stackoverflow this is my very first post :D. Now down to business, I am creating a private game site, that will be pulling IP Addresses (not sure if that's even legal, but I want the code done in case it is, so I can just put up my site) and storing them in a mysql database, since the names are already in the table. I have a form getting user input, that being the Name of the person:
<form action="/PHP/MembersIP.php" method="post">
In Game Name: <input type="text" name="Name">
<input type="submit">
And I have my external php file:
//the queries are written into their values
$selectname = "SELECT * from Members WHERE Name = " . $_POST['Name'];
$updateIP = "UPDATE Members SET IP = " . $_SERVER['REMOTE_ADDR'] . "WHERE Name = " . $_POST['Name'];
//check if the name is valid, if so add ip address in the row of the name given
if (!mysql_query($selectname) ) {
die('Your in game name was not found inside the database. Please check for misspellings, and try again. If problem persists please contact a guild official, or site manager. Inform them of the error: ' . mysql_error());
} else {mysql_query($updateIP);}
When entered a fake value for the name, while testing I got the right string:
Your in game name was not found inside the database. Please check for misspellings, and try again.If problem persists please contact a guild official, or site manager. Inform them of the error: Unknown column 'lol' in 'where clause'
But since the error code looked weird, I entered a real name in my database, and the same thing came out:
Your in game name was not found inside the database. Please check for misspellings, and try again. If problem persists please contact a guild official, or site manager. Inform them of the error: Unknown column 'name' in 'where clause'
So i know it's my first query (second one would fail too since i did it the same way) that has something wrong with calling the column "Name" and finding the value $_POST["Name"]. I just cant figure it out, so can someone help out a bit, and explain. For any tips out there please wait until I have gotten my explanation before giving me your additional information.
Thank you
Edit:
Thank you everyone, I fixed the problem. When I originally wrote the script, and it gave me the error, I changed it to:
SELECT * from Members WHERE Name = '" . $_POST['Name'] . "';";
Since I had no success clause it gave me a blank page, so I thought it had worked. I checked my table and the ip cell was still blank, so I thought it had not been run at all, so I went back to the base of the root with the error code and searched for problems with the code, but I couldn't find any problem except the one I had just fixed that had not "worked". That is the moment all code stopped making sense to me, and I came here to post. But after looking at others answers I noticed I needed a script to test if any code had run, so I added a success script, and before I retested:
SELECT * from Members WHERE Name = '" . $_POST['Name'] . "';";
I noticed I had other code that I had written the same way that popped up the error:
UPDATE Members SET IP = " . $_SERVER['REMOTE_ADDR'] . "WHERE Name = " . $_POST['Name'];
Finally I added the success script and edited both queries, and it was successful. Here's the updated php:
$selectname = "SELECT * from Members WHERE Name = '" . $_POST['Name'] . "';" ;
$updateIP = "UPDATE Members SET IP = '" . $_SERVER['REMOTE_ADDR'] . "' WHERE Name = '" . $_POST['Name'] . "';";
if (!mysql_query($selectname) )
{
die('Your in game name was not found inside the database. Please check for misspellings, and try again. If problem persists please contact a guild official, or site manager. Inform them of the error: ' . mysql_error());
}
else
{
mysql_query($updateIP);
echo "Thank you " . $_POST['Name'] . ", this device's Ip Address has been saved. You may now edit your account, and use guild resources from this device.";
}
Moral of the story always add strings to test code. ty everyone
