Retrieving data from user inputs from mysql using php and html

cybereclipse

I've created an html form using php that displays a single row from a database table based on a variable value from a form. In this case entering a zip code that displays the city. I went to myphpadmin and did a search on the zip code and pull the name from the the ZIP5, Latitude, Longitude, Name, State, County, Statenum Stateabbrev, Statename. Just to give an idea, I used the a search on myphpadmin. Here is the query on zip codes

SELECT * FROM ZIP5 WHERE ZIP5 LIKE '01561'. Although, it's not returning any data from the db when I enter my zip. What else I'm missing?

<?php

require_once('con/condb.php');

if (ctype_digit($zip) && (preg_match('/\d{5}/', $zip))){
	echo $zip, ' is a valid zip code.';
}

$sql = "SELECT * FROM `ZIP5` WHERE `Name`";
$result = mysql_query($sql) or die ("Could not perform the query");
print ("We got" . mysql_num_rows($result) . "rows in our result<br/>");
print"<table border=0>";
while ($row = mysql_fetch_assoc($result)) {

   print "<tr><td>" .$row["City"] ."</td></tr>";
}
print "</table>";



$zip = "";


if (isset($_POST['Submit'])) {
$zip = $_POST['zip'];
if (is_numeric($zip)){

} else {
   echo "<p>Enter a zip code.</p>\n";

 }
 echo "<p>Your zip is, " .$zip. "</p>\n";
}



?>

<form name "Zip Code" action="testdemo.php" method="post">
<p>Enter your Zip Code   <input type="text" name="zip"  value="<?php echo $zip; ?> "/></p>
        <input type="submit" name="Submit" value="Send Form"/>
    </form>

bradgrafelman

Couple things:

Why do a LIKE comparison if you're not going to include any wildcard characters?
Are you sure the column and the table both share the same name (ZIP5)?

cybereclipse

I got the mysql syntax when i entered the zip code on myphpadmin.

The zip99 database contains the " ZIP5, Latitude, Longitude, Name, State, County, Statenum Stateabbrev, Statename" tables

bradgrafelman

cybereclipse;11000098 wrote:
I got the mysql syntax when i entered the zip code on myphpadmin.

So in other words the only SQL queries you know how to write are ones that some other tool generates for you? Might want to change that. 😉

cybereclipse;11000098 wrote:
The zip99 database contains the " ZIP5, Latitude, Longitude, Name, State, County, Statenum Stateabbrev, Statename" tables

Are those tables within your database, or are those columns within the ZIP5 table?

Also, does the query you're trying:

SELECT * FROM `ZIP5` WHERE `ZIP5` LIKE '01561'

return any results in phpMyAdmin?

Finally, you haven't shown us the PHP code you used when you tried to use the POST'ed zip code to retrieve the results from the DB?

cybereclipse

i apologize for not making myself clear. I was in a hurry to get out the door. I'm not trying to pull information from myphpadmin, that was just an example that I want to do in the actual php program. The php code is posted on my initial post.

Weedpacket

Do you have time now to answer bradgrafelman's other two questions?

bradgrafelman

cybereclipse;11000124 wrote:
I'm not trying to pull information from myphpadmin, that was just an example that I want to do in the actual php program.

Okay, but I never said that's what you were trying to do. All I suggested was that you use phpMyAdmin to execute the SQL query and see if you get any results. If you don't get any results in phpMyAdmin, then there's no point in trying to debug a PHP script that's not outputting any results.

cybereclipse;11000124 wrote:
The php code is posted on my initial post.

Right, but that PHP code does nothing with the user-supplied data (other than echo it back out to the user). Have you not tried to do something with the data yet? For example, have you not tried editing this SQL query:

$sql = "SELECT * FROM `ZIP5` WHERE `Name`";

(which appears to be unfinished) to SELECT only the rows where the column containing the zip code is equal to the value from the form?