On 7/12/12, Adam Nicholls <Adam.Nicholls@xxxxxxxx> wrote: > > >> -----Original Message----- >> From: Nick Edwards [mailto:nick.z.edwards@xxxxxxxxx] >> Sent: 12 July 2012 12:30 >> To: php-general@xxxxxxxxxxxxx >> Subject: database hell >> >> Hi >> >> We have a program that manages users, throughout all database calls >> >> created as: >> $connect = mysql_connect($db_host--other variables); >> mysql_query("Delete from clients where id=$User"); >> >> All this works good, but, we need, in the delete function to delete from >> another database >> >> $connmy=mysql_connect("host","user","pass"); >> mysql_select_db("vsq",$connmy); >> mysql_query("DELETE from userprefs where >> clientr='$User'"); >> $mysql_close($connmy); this fails, unless we use a mysql_close prior to >> it, >> and then reconnect to original database after we run this delete, how can >> we >> get around this without closing and reopening? >> We have a perl script doing similar for manual runs, and it works well >> knowing that $connmy is not $connect, I'm sure there is a simple way to >> tell >> php but I'm darned if I can see it. >> >> Thanks >> Niki >> >> -- >> PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: >> http://www.php.net/unsub.php > > > Just create a new resource/connection to MySQL and pass the identifier into > mysql_query(). > You'll also want to use mysql_real_escape_string() by the looks of it to > attempt to stop SQL injection. > > > Something like this will do it: > > $db1 = mysql_connect($host,$user,$pass); > $db2 = mysql_connect($host,$user,$pass); > > mysql_select_db('db1',$db1); > mysql_select_db('db2',$db2); > > // do your queries with $DB1 > > $result = mysql_query("delete from userprefs where > clientr=".mysql_real_escape_string($user,$db1)."", $db1); > > // do your queries again with $DB1 > > mysql_close($db1);//close db1 > mysql_close($db2);//close db2 > We can not immediately close db2? if we do it seems to close all connections? Thanks > > Cheers > Adam. > > ============================================================================= > > This email is intended solely for the recipient and is confidential and not > for third party unauthorised distribution. If an addressing or transmission > error has misdirected this email, please notify the author by replying to > this email or notifying the system manager (online.security@xxxxxxxx). If > you are not the intended recipient you must not disclose, distribute, copy, > print or rely on this email. > > Any opinions expressed in this document are those of the author and do not > necessarily reflect the opinions of Hargreaves Lansdown. In addition, staff > are not authorised to enter into any contract through email and therefore > nothing contained herein should be construed as such. Hargreaves Lansdown > makes no warranty as to the accuracy or completeness of any information > contained within this email. In particular, Hargreaves Lansdown does not > accept responsibility for any changes made to this email after it was sent. > > > Hargreaves Lansdown Asset Management Limited (Company Registration No > 1896481), Hargreaves Lansdown Fund Managers Limited (No 2707155), Hargreaves > Lansdown Pensions Direct Limited (No 3509545) and Hargreaves Lansdown > Stockbrokers Limited (No 1822701) are authorised and regulated by the > Financial Services Authority and registered in England and Wales. The > registered office for all companies is One College Square South, Anchor > Road, Bristol, BS1 5HL. Telephone: 0117 988 9880 > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
