PHP Errors Help - S.O.S.!!! - PHPBuilder Forums

PHP Errors Help - S.O.S.!!!

ntaylor

:queasy:
Hello, I'm taking a PHP online course and I keep getting connection errors. Here's my codes and screenshots. Please help!!!
[ATTACH]4334[/ATTACH]

[ATTACH]4335[/ATTACH]

[ATTACH]4336[/ATTACH]

[ATTACH]4337[/ATTACH]

[ATTACH]4338[/ATTACH]

😕

dagon

please past the appropriate pieces of php in to the forum using the boards php mark-up tags.

ntaylor

dagon;10984627 wrote:
please past the appropriate pieces of php in to the forum using the boards php mark-up tags.

Okay, how do I do that?

bradgrafelman

ntaylor;10984642 wrote:
Okay, how do I do that?

Just post the relevant lines referenced in the error message(s) (and a few lines above it, so that we get an idea of the context that the code is in). Example:

product.php (lines 30-51)

<div id="content">
<?php include("../connect.php");?>
<?php

		$productresult = mysqli_query($link, 'SELECT productID, productName, productDetails, productPicture, productPrice FROM product;');?>
<h1>Product</h1>
ID : <?php echo $_POST["productID"]; ?><br/>
<br/>
 Name: <?php echo $_POST["productName"]; ?><br/>
 <br/>
            Details: <?php echo $_POST["productDetails"]; ?><br/>
            <br/>
            Image: <?php echo $_POST["productPicture"]; ?><br/>
            <br/>
            Price: <?php echo $_POST["productPrice"]; ?><br/>

  <br/>

 <p><a href="../products.php">Return to Products</a></p>   


</div>

manageProducts.php (lines 30-60)

<div id="content">
<h1>Manage Products</h1>
<?php include("../connect.php");
$id = $_GET['viewproduct'];

$result = mysqli_query($link, "Select * from Product where productID = '$productID'");

if (isset($_REQUEST['productID']) && $_REQUEST['productID'] !="")
{
	$id = mysqli_real_escape_string($link, $_POST['productID']);
	$result = mysqli_query($link,"SELECT productID, productName, productDetails, productPicture, productPrice
			FROM Product WHERE productID ='$productID'");


while ($row = mysqli_fetch_array($result))
{
	$Product[] = array('productID' => $row['productID'], 'productName' => $row['productName'],'productDetails' => $row['productDetails'],'productPicture' => $row['productPicture'],'productPrice' => $row['productPrice'], );
}

}

  ?>

				<form action="product.php" method="post">

						<input type="hidden" name="id" value="<?php
								echo $Product['productID']; ?>"/>
						<input type="submit" name="action" value="Edit"/>
						<input type="submit" name="action" value="Delete"/>
				</form>
</div>

searchProducts.php (lines 32-74)

<?php include("../connect.php");
$id = $_GET['viewproduct'];

$result = mysqli_query($link, "Select * from Product where productID = '$productID'");

if (isset($_REQUEST['productID']) && $_REQUEST['productID'] !="")
{
	$id = mysqli_real_escape_string($link, $_POST['productID']);
	$result = mysqli_query($link,"SELECT productID, productName, productDetails, productPicture, productPrice
			FROM Product WHERE productID ='$productID'");


while ($row = mysqli_fetch_array($result))
{
	$Product[] = array('productID' => $row['productID'], 'productName' => $row['productName'],'productDetails' => $row['productDetails'],'productPicture' => $row['productPicture'],'productPrice' => $row['productPrice'], );
}

}

  ?>
<form method="post" action="">
<?php echo $Product['productID']?> :: <?php echo htmlspecialchars($Product['productName'], ENT_QUOTES, 'UTF-8'); ?> 
- <?php echo $Product['productPrice'] ?>
<form action="results.php" method="get">
			<p>View products satisfying the following criteria:</p>
			<div>
				<label for="name">By name:</label>
				<select name="name" id="name">
					<option value="">Any product</option>
					<?php foreach ($products as $Product): ?>
						<option value="<?php htmlout($Product['productID']); ?>"><?php
								htmlout($Product['productName']); ?></option>
					<?php endforeach; ?>
				</select>
			</div>
			<div>
				<label for="price">By price:</label>
				<select name="price" id="price">
					<option value="">Any price</option>
					<?php foreach ($products as $Product): ?>
						<option value="<?php htmlout($Product['productID']); ?>"><?php
								htmlout($Product['productPrice']); ?></option>
					<?php endforeach; ?>

As for your error messages...

product.php

You execute a SQL query, and yet you never fetch any rows from the result set. In addition, there is no ORDER BY, WHERE, and/or LIMIT clauses, so I'm a bit confused - what is that SQL query supposed to be doing?
You also attempt to echo out external data POST'ed to the script without first verifying that the data exists. However, since the index names match up with the columns you SELECT'ed in the query, I'm wondering... were you attempting to echo data from the database? If so, you might want to find a basic PHP tutorial (or two) about retrieving data from a MySQL database. $_POST is used for accessing data POST'ed to the script (such as via a <form>, for example - see [man]variables.external[/man] for more info.)

manageProducts.php

This:
```
$id = $_GET['viewproduct']; 
```
will cause an E_NOTICE level error message if $_GET['viewproduct'] doesn't exist. You should never access external data without first verifying that it exists (e.g. using [man]isset/man or [man]empty/man).

For that reason, I like to define variables such as $id like so:
```
$id = isset($_GET['viewproduct']) ? $_GET['viewproduct'] : NULL;
```
which is nothing more than a shortened version of:
```
if(isset($_GET['viewproduct']))
    $id = $_GET['viewproduct'];
else
    $id = NULL;
```
You can then check to see if($id === NULL) later on and print out an error message (if appropriate).
This SQL query:
```
$result = mysqli_query($link, "Select * from Product where productID = '$productID'");
```
uses an undefined variable $productID. What value is $productID supposed to hold?
You've wrapped the second SQL query around an if() statement that first checks if an external variable exists (much better!), and inside of that if() statement you build a variable called $Product to hold the result of the SQL query.

However, outside of that if() statement you attempt to echo information from $Product. If that external variable isn't set (which based on your error messages I'm betting it isn't), then $Product will never have been defined. Notice the error in logic there?
Speaking of $Product, what you're building is a multi-dimensional array. $Product itself will contain a numerically indexed array (whose elements are associative arrays). In other words, $Product['productID'] will never exist - only $Product[0], $Product[1], etc.

If your goal is to output a form for each product, why build a $Product array at all? Just echo out the appropriate HTML for each product inside of the while() loop.
Finally, note that if productID is a numeric column (e.g. an AUTO_INCREMENT integer column, perhaps?) then using [man]mysqli_real_escape_string/man is not appropriate (hint: the last word in the function name isn't number, it's string - hence it should only be used for string data).

Instead, it's better to either use something like [man]is_int/man to check if the data looks like an integer, or simply type cast it to an (int)

searchProducts.php

Same problems as #1 and #2 above from manageProducts.php in regards to these lines:

$id = $_GET['viewproduct']; 

$result = mysqli_query($link, "Select * from Product where productID = '$productID'")

Actually, now that I look at it, I've got pretty much all of the same comments for searchProducts.php as I did for manageProducts.php above. You're again accessing things like $Product['productID'] or $Product['productName'] - neither of which will ever exist with the array structure you have.

Additionally, you have this [man]foreach[/man] structure:

                    <?php foreach ($products as $Product): ?> 
                        <option value="<?php htmlout($Product['productID']); ?>"><?php 
                                htmlout($Product['productName']); ?></option> 
                    <?php endforeach; ?>

which attempts to walk through the array $products, yet $products has never been defined.