Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New to the CF scene
    Join Date
    Apr 2014
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Depracated Functions Plus Novice. Help please!

    To begin with with, let me start by saying hi to you all and appreciate the time and effort you all take to help out.

    I'm brand new to php and finding it slightly more frustrating than I thought. To keep it short, I've been learning it the hard way with mostly deprecated methods etc etc.

    Anyway, I kindly request some help....I can't figure out what's wrong with some bit of script that wouldn't run. I've tried all sorts in the last couple of days and can't figure it out. It would appear something has deprecated....In particular, this last bit of code won't run and I've exhausted all my debug avenues:

    A library web app that allows users to check/search for books. I'm stuck getting the result set back from the mysql database.

    Code:
    try {
    	$sth = $db->query($query);
    	$bookcount = $sth->rowCount(); // Only works for MySQL
    	if ($bookcount == 0){
    		printf ("Sorry mate, we did not find any matching books");
    		exit();
    	}
    	printf('<table bgcolor="#bdc0ff" cellpadding="6">');
    	printf('<tr><b><td>Title</td> <td>Authour</td> </b> </tr>');
    	while ($row = $sth->fetch(PDO::FETCH_ASSOC)){
    		printf("<tr> <td> %s </td> <td> %s </td> </tr>", htmlentities($row["title"]), htmlentiies($row["author"]));
    	}
    }
    catch (PDOException $e){
    printf("We had a problem: %s\n", $e->getMessage());
    }
    printf("</table>");
    printf("<br> We found %s matching books", $bookcount);
    Here's the code in full, along with the booksearch page...

    Code:
    <?php 
     error_reporting(E_ALL); 
    ?>
    <html>
    
    <head>
    <title>Book Search Results</title>
    </head>
    <body>
    
    <h3>Book Search Results</h3>
    <hr>
    <?php
    /* Data Validation 
    // If text we want to store in the database contains special characters, they need to be quoted. 
    // E.g Book Title ..... The Pilgrim's Progress would be ("The Pilgrim\'s Progress")
    
    // HTML Entities
    // If text we want to send to the browser contains special characters, the need to be converted to html Entities.
    // E.g Book Title called "<tags> & stuff", &lt;tags&gt; &amp; stuff
    
    // Input Validation (to flag mistakes back to user and guard against malicious input)
    // PHP "filters" allow validation of a string against pre-defined types:
     E.g
    	$email = "fred@example.com";
    	if (! filter_var($email, FILTER_VALIDATE_EMAIL))
    	echo "address invalid"
    
    
    // This is the PDO version 
    
    // Get data from form
    // trim — Strip whitespace (or other characters) from the beginning and end of a string (removes white space).*/
    printf("PHP running 1");
    $searchtitle = trim($_POST['searchtitle']);
    $searchauthor = trim($_POST['searchauthor']);
    printf("PHP running 2");
    
    /*if ($searchtitle && !$searchauthor){
    	printf("You must specify either a title or an author.");
    	exit();
    }
    
    if (!$_POST['searchtitle'] || !$_POST['searchauthor'])
    {
    	printf("You must specify either a title or an author.");
    	//die(‘You did not complete all of the required fields’);
    }*/
    
    // Add slashes to user input where data contains special characters.
    $searchtitle = addslashes($searchtitle);
    $searchauthor = addslashes($searchauthor);
    printf("PHP running 3");
    
    // Open the database connection
    try {
    	$db = new PDO("mysql:host=localhost; dbname=library", "root", "456465463453523");
    	$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    	printf("Database opened");
    }
    catch (PDOException $e) {
    	printf("Unable to open database: %s\n", $e->getMessage());
    }
    printf("PHP running 4");
    
    // Build the query. Users are allowed to search on title, author, or both
    // Double quotes protect single quotes
    $query = "select all from books";
    
    printf("PHP running 5");
    
    if ($searchtitle || !$searchauthour) { //Title search only
    	$query = $db->query("select * from books where title like '%'$searchtitle'%'");	
    }
    printf("PHP running 6");
    
    if (!$searchtitle || $searchauthour) { //Author search only
    	$query = $db->query("select * from books where author like '%'$searchauthor'%'");
    }
    printf("PHP running 7");
    
    if ($searchtitle || $searchauthour) { //Title & Author search
    	$query = $db->query("select * from books where title like '%'$searchtitle'%' and author like '%'$searchauthor'%'");
    //$query = $query "where title like '%" $searchtitle "%' and authour like '%" $searchauthor "%'";
    }
    printf("PHP running 8");
    
    //printf ("Debug: running the query %s <br>", $query);
    
    try {
    	$sth = $db->query($query);
    	$bookcount = $sth->rowCount(); // Only works for MySQL
    	if ($bookcount == 0){
    		printf ("Sorry mate, we did not find any matching books");
    		exit();
    	}
    	printf('<table bgcolor="#bdc0ff" cellpadding="6">');
    	printf('<tr><b><td>Title</td> <td>Authour</td> </b> </tr>');
    	while ($row = $sth->fetch(PDO::FETCH_ASSOC)){
    		printf("<tr> <td> %s </td> <td> %s </td> </tr>", htmlentities($row["title"]), htmlentiies($row["author"]));
    	}
    }
    catch (PDOException $e){
    printf("We had a problem: %s\n", $e->getMessage());
    }
    printf("</table>");
    printf("<br> We found %s matching books", $bookcount);
    ?>
    
    </body>
    </html>
    Code:
    <!DOCTYPE html>
    <html>
    <head>
    <meta charset="utf-8" />
    <title>Book Search</title>
    </head>
    <body>
    
    <form  action="booksearch.php" method="POST">
    <table cellpadding="12">
    	<tbody>
    		<tr>
    			<td>Title</td>
    			<td><input type="text" name="searchtitle"></td>
    		</tr>
    		<tr>
    			<td>Author</td>
    			<td><input type="text" name="searchauthor"></td>
    		</tr>
    		<tr>
    			<td>Omit books on loan</td>
    			<td><input type="checkbox" name="omitbooks"></td>
    		</tr>
    		<tr>
    			<td></td>
    			<td><input type="submit" name="submit" value="Submit"></td>
    		</tr>
    	</tbody>
    </table>
    
    </form> 
    
    </body>
    </html>
    Please help

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    Post the error; nothing jumps out as an obvious deprecated usage.
    The last block of code will never run unless there is a property called `all` in the table books. There are two possible values of $query, the first is select all from books and the other is an object of type PDOStatement. As mentioned, unless `all` is a valid property in the table, both of these will fail to execute. It looks like the original idea was to append conditions, and that makes far more sense to me. You should continue to do that. This is also open for injection, so you should be preparing the statement:
    PHP Code:
    $aCondition = array();
    $aCriteria = array();
    $query "SELECT title, author FROM books";

    if (!empty(
    $searchauthor))
    {
        
    $aCondition[] = "author LIKE ?";
        
    $aCriteria[] = '%' $searchauthor '%';
    }
    if (!empty(
    $searchtitle))
    {
        
    $aCondition[] = "title LIKE ?";
        
    $aCriteria[] = '%' $searchtitle '%';
    }

    if (!empty(
    $aCondition))
    {
        
    $query .= " WHERE " implode(' AND '$aCondition);
    }

    try
    {
        
    $stmt $db->prepare($query);
        
    $stmt->execute($aCriteria);
        while (
    $row $stmt->fetch(PDO::FETCH_ASSOC))
        {
            
    print_r($row);
        }
    }
    catch (
    PDOException $e)
    {
        
    printf("We had a problem: %s\n"$e->getMessage());

    You'll need to format it and all that fun stuff. Untested, works okay in my head, you should also perform more validation and verification against both of the inputs.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 
    Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)

  • #3
    New to the CF scene
    Join Date
    Apr 2014
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks Fou-Lu. Much appreciated.

    Just working on a couple of possible solutions at the moment.


  •  

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •