Jump to content
Larry Ullman's Book Forums

Recommended Posts

Nope, nope, nope and nope. Is this as weird as i think it is?

 

(single quotes):

$country_id = mysqli_real_escape_string($coun);
            $q = "SELECT short_name FROM country WHERE country_id = '$country_id'";

 

(no quotes):

$country_id = mysqli_real_escape_string($coun);
            $q = "SELECT short_name FROM country WHERE country_id = $country_id";

 

(double quotes):

$country_id = mysqli_real_escape_string($coun);
            $q = "SELECT short_name FROM country WHERE country_id = '".$country_id."'";

 

(backticks):

$country_id = mysqli_real_escape_string($coun);
            $q = "SELECT short_name FROM country WHERE country_id = `$country_id`";

Link to comment
Share on other sites

Are you expecting more than one row in the result set? Your current code will allow 1 row and fail on anything else. That if-statement won't likely run, so I'm betting that's the problem. !== 0 or > 0 should do the trick.

 

If that IS the point however, add a LIMIT 1; to the end of your query. It'll force a single result.

  • Upvote 1
Link to comment
Share on other sites

This stops the error message, but now I'm getting a NULL row. It must not be pulling the info. When I use >0 the error message is still there.

//get short_name variable
			$country_id = mysqli_real_escape_string($coun);
			$q = "SELECT short_name FROM country WHERE country_id = $country_id LIMIT 1";
			$r = mysqli_query($dbc, $q);
			$num = mysqli_num_rows($r);
			if ($num !== 0) {//match was made
				
				//Get short_name
				$row = mysqli_fetch_assoc($r, MYSQLI_ASSOC);	
				var_dump($row);			
			}else {
				echo '<p>no match</p>';
				}
Link to comment
Share on other sites

This change makes $country_id finally take on the $coun variable (the var_dump shows this), but now we are essentially back where we started (no point to having the second variable if the first will do)

$country_id = $coun;
			var_dump($coun, $country_id);
			$q = "SELECT short_name FROM country WHERE country_id = $country_id LIMIT 1";
Link to comment
Share on other sites

I ran this to check for errors:

$vquery = mysqli_query($q) or die(mysqli_error() . "\n<br>$q");

This is my result:

SELECT short_name FROM country WHERE country_id = 114 LIMIT 1

 

I ran the query in phpmyadmin and it worked: so how is this an error in PHP?

Link to comment
Share on other sites

So you're saying that $country_id and $coun are both definitely 114, and when you run the following query in phpMyAdmin, you get some results back?

SELECT short_name FROM country WHERE country_id = 114 LIMIT 1;

What kind of error are you getting in your PHP script? If you echo mysqli_num_rows($r), what do you get? Just a quick heads-up, but mysqli_fetch_assoc($r, MYSQLI_ASSOC) won't work because mysqli_fetch_assoc only requires one argument, which is the results set.

  • Upvote 1
Link to comment
Share on other sites

Yes, that is what was happening, which is why I was so confused!

 

I took your suggestion and changed to mysql_fetch_array($r) which finally outputs something useful.

array(2) { [0]=> string(17) "Wallis and Futuna" ["short_name"]=> string(17) "Wallis and Futuna" }

 

Now I just have to figure out how to turn that into a variable. Should I use EXTRACT? how would I do this here?

 

by the way, the mysqli_real_escape_string seems to be causing some issues (mentioned above) what should I do?

 

Thanks!!!!

Link to comment
Share on other sites

Finally got it figured out. This works! Thanks everyone!

 

I'm still a little worried about having no mysql_real_escape_string, but I don't know what to do about it because when it's in there it doesn't work anymore.

	//get short_name variable
			$country_id = $coun;
			$q = "SELECT short_name FROM country WHERE country_id = $country_id LIMIT 1";
			$r = mysqli_query($dbc, $q);
			$num = mysqli_num_rows($r);
			echo mysqli_num_rows($r);
			if ($num > 0) {//match was made
				//Get short_name
				$row = mysqli_fetch_array($r);
				$sn = $row['short_name'];	
			}else {
				echo '<p>no match</p>';
				}

Link to comment
Share on other sites

You should definitely use mysqli_real_escape_string, or (my personal preference) prepared statements.

Likely the reason mysqli_real_escape_string isn't working is because you aren't providing it with the DB connection object as the first argument.

Try the following:

mysqli_real_escape_string($dbc, $coun); // I'm assuming that $dbc is your DB connection object.

Also, glad you figured it out. That's always a good feeling.

  • Upvote 1
Link to comment
Share on other sites

That's great that you got it working.

 

HartleySan is right, you need the db connection object as the first parameter for mysqli_real_escape_string. Sorry I forgot that in my earlier post :(

 

I'm pretty certain this should work

$country_id = mysqli_real_escape_string($dbc, $coun);
$q = "SELECT short_name FROM country WHERE country_id = $country_id";

Assuming country_id is set up as the unique primary index on the table with auto_increment you don't strictly need the LIMIT 1 clause, but its worth putting in so the sql engine stops as soon as it finds a match.

 

Whenever, I'm not sure about the syntax of a function I go to the php manual and look up the function. I struggle with its readability but I do usually find answers and if you scroll down the page, the examples are often very helpful.

 

You probably found this a bit frustrating but you've learned alot in the process. Good luck with the rest of your project.

  • Upvote 2
Link to comment
Share on other sites

 Share

×
×
  • Create New...