Posts by JRSofty

Hi Rajeesh,

What you are attempting to do is kind of like producing a dynamic SQL statement. Actually it's not as hard as it seems and you are on the right path.

Basically you should start with the main part of the query before the WHERE. Then gradually check what the values are and add them to the WHERE unless they == 'any' then you can just skip it. Here's my example:

<?php
     $query = "SELECT * FROM table ";
     $where = "";
     if($type != 'any'){
          $where .= "type='{$type}'";
     }
     if($location != 'any'){
          $where .= " AND location='{$location}'";
     }
     if($gender != 'any'){
          $where .= " AND gender='{$gender}'";
     }
     if($married != 'any'){
          $where .= " AND married='{$married}'";
     }
     if($photo != 'any'){
         $where .= " AND photo='{$photo}'";
     }
     // now we put it all together
     if($where != ''){
          $query .= " WHERE {$where}";
     }

     $qid =  mysql_query($query);
?>

My code above assumes that you have already ran your variables (user inputs) through a mysql_real_escape_string() function call).

His problem is quite simple actually. Here's his original code

$name=$_POST['name'];   //from  the name form  
$q_id=$_GET['id'];
$sql="INSERT INTO `test`.`reply`(`rid`,`tid`,`name`)VALUES(NULL,'$q_id','$name')";
$result=mysql_query($sql);

All he needs to do is remove the single quotes (' ') from around the $q_id in his SQL.

So his new code should look like this:

$name=$_POST['name'];   //from  the name form  
$q_id=$_GET['id'];
$sql="INSERT INTO `test`.`reply`(`rid`,`tid`,`name`)VALUES(NULL, $q_id ,'$name')";
$result=mysql_query($sql);

He has declared the tid field as an integer and he is trying to pass it as a string. MySQL probably doesn't like it.

ALSO

Just to be on the safe side you really need to run the $_GET and the $_POST variables through the mysql_real_escape_string() function to prevent someone from doing nasty things to your database. Example:

$q_id = mysql_real_escape_string($_GET['id']);
$name = mysql_real_escape_string($_POST['name']);

Hope that helps you.

Is this for a local test system or are you deploying this to real world?

[S]Well the warning for mkdir could be a problem. What version of PHP are you running? Can you give me a link to a phpinfo(); function?[/S]

Never mind the above you must be using PHP 4. The recursive parameter came in version 5.

As for the writing of files it is most likely because your host has PHP set in Safe Mode. Sadly this can only be changed in the php.ini and not with an ini_set(); function.

Here's a list of restrictions caused by safe mode that might help you

http://www.php.net/manual/en/features.safe-mode.functions.php

Now I'm not sure how you can change the ownership of the newly created directory but according to that list the fopen function will still work if the uid is the same for the directory and the currently running script.

Try to add this at the beginning of your code

ini_set("error_reporting","E_ALL");

Then run your code and see if there are any errors that display.

Nevermind what I said do what Petr.Pavel says :D

The main reason you can't find it is that the output is not very clean. No newlines no indentions, in a lot of cases just code. This could be because of the software you are using and how they do templating.

I'll give you exactly what to search for in your file and then you can change it.

Open up your template file (particularly the one for your darkx skin) and search for this HTML

<form action="http://home.sprit.org/donrow/forum/" method="get">

This is the form tag that is opened and not closed. It should be located somewhere close to the end of your HTML

Now you will probably want to close that so you quit getting the errors so you search along that line of code until you find where you want the form to stop.

My suggestion is to find this and at the end of it before you open the div tag place your closing form tag:

<table cellpadding="6" cellspacing="0" border="0" width="100%" class="page" align="center"> <tr> <td> <select name="langid" onchange="switch_id(this, 'lang')"> <optgroup label="zgjidhë Gjuhen"> <option value="1" class="" >-- English (US)</option> <option value="2" class="" selected="selected">-- Shqip</option> </optgroup> </select> </td> </tr> </table>

So basically when we put it all together it should look like this when you have edited it:

<form action="http://home.sprit.org/donrow/forum/" method="get">
<table cellpadding="6" cellspacing="0" border="0" width="100%" class="page" align="center"> <tr> <td> <select name="langid" onchange="switch_id(this, 'lang')"> <optgroup label="zgjidhë Gjuhen"> <option value="1" class="" >-- English (US)</option> <option value="2" class="" selected="selected">-- Shqip</option> </optgroup> </select> </td> </tr> </table>
</form>

What is the value of $semname?

Is it a complete path or just a relative one?

Although this is a PHP forum and your problem is HTML I'll give you the answer as I see it ;)

At the bottom of your forum you have a small dropdown box that allows you to jump around to different places or maybe to change skins (I'm not sure because I don't speak the language)
Obviously for this to work it must be in a form. However, your problem is that there is no closing of the form tag. For example you have

<form action="someurl" method="get">Form Stuff

Instead of

<form action="someurl" method="get">Form Stuff</form>

See how I closed the form's tag at the end? You need to make sure all tags are closed correctly. This should clear up all 4 of your errors.

Don't forget to mark this solved!

Yep you don't have a proper condition and so overwriting your value.
Try something like this:

$qry = "select cena from albumy where EAN_kod='$EAN_kod'";
$result = mysql_query($qry);
if(mysql_num_rows($result) < 1){
     $qry = "select cena from ciste_media where EAN_kod='$EAN_kod'";
     $result = mysql_query($qry);
}

What this will do is check if there is anything in table albumy that matches the EAN_kod. If it returns 0 rows it will check the ciste_media table. In both cases it will then go to the next check where if there are results then it takes the first one and adds it with the quantity to the cena of the overall shopping cart.

I think that should get you on the right track.

Do you get any errors besides the fact that the index.php file is not created?

Where do you do a query on table ciste_media? I don't see that in your code. All I see is from the albumy table and as I stated before you need to fix the check for rows in your result from the original query.

Are you trying to say that you want to have it where if the albumy returns zero rows that you should check another table?

If so you need to add an else statement to the check for number of rows returned.

Most likely your error comes from this point right here:

if (mysql_num_rows($result) >= 1)
{
$cena_polozky = mysql_result($result, 0, "cena");
$cena +=$cena_polozky*$qty;
}
}
}
return $cena;
}

What should your code do if there are no rows in the result in this case it is going to output $cena that has been unaltered. So what ever the value was before the return will remain.

I would suggest that you find a way to give a value to $cena when there are no rows returned from the database.

Just because the result is valid does not mean that there are rows.

It would be better to check if the result contains rows before attempting to jump to a particular one. For example

if(mysql_num_rows($result) >= 1){
$cena_polozky = mysql_result($result,0,"cena");
}

The trick is to make a count of the total records you want to eventually display. Divide this number by the number of items to display per page (you might want to make sure that if there is a remainder that you add an extra page).

Then you build your call so that it determines which page is being called and then determines where to start the data and how many items to display.

LIMIT in MySQL allows you to limit the data. It is used like this SELECT * FROM tutorials WHERE tut_program = 'PHOTOSHOP' LIMIT 16, 8 The first number in the LIMIT says where to start looking and the second number says how many to show.

To do this in VB.NET is actually fairly simple. First you will need to import the System.IO namespace and then do some chopping up of the file name.

Here's some pseudo code on how to accomplish this

Import System.IO

Sub MoveFiles()
     Filenames = Directory.GetFiles("C:\uploaded_files")
     SubBuild = ""
     For Each Filename as String in Filenames
          if mid(filename,0,1).tolower = "o" then
               SubBuild = "Oregon\"
          Else
               SubBuild = "Washington\"
          End If
          If mid(filename,1,1).tolower = "s" then
               SubBuild = SubBuild & "Sold\"
          Else
               SubBuild = SubBuild & "Leased\"
          End If
          If mid(filename,2,2).tolower = "vk" then
              SubBuild = SubBuild & "Victoria Kraus\"
          else
              SubBuild = SubBuild & "Dan Richards\"
          end if
          if mid(filename,4,2).tolower = "08" then
               subbuild = subbuild & "2008"
          end if
          if Directory.exists("C:\Files\" & subbuild) then
               file.move(filename,"C:\Files\" & subbuild & filename)
          else
               Directory.Create("C:\Files" & subbuild)
               file.move(filename,"C:\Files\" & subbuild & filename)
          End if
     Next
End Sub

Don't use my code exactly because it is pseudo VB.net. However, it should point you in the right direction to perform the function that you want.

Yeah I know what you mean. I had a devil of a time getting mine to work.

Are you using MSSQL 2005 or MSSQL 2005 Express?

I know if you install MSSQL 2005 Express and you don't give the service the correct name (which must be computername\SQLEXPRESS where computername is the name of your computer) it will not work correctly with VS2005 Express (and quite possibly VS2005). I don't have the full versions of the software so I don't know how to get them to work together.

I would suggest making that a separate thread. Maybe someone can help you get it working.

That's how I would do it.

You could have a button that triggers the loaddata() routine so that the data is incremented each time or something like that.

I tried using a datareader to show 1 field record in a message box.. and i only got 2 records saved how come it shows 3? the third one is taken from my autonumber field.. how can i read only the 2 records? is there like a condition for it?

con = New ADOcon(cnstring)
dt = New DataTable

ds = con.Opends("Select * from master", "master")
dt = ds.Tables("master")

Dim dr As DataTableReader = ds.CreateDataReader

While dr.Read
MsgBox(dr(1))
End While

Not quite sure about this one. You only have two records and it shows three? I've never seen this happen before.

From what I've heard Bound Controls are Evil

http://www.vbrad.com/Articles/art_binding_evil.htm

Actually, I don't use bound controls. I usually want to display all the data retrieved from the database at the same time and then I can select the parts that I want to work with. So I have no practice in creating bound controls in either VB6 or VB.NET.

The best is what I've found at this site concerning data binding to controls for VB.NET

Sorry couldn't be more help with this one.

http://www.vbforums.com/showthread.php?t=490455&highlight=Bound+Controls+Evil

That is also in my example. The DataTableReader object will allow me to go through the rows one at a time.

dim ds as DataSet = cd.returnQuery("SELECT * FROM tbl WHERE id = 10")
dim dr as DataTableReader = ds.CreateTableReader()
If dr.HasRows Then
     While dr.Read()
          'Do something with the row data 
          ' dr("columnName").toString is the way to access the actual ordinals (there are other way but I prefer this one).
     End While
End If

You can also check out information on the DataTableReader object from MSDN online http://msdn2.microsoft.com/en-us/library/system.data.datatablereader.aspx

So here's a bit of how I'm doing this so maybe it will help you:

One thing I'm using SQL Server 2005 Express. I don't know if this will work with Access.

Imports System.Data.SqlClient
Public Class clsData
    Private _con As SqlConnection
    Public Sub New()
        Dim constr As String = My.Settings.imgstoConnectionString
        _con = New SqlConnection("Data Source=.\SQLEXPRESS;AttachDbFilename="C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\imgsto.mdf";Initial Catalog=IMGSTO;Integrated Security=True;Connect Timeout=300;User Instance=False")
        _con.Open()
    End Sub

    'Use this function to return a dataset that you can iterate through SELECT queries
    Public Function returnQuery(ByVal qry As String) As DataSet
        Dim ret As New DataSet
        Dim da As New SqlDataAdapter()
        Try
            da.SelectCommand = New SqlCommand(qry, _con)
            da.Fill(ret)
            Return ret
        Catch ex As Exception
            Debug.WriteLine(ex.Message & " clsData.vb ")
            Return ret
        Finally
            da.SelectCommand.Dispose()
            da.Dispose()
            da = Nothing
        End Try
    End Function

    'Use this function for UPDATE and INSERT queries
    Public Function noReturnQuery(ByVal qry As String)
        Dim cmd As New SqlCommand(qry, _con)
        Try
            cmd.ExecuteNonQuery()
            Return True
        Catch ex As Exception
            Return ex
        Finally
            cmd.Dispose()
            cmd = Nothing
        End Try
    End Function

    'Call this method before destroying the instance.
    Public Sub Close()
        If Not _con Is Nothing Then
            If _con.State <> ConnectionState.Closed Then
                _con.Close()
            End If
            _con.Dispose()
            _con = Nothing
        End If
    End Sub
End Class

I will use this inside a method or function in my main application like this:

Private Function storageStatusDisplayData() As Boolean
        Dim cd As New clsData 'initialize new instance which opens a connection
        Dim qry = "SELECT sf.directory_id as dir_id, sd.directory_name as dir_name, COUNT(sf.directory_id) as fileCnt FROM storage_files …

I'll try to get something written up for you.

BTW Access Databases doesn't handle multithreading very well. We have an application at my company that used a Access Database and we always had trouble. Then we switched it to MSDE and now use MS SQL Server 2005 Express and it doesn't have the same problems.

Actually I've never really tried checking which is faster. The reason I do it this way is because I like to use multiple threads and sometimes if you pass multiple queries over the same connection from different threads it can be a bit of pain and I've had some lock up problems.

Memory isn't really the problem as long as you remember to dispose and set to nothing everything that you are done using. In my data class I pass datasets which I dispose of once I'm done processing them. The connection happens as soon as the New class is called and just before I set the class instance to Nothing I have a method called Close that disposes and closes all the objects and sets them to nothing as well. This way I'm controlling my memory usage.

As for speed it seems ok for me. The biggest problem is the computer I'm working on currently is just a bit slow for the type of database I'm using (SQL Server 2005 Express on a Windows 2K machine without a lot of RAM). However, I'm sure on a modern computer the speed problems I'm having would not show.

Hi,

When looking at your code I saw this function in your class

Public Function Opends(ByVal Query As String) As DataSet
Try
daobj = New OleDbDataAdapter
dsobj = New DataSet
MsgBox(cn.State)

daobj.SelectCommand = New OleDbCommand("Select * from master", cn)
daobj.Fill(dsobj)

MsgBox(dsobj.Tables.Count)
Return dsobj

Catch ex As Exception
Return dsobj
MessageBox.Show(ex.Message, "Error.", MessageBoxButtons.OK, MessageBoxIcon.Error)
End Try
End Function

When you created the new OleDbCommand object you specified a connection parameter cn. However, no where in your class do I see a OldDbConnection object declared and initialized. The only place where you have the cn created is in your sub Main routine which is local to the application but not necessarily to your class. If you want your class to use cn you will need to make a small change to the function OR you need to put the connection inside the class itself. If you want to create the connection in the Form and then pass it to the class you need to make this change to your function:

Public Function Opends(ByVal Query As String, ByVal cn as OldDbConnection) As DataSet
Try
daobj = New OleDbDataAdapter
dsobj = New DataSet
MsgBox(cn.State)

daobj.SelectCommand = New OleDbCommand("Select * from master", cn)
daobj.Fill(dsobj)

MsgBox(dsobj.Tables.Count)
Return dsobj

Catch ex As Exception
Return dsobj
MessageBox.Show(ex.Message, "Error.", MessageBoxButtons.OK, MessageBoxIcon.Error)
End Try
End Function

Usually I stay away from one single connection for all my database operations. In my data class I perform a new connection for each instance of the class. Whenever I need …