Jump to content

Undefined SQL variable


blinks

Recommended Posts

When I run the MySQL queries in the code below in SQLyog, the $pokemon_pos in the "SELECT max(pokemon_pos)" part of the statement is always correct (i.e. alias "x" is correct). Yet when wrapped up in PHP, $newpos, which relies on "x" is always undefined.

 

I'd greatly appreciate any help in troubleshooting this code -

 

$getdeclined="SELECT *
      FROM trade_offers
      WHERE pokemon_trade_id=$_GET[id]";
$declined=mysql_query($getdeclined);
while ($row = mysql_fetch_array($declined)){
$getdecusername="SELECT MAX(pokemon_pos)
                                     FROM (
                                      SELECT pokemon_pos
                                      FROM pokemon_trainer
                                      WHERE pokemon_trainer = '$row[pokemon_trainer]'
                                      UNION
                                      SELECT pokemon_pos 
                                      FROM trade_offers
                                              WHERE pokemon_trainer = '$row[pokemon_trainer]' AND pokemon_trade_id = $_GET[id]
                                             ) AS x";
$decusername=mysql_query($getdecusername);
while($row2 = mysql_fetch_array($decusername)){
          $newpos = $row2['x'];}
          echo $newpos;
          $newpos +=1;
         }
}

Link to comment
Share on other sites

try $_GET['id'] not $_GET[id] ?

 

not good practice to put raw data into an sql statement, pass the value to a local variable first and validate its what you expect it to be.

 

echoing out the sql statement will show you what is being passed to the database, handy when things arent working

Link to comment
Share on other sites

As stated above, this is a security issue.  You should be escaping any user input that goes anywhere near the DB.  You should change your code to look something like:

$id = mysql_real_escape_string($_GET['id']);
$getdeclined="SELECT *
      FROM trade_offers
      WHERE pokemon_trade_id=$id";

 

Change this line to and tell us the exact error message:

$decusername=mysql_query($getdecusername) or die(mysql_error());

Link to comment
Share on other sites

When I run the MySQL queries in the code below in SQLyog, the $pokemon_pos in the "SELECT max(pokemon_pos)" part of the statement is always correct (i.e. alias "x" is correct). Yet when wrapped up in PHP, $newpos, which relies on "x" is always undefined.

 

Look carefully at your query. You have aliased the PSEUDO TABLE as "x" NOT the MAX(pokemon_pos) value.

 

SELECT MAX(pokemon_pos)
FROM ( ... ) AS x

 

probably needs to be:

 

SELECT MAX(pokemon_pos) AS x
FROM ( ... ) AS PT

 

(I put PT as the table alias because, I believe, mySql requires all pseudo-tables to have an alias).

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.