Sql
 

Hey, what's wrong with this? It won't input the values!

Also can someone tell me how I can choose a specific column and row that I want to select. Thanks!

Ha! Ye Beggers I found out how to select certain columns I hope it is kinda the same as the rows......

NM it still is not working.

This is what I am using:

is any error message being displayed?

IcI

Negative.

I even put this on the end:

how many fields are there in the table?

You may want to read through this and see if any thing would apply to help out: http://dev.mysql.com/doc/mysql/en/insert.html

Also, if you want to select specific columns from do


SELECT field1, field2 FROM table_name


To limit it to a specific row (such as a particulare user):
//Assume $userID = 100


SELECT username, userpassword FROM user_table WHERE user_ID ='$userID'

That will provide the username and password for the user who's id is 100

IcI

hmm i run into this some times...copy what PHP MY ADMIN does when your doing it, and put in some of those post variables or whatever :)

It is workin' fine now, I was told I need to use replace with " and '. Is there another character that I need to replace? I should make an array or function out of it :p

BTw that is right. The first variable is SID so I can use that as refrence I guess...time to get the exporting part done. Then I can start adding html and stuff to the fields...this tutorial script is going to rock.

It doesn't have to be the first variable. You can use any field.

And you can even be more selective using more WHERE clauses, using AND or OR:

Select * from user_table WHERE is_admin = '1' AND WHERE password = '$password'


IcI

Yeah but if password has ' in it then it would be password = ' ' ' which would screw it up. That is why I need to use the replace command. I guess you can do the same thing with html stuff if you want to disable html.

you should only use WHERE once, AND WHERE could confuse with bigger querys.. like

SELECT * FROM tbl_name WHERE user='user' AND password='password' AND (email='email' OR phone='phone')");

using a bracket will group it together, so either one has to be true, hence the OR.

Cool :)

and for you user=' ' ' problem..

INSERT INTO tbl_name VALUES ('".addslashes($data)."','".addslashes($data2)." ')

if you get sick of typing addslashes all the time.. make a function...

function as($key) {

return addslashes($key);

}

then use as($data)




.. I do this for stripslashes and htmlspecialchars.. so comminly used but there so long to type out..

I use

function slash($key) {

$key=stripslashes($key);

return stripslashes($key);

}



function html($key) {
$key=htmlspecialchars($key);

return slash($key); //for output

}

you can save alot of time by writing functions ath.. like or mysql_query() or die ("theres an error yada yada".mysql_error());

function my_error() {
$key="theres an error yada yada".mysql_error();
return $key;
}

now it's just mysql_query() or die(my_error());


I write alot of functions just to shorten the name of a long function.. like number_format() would be nf() etc etc.

:) I am looking at SS site trying to use the select query and it aint working.

I get this:

well theres nothing wrong there so it's either the name of your table or id..

I'll take a screen of it from phpmyadmin

show us config.php also..

Roger, :D

Here is config:
Install:
http://nerdhq.net/pics/screenofsql.gif

$nmi=mysql_fetch_array(mysql_query("SELECT * FROM tutorials WHERE sid='1'"));

use sid not id :)

Tried that.

I swear I did.

OMG that was all it is.

Any good ideas on how to make it in a while loop and have it terminate when it gets to then end of the SID's?

yes,
$query=mysql_query("SELECT * FROM tutorials");

while($result=mysql_fetch_array($query)) {
//echo your data here, $result[body], $result[title] etc.
}
mysql_free_result($query);

it will automatically stop when it reaches the last sid :)

those lil errors always get me ;)

Yeah, I am just too stupid to figure them out :)

SO can I do the same thing you put on there with Stripslashes and HtmlChars?

yes

cool I think I have most of this figured out. I just need to get the script to work again ;)

I'll show yah when I get it done :)

Thanks for the help you guys.

I am close to having it done :)

Hey, one more question.

When I input all this text into sql it does make new lines where you press enter is there a way to do that?

Nevermind...panther's SSS saved me again.

how? i wanna now! :p

It is a function...

nl2br()

so like nl2br($_POST['hi']); ?

yeah :D

its kinda easy once u look at it and use it :D.

Yes,

I have another question. If you include the config file that connect you to mysql...... then can't someone else use a script to get in and hack your database if they know where the config file is?

I think there's a way to hide the location. It shows up as #@&*#&@#*& or something similar. ;)

or you can just rename it to something weird.