Okay, so where is it supposed to come from then? As mentioned, "key" is not defined in your form to post, so therefore it will not exist in $_POST. Your query will return no results unless there's a record with the 'key' field set to an empty string (not null though).
That should work, and even without error if I'm not mistaken.
Just reading through to get familliar and noticed this slightly weird remark!
Whats wrong with the using technique I provided? It's a feature of PHP that lets you make life easier. If it works, it works. It saves you bashing out more stuff on the keyboard too
//Please don't use this for your form processing:
if (isset($_POST['submit']))
//Internet explorer has a bug and does not always send the submit value.
Just reading through to get familliar and noticed this slightly weird remark!
Whats wrong with the using technique I provided? It's a feature of PHP that lets you make life easier. If it works, it works. It saves you bashing out more stuff on the keyboard too
I think he touched based on it but here is the reason why it is better not to use it straight from the manual.
Yes and even the php manual confirms that its ok to do what I showed:
PHP Code:
// The following is okay, as it's inside a string. Constants are not looked for // within strings, so no E_NOTICE occurs here print "Hello $arr[fruit]"; // Hello apple
For some reason a few of you in this thread seem to think that I had missed out the single quotes inside the square brackets despite being an sql query wrapped in double quotes. I'm perplexed as to why you all seem to think I've got it so dreadfully wrong when as shown above, the php manual clearly shows this technique is 'okay'.
To quote:
Quote:
as it's inside a string. Constants are not looked for within strings
//Please don't use this for your form processing:
if (isset($_POST['submit']))
//Internet explorer has a bug and does not always send the submit value.
But did you read the explanation? It is okay but there is a small risk you need to be willing to take that it may not work in future versions of php if they decide to define constants that aren't defined so now you would end up with something like $_POST[] if you used $_POST[bar] because bar as a constant wouldn't contain anything.
__________________
||||If you are getting paid to do a job, don't ask for help on it!||||
You're slightly misunderstanding what they're saying I think:
Quote:
PHP may in future define constants which, unfortunately for such code, have the same name. It works because PHP automatically converts a bare string (an unquoted string which does not correspond to any known symbol) into a string which contains the bare string. For instance, if there is no defined constant named bar, then PHP will substitute in the string 'bar' and use that.
Thats different to the technique I advised. You're thinking of
PHP Code:
print $_POST[foo];
but I was talking of
PHP Code:
print "$_POST[foo]";
PHP are talking of defining constants instead of using a string if it exists. I am not demonstrating using a constant but using a string which (as quoted in my previous post) is treated as a string because its already inside a string. Strings are variable so PHP isn't suddenly going to decide that there is a constant half way through a string is it!
//Please don't use this for your form processing:
if (isset($_POST['submit']))
//Internet explorer has a bug and does not always send the submit value.
"SELECT id, email, key FROM friendko_text WHERE key = '$_POST[key]'";
Quote:
Originally Posted by Fou-Lu
That should work, and even without error if I'm not mistaken.
But I don't like that. The 'key' in my eyes is now a constant which should be a string.
What I mean is to do as:
PHP Code:
$query = "SELECT id, email, key FROM friendko_text WHERE key = {$_POST['key']}"; // or $query = "SELECT id, email, key FROM friendko_text WHERE key = " . $_POST['key'];
Having looked at this post again, the only way 'key' could become a constant in my example string is if you're thinking that my double quotes were just used to quote a string and not to show the quotes as part of the code. I did however leave a semicolon there to show that it should be seen as code.
I would like to clarify that my double quotes were supposed to be included as part of the code and NOT just to show the SQL itself. I should have used php code tags but I was in a rush.
//Please don't use this for your form processing:
if (isset($_POST['submit']))
//Internet explorer has a bug and does not always send the submit value.
Just looks strange I guess, similar to how Fou-Lu to him makes it look like a constant so we need to make it a string.
Which is why I was asking Fou what was wrong! Fou operates on a higher plane of intelligence to the rest of us using complicated words, explanations and understandings so I'm sure there must be another reason logical for his previous comments
//Please don't use this for your form processing:
if (isset($_POST['submit']))
//Internet explorer has a bug and does not always send the submit value.
Whoa whoa, I didn't say it was wrong to do it. I said it was wrong in my eyes to do that.
Strings are evaluated as scalar and never expand constants. Because of this, using print "an $array[var]"; is valid since 'var' is considered a string already and will not fall back to a constant (and therefore it will not trigger a notice). But to me, strings should only evaluate scalar data unless indicated that it should parse complex data. PHP is greedy in its expansion as well, regardless of if a variable is a complex type.
All of these expansion issues is why I normally NEVER embed variables within a string and go with printf's for control instead. For an example:
PHP Code:
$a = array('var' => 'value'); $b = 'array';
print "$a[var], $b[var]\n";
My intent here is to print the string value, array[var], but I won't end up with that. Instead I end up with value, a since 'var' is an invalid offset, but won't trigger a notice of such. Any of the following will give me what I want:
Given the complexity of the first two, that is why I much prefer the use of a print formatter instead. This reminds me a lot of the back references as well, when you say \11, do you mean \1 followed by a 1, or \11, or a tab? Complex evaluation would get around that as well.
else if ($carrier == "verizon") { $formatted_number = $to."@vtext.com"; mail("$formatted_number", "SMS", "$message"); // Currently, the subject is set to "SMS". Feel free to change this.
I did make the key change to the html form, the php code is not redirecting. Thanks for all your help!
Quote:
Originally Posted by _Aerospace_Eng_
$_POST['key'] will always be empty. You have no form input with name="key". You probably got some kind of key from the place letting you use their SMS service that you need to provide to their api.
if ((empty($key)) || (empty($message)) { header ("Location: sms_error.php"); }
else if ($row['carrier'] == "verizon") { $formatted_number = $to."@vtext.com"; mail("$formatted_number", "SMS", "$message"); // Currently, the subject is set to "SMS". Feel free to change this.
You still need $to which you don't have anymore so no emails will get sent but to get the values to print in the while loop you need to actually select them
PHP Code:
<?php $con = mysql_connect("localhost","friendko_admin","Macbookpro17#"); if (!$con) { die('Could not connect: ' . mysql_error()); }
Before you post, read our: 
