Re: php mysql max() question

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Kenny Pepiton
Date:  
To: Main PLUG discussion list
Subject: Re: php mysql max() question
I myself don't trust PHP frameworks for the simple reason of
understanding the code that goes into my site as well as understanding
the security vulnerabilities that my own code creates. I am not very
fond of not knowing where my code vulnerabilities lie and waiting
patiently for a fix in the framework to keep my sites securely coded.

Kenny


Eric Cope wrote:
> Use a PHP framework like CakePHP or CodeIgniter and life is much better...
>
>
> On Sun, Apr 12, 2009 at 7:47 PM, Craig White <
> <mailto:craigwhite@azapple.com>> wrote:
>
>     On Sun, 2009-04-12 at 15:13 -0700, A. W. Wright wrote:
>     > Craig White wrote:
>     > > just want the max of an integer field ultimately into a variable.
>     > >
>     > > <?php
>     > >   $MaxSalesOrders = 'SELECT MAX(orderno) FROM salesorders;';
>     > >   mysql_connect("$HOST", "$USER", "$PASSWD");
>     > >   mysql_select_db("lighting_unlimited");
>     > >   $MaxSalesOrdersResult = mysql_query($MaxSalesOrders);
>     > >   mysql_close();
>     > >   echo var_dump($MaxSalesOrdersResult) . " - " . \
>     > >    $MaxSalesOrdersResult;
>     > > ?>

>     > >
>     > > seems pretty straight forward. In mysqlclient, the answer is
>     of course
>     > > returned - perhaps as a row, I'm never quite sure.

>     > >
>     > > The code above returns the following in a browser...

>     > >
>     > > resource(6) of type (mysql result) - Resource id #6

>     > >
>     > > and I've been trying all sorts of things 'SELECT AS...' and
>     Googled for
>     > > several hours and I'm sort of convinced that what is being
>     returned from
>     > > the sql query is neither an array, nor string and has to be
>     converted
>     > > into a variable that is useful to me.

>     > >
>     > > Anyone know how to do this (i.e. without pear-db)?

>     > >
>     > > Craig

>     > >
>     > mysql_query (and mysqli_query) doesn't actually give you the resuly,
>     > just a pointer to it. Use the mysql_fetch_assoc (returned array
>     indexed
>     > by column name) or mysql_fetch_row (indexed by column order)
>     function to
>     > get that, and see http://us2.php.net/mysql_query for more
>     information.
>     ----
>     yeah that was it. I was sort of looking at that, trying to
>     decipher the
>     api of the software I was working on and then creating my own
>     connections out of the program so I could test bits of code. I'm
>     easily
>     confused I guess.  ;-)

>
>     One thing is certain, I have been spoiled by ruby on rails and php
>     just
>     seems so crude and ugly now.

>
>     Thanks

>
>     Craig

>
>
>     --
>     This message has been scanned for viruses and
>     dangerous content by MailScanner, and is
>     believed to be clean.

>
>     ---------------------------------------------------
>     PLUG-discuss mailing list - 
>     <mailto:PLUG-discuss@lists.plug.phoenix.az.us>
>     To subscribe, unsubscribe, or to change your mail settings:
>     http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

>
>
> ------------------------------------------------------------------------
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss