Warning: odbc_connect(): SQL error: [Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified, SQL state IM002 in SQLConnect in D:\Websites\www\Apache\Apache2\htdocs\Korizin\home .php on line 9

Warning: odbc_exec(): supplied argument is not a valid ODBC-Link resource in D:\Websites\www\Apache\Apache2\htdocs\Korizin\home .php on line 11

Warning: odbc_fetch_row(): supplied argument is not a valid ODBC result resource in D:\Websites\www\Apache\Apache2\htdocs\Korizin\home .php on line 14

Warning: odbc_close(): supplied argument is not a valid ODBC-Link resource in D:\Websites\www\Apache\Apache2\htdocs\Korizin\home .php on line 24


I am getting this error on my page. It took me all night to get php working. If anyone would like to help, eitehr answer here or korizin@hotmail.com thx a lot.

You need to either setup an ODBC datasource in windows or pass a full connection string (not sure if you can do a connection string in PHP or not, if you can, it'll be a bog standard ADO one detailing the driver, paths and username).

It would help if you could post the code that is causing the errors

I think it is the DSN which is playing up, i don't know if i am configuring it right.

http://nopaste.php-q.net/25225

www.firepages.com.au

That link qui posted is the fastest way to get php + extras running without a problem

Back to your problem

resource odbc_connect ( string dsn, string user, string password [, int cursor_type])

is the syntax for odbc_connect, the dsn can't be just a path to a database. If you're on XP/2K go into Control Panel / Admin Tools / Data Sources (ODBC) and create a DSN (Data Source Name) to point to your access database, make sure you save it using the wizard thing, and put the name of it in your DSN string as the first parameter to odbc_connect

Yeh i fixed it mate, i had set up the DSN name, my problem was i still had the .mdb extension, once i took that away it was sorted.

The next part of my website i don't know how to code. I need to make a form for title and text for the news page (the page with the code above). Basically it needs to insert it into the database.

Do you have any sites for tutorials of inserting into databases in php? I really ain't too sure how to code that.

Kori

Basically you use raw SQL to insert stuff in, e.g. if your form posts back $title and $story and yuor table was news with fields nTitle and nStory, you'd do

$SQL = "INSERT INTO news (nTitle, nStory) VALUES('".$_POST['title']."', '".$_POST['story']."')";

and then just execute that SQL command. Theres no direct ADO implementation as there is in ASP and Windows apps

Just a question, why do ppl put nTitle etc (im asking bout the n infront of it). is this just a common naming convention or is there more to it?

Do you just open connection to the databse first then insert into it yeh?

From my newbie point of view i would say somthing like this to connect

Config.php
[code:1:a8566a1a57]
$host = "localhost";
$user = "usename";
$db = "dbname";
[/code:1:a8566a1a57]

When you need to connect to the DB
[code:1:a8566a1a57]
// open database connection
$connection = mysql_connect($host, $user) or die ("Unable to connect!");

// select database
mysql_select_db($db) or die ("Unable to select database!");
[/code:1:a8566a1a57]

I may be wrong

I have another problem, i know how to connect to the db, i have that working atm.

I need a Login page, when i login i need it to place a cookie on my machine so that it keeps me lgged in. Also so that on my news page there will be an Edit button, a delete button, and an add news button, but only the logged in user can see these button, i am guessing this will be done by if statements, iim not sure how to do that with php, as you can see i really need a tutorial site that goes through that kind of stuff. The good news is, i have managed to enter stuff into my db and get the news page to display it the way i want it, now i just need to set up the page to enter into the database. :) im quite please with myself so far. if any of you php whizz's want to add me to msn and i will send you what i have done so far in a zip. Much appreciated, Korizin.

The easiest way to do logins would be with sessions (see the section in the php manual on this). The code would go something like this:

[code:1:b10bddd853]
checklogin.php
-----------------
$query = "SELECT * FROM UserTbl WHERE User='".$_POST['User']."' AND Pass='".$_POST['Pass']."'";
$res = doquery($query); // However you're doing this... odbc_query?
if (mysql_num_rows($res) == 0)
{
die("Bad username / password");
}
else
{
$_SESSION['is_logged_in'] = 'Yes';
$_SESSION['user'] = $_POST['User'];
}

news.php
-----------
Usual stuff....

if ($_SESSION['is_logged_in'] == 'Yes')
{
?>
<input type="submit" name="Edit" value="Edit">
<?
}
[/code:1:b10bddd853]

etc etc.

This isn't exactly wonderful code (for example I would usually hash the passwords in the database), and you should make sure you slash all user input, but it should hopefully it will give you an idea :o)

-Sparky

by slashing do you mean strip the slashes etc ?

Well - you addslashes.... so / becomes //.

It means the user can't escape your SQL strings and drop the database...

Sometimes it's turned on in the config so it's done automatically, but sometimes it isn't and you have to do it manually. The command is addslashes.

From my newbie point of view i would say somthing like this to connect

Config.php
[code:1:a336caf56d]
$host = "localhost";
$user = "usename";
$db = "dbname";
[/code:1:a336caf56d]

When you need to connect to the DB
[code:1:a336caf56d]
// open database connection
$connection = mysql_connect($host, $user) or die ("Unable to connect!");

// select database
mysql_select_db($db) or die ("Unable to select database!");
[/code:1:a336caf56d]

I may be wrong

It's probably access, not MYSQL

The lower case letter before column names is a naming convention we use at work, we prefix each field from a database with a unique combination of letters so we know what field we're pulling out

ah right, and yeh it is access as it's only my personal site and i will be the only person logging in. In future i may need to make a site with a table of users and passwords.

So just before i go and do this. is this what i do?

I make a Login.php where i enter my username and password. That info gets directed to a checklogin.php which access the user table and see's if the password is in it. If it is then i get put back to home.php and the edit, delete and add news hyperlinks are now visible?

Sorry bout hassling you all, i only went through the www.w3schools.com php tutorial to get this far.

Thats why i need practice with databases and passwords.

Sparky is right, sessions are best .. you can get more advanced in how you handle sessions with complex table structures, I tend to only use a session ID and hold my own data structure in a database table with any details needed (done for logging purposes in larger systems).

Sessions will use a cookie if they're enabled, if not, they'll exist by adding a sessionid to your URL

So just before i go and do this. is this what i do?

I make a Login.php where i enter my username and password. That info gets directed to a checklogin.php which access the user table and see's if the password is in it. If it is then i get put back to home.php and the edit, delete and add news hyperlinks are now visible?

Sorry bout hassling you all, i only went through the www.w3schools.com php tutorial to get this far.

Thats why i need practice with databases and passwords.

That sounds about right to get it working. After you have it working you should be able to do things like combine login.php / checklogin.php.

I forgot to put in the code that you should call "session_start();" at the top of each file to get sessions to work. After you have called this, basically sessions will allow you to put whatever you want in the $_SESSION[] array, and retrieve it at a later point (even on another page).

It does this usually by setting a GUID (it's a unique string - usually looks like this: a46387fbcb3b3b3bc8373d) in a variable in a cookie. It saves everything in the $_SESSION[] variable into a file on the hard disk of the server with a name like $TEMP/session-a46387fbcb3b3b3bc8373d. Then.... when you call session_start() it fetches the GUID from the cookie (if any) checks for a file with the right name (determined by the GUID) and loads the variables back in if they exist. Hope that makes sense :-/

So.... when they login, you check whether the username and password is right - if it's only one user as you describe then you could hardcode this (i.e. if user == 'Korizin' && pass == 'Tomatoes'). If the user+pass is correct then you set a variable in the $_SESSION[] array. Then... in the files where you want to do special things if the user is logged is.... you can check that they are by seeing if the variable in the $_SESSION[] array is actually set. If it is, then they logged in :o)

-Sparky

I have an author field in my table. I presume that the author of the news post is taken from the session? So whoever is logged in, then it takes there username and enters it into the author fields?

Sounds sensible, except that what you would usually do is have a big user table like this:

[code:1:9a616d249b]
UID User Pass
--- ------- --------
1 Korizin tomato
2 Sparky cabbage
3 DarkOne radish
4 .... etc ...
[/code:1:9a616d249b]

And then your news table you'd put "1" in the author field (i.e. it would be an integer) rather than copying names everywhere (i.e. strings), 'caus that will make your database fat more quickly. (So author would be an integer field rather than a varchar).

-Sparky

And that neatly brings us onto the topic of database normalisation :)

And that neatly brings us onto the topic of database normalisation :)

No swearing :dozey:

Your tutorials page dont work ruddles, pfft :p thought i might be onto sumthin :P

lol, sorry. Still writing it all. Plus all my databse stuff is MySQL, no ODBC stuff.

I want to emphasise security :/ Make sure you use the addslashes() thing on all SQL statements. Never trust input from users (even if you think that only you will be using it, someone might stumble onto it).

What is this secutiry issue and add slashes all about? I don't quite understand.

' and " cause SQL major issues, reason being they're used to create strings, e.g.

INSERT INTO Bob ('My name is BOB")

If you have a " in there, e.g.

INSERT INTO Bob ('My name is "BOB"")

it breaks bittime. So you have to fix it with

INSERT INTO Bob ('My name is \"BOB\"")

Thats one reason anyway. Different SQL platforms expect different types of strings, e.g. mySQL works with ' better, but you have to \' them still. If you don't, user input can possibly be passed into your database to either add dodgy content, delete it, grant access eleswhere or just corrupt everything.