On Wed, Jun 18, 2014 at 2:13 PM, Karl DeSaulniers <karl@xxxxxxxxxxxxxxx> wrote: > > > Sent from losPhone > > > On Jun 18, 2014, at 7:56 AM, Jim Giner <jim.giner@xxxxxxxxxxxxxxxxxx> > wrote: > > > >> On 6/18/2014 12:31 AM, Ethan Rosenberg, PhD wrote: > >>> On 06/17/2014 12:02 PM, onatawahtaw@xxxxxxxx wrote: > >>> Hi Ethan, > >>> > >>> Here are some things to clean up your code: > >>> > >>> Your line: > >>> > >>> $phn = $_POST[phone]; > >>> > >>> should use quotations as follows: > >>> > >>> $phn = $_POST['phone']; > >>> > >>> Your line: > >>> > >>> $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; > >>> > >>> Should use double quotes if you need the variable to be interpreted: > >>> > >>> $sql1 ="select Lname, Fname from Customers where Phone = $Phn "; > >>> > >>> Lastly, as people have mentioned PDO is probably the best way to go. > >>> Try connecting to your database with PDO. Look on Google for "PDO > >>> prepared statements" and use those instead of the mysql escape string > >>> method. > >>> > >>> Hope this helps, > >>> > >>> -Kevin > >>> > >>> Sent from Yahoo Mail on Android > >> IT WORKS!!! > >> > >> Here is the code - > >> > >> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" > >> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> > >> <html xmlns="http://www.w3.org/1999/xhtml";> > >> > >> <html> > >> <?php > >> $bla = 1; > >> ?> > >> <head> > >> </head> > >> <body> > >> <div align="center"> > >> <form method="post"> > >> <input type='text' name=phone></input> > >> <input type='submit'> > >> <br /><br /><br /> > >> </form> > >> </div> > >> <?php > >> error_reporting(-1); > >> require '/home/ethan/PHP/ethan.inc'; > >> $db = "Store"; > >> $cxn = mysqli_connect($host,$user,$password,$db); > >> > >> $phn = $_POST[phone]; > >> $phn = (string)$phn; > >> $dsh = '-'; > >> $Phn = > >> > $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$phn[6].$phn[7].$phn[8].$phn[9]; > >> > >> $sql1 ="select Lname, Fname from Customers where Phone = > >> '$Phn' "; > >> $result1 = mysqli_query($cxn, $sql1); > >> if(!$result) > >> { > >> ?> > >> <div align="center"> > >> > >> <strong>No Match Found</strong> > >> <br /><br /> > >> </div> > >> <?php > >> } > >> > >> ?> > >> <div align="center"> > >> <table border="4" cellpadding="5" cellspacing="55" > >> rules="all" frame="box"> > >> <tr class='heading'> > >> <th>Last Name</th> > >> <th>First Name</th> > >> <?php > >> > >> while($row1 = mysqli_fetch_row($result1)) > >> { > >> > >> $Lname = $row1[0]; > >> $Fname = $row1[1]; > >> > >> > >> > >> ?> <tr> > >> <td> <?php echo $Lname; ?> </td> > >> <td> <?php echo $Fname; ?> </td> > >> </tr> > >> <?php > >> } > >> ?> > >> </table> > >> </div>> > >> </body> > >> </html> > >> > >> As you [those that replied] accurately noted, the problem was with the > >> quoting. > >> > >> I appreciate all your comments, take them seriously and will use the > >> information contained in them for future programming. > >> > >> No matter how much skill in programming I have, I will remain a NEWBIE; > >> ie, someone who wishes to grrow in knowledge and acknowledges that there > >> are many programmers much more skilled than I. > >> > >> Thanks again. > >> > >> Ethan > > happy to hear you got it working. Sad to see that you didn't heed the > tips provided to you and alter your code, and that you still have errors in > it. oh, well.... > > > > Wow. Just wow. I though when I signed up on this list that if I did what > Ethan did I would be shunned from the list. But I guess I was wrong. You > can be an ask hole on here and people will still try and help. Kudos to the > good souls who try. > > Karl > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > There are lots of people who have free time on their hands to teach the basics, which I think is a good thing. Personally, if someone doesn't care enough to read the manual or attempt to understand the basics, I wouldn't spend too much time on their problems.
