Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3

Thread: Unknow Column

  1. #1
    Regular Coder slappyjaw's Avatar
    Join Date
    Mar 2009
    Location
    Wonderland!
    Posts
    146
    Thanks
    14
    Thanked 3 Times in 3 Posts

    Cool Unknow Column

    PHP Code:
    <?php require_once('../Connections/mysql.php'); ?>
    <?php
    if (!function_exists("GetSQLValueString")) {
    function 
    GetSQLValueString($theValue$theType$theDefinedValue ""$theNotDefinedValue ""
    {
      
    $theValue get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

      
    $theValue function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

      switch (
    $theType) {
        case 
    "text":
          
    $theValue = ($theValue != "") ? "'" $theValue "'" "NULL";
          break;    
        case 
    "long":
        case 
    "int":
          
    $theValue = ($theValue != "") ? intval($theValue) : "NULL";
          break;
        case 
    "double":
          
    $theValue = ($theValue != "") ? "'" doubleval($theValue) . "'" "NULL";
          break;
        case 
    "date":
          
    $theValue = ($theValue != "") ? "'" $theValue "'" "NULL";
          break;
        case 
    "defined":
          
    $theValue = ($theValue != "") ? $theDefinedValue $theNotDefinedValue;
          break;
      }
      return 
    $theValue;
    }
    }
    session_start();
    $colname_friends "-1";
    if (isset(
    $_SESSION['kt_login_user'])) {
      
    $colname_friends $_SESSION['kt_login_user'];
    }

    mysql_select_db("rubygir_slappyjaw");
        if(!
    $mysql) {
        
            echo 
    'Could not connect to the database.';
        } else {
        
            if(isset(
    $_POST['queryString'])) {
                
                if(
    strlen($queryString) >0) {
                    
    mysql_select_db($database_mysql$mysql);
    $query_friends sprintf("SELECT * FROM friends WHERE (friend LIKE `{$queryString}` AND username = %s)"GetSQLValueString($colname_friends"int"));
    $friends mysql_query($query_friends$mysql) or die(mysql_error());
    $row_friends mysql_fetch_assoc($friends);
    $totalRows_friends mysql_num_rows($friends);
                    if(
    $query True) {
                    echo 
    '<ul>';
                        while (
    $row_friends $result) {
                             echo 
    '<li onClick="fill(\''.$result['friend'].'\');">'.$result['friend'].'</li>';
                         }
                    echo 
    '</ul>';
                        
                    } else {
                        echo 
    "We're sorry but you currently do not have any friends to message to.";
                    }
                } else {
                    
    // do nothing
                
    }
            } else {
                echo 
    'There should be no direct access to this script!';
            }
        }

    mysql_free_result($friends);
    ?>
    For some reasion this script is returning a mysql error saying Unknown column '"ENTEREDVALUE"' in 'where clause'. this script allows users to select there friends from a ajax drop down list. Thank you for any help!

  • #2
    Senior Coder whizard's Avatar
    Join Date
    Jan 2005
    Location
    Philadelphia, PA, USA
    Posts
    1,662
    Thanks
    14
    Thanked 76 Times in 76 Posts
    well, sounds like ENTEREDVALUE doesnt exist in the database...

    Dan
    PHP Tip: If you want to use short tags (<? or <?=$var) then make sure short_open_tag is set to "1". It really helps.

    Don't forget to save everyone time and mark your thread as Resolved :)

    "Also note that it is your responsibility to die() if necessary."

    DON'T USE THE MYSQL_ EXTENSION

  • #3
    Senior Coder tomws's Avatar
    Join Date
    Nov 2007
    Location
    Arkansas
    Posts
    2,644
    Thanks
    29
    Thanked 330 Times in 326 Posts
    This is a Dreamweaver drag-and-drop thing, right? Isn't kt_login_user the username? If so, you've either dragged and dropped an incorrect field or mis-tweaked the query perhaps.

    If you really mean to be querying using the username, then change the data type you're passing to GetSQLValueString from "int" to "text" (I think that's a valid type name).
    PHP Code:
    );
    $query_friends sprintf("SELECT * FROM friends WHERE (friend LIKE `{$queryString}` AND username = %s)"GetSQLValueString($colname_friends"text")); 
    Oh, that "ENTEREDVALUE" thing is probably part of an error message from GetSQLValueString that you're not catching. That's a drawback of drag-and-drop coding - you get extra junk tossed in and necessary tests missing.

    EDIT: That being said, I guess it's no more of a drawback than sloppy hand-coding. The final quality really comes down to who's sitting behind the keyboard... or the mouse.
    Are you a Help Vampire?


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •