Results 1 to 5 of 5

Thread: PHP/Java/MySQL question :D

  1. #1
    Senior Member
    Join Date
    Jul 2004
    Posts
    1,085
    Thanks
    0
    Thanked
    2 times in 2 posts

    PHP/Java/MySQL question :D

    Just a couple of small ones which I can't find an answer to.

    1) Can anyone any problems in the coding of this query, its doing my head in as I've been working on PHP/MySQL all day;

    Code:
    $insert = "INSERT INTO users WHERE username = '$username' (
    	password, 
    	email, 
    	website, 
    	location, 
    	show_email) 
    	VALUES (
    	'$password',
    	'$email',
    	'$website',
    	'$location',
    	'$show_email')";
    2) I need to get a PHP variable across to a servlet, WITHOUT using a form. I'd imagine this rules out using a POST method, does anyone else know any way of doing this easily with minimum effort?

    E.g; $_SESSION['myvariable'] > Servlet/Applet

  2. #2
    Flower Child stytagm's Avatar
    Join Date
    Aug 2004
    Location
    London
    Posts
    754
    Thanks
    47
    Thanked
    23 times in 18 posts
    Should the where clause come at the end instead? eg
    Code:
    $insert = "INSERT INTO users  (
    	password, 
    	email, 
    	website, 
    	location, 
    	show_email) 
    	VALUES (
    	'$password',
    	'$email',
    	'$website',
    	'$location',
    	'$show_email')"
    	WHERE username = '$username';
    I'm afraid I'm guessing, I don't know PHP, but the only other thing that looks odd is your "$email" type names, is PHP parsing that value and replacing it with the relevant one?

    Ie is it SQL or PHP that's mucking it up?
    They told me I was gullible ... and I believed them.

  3. #3
    Senior Member ajbrun's Avatar
    Join Date
    Apr 2004
    Location
    York, England
    Posts
    4,840
    Thanks
    4
    Thanked
    25 times in 13 posts
    Quote Originally Posted by Firebar View Post
    1) Can anyone any problems in the coding of this query, its doing my head in as I've been working on PHP/MySQL all day;

    Code:
    $insert = "INSERT INTO users WHERE username = '$username' (
    	password, 
    	email, 
    	website, 
    	location, 
    	show_email) 
    	VALUES (
    	'$password',
    	'$email',
    	'$website',
    	'$location',
    	'$show_email')";
    I could be wrong, but I think you're trying to update a row, rather than insert an old one. As far as I can tell, you're trying to update the row where username = $username with the new values of email, website, location etc.

    Try this instead:
    Code:
    $update = mysql_query("
    UPDATE users SET 
    password='$password', 
    email='$email', 
    website='$website', 
    location='$location', 
    show_email='$show_email' 
    WHERE username='$username") 
    or die(mysql_error());
    Quote Originally Posted by Firebar View Post
    2) I need to get a PHP variable across to a servlet, WITHOUT using a form. I'd imagine this rules out using a POST method, does anyone else know any way of doing this easily with minimum effort?

    E.g; $_SESSION['myvariable'] > Servlet/Applet
    Can you not use GET instead?

  4. #4
    HEXUS.net Webmaster
    Join Date
    Jul 2003
    Location
    UK
    Posts
    3,108
    Thanks
    1
    Thanked
    0 times in 0 posts
    Code:
    $insert = "
    INSERT INTO users 
    SET password='".$password."',
    email = '".$email."'
    website = '".$website."'
    location = '".$location."'
    show_email = '".$show_email."'
    WHERE username = '".$username."'";
    If show_email is an INT field rather than text then you need to drop the single quotes. Also, remember to protect against SQL injection attacks

    And yes, as ajbrun indicates, use GET vars instead assuming you don't have any security issues relating to displaying info in the URL

  5. #5
    Senior Member
    Join Date
    Jul 2004
    Posts
    1,085
    Thanks
    0
    Thanked
    2 times in 2 posts
    Thanks guys. Yes I was trying to do an update using the insert method, so that was wrong for a start but fixed it now.

    I'll definately look into protecting against injection attacks. Cheers for the heads-up.

    As for getting a variable to a servlet, its ended up using an applet and within the .html file which calls it, using a php echo statement of just the variable. With the java code getResponse can be used to get the variable. Easier than I thought

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Personal Question game.....
    By Kitty in forum General Discussion
    Replies: 394
    Last Post: 29-01-2006, 11:50 AM
  2. Replies: 6
    Last Post: 21-10-2005, 08:50 AM
  3. Quick Question: PSU's with 1x120mm fan question
    By philyau in forum PC Hardware and Components
    Replies: 10
    Last Post: 05-09-2005, 02:30 PM
  4. The 78th Annual Hexus Quiz!
    By Stewart in forum General Discussion
    Replies: 19
    Last Post: 23-01-2005, 02:05 PM
  5. What is Question Time
    By Saracen in forum Question Time
    Replies: 0
    Last Post: 12-08-2003, 05:50 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •