Back To Programming / Scripting / Coding Forum

Question PHP

  • psilvaj_12
  • Newbie
  • Newbie
  • No Avatar
  • Joined: Dec 20, 2010
  • Posts: 9
  • Status: Offline

Post December 23rd, 2010, 3:28 am

Hi,

I'm a beginner in the PHP world. I am trying to make a page and wanted to do something that I do not find in my research.
I have a variable that is entered by the user ($IF)and then have to go see a table which describes the result.
Can I have this variable in a database and their description and when the variable is generated the description appear? Otherwise I'll have to put the whole table.

How can I do this, please.
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post December 23rd, 2010, 3:28 am

  • steve101
  • Beginner
  • Beginner
  • No Avatar
  • Joined: Mar 26, 2004
  • Posts: 35
  • Status: Offline

Post December 23rd, 2010, 12:47 pm

Where is it entered? A form?

If so, you would have something like this..

PHP Code: [ Select ]
$if=$_POST["formfield"] //Set $if = whatever the user enters
$query=mysql_query("SELECT description FROM table WHERE field='$if'");
//Get Result From the database
$result=mysql_fetch_array($query);
//Show the field result - description
echo $result[0];
 
  1. $if=$_POST["formfield"] //Set $if = whatever the user enters
  2. $query=mysql_query("SELECT description FROM table WHERE field='$if'");
  3. //Get Result From the database
  4. $result=mysql_fetch_array($query);
  5. //Show the field result - description
  6. echo $result[0];
  7.  
  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Joined: Sep 22, 2003
  • Posts: 6130
  • Loc: Seattle, WA
  • Status: Offline

Post December 25th, 2010, 12:24 am

Steve, what happens when someone submits the following text in the form field:

Code: [ Select ]
'; DROP TABLE `table`;--


Always sanitize inputs first.

PHP Code: [ Select ]
mysql_real_escape_string($if);
The Beer Monocle. Classy.

Page 1 of 1

Post Information

  • Total Posts in this topic: 3 posts
  • Users browsing this forum: No registered users and 130 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 2011 Unmelted, LLC. Ozzu® is a registered trademark of Unmelted, LLC.