-1

I'm developing irctc similar website similar project as college assignment. I'm providing user to search any train running on given date and validating from database. I'm using php and mysql and getting no error as well as invalid response from code. Please look at the code:

if (isset($_POST['btn_no'])) {
    $current_date=date("Y-m-d");
    $selected_date=$_POST['date'];
    $no=$_POST['train_no'];
    if ($selected_date>=$current_date) {
        $query="SELECT train_no FROM `trains` WHERE train_no='$no'";
        $found=$db->query($query);
        $rows=$found->num_rows;
        if ($rows==1) {
            $_SESSION['train_id']=$no;
            $_SESSION['date']=$_POST['date'];
            header("Location: showtrain.php"); 
        }
        elseif ($rows==0) {
?>
            <script>alert("Train no. invalid !")</script>
<?php
        }
    }
    elseif ($selected_date<$current_date) {
?>
            <script>alert("Wrong date");</script>
<?php
    }
}

Every time <script> is executed.

fusion3k
  • 11,568
  • 4
  • 25
  • 47
Prashant Tripathi
  • 57
  • 1
  • 9
  • Since you don't show where $db comes from... I'm going to take a stab in the dark and ask, should $found->num_rows be $found->num_rows()? – DragonYen Apr 07 '16 at 21:30
  • $db is PDO object and num_rows() will give error. – Prashant Tripathi Apr 07 '16 at 21:38
  • See http://stackoverflow.com/questions/5556540/problem-getting-num-rows-with-pdo-class-in-php -- looks like maybe you should be using rowCount() instead of num_rows? – DragonYen Apr 07 '16 at 21:49
  • *"and getting no error"* - That's because you're **not** checking for them. You say your connection is PDO and using `mysqli_` where those do NOT intermix. Plus, quite a few unknowns. So check for errors, you'll see a few of them. – Funk Forty Niner Apr 07 '16 at 22:16

1 Answers1

0

From what I can tell you have an error in you query

$query="SELECT train_no FROM `trains` WHERE train_no='$no'";

WHERE train_no='$no'" will be looking for the string '$no' instead of the variable $no.

Consider trying something like to make use of the value of the variable instead of having MYSQL interprate $no as a string.

$query="SELECT train_no FROM `trains` WHERE train_no=$no";

or 

$query="SELECT train_no FROM `trains` WHERE train_no=" . $no;
Crintus
  • 69
  • 1
  • 6