GatisB Posted December 11, 2009 Report Share Posted December 11, 2009 (edited) kods ir šāds - divi ievades lauki un tad funkcija un izvades lauki: <form method="post" action=""> <p>No Kuras pilsētas</p> <p><input type="text" name="nopils" value="" /></p> <p>Uz kuru pilsētu</p> <p><input type="text" name="uzpils" value="" /></p> <p><input type="submit" name="meklet" value="Meklēt" /> <input type="reset" name="reset" value="Atcelt" /></p> </form> <? if(isset($_POST['meklet'])) { if(isset($_POST['nopils']),($_POST['uzpils'])) { $sql=mysql_query("SELECT * FROM saraksts WHERE no='$_POST[nopils]' AND uz='$_POST[uzpils]' ");} while($myrow = mysql_fetch_assoc($sql)) { ?> <table align='center' class='saraksts'> <tr> <th width='24%' scope='row'><?php echo $myrow["no"] ?></th> <td width='24%'><?php echo $myrow["uz"] ?></td> <td width='20%'><?php echo $myrow["attiet"] ?></td> <td width='20%'><?php echo $myrow["pienak"] ?></td> <td width='12%'><?php echo $myrow["cena"] ?></td> </tr> </table> es jau nedeļu laužu galvu ar šo kritvardu mīklu, mekleju gan gramatas gan netā, bet takā ar php esmu pazistams tikai 2 meneshu, man gruti saprast anglju mēlē paskaidrojumus jo dažām funkcijam vel jegu nezinu, bet doma tada ka šis man neizvada autobusu sarakstus :( Edited December 11, 2009 by GatisB Quote Link to comment Share on other sites More sharing options...
briedis Posted December 11, 2009 Report Share Posted December 11, 2009 (edited) Nu tā, imo šitā nerakst: if(isset($_POST['nopils']),($_POST['uzpils'])) pareizi būs: if(isset($_POST['nopils']) && isset($_POST['uzpils'])) Un iekļaujot masīva elementus stringā, jāraksta ir šādi $sql=mysql_query("SELECT * FROM saraksts WHERE no='{$_POST['nopils']}' AND uz='{$_POST['uzpils']}' "); vai $sql=mysql_query("SELECT * FROM saraksts WHERE no='" . $_POST['nopils'] . "' AND uz='" . $_POST['uzpils'] . "' "); nevis tā kā tev tur... Un ieteiktu apstrādāt ievades laukus, ko liec kvērijā ar funkciju mysql_real_escape_string() $mainigais = mysql_real_escape_string($_POST['lauks']); $data = mysql_query("SELECT * FROM table WHERE lauks = '$mainigais'"); Edited December 11, 2009 by briedis Quote Link to comment Share on other sites More sharing options...
GatisB Posted December 11, 2009 Author Report Share Posted December 11, 2009 Paldies par ātro atbildi, bija laiks pamocities tālāk :) Un ieteiktu apstrādāt ievades laukus, ko liec kvērijā ar funkciju mysql_real_escape_string() $mainigais = mysql_real_escape_string($_POST['lauks']); $data = mysql_query("SELECT * FROM table WHERE lauks = '$mainigais'"); taks par && biju aizmirsis, kautkur biju lasijis un nebiju iedomajies, tas otrs piemers palidzeja, bet tāpat man nekas nestradā:(, izmeiģināju krustam šķērsām :( par to tavu kodu, kas domāts ievades laukiem, kā sapratu no pamācības tad ar to funkciju a un ā tiek laisti kā a? $mainigais1 = mysql_real_escape_string($_POST['nopils']); $mainigais2 = mysql_real_escape_string($_POST['uzpils']); $data = mysql_query("SELECT * FROM saraksts WHERE no = '$mainigais1' AND uz = '$mainigais2'"); kautkā tā? (kautgan domāju man tur citur ir problāma kautkāda kapec neiet (taustama ta lapa ir gatis.ideal.lv zem meklešana Quote Link to comment Share on other sites More sharing options...
briedis Posted December 11, 2009 Report Share Posted December 11, 2009 (edited) Nē, ā paliek kā ā, tikai visi speciāli simboli, kā piemēram pēdiņas tiek pataisīti "droši" priekš kvērija (galējie dati netiek mainīti). Ieteiktu palasīt sīkāk, kāpēc tā funkcija ir nepieciešama: http://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php Kļūdas paziņojumus nerāda? Ieliec lapas sākumā: error_reporting(E_ALL); ini_set("display_errors",true); un pēc kvērija izpildīšanas (pēc mysql_query, nākamā rinda) ieliec echo "Mysql kļūda:" . mysql_error(); offtopiks - tā lapa būs rīgas autoostais? Viņiem tak jau ir lapa... Edited December 11, 2009 by briedis Quote Link to comment Share on other sites More sharing options...
GatisB Posted December 11, 2009 Author Report Share Posted December 11, 2009 (edited) offtopiks - tā lapa būs rīgas autoostais? Viņiem tak jau ir lapa... da nē, aizgaju uz univeristati uz datorsistemam mācīties, a izskatas ka trāpiju "Programmēšanas inženieris" grupā, un php izvilku biljeti autoosta, nakam otrdien janodod mājas lapa lai sesiju pabeigtu, a man pirmstam no html, php, mysql bija tumsha bilde, tagad 2 meneshus nakim neguļu, jo paraleli tam vēl jāizprot kas par zvēru ir delphi7 ko joprojam nesaprotu, kā ari citas ar programmēšanu saistītas lietas :( BTW tiko pieliku un neka neraada :( Edited December 11, 2009 by GatisB Quote Link to comment Share on other sites More sharing options...
briedis Posted December 11, 2009 Report Share Posted December 11, 2009 Iekopē lūdzu kodu, kas ir līdz šim... Quote Link to comment Share on other sites More sharing options...
GatisB Posted December 11, 2009 Author Report Share Posted December 11, 2009 Iekopē lūdzu kodu, kas ir līdz šim... pilns lapas kods <? error_reporting(E_ALL); ini_set("display_errors",true); ?> <?php include ("blocks/db.php");/* savienojamiesa ar datubāzi */ $sql = mysql_query ("SELECT title, meta_d, meta_k, text FROM lapas WHERE lapa='schedule'",$db); $myrow = mysql_fetch_array ($sql); if (isset ($_POST['nopils'])) {$no=$_POST['nopils'];} if (isset ($_POST['uzpils'])) {$uz=$_POST['uzpils'];} ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta name="description" content="<?php echo $myrow['meta_d']; ?>" /> <meta name="keywords" content="<?php echo $myrow['meta_k']; ?>" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title><?php echo $myrow['title']; ?></title> <link href="style.css" rel="stylesheet" type="text/css" /> </head> <body> <table width="690" border="0" align="center" cellpadding="0" cellspacing="0" class="main_border"> <!--pievienojam Heatera BILDI VAI HEATERI --> <?php include ("blocks/header.php");?> <tr> <th align="left"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <!--pievienojam saita kreiso pusi ar menu --> <?php include ("blocks/lefttd.php");?> <td width="509px" align="left" valign="top" class="left"> <p> </p> <form method="post" action=""> <p>No Kuras pilsētas</p> <p><input type="text" name="nopils" value="" /></p> <p>Uz kuru pilsētu</p> <p><input type="text" name="uzpils" value="" /></p> <p><input type="submit" name="meklet" value="Meklēt" /> <input type="reset" name="reset" value="Atcelt" /></p> </form> <p><br /> </p> <table align="center" class="scheudle_title"> <tr bgcolor="#CCCCCC"> <th width="24%" scope="row"><strong>No</strong></th> <th width="24%"><strong>Uz</strong></th> <th width="20%"><strong>Atiešanas laiks</strong></th> <th width="19%"><strong>Pienākšanas laiks</strong></th> <th width="13%"><strong>Cena, Ls</strong></th> </tr> </table> <? if(isset($_POST['meklet'])) { if(isset($_POST['nopils'])&& isset($_POST['uzpils'])) { $sql=mysql_query("SELECT * FROM saraksts WHERE no='{$_POST['nopils']}' AND uz='{$_POST['uzpils']}' "); } echo "Mysql kļūda:" . mysql_error(); while($myrow = mysql_fetch_assoc($sql)){ }} ?> <table align='center' class='saraksts'> <tr> <th width='24%' scope='row'><?php echo $myrow["no"] ?></th> <td width='24%'><?php echo $myrow["uz"] ?></td> <td width='20%'><?php echo $myrow["attiet"] ?></td> <td width='20%'><?php echo $myrow["pienak"] ?></td> <td width='12%'><?php echo $myrow["cena"] ?></td> </tr> </table> <p> </p></td> </tr> </table></th> </tr> <!--pievienojam footeri --> <?php include ("blocks/footer.php");?> </table> </body> </html> Quote Link to comment Share on other sites More sharing options...
briedis Posted December 11, 2009 Report Share Posted December 11, 2009 (edited) Paskaties uzmanīgāk te: while($myrow = mysql_fetch_assoc($sql)){ }} ?> <table align='center' class='saraksts'> <tr> <th width='24%' scope='row'><?php echo $myrow["no"] ?></th> <td width='24%'><?php echo $myrow["uz"] ?></td> <td width='20%'><?php echo $myrow["attiet"] ?></td> <td width='20%'><?php echo $myrow["pienak"] ?></td> <td width='12%'><?php echo $myrow["cena"] ?></td> </tr> </table> <p> </p></td> </tr> </table> Vai nav tā, ka esi izlicis datu izvadīšanu ārpus cikla? :) un šito var uzrakstīt īsāk: <?php echo $myrow["uz"] ?> kā <?=$myrow["uz"];?> <?=$mainiiigais;?> Edited December 11, 2009 by briedis Quote Link to comment Share on other sites More sharing options...
GatisB Posted December 11, 2009 Author Report Share Posted December 11, 2009 taks paskatijos, paskatijos ka notiek izvade lapaa saraksti, kur tiek izvaditi saraksti, izdomaju par do un while un sanaca: <? if(isset($_POST['meklet'])) { if(isset($_POST['nopils'])&& isset($_POST['uzpils'])) { $sql=mysql_query("SELECT * FROM saraksts WHERE no='{$_POST['nopils']}' AND uz='{$_POST['uzpils']}' "); $myrow = mysql_fetch_array ($sql); } echo "Mysql kļūda:" . mysql_error(); do { echo "<table align='center' class='saraksts'> <tr> <th width='24%' scope='row'>".$myrow['no']."</th> <td width='24%'>".$myrow['uz']."</td> <td width='20%'>".$myrow['attiet']."</td> <td width='20%'>".$myrow['pienak']."</td> <td width='12%'>".$myrow['cena']."</td> </tr> </table>"; } while($myrow = mysql_fetch_assoc($sql)){ }} ?> sk ir 1, tik daudz erorus nebiju redzejis, itkā pat pieliku rindu mysql_fetch_array, jo mainīgais $myrow nebija itka nekur definets, bet tāpat erorā: "".$myrow['no']." ".$myrow['uz']." ".$myrow['attiet']." ".$myrow['pienak']." ".$myrow['cena']." "; } while($myrow = mysql_fetch_assoc($sql)){ }} ?> " piekam formējums aizgaja pa pieskari un šis arpus formas izleca Quote Link to comment Share on other sites More sharing options...
briedis Posted December 12, 2009 Report Share Posted December 12, 2009 tu tur esi kaut ko baigi saputrojis, visu struktūru sajauci... Nevajag nekādus do..while viss pavisma vienkārši: $data = mysql_query("SELECT ...."); while($row=mysql_fetch_assoc($data)){ echo $row['kaut_kaadas_kolonna_1'] . $row['kaut_kaadas_kolonna_2']; //utt } Quote Link to comment Share on other sites More sharing options...
GatisB Posted December 12, 2009 Author Report Share Posted December 12, 2009 tu tur esi kaut ko baigi saputrojis, visu struktūru sajauci... Nevajag nekādus do..while viss pavisma vienkārši: $data = mysql_query("SELECT ...."); while($row=mysql_fetch_assoc($data)){ echo $row['kaut_kaadas_kolonna_1'] . $row['kaut_kaadas_kolonna_2']; //utt } uztaisīju: $sql=mysql_query("SELECT * FROM saraksts WHERE no='{$_POST['nopils']}' AND uz='{$_POST['uzpils']}' "); echo "Mysql kļūda:" . mysql_error(); while($myrow = mysql_fetch_assoc($sql)){ echo $myrow["no"].$myrow["uz"].$myrow["attiet"].$myrow["pienak"].$myrow["cena"]; } bet, kā vienmēr, es pat vairs tabulā negribu, vnk gribeju redzet vai izvada, bet nekā, būšu jau apnicis laikam :) rit laikam ar svaigu galvu jamegina atkal padomat :) Quote Link to comment Share on other sites More sharing options...
GatisB Posted December 12, 2009 Author Report Share Posted December 12, 2009 kādam vēl ir kādi ierosinājumi kā artisināt so search? esmu izsmēlies galīgi jau Quote Link to comment Share on other sites More sharing options...
torrentz Posted December 12, 2009 Report Share Posted December 12, 2009 (edited) <?php error_reporting(E_ALL); ini_set("display_errors","on"); include ("blocks/db.php");/* savienojamiesa ar datubazi */ $sql = mysql_query("SELECT title, meta_d, meta_k, text FROM lapas WHERE lapa = 'schedule'",$db); $myrow = mysql_fetch_array($sql); if (isset($_POST['nopils'])) $no = mysql_real_escape_string($_POST['nopils']); if (isset($_POST['uzpils'])) $uz = mysql_real_escape_string($_POST['uzpils']); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta name="description" content="<?php echo $myrow['meta_d']; ?>" /> <meta name="keywords" content="<?php echo $myrow['meta_k']; ?>" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title> <?php echo $myrow['title']; ?> </title> <link href="style.css" rel="stylesheet" type="text/css" /> </head> <body> <table width="690" border="0" align="center" cellpadding="0" cellspacing="0" class="main_border"> <!--pievienojam Heatera BILDI VAI HEATERI --> <?php include ("blocks/header.php");?> <tr> <th align="left"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <!--pievienojam saita kreiso pusi ar menu --> <?php include ("blocks/lefttd.php");?> <td width="509px" align="left" valign="top" class="left"> <p></p> <form method="post" action=""> <p>No Kuras pilsÄ“tas</p> <p> <input type="text" name="nopils" value="" /> </p> <p>Uz kuru pilsÄ“tu</p> <p> <input type="text" name="uzpils" value="" /> </p> <p> <input type="submit" name="meklet" value="MeklÄ“t" /> <input type="reset" name="reset" value="Atcelt" /> </p> </form> <p> <br /> </p> <table align="center" class="scheudle_title"> <tr bgcolor="#CCCCCC"> <th width="24%" scope="row"> <strong>No</strong> </th> <th width="24%"> <strong>Uz</strong> </th> <th width="20%"> <strong>AtieÅ¡anas laiks</strong> </th> <th width="19%"> <strong>PienÄkÅ¡anas laiks</strong> </th> <th width="13%"> <strong>Cena, Ls</strong> </th> </tr> </table> <?php if(isset($_POST['meklet'])) { echo'<table align="center" class="saraksts"><tr>'; if(isset($_POST['nopils'])&& isset($_POST['uzpils'])) { $sql = mysql_query("SELECT * FROM saraksts WHERE no='$no' AND uz='$uz'"); } echo "Mysql kļūda:" . mysql_error(); while($myrow = mysql_fetch_assoc($sql)) { ?> <th width='24%' scope='row'> <?php echo $myrow["no"] ?> </th> <td width='24%'> <?php echo $myrow["uz"] ?> </td> <td width='20%'> <?php echo $myrow["attiet"] ?> </td> <td width='20%'> <?php echo $myrow["pienak"] ?> </td> <td width='12%'> <?php echo $myrow["cena"] ?> </td> <?php } echo'</tr></table>'; } ?> <p></p> </td> </tr> </table> </th> </tr> <!--pievienojam footeri --> <?php include ("blocks/footer.php");?> </table> </body> </html> Edited December 12, 2009 by torrentz Quote Link to comment Share on other sites More sharing options...
briedis Posted December 12, 2009 Report Share Posted December 12, 2009 Varbūt tev neizpildās tie kvērija nosacījumi un tāpēc nekas netiek atgriezts. Paprovē vienkārši: $data = mysql_query("SELECT * FROM saraksts"); while($row=mysql_fetch_assoc($data)){ print_r($row); } Skaties, kā tur tie dati glabājas..moš kaut kas ar garumzīmju kodējumu, tāpēc nevari atrast neko... Quote Link to comment Share on other sites More sharing options...
GatisB Posted December 12, 2009 Author Report Share Posted December 12, 2009 es pameiģināju terrentz veidoto, un aizgāja, dažas problemas ar burtiem bija bet tas galigs sīkums, Liels paldies tev Briedis mes sākumā pareizi domājām, jeb tu man ieteici, $no = mysql_real_escape_string($_POST['nopils']); ko ieteici, tikai es neieliku, un tabula kur izvadīt bija jāieliek citā vietā kā skatos. Paldies jums, un gan jau vēl piesiešos, iešu taisit admina bloku, vaig ielogošanos un pievienošanu labošanu, gan tur bus ari problemas :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.