Query unexpectedly fails - mysql

I am creating a simple member system using MySQL, and have stumbled onto a problem.
The issue is that I am using the correct SQL query to search the column Username, and find Administrator, but however my query isn't finding anything.
I have searched the internet for a solution (with many results taking my back to Stack Overflow), but however have not found anything.
The query that I am using is:
SELECT * FROM members WHERE Username = "Administrator"
Which looks find from my end, but however does not return any results:
Am I doing something wrong here?
I am new to MySQL & PHP, so if something is obviously wrong with what I'm doing here, please tell me nicely, and please don't 'flame'.
Edit:
When attempting to run this query though PHP, I get:
Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in /home/crysisor/public_html/checklogin.php on line 22
The above code confirms that something is wrong...
Relevant code:
$user = mysqli_real_escape_string($sqli, $_POST['user']);
$pass = mysqli_real_escape_string($sqli, $_POST['pass']);
if ($user && $pass) {
$checkuser= mysqli_num_rows(mysqli_query($sqli, "SELECT * FROM users WHERE Username='".$user."'"));

I have a few hints which may help you resolve your problem.
Make the query itself a PHP variable, and echo it. Then copy and paste the echoed result into phpMyAdmin.
Use single quotes for query variables. The query itself should be in double quotes.
Unrelated: the password looks short. It shouldn't be stored in plain text.

Related

CakePHP Error: SQLSTATE[42S02] table not found - but exist

You might read this question every day so i tried another Stackoverflow's answer before asking:
CakePHP table is missing even when it exists
Anyways. The table i try to select data from does exist (quadra-checked uppercase/lowercase!) and it gets also listed via $db->->listSources().
Here's a screenshot of the query, the message and the last result from listing all Datasource's tables:
http://i.stack.imgur.com/CdhcV.png
Note: If i run this query in PHPMyAdmin manually it works fine. I would say its impossible to get the pictures output at one time in a view - now its up to you to tell me the opposite. By the way: I am pretty sure to use the correct Datasource.
I should tell additionally that the mysql-server is hosted on another platform. Since i can use it for my localhost-phpmyadmin if i modify the config.inc.php i can promise it is no Firewall-Problem.
Written in behalf of xcy7e:
The mistake was to execute the Query from the local Model. Here's the code:
$conn = ConnectionManager::getDataSource('myDB');
$conn->query($query);
// instead of $this->query($query);

MySQL Query Error Validation

I running a Mysql Query to select some data, Sometimes i get a error called
mysql_fetch_assoc() expects parameter 1 to be resource, boolean given
when i executed this following code,
$result = $this->db->execute($sql);
for ($i = 0; $data[$i + 1] = mysql_fetch_assoc($result); $i++);
array_pop($data);
how do i optimize this coding to prevent any errors ?
is there anything wrong with it ? should i ignore this error ?
That means that the query is buggy, whyever, most likely because you construct it using components from sources which you do not really check enough. A buggy statement throws an error (since no result can be computed). That error is returned as false instead of a mysql result ressource. Since you do not check if the query succeeded but blindly try to retrieve details from the result, you get this second error.
So there are four things you have to invest into:
you should always check if a query succeeded at all:
enclose your query into a conditional: if (FALSE!==($result=$this->db->execute($sql))) and only retrieve from the result ressource if that condition resolves to true.
make sure you really (really!) check all input data you use to construct your query. Checking here also means to encode and escape it correctly, also see point 4. for this.
in cases like this it is important to analyze what exactly it is that is going wrong. There is little sense in guessing what might be going wrong. So in addition to checking if the query succeeded at all (1.) you should also take a look at the error message mysql throws if this is not the case. Use the method mysql_error() for this. It is well documented just as every other function too.
you should rework your code and migrate from phps old, long deprecated mysql extension to either mysqli or PDO. Both are php extensions that offer more security against constructing buggy statements. Read about "prepared statements" and "parameter binding" for this.

odd sql error, variable not being recognized correctly

I'm currently in hour two of this issue, I can't explain it so I will simply show what is going on. I don't know if this matters at all, but I am using the linkedIN API to retrieve a user's linkedIn unique ID.
In English, what I'm doing:
User Signs in with LinkedIn
I read-in user's LinkedIn ID (returned from the API)
If ID exists in database, say "hello", if not, show them a form to register
The issue I am having:
The following line works and properly returns the 1 user I have in the database with a linkedIn ID of OtOgMaJ2NM
$company_data = "SELECT * FROM s_user WHERE `LI_id` = 'OtOgMaJ2NM'";
The following query returns no results - using the same database with the same record in the table s_user:
$linkedIn_id = "<?js= id ?>";
echo $linkedIn_id;
The following code outputs OtOgMaJ2NM with no trailing spaces.
So far so good ... expcept when I run the query this time using the variable, no records are returned!
$company_data = "SELECT * FROM s_user WHERE `LI_id` = '$linkedIn_id'";
Further notes:
When I echo $company_data the same query is displayed when I use the variable as did when I used the plain text version of the query.
Anyone have ANY ideas?
Thanks,
Evan
I can only assume that when echoing variables it strips the tags, so when you're using it with the query you're actually saying:
$company_data = "SELECT * FROM s_user WHERE `LI_id` = '<?js= OtOgMaJ2NM ?>'";
I could be wrong, but have you tried stripping the tags from the variable?
If you send the variable between the "", the MySQL engine will search for $linkedIn_id literally and not for its content.
Seems you are using php, but I'm not sure about the right syntax. Take a look in the docs.

Get Redmine custom field value to a file

I'm trying to create a text file that contains the value of a custom field I added on redmine. I tried to get it from an SQL query in the create method of the project_controller.rb (at line 80 on redmine 1.2.0) as follows :
sql = Mysql.new('localhost','root','pass','bitnami_redmine')
rq = sql.query("SELECT value
FROM custom_values
INNER JOIN projects
ON custom_values.customized_id=projects.id
WHERE custom_values.custom_field_id=7
AND projects.name='#{#project.name}'")
rq.each_hash { |h|
File.open('pleasework.txt', 'w') { |myfile|
myfile.write(h['value'])
}
}
sql.close
This works fine if I test it in a separate file (with an existing project name instead of #project.name) so it may be a syntax issue but I can't find what it is. I'd also be glad to hear any other solution to get that value.
Thanks !
(there's a very similar post here but none of the solutions actually worked)
First, you could use Project.connection.query instead of your own Mysql instance. Second, I would try to log the SQL RAILS_DEFAULT_LOGGER.info "SELECT ..." and check if it's ok... And the third, I would use identifier instead of name.
I ended up simply using params["project"]["custom_field_values"]["x"] where x is the custom field's id. I still don't know why the sql query didn't work but well, this is much simpler and faster.

CI: Session Variables and json_encode

I have values I've added to my session that I'd like to pass into an query as follows:
$eventTypeID = $this->session->userdata('eventtypeID');
$this->session->unset_userdata('eventtypeID');
$venueCityID = $this->session->userdata('venuecityID');
$this->session->unset_userdata('venuecityID');
echo json_encode($this->event_model->getSearchEvents($eventTypeID, $venueCityID));
The issue I'm running into is that last line (echo json_encode...) will not run when the prior variables are extracted/unset. If I comment out the variables, and run simply:
echo json_encode($this->event_model->getSearchEventsAll());
Then all works well. Can someone tell my why json_encode doesn't seem to play well with sessions and how I may be able to get this to work? Thanks!
EDITED
After much frustration, it now appears the issue may not be with the session, but is instead with outputting my query:
$this->db->_compile_select();
$q = $this->db->get();
echo $this->db->last_query();
All used to work fine, and I was able to "intercept" the query to see what was being called, but now when using _compile & last_query, nothing happens????
Run json_last_error() to see if any errors were encountered encoding the data. See the example on the docs page for proper usage:
http://www.php.net/manual/en/function.json-last-error.php
We're not certain what $this->event_model->getSearchEvents($eventTypeID, $venueCityID) returns VS $this->event_model->getSearchEvents(), but there should definitely not be any problems related to the use of variables.
As always, try var_dump() on the output (try before decoding) and see what the differences are between the two return values of the function. You might even be encountering an error within the function itself that's stopping execution - make sure error_reporting() is on full-blast.