Interesting Discussion with my PHP Teacher
From: Robert Smith (usenet_for_robert_at_nospam.optusnet.com.au)
Date: 05/31/04
- Next message: Nikolai Chuvakhin: "Re: Password encryption: md5() vs. crypt()"
- Previous message: Gandhi: "Web Services class"
- Next in thread: Tim Van Wassenhove: "Re: Interesting Discussion with my PHP Teacher"
- Reply: Tim Van Wassenhove: "Re: Interesting Discussion with my PHP Teacher"
- Reply: Garp: "Re: Interesting Discussion with my PHP Teacher"
- Reply: Pedro Graca: "Re: Interesting Discussion with my PHP Teacher"
- Reply: Philipp Kern: "Re: Interesting Discussion with my PHP Teacher"
- Reply: David Mackenzie: "Re: Interesting Discussion with my PHP Teacher"
- Reply: Geoff Berrow: "Re: Interesting Discussion with my PHP Teacher"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 31 May 2004 18:47:59 +1000
I'm doing a website development course and during an exercise my teacher
gave me to do at home I was confronted with errors. Surprisingly, those
that did the exercise in class did not receive these errors. I told him
about the errors and we concluded that this was happening due to the
computers in class running php 4.3.2 and my computer is running php 4.3.6.
However I was told the way I solved the problem was uneligant code. He said
I should not code the way I did, even though I based the code from examples
I read from various php websites, because I would have trouble if a form
passed many variables, or if I had to pass variables between files. I
thought the way I was doing it was the correct, neat and tidy way to do it,
but I was told that it was the way new learning php coders do it so they can
understand, and I shouldn't do it that way. The line of code in question is
below.
The Teacher's code:
<?php
//return to input page if not all fields have been entered
//header redirection must appear at the top of the page before any screen
output
if ((!$_POST[product_no]) || (!$_POST[product_name]) || (!$_POST[unit]) ||
(!$_POST[unit_price]) || (!$_POST[enquiry])) {
header('Location: add_record.htm');
exit;
}
//get connection info from include file on hostname, username, password,
and database name
include('connect_info.php');
//connect to MySQL server and store connection info in the variable
$connection
$connection = @mysql_connect($hostname, $username, $password) or
die('Cannot connect to MySQL server.');
//select database and store connection info in the variable $db_selected
$db_selected = @mysql_select_db($db_name, $connection) or die('Cannot
connect to database.');
//construct SQL statement
$sql_statement = "INSERT INTO product_table(product_no, product_name,
unit, unit_price, enquiry) VALUES ('$_POST[product_no]',
'$_POST[product_name]', '$_POST[unit]', '$_POST[unit_price]',
'$_POST[enquiry]')";
//execute SQL statement to insert record
@mysql_query($sql_statement, $connection) or die('Cannot query table.');
?>
----------------------------------------------------------------------------
---------
Errors caused in php 4.3.6 by this code:
Notice: Use of undefined constant product_no - assumed 'product_no' in
C:\Inetpub\wwwroot\class_work\original_do_add_record.php on line 5
Notice: Use of undefined constant product_name - assumed 'product_name' in
C:\Inetpub\wwwroot\class_work\original_do_add_record.php on line 5
Notice: Use of undefined constant unit - assumed 'unit' in
C:\Inetpub\wwwroot\class_work\original_do_add_record.php on line 5
Notice: Use of undefined constant unit_price - assumed 'unit_price' in
C:\Inetpub\wwwroot\class_work\original_do_add_record.php on line 5
Notice: Use of undefined constant enquiry - assumed 'enquiry' in
C:\Inetpub\wwwroot\class_work\original_do_add_record.php on line 5
------------------------------------------------------------------------
My code:
<?php
$product_no = $_POST['product_no']; // This is the part of the
code the teacher didnt like
$product_name = $_POST['product_name'];
$unit = $_POST['unit'];
$unit_price = $_POST['unit_price'];
$enquiry = $_POST['enquiry'];
//return to input page if not all fields have been entered
//header redirection must appear at the top of the page before any screen
output
if (!$product_no || !$product_name || !$unit || !$unit_price || !$enquiry)
{
header('Location: add_record.htm');
exit;
}
//get connection info from include file on hostname, username, password,
and database name
include('connect_info.php');
//connect to MySQL server and store connection info in the variable
$connection
$connection = @mysql_connect($hostname, $username, $password) or
die('Cannot connect to MySQL server.');
//select database and store connection info in the variable $db_selected
$db_selected = @mysql_select_db($db_name, $connection) or die('Cannot
connect to database.');
//construct SQL statement
$sql_statement = "INSERT INTO product_table(product_no, product_name,
unit, unit_price, enquiry) VALUES ('$product_no', '$product_name', '$unit',
'$unit_price', '$enquiry')";
//execute SQL statement to insert record
@mysql_query($sql_statement, $connection) or die('Cannot query table.');
?>
----------------------------------------------------------------------------
-------
So is my code really that bad? How can I get the code to work if my way
really is that bad? I think the reason why the teacher's code is giving me
errors in php 4.3.6 is because the code does not quote in the posted form
values. For example $_POST[product_no] instead of $_POST['product_no'].
This can be easily fixed on line 5 where the error occurs, but I can't fix
it wher the sql statement is constructed because there are too many quotes.
For example:
$sql_statement = "INSERT INTO product_table(product_no, product_name, unit,
unit_price, enquiry) VALUES ('$_POST[product_no]', '$_POST[product_name]',
'$_POST[unit]', '$_POST[unit_price]', '$_POST[enquiry]')";
needs to be:
$sql_statement = "INSERT INTO product_table(product_no, product_name, unit,
unit_price, enquiry) VALUES ('$_POST['product_no']',
'$_POST['product_name']', '$_POST['unit']', '$_POST['unit_price']',
'$_POST['enquiry']')";
which of course will give you a parse error.
I eagerly await everyone's opinions on this :)
-- -Robert Smith ---------------------------------------------------------------------------- --------------------------------- Remove 'nospam.' from my email address if you wish to reply via email.
- Next message: Nikolai Chuvakhin: "Re: Password encryption: md5() vs. crypt()"
- Previous message: Gandhi: "Web Services class"
- Next in thread: Tim Van Wassenhove: "Re: Interesting Discussion with my PHP Teacher"
- Reply: Tim Van Wassenhove: "Re: Interesting Discussion with my PHP Teacher"
- Reply: Garp: "Re: Interesting Discussion with my PHP Teacher"
- Reply: Pedro Graca: "Re: Interesting Discussion with my PHP Teacher"
- Reply: Philipp Kern: "Re: Interesting Discussion with my PHP Teacher"
- Reply: David Mackenzie: "Re: Interesting Discussion with my PHP Teacher"
- Reply: Geoff Berrow: "Re: Interesting Discussion with my PHP Teacher"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
