4 replies to this topic

[arvin00315]

hello guys! i need some help.

this codes is used to search my database, and it works but i cant remove the errors;
[ATTACH]4267[/ATTACH]


the errors came from the //VARIABLE DECLARATION
if i change the "double quotation" to a 'single quotation'
the error will be gone but the program will not working(you cant search the record) :confused:


please help to all pro out there and thanks in advance ^_^

Attached Files

•  search.php   10.02K   36 downloads

[bbqroast]

Well this is messy:

$month = "$_POST[month]";

$date = "$_POST[date_1]";

$year = "'$_POST[year]'";

change to:

$month = $_POST['month'];

$date = $_POST['date_1'];

$year = $_POST['year'];

Oh and do the same with the rest of your $_POST[] variables.

[Alexander]

Some variables may be fine in double quotes, however in the case of accessing an array, it is too messy to look at, or maintain.

echo "something: " . $var['a'];
echo "something $var[a]";
echo "something {$var['a']}";

Generally you would want to go with the first if possible. Try to correct these small issues and see if it runs, if it does not try to tell us the lines where the error occurs so it is more obvious.

One further observation:

You should sanitise your POST variables, as they could contain quotes and break the SQL query, or even malicious SQL code. Please see the FAQ in this forum area for more information.

Alexander.

[arvin00315]

thanks for the help, problem solved! by the way im just a newbie so i dont know that, but anyway thanks:thumbup1:

[Alexander]

arvin00315 said:

thanks for the help, problem solved! by the way im just a newbie so i dont know that, but anyway thanks:thumbup1:

Most tutorials are short and do not allow you to take in styles fully, feel free to purchase a book (or even cheaper/free ebook) and look at the various PHP popular projects available online, some do syntax correctly.