Search Results

Search found 4 results on 1 pages for 'skyhigh'.

Page 1/1 | 1 

  • whats wrong with this php mysql_real_escape_string

    - by skyhigh
    Hi Atomic Number Latin English Abbreviation * check the variables for content */ /*** a list of filters ***/ $filters = array( 'searchtext' => array( 'filter' => FILTER_CALLBACK, 'options' => 'mysql_real_escape_string'), 'fieldname' => array( 'filter' => FILTER_CALLBACK, 'options' => 'mysql_real_escape_string') ); /*** escape all POST variables ***/ $input = filter_input_array(INPUT_POST, $filters); /*** check the values are not empty ***/ if(empty($input['fieldname']) || empty($input['searchtext'])) { echo 'Invalid search'; } else { /*** mysql hostname ***/ $hostname = 'localhost'; /*** mysql username ***/ $username = 'username'; /*** mysql password ***/ $password = 'password'; /*** mysql database name ***/ $dbname = 'periodic_table'; /*** connect to the database ***/ $link = @mysql_connect($hostname, $username, $password); /*** check if the link is a valid resource ***/ if(is_resource($link)) { /*** select the database we wish to use ***/ if(mysql_select_db($dbname, $link) === TRUE) { /*** sql to SELECT information***/ $sql = sprintf("SELECT * FROM elements WHERE %s = '%s'", $input['fieldname'], $input['searchtext']); /*** echo the sql query ***/ echo '<h3>'.$sql.'</h3>'; /*** run the query ***/ $result = mysql_query($sql); /*** check if the result is a valid resource ***/ if(is_resource($result)) { /*** check if we have more than zero rows ***/ if(mysql_num_rows($result) !== 0) { echo '<table>'; while($row=mysql_fetch_array($result)) { echo '<tr> <td>'.$row['atomicnumber'].'</td> <td>'.$row['latin'].'</td> <td>'.$row['english'].'</td> <td>'.$row['abbr'].'</td> </tr>'; } echo '</table>'; } else { /*** if zero results are found.. ***/ echo 'Zero results found'; } } else { /*** if the resource is not valid ***/ 'No valid resource found'; } } /*** if we are unable to select the database show an error ****/ else { echo 'Unable to select database '.$dbname; } /*** close the connection ***/ mysql_close($link); } else { /*** if we fail to connect ***/ echo 'Unable to connect'; } } } else { echo 'Please Choose An Element'; } ? I got this code from phppro.org tutorials site and i tried to run it. It gives Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established. .... Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO).... I went to php.net and look it up "Note: A MySQL connection is required before using mysql_real_escape_string() otherwise an error of level E_WARNING is generated, and FALSE is returned. If link_identifier isn't defined, the last MySQL connection is used." My questions are: 1-why they put single quotation around mysql_real_escape_string ? 2-They should establish a connection first, then use the $filter array statement with mysql_real_escape_string ?

    Read the article

  • Anyone know any good backend user online file manager?

    - by skyhigh
    Hi I'm looking for a backend system where your clients can login and upload files to your server, download files from the server and you can delete the users, create users, etc. I do not know the proper name for this kind of software. Maybe its called online file manager? Any recommendations? My server supports PHP, apache and mysq. Thanks

    Read the article

1