----- Original Message -----
From: Jason Pruim <japruim@raoset.com>
To: TG <tg-php@gryffyndevelopment.com>
Cc: "PHP General List" <php-general@lists.php.net>
Date: Fri, 14 Mar 2008 14:56:32 -0400
Subject: Re: [php] Is this the best way?

>
> On Mar 14, 2008, at 1:44 PM, TG wrote:
>
> >
> > What error are you getting? Maybe there's some way to fix that too.
>
> The error I get without checking the row count is this:
>
> You have an error in your SQL syntax; check the manual that
> corresponds to your MySQL server version for the right syntax to use
> near 'order by LName' at line 1

Ok so the next thing to check is your query. Maybe echo it out so you can
see what's actually attempting to execute.

I don't see an "ORDER BY" in the SQL listed below.

Usually when I get errors like this, it's because a variable I expect to be
populated isn't and it messes up the SQL by leaving a blank where it
expects something.

SELECT * FROM users WHERE username = 'tg' ORDER BY LName

If I had:

$user = "'tg'"

with the single-quotes inside the variable.. if I typo'd on $user and did
something like:

$query = "SELECT * FROM users WHERE username = $usr ORDER BY LName";

Then I'd get:

SELECT * FROM users WHERE username = ORDER BY LName



> >
> >
> > Just remember that errors and notices are like pain. It usually means
> > there's something wrong. If you're getting an error, there may be a
> > better
> > way of doing waht you're doing.
> >
> > Ideally, you should get zero results if there's no match in the user
> > database.
> >
> > Typically for a user lookup, you might do something like this:
> >
> > SELECT <whatever> FROM usertable WHERE username = '<username>' AND
> > password =
> > '<password>'
>
> Which is very simular to what I have:
>
> $loginQuery = "SELECT * FROM current WHERE loginName='".$user."' AND
> loginPassword='".$password."' LIMIT 0,1;";
> $loginResult = mysqli_query($link1, $loginQuery) or die("Wrong data
> supplied or database error" .mysqli_error($link1));

On Mar 14, 2008, at 5:03 PM, TG wrote:

>
>
>
> ----- Original Message -----
> From: Jason Pruim <japruim@raoset.com>
> To: TG <tg-php@gryffyndevelopment.com>
> Cc: "PHP General List" <php-general@lists.php.net>
> Date: Fri, 14 Mar 2008 14:56:32 -0400
> Subject: Re: [php] Is this the best way?
>
>>
>> On Mar 14, 2008, at 1:44 PM, TG wrote:
>>
>>>
>>> What error are you getting? Maybe there's some way to fix that too.
>>
>> The error I get without checking the row count is this:
>>
>> You have an error in your SQL syntax; check the manual that
>> corresponds to your MySQL server version for the right syntax to use
>> near 'order by LName' at line 1
>
> Ok so the next thing to check is your query. Maybe echo it out so
> you can
> see what's actually attempting to execute.

echo from my actual query
SELECT * FROM current WHERE loginName='japruim' AND
loginPassword='mybadpassword' LIMIT 0,1;
>
>
> I don't see an "ORDER BY" in the SQL listed below.

The ORDER BY actually comes from a different query that should ONLY be
done AFTER successful login... It's actually related to the sorting of
the records that should be retrieved.
>
>
> Usually when I get errors like this, it's because a variable I
> expect to be
> populated isn't and it messes up the SQL by leaving a blank where it
> expects something.
>
> SELECT * FROM users WHERE username = 'tg' ORDER BY LName
>
> If I had:
>
> $user = "'tg'"
>
> with the single-quotes inside the variable.. if I typo'd on $user
> and did
> something like:
>
> $query = "SELECT * FROM users WHERE username = $usr ORDER BY LName";
>
> Then I'd get:
>
> SELECT * FROM users WHERE username = ORDER BY LName

--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
japruim@raoset.com

Jason Pruim wrote:
>
> On Mar 14, 2008, at 5:03 PM, TG wrote:
>
>>
>>
>>
>> ----- Original Message -----
>> From: Jason Pruim <japruim@raoset.com>
>> To: TG <tg-php@gryffyndevelopment.com>
>> Cc: "PHP General List" <php-general@lists.php.net>
>> Date: Fri, 14 Mar 2008 14:56:32 -0400
>> Subject: Re: [php] Is this the best way?
>>
>>>
>>> On Mar 14, 2008, at 1:44 PM, TG wrote:
>>>
>>>>
>>>> What error are you getting? Maybe there's some way to fix that too.
>>>
>>> The error I get without checking the row count is this:
>>>
>>> You have an error in your SQL syntax; check the manual that
>>> corresponds to your MySQL server version for the right syntax to use
>>> near 'order by LName' at line 1
>>
>> Ok so the next thing to check is your query. Maybe echo it out so you
>> can
>> see what's actually attempting to execute.
>
> echo from my actual query
> SELECT * FROM current WHERE loginName='japruim' AND
> loginPassword='mybadpassword' LIMIT 0,1;

obviously it isn't this SQL statement that is causing the problem, it doesn't
have the ORDER BY piece that is failing.

>>
>>
>> I don't see an "ORDER BY" in the SQL listed below.
>
> The ORDER BY actually comes from a different query that should ONLY be
> done AFTER successful login... It's actually related to the sorting of
> the records that should be retrieved.

Somehow it is getting to this statement and the variable that you are using just
before the ORDER BY part is empty, Why don't you show us that statement.



--
Jim Lucas

"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
by William Shakespeare

On Mar 14, 2008, at 7:44 PM, Jim Lucas wrote:

> Jason Pruim wrote:
>> On Mar 14, 2008, at 5:03 PM, TG wrote:
>>>
>>>
>>>
>>> ----- Original Message -----
>>> From: Jason Pruim <japruim@raoset.com>
>>> To: TG <tg-php@gryffyndevelopment.com>
>>> Cc: "PHP General List" <php-general@lists.php.net>
>>> Date: Fri, 14 Mar 2008 14:56:32 -0400
>>> Subject: Re: [php] Is this the best way?
>>>
>>>>
>>>> On Mar 14, 2008, at 1:44 PM, TG wrote:
>>>>
>>>>>
>>>>> What error are you getting? Maybe there's some way to fix that
>>>>> too.
>>>>
>>>> The error I get without checking the row count is this:
>>>>
>>>> You have an error in your SQL syntax; check the manual that
>>>> corresponds to your MySQL server version for the right syntax to
>>>> use
>>>> near 'order by LName' at line 1
>>>
>>> Ok so the next thing to check is your query. Maybe echo it out so
>>> you can
>>> see what's actually attempting to execute.
>> echo from my actual query
>> SELECT * FROM current WHERE loginName='japruim' AND
>> loginPassword='mybadpassword' LIMIT 0,1;
>
> obviously it isn't this SQL statement that is causing the problem,
> it doesn't have the ORDER BY piece that is failing.
>
>>>
>>>
>>> I don't see an "ORDER BY" in the SQL listed below.
>> The ORDER BY actually comes from a different query that should ONLY
>> be done AFTER successful login... It's actually related to the
>> sorting of the records that should be retrieved.
>
> Somehow it is getting to this statement and the variable that you
> are using just before the ORDER BY part is empty, Why don't you
> show us that statement.

Requested statement below:

$query = "SELECT * from ".$linkauth['table']." order by ".$sortOrder;

The $linkauth['table'] is returned when the authentication is
successful. Otherwise it's not written so that you have to log in to
see the contents of the database.


>
>
>
>
> --
> Jim Lucas
>
> "Some men are born to greatness, some achieve greatness,
> and some have greatness thrust upon them."
>
> Twelfth Night, Act II, Scene V
> by William Shakespeare
>

--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
japruim@raoset.com