HOME       >>       Programming

What Is Wrong With This Php-sql Select Where Statement?


shadowx

Hi all

Im having problems with this peice of code:

$result = mysql_query("SELECT 'ID' FROM 'login' WHERE username=$dusername",$link); if($result != NULL){ //username DOES exsist so they cant have it! include("scripts/userexsists.php");


The idea is, this query will take the variable $dusername which is the usernbame that a user wants to have, and check it in the database to see if it already exsists. and depending on whether it does or not it will include one of two different scripts.

The problem I'm having is that the variable $result seems to be emtpy. Does anyone know why? Its really annoying!

leiaah

Try the code below. I've modified it since there's some minor problems with the use of quotation marks and mysql is strict with closed and unclosed strings so we have to be careful. You can use a variable first to store your string query so you can see if all quotation marks are closed (with beginning and ending quotes) but it's just optional. I hope this helps.

String $qry = "SELECT ID FROM login WHERE username='" .$dusername. "'";$result = mysql_query($qry); if($result != NULL){ //username DOES exsist so they cant have it! include("scripts/userexsists.php");


Chatz

Try the code below. I've modified it since there's some minor problems with the use of quotation marks and mysql is strict with closed and unclosed strings so we have to be careful. You can use a variable first to store your string query so you can see if all quotation marks are closed (with beginning and ending quotes) but it's just optional. I hope this helps.

String $qry = "SELECT ID FROM login WHERE username='" .$dusername. "'";$result = mysql_query($qry); if($result != NULL){ //username DOES exsist so they cant have it! include("scripts/userexsists.php");
That code should work.If not then maybe you should go over the all script to make sure you didn't leave out anything example a symbol that could be interfering with that section of the script.

shadowx

Thanks leiaah. Ive always had trouble with select where queries but never knew why, but now i do know why!That code worked perfectly although i had to remove "String" Just before the variable $qry. Not sure why i had to do that but it worked perfectly once i did :DThanks.


electron

As this is a username query be careful of MySQL injections.People could hack it due to that.Use htmlentities() to save your script of being vulnerable.


masterio

Other function that usefull to sanitize user input before being executed by MySQL is using addslashes() sunction. but now most server is add escaping character automatically.



VIEW DESKTOP VERSION REGISTERGET FREE HOSTING

Xisto.com offers Free Web Hosting to its Members for their participation in this Community. We moderate all content posted here but we cannot warrant full correctness of all content. While using this site, you agree to have read and accepted our terms of use, cookie and privacy policy. Copyright 2001-2019 by Xisto Corporation. All Rights Reserved.