OK, this works for me but if no match is found in the four fields I get an error. I would like $formpmid to equal "1" if no match is found. any help would be great. I'm ob a sql noob. -Ted

Any other comments on the code would be great also.


////////////////////////////////////////////////
if ($normalanswer1 == ''){
$formpmid = "1"; }
else {
$result = $DB_site->query("SELECT userid
FROM " . TABLE_PREFIX . "userfield
WHERE (field19 = '$normalanswer1') OR (field26 = '$normalanswer1') OR (field15 = '$normalanswer1') OR (field25 = '$normalanswer1')");
while ($usersid = $DB_site->fetch_array($result))
{
$formpmid = $usersid['userid'];
}
}
//////////////////////////////////////////////////

$formpmid = 1;
if ($normalanswer1 != ''){
$result = $DB_site->query("SELECT userid
FROM " . TABLE_PREFIX . "userfield
WHERE (field19 = '$normalanswer1') OR (field26 = '$normalanswer1') OR (field15 = '$normalanswer1') OR (field25 = '$normalanswer1')");
while ($usersid = $DB_site->fetch_array($result))
{
$formpmid = $usersid['userid'];
}
}

Something like this i guess. But you don't say what error you are getting.

Thanks! works perfect. I geuass when no match was found in the db the code didn't know how to handle it. much tanx. -Ted

You should be aware that you have a dangerous SQL injection problem. You need to wrap all of the variables in the query with addslashes().

http://www.php.net/addslashes

Like this??

$formpmid = 1;
if ($normalanswer1 != ''){
$result = $DB_site->query("SELECT userid
FROM " . TABLE_PREFIX . "userfield
WHERE (field19 = '" . addslashes($normalanswer1) . "')
OR (field26 = '" . addslashes($normalanswer1) . "')
OR (field15 = '" . addslashes($normalanswer1) . "')
OR (field25 = '" . addslashes($normalanswer1) . "')");
while ($usersid = $DB_site->fetch_array($result))
{
$formpmid = $usersid['userid'];
}
}

Yes, that's correct. :)

BTW, the parenthesis in the query aren't necessary, although they don't hurt either.

thanks for the input.