You are viewing our Forum Archives. To view or take place in current topics click here.
I need help MYSQL
Posted:
I need help MYSQLPosted:
Status: Offline
Joined: Jan 24, 201311Year Member
Posts: 71
Reputation Power: 2
Status: Offline
Joined: Jan 24, 201311Year Member
Posts: 71
Reputation Power: 2
Hey, Im having a slight problem & require your assistance.
So im trying to grab some extra data from my MSQL database but im not having much success I cannot get the ID, Name or email
I have attached a file containing my code could you maybe take a look at it?
Attachment Not Working?
[ Register or Signin to view external links. ]
Thanks
Keenan
So im trying to grab some extra data from my MSQL database but im not having much success I cannot get the ID, Name or email
I have attached a file containing my code could you maybe take a look at it?
Attachment Not Working?
[ Register or Signin to view external links. ]
Thanks
Keenan
#2. Posted:
Status: Offline
Joined: Mar 02, 201212Year Member
Posts: 49
Reputation Power: 1
Status: Offline
Joined: Mar 02, 201212Year Member
Posts: 49
Reputation Power: 1
The SQL is fine, but for your case, it's incorrect.
You need to use the "WHERE" clause.
So:
Let me know if you have any more problems buddy.
You need to use the "WHERE" clause.
So:
$query = mysql_query("SELECT * FROM users WHERE username = '{$username}'"); Let me know if you have any more problems buddy.
- 0useful
- 0not useful
#3. Posted:
Status: Offline
Joined: Jun 29, 201310Year Member
Posts: 211
Reputation Power: 13
Status: Offline
Joined: Jun 29, 201310Year Member
Posts: 211
Reputation Power: 13
RapidzMoose wrote The SQL is fine, but for your case, it's incorrect.
You need to use the "WHERE" clause.
So:
$query = mysql_query("SELECT * FROM users WHERE username = '{$username}'");
Let me know if you have any more problems buddy.
* clap, clap *
You've just posted outdated and insecure code. Well done, buddy.
- 2useful
- 3not useful
#4. Posted:
Status: Offline
Joined: Nov 08, 201013Year Member
Posts: 40
Reputation Power: 1
ObscureCoder wroteRapidzMoose wrote The SQL is fine, but for your case, it's incorrect.
You need to use the "WHERE" clause.
So:
$query = mysql_query("SELECT * FROM users WHERE username = '{$username}'");
Let me know if you have any more problems buddy.
* clap, clap *
You've just posted outdated and insecure code. Well done, buddy.
Does it really matter? He's trying to help. He's not even using PDO or anything so it's all outdated, but it doesn't matter.
- 3useful
- 0not useful
#5. Posted:
Status: Offline
Joined: Mar 02, 201212Year Member
Posts: 49
Reputation Power: 1
Status: Offline
Joined: Mar 02, 201212Year Member
Posts: 49
Reputation Power: 1
Thank you BILLYDEVOMERT. He clearly doesn't have a clue what he's talking about.
MySQL is outdated, but in this case, the OP is using it. Therefor, I'm not going to use MySQLite:
That will throw out an error.
MySQL is outdated, but in this case, the OP is using it. Therefor, I'm not going to use MySQLite:
$query = $db->query("SELECT * FROM users WHERE username = '{$username}'"); That will throw out an error.
- 1useful
- 0not useful
#6. Posted:
Status: Offline
Joined: Aug 16, 201211Year Member
Posts: 598
Reputation Power: 29
BILLYDEVOMERT wroteObscureCoder wroteRapidzMoose wrote The SQL is fine, but for your case, it's incorrect.
You need to use the "WHERE" clause.
So:
$query = mysql_query("SELECT * FROM users WHERE username = '{$username}'");
Let me know if you have any more problems buddy.
* clap, clap *
You've just posted outdated and insecure code. Well done, buddy.
Does it really matter? He's trying to help. He's not even using PDO or anything so it's all outdated, but it doesn't matter.
He doesn't need to use PDO. mysql_* can be just as secure if you know what you're doing. If protecting client information isn't absolutely number one on your priority list, then you're a terrible developer.
As for you, "RapidzMoose", do you have any idea how annoying it is to be told you " don't know what you're talking about" by someone who clearly doesn't know what they're talking about? I guess you don't.
Last edited by 7en ; edited 1 time in total
- 0useful
- 0not useful
#7. Posted:
Status: Offline
Joined: Apr 15, 201113Year Member
Posts: 614
Reputation Power: 83
RapidzMoose wrote Thank you BILLYDEVOMERT. He clearly doesn't have a clue what he's talking about.It's not solely the fact that he's using outdated extensions but you're suggesting he use them in an insecure manner. The code you suggested on both occasions are vulnerable to SQL injection in the most blunt way and what's the point of using PDO if you're not going to even bother parameterizing your queries?
MySQL is outdated, but in this case, the OP is using it. Therefor, I'm not going to use MySQLite:
$query = $db->query("SELECT * FROM users WHERE username = '{$username}'");
That will throw out an error.
Also he doesn't need the WHERE clause if he wants all the results with no conditions:
[ Register or Signin to view external links. ]
( MySQLi extensions are not deprecated only mysql_ )
Last edited by iyop45 ; edited 1 time in total
- 1useful
- 0not useful
#8. Posted:
Status: Offline
Joined: Aug 16, 201211Year Member
Posts: 598
Reputation Power: 29
iyop45 wroteRapidzMoose wrote Thank you BILLYDEVOMERT. He clearly doesn't have a clue what he's talking about.It's not solely the fact that he's using outdated extensions but you're suggesting he use them in an insecure manner. The code you suggested on both occasions are vulnerable to SQL injection in the most blunt way and what's the point of using PDO if you're not going to even bother parameterizing your queries?
MySQL is outdated, but in this case, the OP is using it. Therefor, I'm not going to use MySQLite:
$query = $db->query("SELECT * FROM users WHERE username = '{$username}'");
That will throw out an error.
( MySQLi extensions are not deprecated only mysql_ )
Haven't seen you in a while :3 this forum makes me want to kill myself.
- 1useful
- 0not useful
#9. Posted:
Status: Offline
Joined: Mar 02, 201212Year Member
Posts: 49
Reputation Power: 1
Status: Offline
Joined: Mar 02, 201212Year Member
Posts: 49
Reputation Power: 1
iyop45 wroteRapidzMoose wrote Thank you BILLYDEVOMERT. He clearly doesn't have a clue what he's talking about.It's not solely the fact that he's using outdated extensions but you're suggesting he use them in an insecure manner. The code you suggested on both occasions are vulnerable to SQL injection in the most blunt way and what's the point of using PDO if you're not going to even bother parameterizing your queries?
MySQL is outdated, but in this case, the OP is using it. Therefor, I'm not going to use MySQLite:
$query = $db->query("SELECT * FROM users WHERE username = '{$username}'");
That will throw out an error.
( MySQLi extensions are not deprecated only mysql_ )
I know MySQLi is not deprecated. And I was only showing the basic way. I'm not going to into security because there is no point. He can figure that out himself, I'm sure he doesn't need me.
Now, stop getting so pathetically dramatic. I tried showing him the simplest way to solve his problem. If you want to correct me on the "Query" then go a head.
- 0useful
- 0not useful
#10. Posted:
Status: Offline
Joined: Apr 15, 201113Year Member
Posts: 614
Reputation Power: 83
RapidzMoose wroteiyop45 wroteRapidzMoose wrote Thank you BILLYDEVOMERT. He clearly doesn't have a clue what he's talking about.It's not solely the fact that he's using outdated extensions but you're suggesting he use them in an insecure manner. The code you suggested on both occasions are vulnerable to SQL injection in the most blunt way and what's the point of using PDO if you're not going to even bother parameterizing your queries?
MySQL is outdated, but in this case, the OP is using it. Therefor, I'm not going to use MySQLite:
$query = $db->query("SELECT * FROM users WHERE username = '{$username}'");
That will throw out an error.
( MySQLi extensions are not deprecated only mysql_ )
I know MySQLi is not deprecated. And I was only showing the basic way. I'm not going to into security because there is no point. He can figure that out himself, I'm sure he doesn't need me.
Now, stop getting so pathetically dramatic. I tried showing him the simplest way to solve his problem. If you want to correct me on the "Query" then go a head.
But you didn't solve the problem.
Adding the where clause was irrelevant, how are you sure he wanted a specific row from the table when he didn't specify at all what he wanted to achieve from his query? The query itself was perfectly valid in the first place and so that's all you can go by. The fact that he is using arrays to hold his results further enforces the fact that he wasn't expecting a single result, for which your first reply suggests you assumed he did.
@KLArcher
You need to run the sql statement through phpmyadmin and check the results returned are what you expect/want. If so then just parse through your script line by line and var_dump() each variable you're using/setting to see where your problem lies.
At this point nobody in the forum knows what your problem is and so nobody can help you, you really must be more specific.
Last edited by iyop45 ; edited 1 time in total
- 0useful
- 0not useful
You are viewing our Forum Archives. To view or take place in current topics click here.