Re: Help with uni project: DBI errors in CGI script

Is there anything in param('Value')? If not, nothing would get displayed. Could there something dangerous in param('Value')? If so, use placeholders. And finally, assuming that 'Value' has a value, is there a row where the specified field exactly matches that value (including spaces, case, etc.) in the database?

Comment on Re: Help with uni project: DBI errors in CGI script

Replies are listed 'Best First'.
Re^2: Help with uni project: DBI errors in CGI script by Anonymous Monk on Mar 16, 2005 at 21:27 UTC
There is a field called name and i have three records with names of stock items. I have tried all of them. Heres the html form im using <HTML> <HEAD><TITLE> Stock Search System </TITLE></HEAD> <BODY> <FORM METHOD="POST" ACTION="/cgi-bin/project2.cgi"> Enter Stock name: <INPUT TYPE=TEXT NAME=Value> <INPUT TYPE="SUBMIT"> </FORM> </BODY> </HTML>	[reply]
Re^3: Help with uni project: DBI errors in CGI script by jZed (Prior) on Mar 16, 2005 at 21:31 UTC
Well, first do what everyone has told you: change @results = $sth->fetchrow_array to @row = $sth->fetchrow_array. What I was suggesting by asking you if there was a param('Value') was that you should check in your script if something was entered in the field before attempting to query the database using the field. Yes, you have a field with that name in your form, but your script so far has no way to tell if the user put anything in that fields before clicking "submit".	[reply]
Re^4: Help with uni project: DBI errors in CGI script by ginda (Initiate) on Mar 16, 2005 at 22:13 UTC
So sorry 2 every1 and thanks at the sametime I left this code $sth->execute($sth); how it was when it should have been like $sth->execute(); now its work fine :)	[reply]