mysql_fetch_array($events)) {
echo "\n";
echo "\n";
This is a join - Read up on them, they're very useful and don't require
the overhead of a sub-query.
SELECT egw_cal.* FROM egw_cal_dates
LEFT JOIN egw_cal using (cal_id)
where egw_cal_dates.cal_start > $tstamp
AND egw_cal.cal_category = '501'
-Micah
On 02/12/2007
Try this as your SQL. It should give you all the results, then you can use PHP
to sort it all out.
SELECT * FROM egw_cal WHERE cal_category='501' and cal_id in (SELECT cal_id
FROM egw_cal_dates where cal_start > $tstamp)
-TG
= = = Original message = = =
Hello Everyone
Got a simple / st
Matthew Ferry wrote:
Hello Everyone
Got a simple / stupid question.
Worked on this all night. I'm over looking something very basic here.
The query "event_time" brings back the calendar id for each event that is
pending in the future.
ie 12, 13, 14, 26 (There could be 100 of them out
Tony Grimes wrote:
I'm developing a course calendar for a client and I'm running into
performance problems with the admin site. For example, when I try to include
registration counts in the course list, the page really slows down for large
course lists (50 or so):
COURSEATTENDEES CA
1. yes indexes could help, if mysql uses them. The mysql optimiser may or
may not use the index for the query depending on the statement...it sounds
like you are doing a full table scan on the data
2. there are two schools of thought here:
a. run the whole thing as two statements (one outer loo
Chris Carter wrote:
What wrong with this syntax, its not giving any error on runtime but I am
facing a blank page while paging.
$query=" SELECT * FROM gurgaonmalls WHERE mallname = '$mallname' limit $eu,
$limit ";
Have you tried...
echo " $query ";
...to unsure the variables have the values
OK, this makes my day clear!!
I have versión 3.23.49-3 of MySQL
Thanks Dwight!
-Original Message-
From: Dwight Altman [mailto:[EMAIL PROTECTED]
Sent: Jueves, 28 de Septiembre de 2006 11:32 a.m.
To: php-db@lists.php.net
Subject: RE: [PHP-DB] SQL query
Check your version. Subselects
Check your version. Subselects were only added in MySQL Version 4.1.
Regards,
Dwight
> -Original Message-
> From: Edwin Cruz [mailto:[EMAIL PROTECTED]
> Sent: Thursday, September 28, 2006 10:53 AM
> To: 'Miguel Guirao'; php-db@lists.php.net
> Subject: RE: [PH
Make sure that your second query is returning only one row, if it dont
help, try this:
$query="select email from usuarios where userName in (select username
from fussv where folio = 'FUSS-130-2006')"
MySQL think that you second query returns more than 1 row, that's why
mysql dont accept your quer
> -Original Message-
> From: Chris [mailto:[EMAIL PROTECTED]
> Sent: Thursday, September 07, 2006 9:52 PM
> To: K.A.Bouton
> Cc: php-db@lists.php.net
> Subject: Re: [PHP-DB] sql output to a multidimensional array
>
>
> K.A.Bouton wrote:
> > I
Yeah ... it ain't purdy, and it sure doesn't scale so you have to be
careful where you use it.
This is usually more of a presentation issue that I'd suggest be left up
to the application doing the display of the data.
As an example, I believe Microsoft Excel has a crosstab function that
can
Mitch Miller wrote:
K.A.Bouton wrote:
> I need the output of my sql to be a multidimensional array as follows.
then Chris wrote:
> You won't be able to get an sql query to return in that format (I know
> what you're trying to do, I've used the same chart software).
This is my MSSQL Server s
K.A.Bouton wrote:
> I need the output of my sql to be a multidimensional array as follows.
then Chris wrote:
> You won't be able to get an sql query to return in that format (I know
> what you're trying to do, I've used the same chart software).
This is my MSSQL Server solution, and yep, it out
K.A.Bouton wrote:
I need the output of my sql to be a multidimensional array as follows.
chart [ 'chart_data' ] =3D array ( array ( "", "2001", "2002", "2003",
"2004" ),
array ( "AAA", 0, 10, 30,
63 ),
array ( "BBB
Try the MSDN library:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ado270/htm/mdobjconnectionpme.asp
- Frank
> Chris wrote:
> > Todd Cary wrote:
> >> [Sorry - I misposted this in the General group]
> >>
> >> I am in the process of converting my clients PHP scripts that are
>
Todd Cary wrote:
Chris wrote:
Todd Cary wrote:
[Sorry - I misposted this in the General group]
I am in the process of converting my clients PHP scripts that are
using Firebird so they will work with SQL Server (their request; not
mine).
Is there a reference where I can get the COM Methods
Chris wrote:
Todd Cary wrote:
[Sorry - I misposted this in the General group]
I am in the process of converting my clients PHP scripts that are
using Firebird so they will work with SQL Server (their request; not
mine).
Is there a reference where I can get the COM Methods and Properties?
Todd Cary wrote:
[Sorry - I misposted this in the General group]
I am in the process of converting my clients PHP scripts that are using
Firebird so they will work with SQL Server (their request; not mine).
Is there a reference where I can get the COM Methods and Properties?
The php website
>From: David BERCOT <[EMAIL PROTECTED]>
> >To: php-db@lists.php.net
> >Subject: RE: [PHP-DB] SQL request on DBase file
> >Date: Sat, 11 Feb 2006 14:31:50 +0100
> >
> >Hi,
> >
> > > Whats wonrg with the manual?
> > >
> > > http://
hp.net
Subject: RE: [PHP-DB] SQL request on DBase file
Date: Sat, 11 Feb 2006 14:31:50 +0100
Hi,
> Whats wonrg with the manual?
>
> http://ca3.php.net/manual/en/ref.oracle.php
>
> http://www.zend.com/products/zend_core/zend_core_for_oracle
I looked at these links and I found nothing a
Hi,
> Whats wonrg with the manual?
>
> http://ca3.php.net/manual/en/ref.oracle.php
>
> http://www.zend.com/products/zend_core/zend_core_for_oracle
I looked at these links and I found nothing about .pdf files !!!
I have no problem with Oracle, but only for requesting, in SQL, .dbf
files...
Davi
Whats wonrg with the manual?
http://ca3.php.net/manual/en/ref.oracle.php
http://www.zend.com/products/zend_core/zend_core_for_oracle
Bastien
From: David BERCOT <[EMAIL PROTECTED]>
To: php-db@lists.php.net
Subject: [PHP-DB] SQL request on DBase file
Date: Sat, 11 Feb 2006 00:28:16 +0100
Hi,
Do you have the "truncate log on checkpoint" option enabled? Also, if you
want to reduce the size of the log file if shrinking doesn't work, try
running the following against the database. Of course, you should backup
the DB first.
SET NOCOUNT ON
DECLARE @LogicalFileName sysname,
@M
Yes, the transaction logs are being backed up and shrunk regularly. I
am told while they are 400MB most of that is "empty space" and it's
really about 50MB in size. Apparently that is still a bit too big and
indicates a possible problem.
I'm glad all transactions are auto-commited. I presum
Using COMMIT is only required if you issued a BEGIN TRANS before your
INSERTs, UPDATEs and / or DELETEs. All transactions are automatically
committed if you don't use BEGIN TRANS. Are you backing up the
transaction logs regularly?
-- bob
On Fri, 16 Dec 2005, Alex Gemmell wrote:
> Hello people,
Assuming a new record
"INSERT INTO reviews (review_id, review_txt)
VALUES
($id,'$_POST[review]')";
Bastien
From: geekgirl1 <[EMAIL PROTECTED]>
To: php-db@lists.php.net
Subject: [PHP-DB] SQL Insert INTO question
Date: Wed, 7 Dec 2005 11:59:26 -0500
First time poster.
Thi
Estimado veditio,
you wrote:
> I've got a ton of forms that use the $_POST variable to send
> information into the database [...]
> Any suggestions on how to tighten up the form security, or does
> magic_quotes help enough?
I'm not a security expert but after some attacks I have implemented
this
Haha.. what the hell? Ok, I know this is an older copy of the script I wrote
because I know I took out the "All this does is escape the data" comment and I
KNOW I saw the thing about mysql_escape_string() being deprecated... don't
know why it's still in there. Hah
Thanks for pointing that out
NOTE:
http://www.php.net/mysql_escape_string
"Version: 4.3.0
Description: This function became deprecated, do not use this
function. Instead, use mysql_real_escape_string()."
Jordan
On Aug 25, 2005, at 2:15 PM, <[EMAIL PROTECTED]> [EMAIL PROTECTED]> wrote:
Using mysql_escape_string shoul
I'm pretty amateur at this too, but have done a little reading on the subject.
Here's some nuggets to ponder while the real experts write their responses: :)
1. Magic quotes + mysql_escape_string = double escaped stuff. I think the
general opinion is the magic quotes is evil, but I'm sure some
Personally, I always check variables that I'm using in a query. If I'm
expecting eg a session id (32 hex characters) I check that the session id is
a valid one - ie "!$[0-9a-f]{32}$!" (I use ! as delimiter in regexps).
Allthough mysql_escape_string will probably protects me from injections, I
stil
Only? That aint too big, but now i'm confused what's ur hardware and
O.Sspecs? 300 to 500 would be a peice of cake to load. However, it
depends on
ur system.
I would rather use the array than hitting the db for the query. Because the
bottom line is that you will receive your data in an array no m
> explain the phrase "big array."
I guess everything is relative!
We're talking about 300-500 items here.
Paul
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
explain the phrase "big array."
What is big to you might not be big to the server nor to me but then again
maybe it's bigger. Are you talking dozens, hundreds, thousands, millions??
- Original Message -
From: "Paul Reilly" <[EMAIL PROTECTED]>
To:
Sent: Saturday, April 23, 2005 5:05 PM
S
Thanks, but DISTINCT doesn't work... But I managed to get it to work
anyway by including
"namn_1 NOT LIKE 'H%'"
in the second WHERE-clause...
Micah Stevens wrote:
use DISTINCT?
On Sunday 30 January 2005 12:51 pm, Bobo Wieland wrote:
Anyone that can help me with this one? I want this SQL-statem
use DISTINCT?
On Sunday 30 January 2005 12:51 pm, Bobo Wieland wrote:
> Anyone that can help me with this one? I want this SQL-statement to
> retrive only distinct values from the original table column named (not
> the AS stuff)
>
> (
> SELECT * , namn_2 AS sec_namn, namn_1 AS one
> FROM sortimen
Hi,
To stop the return receipt dialog appearing in Tbird...
Tools... Options... Advanced... Return Receipt and select "Never send a
return receipt." Or you can choose some of the other selections.
graeme
Jochem Maas wrote:
Jason,
can you please turn off the return receipts on emails you send to t
Jason,
can you please turn off the return receipts on emails you send to the list.
it's bloody annoying to have 'The Sender wishes to be notified'
popup messages everytime I read one of your emails (and, alas, I don't
have the skill to hack the return receipt crap right out of Tbird). BTW
yo
missing the singles quotes around the company name text element
$query_company_listing = "SELECT CompanyID, CompanyName,
CompanyOrDepartment, BillingAddress, City, PostalCode, PhoneNumber FROM
company WHERE company.CompanyName='".$_POST['CompanyName']."' ORDER BY
CompanyName ASC";
bastien
From: [E
the syntax for that looks fine to me
what you might want to try doing is something like this
if( isset( $_POST['CompanyName'] ) ) {
$query_company_listing = "SELECT CompanyID, CompanyName,
CompanyOrDepartment, BillingAddress, City, PostalCode, PhoneNumber FROM
company WHERE company.Co
PHPDiscuss - PHP Newsgroups and mailing lists wrote:
Hello everybody,
I'm building a small application and I have trouble passing a POST
variable form one page to another inside the SQL statement.
The query displayed below works great without the
".$_POST['CompanyName']."
$query_company_listing =
First off - $_POST['CompanyName'] is valid, right?
Can you do something like this?:
if (isset($_POST['CompanyName'])){
$sqlCompanyName = $_POST['CompanyName'];
} else {
"return them back to the form, or something?"
}
$query_company_listing = "SELECT CompanyID, CompanyName,
Compa
[EMAIL PROTECTED]
> Subject: [SPAM] Re: [PHP-DB] SQL Insert problem
>
> From: "Vincent Jordan" <[EMAIL PROTECTED]>
>
> > > > $sql = "INSERT INTO rmarequest (firstname, lastname, address,
> > > > address2,
> > > > city, state, zip
> To: [EMAIL PROTECTED]
> Subject: RE: [PHP-DB] SQL Insert problem
>
> You're missing address2 in your list of values. This means that you have
> an
> unmatching number of column names and values in your query and that'll
> make
> the query bomb.
>
> R
ROTECTED]
> Sent: Thursday, August 05, 2004 11:06 AM
> To: [EMAIL PROTECTED]
> Subject: RE: [PHP-DB] SQL Insert problem
>
>
> I have inserted '$address2', correctly in the row however it
> is still not
> putting the data in the table.
>
> I am not getting a
From: "Vincent Jordan" <[EMAIL PROTECTED]>
> > > $sql = "INSERT INTO rmarequest (firstname, lastname, address,
> > > address2,
> > > city, state, zip, phone, email, serial, product, reason,
> > > rmanumber)VALUES
> > > ('$firstname', '$lastname', '$address', '$city', '$state',
> > > '$zip', '$phon
"John W. Holmes" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> From: "Vincent Jordan" <[EMAIL PROTECTED]>
>
> > Im having a problem inserting data. Ive looked over this again and again
> and
> > can not find what ive missed. Everything else works besides the db
insert.
>
> It would
> Sent: Thursday, August 05, 2004 10:26 AM
> To: [EMAIL PROTECTED]
> Subject: RE: [PHP-DB] SQL Insert problem
>
> You're missing address2 in your list of values. This means that you have
> an
> unmatching number of column names and values in your query and
You're missing address2 in your list of values. This means that you have an
unmatching number of column names and values in your query and that'll make
the query bomb.
Rich
> -Original Message-
> From: Vincent Jordan [mailto:[EMAIL PROTECTED]
> Sent: Thursday, August 05, 2004 10:25 AM
>
I have tried that and I don't get an error, but I don't get any records
returned either. And I have lowered the search string like you
mentioned. Here's what I tried ( Access syntax ):
SELECT autoQuesID,fldQuesTitle,fldBody
FROM tblFAQ_Question
WHERE LCase(fldBody) LIKE '%$strSearchFor%';
Nic
Have you tried lowering the fldBody as well? Like:
SELECT autoQuesID,fldQuesTitle,fldBody
FROM tblFAQ_Question
WHERE LOWER(fldBody) LIKE '%$strSearchFor%';
And $strSearchFor has already been lowered, of course.
--Nicole
---
Nicole Swan
Web Programming Specialist
Carroll C
Thompson, Jimi wrote:
So then I try do this â
Note that this shouldnât work since it isnât a valid SQL statement.
> I'm not sure why PHP doesn't return some kind of an error message.
PHP does return an error message, you're just not displaying it.
$rswrk = mysql_query($sqlwrk) or die(mysql_err
Jimi,
PHP does not return an error because it knows nothing about valid sql.
It's just knows if it's a valid PHP statement. (which it is because
you've got the "'s in the right place and a ; at the end. ) :)
It's up to MySQL to return an error.
As to your statement.
1: It's easier and valid in
I have these tables.
Users ( id,name,etc )
Coments : ( id , comment )
How do I do this kind of query:
I thought in one thing like this but I cant figure it out.
Example: Select * from users order by id desc in (select count (id)
from
comments)
Expected result:
List of users:
* User1
See comments
That did it thanks
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Vern wrote:
I found this code below that allows me to retreive the queries served on my
server for each day but can't figure out how to actually display the
information using echo. Can some one give me an example using the following
SQL?
SELECT DATE_FORMAT(ex_date, '%Y %m %d %W'), COUNT(id)
FROM e
What type of field is PhaseFK?
-- bob
On Wed, 17 Mar 2004, david wrote:
> Hello there!
>
> I have just about driven myself crazy with an odd intermittent problem.
>
> I have an intranet site, a good size one at that, on a Windows 2000 Server,
> running Apache, connecting to another Windows 2000
david wrote:
Hello there!
I have just about driven myself crazy with an odd intermittent problem.
[snip]
I'd first start by turning on all logging I could in the SQL server
so that I could see what's happening straight from the horse's mouth...
Bruno Ferreira
---
[This E-mail scanned f
the database.
- Original Message -
From: "Doug Thompson" <[EMAIL PROTECTED]>
To: "Robin 'Sparky' Kopetzky" <[EMAIL PROTECTED]>
Cc: "Erwin Kerk" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Friday, February 27, 2004 1:04 AM
Su
1 - 100 of 224 matches
Mail list logo
