Hi member, am creating a shipping website with tracking page where shipment can be tracked for histry but I have problem with my php coding. I want only the tracking number entered into the tracking page to run MySql record on the database but with the code below, even any number i input or even with no input on the track page, would still run the database. Please I need help on...only the tracking number can run the record on MySQl. If my coding is wrong..pls correct me. =============== Here is the form action: <form action="#" method="post" target="_self"><input size="20" maxlength="15" /> <input type="submit" value="Track" /> <?php //Connect To Database $hostname='foo.example.com'; $username='foo'; $password='password'; $dbname='ee456874958my'; $usertable='3456746my'; mysql_connect($hostname,$username, $password) OR DIE ('Unable to connect to database! Please try again later.'); mysql_select_db($dbname); //This array contains all correct tracking numbers $correct_tracking_numbers=array(22333); if(in_array(22333,$correct_tracking_numbers)){ $query = 'SELECT * FROM ' . $usertable; $result = mysql_query($query) or die(mysql_error()); while($row = mysql_fetch_array($result)){ echo $row['Date/Time'] . " " . $row['Event']. " ". $row['Location']. " " . $row['Details'] . "<br/>"; } }else{ echo '<b>The tracking number you entered is not valid!</b>'; } ?> Pls help me I got get this done within days.
Try: <form action="" method="post"><input size="20" maxlength="15" name="tracking" /> <input type="submit" value="Track" /></form> <?php /* Connect To Database */ $hostname = 'foo.example.com'; $username = 'foo'; $password = 'password'; $dbname = 'ee456874958my'; $usertable = '3456746my'; mysql_connect($hostname, $username, $password) OR DIE ('Unable to connect to database! Please try again later.'); mysql_select_db($dbname); $correct_tracking_numbers = array('22333'); $tracking = $_POST["tracking"]; if(in_array($tracking, $correct_tracking_numbers)) { $query = 'SELECT * FROM ' . $usertable; $result = mysql_query($query) or die(mysql_error()); while($row = mysql_fetch_array($result)) { echo $row['Date/Time'] . " " . $row['Event']. " ". $row['Location']. " " . $row['Details'] . "<br/>"; } } elseif(isset($tracking)) { echo '<strong>The tracking number you entered is not valid!</strong>'; } ?> PHP:
HI....thnx for the reply. Am very g8tful. U don't know the smiles u ve put in my face....I have been battle with this for days with sleepless nites coupled with. Once again...Thanks and Thumbs up 2 u. I got your advice and also from a member from another forum which I would want you 2 look at and advice on. Look at the form and the script and advice pls cos I need to pass of the website to my client within days. Form: </head> <body> <form action="trackcheck.php" method="post" name="frmtrack" id="frmtrack"> Track Number : <input name="track_number" id="track_number" size="20" maxlength="15" /> <input type="submit" name="btuntrack" id="btuntrack" value="Track" /> </body> </html> ============ Script //Connect To Database $hostname='foo.example.com'; $username='foo'; $password='password'; $dbname='ee456874958my'; $usertable='3456746my'; mysql_connect($hostname, $username, $password) OR DIE ('Unable to connect to database! Please try again later.'); mysql_select_db($dbname); //This array contains all correct tracking numbers $track_number = $_POST['track_number']; if(empty($track_number)){ die('Please enter track number'); } else if(strlen($track_number) <= 0 || strlen($track_number) > 15){ die('Invalid track number'); } else{ $correct_tracking_numbers = array(22333); if(in_array($track_number, $correct_tracking_numbers)){ $query = 'SELECT * FROM ' . $usertable; $result = mysql_query($query) or die(mysql_error()); while($row = mysql_fetch_array($result)){ echo $row['Date/Time'] . " " . $row['Event']. " ". $row['Location']. " " . $row['Details'] . "<br/>"; } } else{ echo '<b>The tracking number you entered is not valid!</b>'; } }
</head> <body> <form action="trackcheck.php" method="post" name="frmtrack" id="frmtrack"> <label for="track_number">Track Number:</label> <input name="track_number" id="track_number" size="20" maxlength="15" /> <input type="submit" name="btuntrack" id="btuntrack" value="Track" /> </form> </body> </html> ============ Script // Database Details $hostname = 'foo.example.com'; $username = 'foo'; $password = 'password'; $database = 'db_name'; $table = 'tbl_name'; // Attempt connection at mysql. if(!($link = mysql_connect($hostname, $username, $password))) die('Unable to connect to the database.'); // Attempt selection of database. if(!mysql_select_db($database, $link)) die('Unable to select the database.'); // Retrieve the tracking number, typecast to int so it's safe. $tracking_number = (int)$_POST['track_number']; // Find the length of the tracking number, if it's less than or = to zero, it's zero, else it's the length. $tracking_length = (($length = strlen($tracking_number)) <= 0) ? 0 : $length; // Supply the array of tracking numbers. $correct_tracking_numbers = array('22333'); // If the tracking number isn't 0 and less than 15. if($tracking_length != 0 AND $tracking_length > 15) { // If the tracking number is in the list of correct numbers. if( in_array($tracking_number, $correct_tracking_numbers) ) { // Select all the columns from the table. $sql = sprintf("SELECT * FROM `%s`;", $table); $result = mysql_query($sql, $link); // While row is the mysql result. while($row = mysql_fetch_assoc($result)) { echo $row['Date/Time'],' ',$row['Event'],' ',$row['Location'],' ',$row['Details'],"<br />\n"; } } else { die('Tracking number isn\'t valid.'); } } else { die('Invalid tracking number.'); } Code (markup):
Hi friend...thanks for the reply. Am so grateful. I would like u 2 enlighten me on how to post multiple msql database and query from the trackcheck.php file? Pls advice
<?php // Credentials for the mysql instance and database. $host = 'localhost'; $user = 'root'; $pass = ''; $database = 'db_name'; // Create the mysql instance. $link = mysql_connect($host, $user, $pass); // Select the proper database. mysql_select_db($database, $link); // I like to put my SQL command in a separate variable. $sql = "SELECT `id`, `name` FROM `demo` LIMIT 0, 30;"; // Do the query, assign it as the result. $result = mysql_query($sql, $link); // While there are record in the result, loop. // This works because the fetch functions increment the pointer everytime it's called. while($row = mysql_fetch_object($result)) { echo $row->id; echo $row->name; } // Free up some memory. // (NOTE: doesn't always help with speed improvements.) mysql_free_result($result); // Lets do another query! ($sql gets wiped when reassigning.) $sql = "SELECT `data` FROM `files` LIMIT 0, 30;"; // Do the query, which runs independent from other queries. (result is wiped when reassigning) $result = mysql_query($sql, $link); // Loop through the data. while($row = mysql_fetch_assoc($result)) { echo $row['data']; } mysql_free_result($result); Code (markup):
Thanks for the reply but I must confirm it is more complicated. If you can refer from the previous script and explain beta I would realy much apprciate. Thank friend.