Jump to content
xisto Community
Feelay

Changing A Value From A Textbox or something. dont exactly how to explain.

Recommended Posts

Hey!

I am trying to do the following:
A user type his name in a textbox, and press the submit button.
Then, another file checks if the name exist in the database. if it does, the code will select the id from the database where the username is (SELECT id from username where username='$textboxvalue')


This is the code I am using:

<?phpsession_start();require "database.php";$to=$_POST['message_to'];$ck_reciever = mysql_query("SELECT username FROM user WHERE username = '".$to."'");$to_id = mysql_query("SELECT id FROM user WHERE username = '".$to."'");die($to_id ."<br>".$ck_reciever."<br>".$to);?>

but when i try to echo all these variables (die(blabla))this is what I get:

Resource id #5Resource id #4
feelay


anyone who knows what might be wrong?

Thanks //Feelay

Share this post


Link to post
Share on other sites

No idea what's up with your code that's making it not work, but on a fairly important issue I notice you're not doing any kind of escaping on the posted variable. Even if it's a simple mysql_real_escape_string(), it should stop a large portion of problems with people managing to insert horrible little bits of code in to your queries. :)

Share this post


Link to post
Share on other sites
mysql_query doesn't return an exact value, but a resource ID. You need to use mysql_result in order to extract the desired data from a resource ID.

Share this post


Link to post
Share on other sites

try something like:

$ck_reciever = mysql_query("SELECT username FROM user WHERE username = '".$to."'");$row = mysql_fetch_array($ck_reciever);if ($row[0] == null) {	//error or no result returned  } else {	//do what you want with the result. $row[0] should be the returned id	  }

When you use the mysql query it returns an item that you need to turn into useable data unless I'm completely off base. I haven't used php in awhile but I think thats sort of what you should look at doing

Share this post


Link to post
Share on other sites

should I change the "0" to the column name?

For this case, you don't have to. [0] here refers to the first column of result you're returning. If in later stages, you start retrieving more columns of data, you might want to consider using the column name like ['id'] or ['username'] and so forth. Using text as index will compromise a little bit on speed. But it won't be noticeable until you start accessing hundreds of column per page. The alternative is to use constant. Declare constant with representative name and assign number to it, then use it to refer to your column, it's similar to using numbers directly, just that it's less confusing. E.g. $row[tablename_id], where tablename_id = 0.

Using constant and using number has an disadvantage, you need to take note of it when you change your query in the later stage, like retrieving more columns, or if you're using "*" to retrieve all the columns, the code will break when you update your table structures.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.