It is currently Mon Dec 09, 2019 1:46 pm

All times are UTC




Post new topic Reply to topic  [ 8 posts ] 
Author Message
 Post Post subject: SQL being retarded? WHERE SQL = 'HARRY'
 
Offline
Unstoppable
Unstoppable
Years of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membership

Joined: Sun Nov 15, 2009 8:40 pm
Posts: 1038
Karma: 10
So I've this code right;
Spoiler for Code here!!:
Code:
<?php

    $mysql_host = "mysql10.000webhost.com";
    $mysql_database = "a1693608_points";
    $mysql_user = "a1693608_harry";
    $mysql_password = "lolnope";

    $conn =  mysql_connect($mysql_host, $mysql_user, $mysql_password)or die("Couldn't connect to DB" . mysql_error());
    mysql_select_db($mysql_database, $conn);


    $email = $_GET[email];
    $sql='select * from users where email=\'$email\'';

    $result=mysql_query($sql,$conn) or die(mysql_error());

    if (mysql_num_rows($result) == "1") {
       $user = mysql_fetch_array( $result );
       $password = $user["id"];
         $result = array("code" => "125", "account_id" => $user[id]);

    } else {
       $result = array("code" => "126");
    }

   $JSON_Result = json_encode($result);
    echo $JSON_Result;
?>


Then I go to the page; [email protected]
Why does it tell me this:
Code:
Access denied for user 'a1693608_harry'@'10.1.1.33' to database 'select * from users where email='[email protected]''

I set the database on line 8, to connect to the points database. So why is it taking my query as the database name?


Last edited by Harry on Thu Jun 21, 2012 1:27 am, edited 1 time in total.

Thu Jun 21, 2012 1:26 am 
 Profile E-mail  
 
 Post Post subject: Re: SQL being retarded? WHERE SQL = 'HARRY'
 
Offline
Unstoppable
Unstoppable
Years of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membership

Joined: Sun Nov 15, 2009 8:40 pm
Posts: 1038
Karma: 10
Side note: Yes I know that I can get penetrated like an Internet Explorer browser in XP sp0, without firewall.

_________________
Skillers wrote:
Oh gawd no! Not the crazy frog! Arghhhhhh! $&^%&*^%*&#$^ %$(%^((% %$(O*%(#*%^ %)*#$&%)*@#% %_(#&%*%) frog


Thu Jun 21, 2012 1:27 am 
 Profile E-mail  
 
 Post Post subject: Re: SQL being retarded? WHERE SQL = 'HARRY'
 
Offline
Godlike Poster
Godlike Poster
Years of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membership
User avatar

Joined: Sun Oct 16, 2005 9:42 am
Posts: 8795
Karma: 17

Location: Imagine in your mind a posh country club
Steam Login Name: azcn2503
Hey Harry :D

Just make sure that user 'a1693608_harry'@'10.1.1.33' has SELECT permission on database "a1693608_points" and it should be fine.

You can probably do this by looking at CP.

_________________
Follow your heart and live the dream <3


Thu Jun 21, 2012 8:48 am 
 Profile E-mail  
 
 Post Post subject: Re: SQL being retarded? WHERE SQL = 'HARRY'
 
Offline
Unstoppable
Unstoppable
Years of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membership

Joined: Sun Nov 15, 2009 8:40 pm
Posts: 1038
Karma: 10
Well this works for some reason?!?

Spoiler for Cowd:
Code:
<?php

    $mysql_host = "mysql10.000webhost.com";
    $mysql_database = "a1693608_points";
    $mysql_user = "a1693608_harry";
    $mysql_password = "olyeah?";

    $conn =  mysql_connect($mysql_host, $mysql_user, $mysql_password)or die("a . " . mysql_error());
    mysql_select_db($mysql_database, $conn);


    $sql="select * from manPoints";
    $result=mysql_query($sql,$conn) or die(mysql_error());

    $myJSonArray = array();
    while($row = mysql_fetch_array($result)) {
       
        //print_r ($row['Title']);
        $emptyArrayItem = array();

        for ($i=0; $i<9; $i++) {
            array_push($emptyArrayItem, $row[$i]);
        }

        array_push($myJSonArray, $emptyArrayItem);

    }

    $encoded_array = json_encode($myJSonArray);
    echo $encoded_array;
?>

_________________
Skillers wrote:
Oh gawd no! Not the crazy frog! Arghhhhhh! $&^%&*^%*&#$^ %$(%^((% %$(O*%(#*%^ %)*#$&%)*@#% %_(#&%*%) frog


Thu Jun 21, 2012 1:10 pm 
 Profile E-mail  
 
 Post Post subject: Re: SQL being retarded? WHERE SQL = 'HARRY'
 
Offline
Unstoppable
Unstoppable
Years of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membership

Joined: Sun Nov 15, 2009 8:40 pm
Posts: 1038
Karma: 10
Figured it out. The query needed the variable to be outside of the string for some reason, usually having 'our string value is $result' works :/

'select * from users where email=\'' . $email . '\'';

_________________
Skillers wrote:
Oh gawd no! Not the crazy frog! Arghhhhhh! $&^%&*^%*&#$^ %$(%^((% %$(O*%(#*%^ %)*#$&%)*@#% %_(#&%*%) frog


Thu Jun 21, 2012 4:07 pm 
 Profile E-mail  
 
 Post Post subject: Re: SQL being retarded? WHERE SQL = 'HARRY'
 
Offline
Top Gun (Admin)
Top Gun (Admin)
Years of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membership
User avatar

Joined: Mon Sep 12, 2005 1:37 pm
Posts: 5854
Karma: 38

Location: Looking for the droid you're looking for.
Steam Login Name: simonpcook
In PHP, using double quotes allows variable substitiution, whereas single quotes don't.

e.g.
<?php $a='ohhai'; echo "$a"; echo '$a'; ?>
will print
ohhai$a

_________________



Thu Jun 21, 2012 6:56 pm 
 Profile E-mail  
 
 Post Post subject: Re: SQL being retarded? WHERE SQL = 'HARRY'
 
Offline
Unstoppable
Unstoppable
Years of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membership

Joined: Sun Nov 15, 2009 8:40 pm
Posts: 1038
Karma: 10
Is this a feature or a bug? Or a bug that turned into a feature.

I was trying previously using double quotes with a whole variable, and it wasn't working, but it might have been another error that I had fixed along the way..

_________________
Skillers wrote:
Oh gawd no! Not the crazy frog! Arghhhhhh! $&^%&*^%*&#$^ %$(%^((% %$(O*%(#*%^ %)*#$&%)*@#% %_(#&%*%) frog


Thu Jun 21, 2012 6:59 pm 
 Profile E-mail  
 
 Post Post subject: Re: SQL being retarded? WHERE SQL = 'HARRY'
 
Offline
Top Gun (Admin)
Top Gun (Admin)
Years of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membershipYears of membership
User avatar

Joined: Mon Sep 12, 2005 1:37 pm
Posts: 5854
Karma: 38

Location: Looking for the droid you're looking for.
Steam Login Name: simonpcook
It's a feature, its for those who don't want argument substitution but want to write dollahs

_________________



Thu Jun 21, 2012 7:01 pm 
 Profile E-mail  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Karma functions powered by Karma MOD © 2007, 2009 m157y