Finally figured out what the question was!
Here's a better version of your code Ethan:
$phn = $_POST['phone']; // note the quotes on the index
if (strlen($phn) <> 10)
{
echo "Error in phone number entry - must be 10 digits";
exit();
}
$phn = mysqli_real_escape_string($cxn,$phn);
$masked_phone = substr($phn,0,3) . "-".substr($phn,3,3). "-".
substr($phn,6,4);
$sql1 = "select Lname, Fname from Customers where Phone =
'$masked_phone'"; // note use of diff quotes
$result1 = mysqli_query($cxn, $sql1);
if (mysqli_num_rows($result1) == 0)
{
echo "Phone number $masked_phone not on file";
exit();
}
else
{
echo "Found {$result1['Fname']} {$result1['Lname']} is on file with
number $masked_phone";
exit();
}
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
