Hi all.

I am trying to set up a script that will process the content of 2 variables which arrive at the site via a SMS Gateway. If I set 2 two variables with static data the script works fine.

If I set the variables to the $REQUEST statements the data in the $REQUEST's is not written to the database.

I have spoken to the SMS Gateway provides and they say that by using $REQUEST or $POST the script should work, (well they would say that, would'nt they)

Can anyone see where in the script the problem may be.

<?php require_once('../Connections/connect.php'); ?>
<?php 

if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    

    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

// If I use the variables below the script work fine. 
//$s = 888888;
//$m = 1338014;

// but if I use the variables below the content of the avriables is not written to the database.

$s = $_REQUEST['source'];
$m = $_REQUEST['Body'];

  $updateSQL = sprintf("UPDATE members SET  mobile=$s WHERE member_id=$m");



  mysql_select_db($database_b_domain, $connect);
  $Result1 = mysql_query($updateSQL, $connect) or die(mysql_error());



$colname_act = "-1";
if (isset($_GET['member_id'])) {
  $colname_act = $_GET['member_id'];
}
mysql_select_db($database_b_domain, $connect);
$query_act = sprintf("SELECT member_id, mobile FROM members WHERE member_id = %s", GetSQLValueString($colname_act, "int"));
$act = mysql_query($query_act, $connect) or die(mysql_error());
$row_act = mysql_fetch_assoc($act);
$totalRows_act = mysql_num_rows($act);

?>

    Not sure why you're using this:

    $updateSQL = sprintf("UPDATE members SET  mobile=$s WHERE member_id=$m");

    when

    $updateSQL = "UPDATE members SET  mobile=$s WHERE member_id=$m";

    will do the same.

    Are you getting an error from your query? Have you tried echoing out the query created when accessed from the mobile gateway?

      Hi liquorvicar

      Many thanks for your reply.

      (please forgive this) how do I echo the error,

      I could use "echo mysql_error ();" but if I am remote from the server how can I see the result.

      Many thanks

        Hi again.

        Now I do have a problem.

        This is what I have got with all none related stuff taken out.

        //$s = 888888;
//$m = 1338014;

$n = $_POSt['source'];
$m = $_POST['Body'];

$updateSQL = "UPDATE members SET  mobile=$n WHERE member_id=$m"; 



  mysql_select_db($database_connect, $connect);
  $Result1 = mysql_query($updateSQL, $connect) or die(mysql_error());
  echo mysql_error();

        The above code now displays and error when I try and run it.

        You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE member_id=' at line 1

        Can you see where I am going wrong.

          $POSt is not the same as $POST.

          Also note that you've lost the sanitizing mechanisms you used in your first script.

            Write a Reply...