GB Flag 01376 55 60 60
Sales & Support
Search
GetDotted Domains

Viewing Thread:
"Muh, PHP / MySQL"

« Back To Forum Threads

The "Freeola Customer Forum" forum, which includes Retro Game Reviews, has been archived and is now read-only. You cannot post here or create a new thread or review on this forum.

Wed 19/01/05 at 00:18
codinghands
Regular
"previously phuzzy."
Posts: 3,487
I'm having a small issue with using the superglobals of PHP inside my MySQL queries. This :

$query = "SELECT customerPass FROM customers WHERE customerUsername = $_POST['username']";

Leads so jovially onto this :

Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /the/file/is_here/darktest.php on line 24

Thoughts? It works fine when I just use '$username'.

p/h
 
Report
Wed 19/01/05 at 08:04
Turbonutter
Regular
"Eff, you see, kay?"
Posts: 14,156
I usually find problems with echo "$_POST['var']";, I find the way to do it is echo "$_POST[username]";, or close your quotes and use dots.
 
Report
Wed 19/01/05 at 00:38
Nimco
Regular
"NULL"
Posts: 1,384
AliBoy wrote:
> Beaten to it by Garin. :-)

Lol, ditto, but ideally you should have single quotes (') around a value on a WHERE expression in MySQL. Along with the correct string escaping etc, it stops people "modifying" your MySQL query.
 
Report
Wed 19/01/05 at 00:36
Nimco
Regular
"NULL"
Posts: 1,384
phuzzy wrote:
> $query = "SELECT customerPass FROM customers WHERE
> customerUsername = $_POST['username']";

Try instead:

$query = "SELECT customerPass FROM customers WHERE customerUsername = '".$_POST['username']."';";
 
Report
Wed 19/01/05 at 00:32
AliBoy
Regular
"Picking a winner!"
Posts: 8,502
Beaten to it by Garin. :-)
 
Report
Wed 19/01/05 at 00:32
Dr. Garin
Regular
"Devil in disguise"
Posts: 3,151
$query = "SELECT customerPass FROM customers WHERE customerUsername = ${_POST['username']}";

or better

$query = "SELECT customerPass FROM customers WHERE customerUsername=".$_POST['username'];

Although you shouldn't throw GET/POST data into queries like that in the first place without validating it in some way.
 
Report
Wed 19/01/05 at 00:19
Cycloon
Regular
"gsybe you!"
Posts: 18,825
DAMN! Those superglobals
 
Report
Wed 19/01/05 at 00:18
codinghands
Regular
"previously phuzzy."
Posts: 3,487
I'm having a small issue with using the superglobals of PHP inside my MySQL queries. This :

$query = "SELECT customerPass FROM customers WHERE customerUsername = $_POST['username']";

Leads so jovially onto this :

Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /the/file/is_here/darktest.php on line 24

Thoughts? It works fine when I just use '$username'.

p/h
 
Report

Freeola & GetDotted are rated

Check out some of our customer reviews below:

Thanks!
Thank you for dealing with this so promptly it's nice having a service provider that offers a good service, rare to find nowadays.
Simple, yet effective...
This is perfect, so simple yet effective, couldnt believe that I could build a web site, have alrealdy recommended you to friends. Brilliant.
Con

View More Reviews

Need some help? Give us a call on 01376 55 60 60

Go to Support Centre

Find Us

Freeola & GetDotted
94 Church Street
Bocking
Braintree
Essex
CM7 5JY

Our Websites

About Us

Freeola is an ISP, offering unrivalled internet services to small businesses and consumers in the UK. We offer a range of services, from broadband to web hosting. Start at cheap domain name registration, get a free website, or just browse the site. Read more about Freeola & GetDotted.

View our Customer Reviews.

Join Our Mailing list

Join the Freeola & GetDotted mailing list for exclusive deals, offers and service updates straight to your email inbox.

Sign Up to the Mailing List
Feedback

It appears you are using an old browser, as such, some parts of the Freeola and Getdotted site will not work as intended. Using the latest version of your browser, or another browser such as Google Chrome, Mozilla Firefox, or Opera will provide a better, safer browsing experience for you.