I have used urldecode to receive a member ID from a previous site. The correct ID is being displayed in the URL but I can't fetch information from the database.
<?php
$id = urldecode(trim($_GET['memberID']));
$query = "SELECT * FROM members WHERE memberID = '".$id."'";
if ($result = $db->query($query)) {
while ($row = $result->fetch_assoc()){
printf("%s (%s)\n", $row["memberID"], $row['name']);
}
}
?>
All I get is a blank screen.
change mysql.error() to mysql_error()
$query = "SELECT * FROM members WHERE memberID = '".$id."'";
Related
I try to print the username in members panel.
That means when the member login, I will print to him, for example, "Welcome MEMBER'S NAME".
The problem is, when I use this script to print the member name, it print to me all members from my database:
<?php
$id = #$_GET['id'];
$name = #$_GET['name'];
$select = "SELECT * FROM tblname WHERE id='$id'";
$run = mysqli_query($connect,$select);
while($row = mysqli_fetch_array($run)){
echo $row['name'];
}
?>
Can anyone help?
You should sanitize the $_GET as mysql_real_escape_string($_GET['id']); and instead of looping through the record resource you can use
$select = "SELECT * FROM tblname WHERE id='$id'";
$run = mysqli_query($connect,$select);
$row = mysqli_fetch_array($run);
echo $row['name'];
In the below script I want to fetch data from mysql using a explode function and also a variable within an explode function.
Here's how I want to get
<?php
include ('config.php');
$track = "1,2,3";
$i = 1
$trackcount = explode(",",$track);
$sql = "SELECT * FROM tracks WHERE id='$trackcount['$i']'";
$retval = mysql_query($sql, $conn);
while ($row = mysql_fetch_array($retval, MYSQL_ASSOC))
{
echo "{$row['track_name']}";
}
mysql_free_result($retval);
?>
This is the code
$sql = "SELECT * FROM tracks WHERE id='$trackcount[$i]'";
I want sql to fetch data from tracks table where id = $trackcount[$i]
Whatever the value of $trackcount[$i] mysql should fetch but it shows a blank screen.
If I put this
$sql = "SELECT * FROM tracks WHERE id='$trackcount[1]'";
It works perfectly
save your $trackcount[$i] in one variable and then pass it in the query as given below
<?php
include ('config.php');
$track = "1,2,3";
$i = 1;
$trackcount = explode(",",$track);
$id=$trackcount[$i];
$sql = "SELECT * FROM tracks WHERE id='$id'";
$retval = mysql_query($sql, $conn);
while ($row = mysql_fetch_array($retval, MYSQL_ASSOC))
{
echo "{$row['track_name']}";
}
mysql_free_result($retval);
?>
and one more thing check your previous code with echo of your query and see what is passing ok.
echo $sql = "SELECT * FROM tracks WHERE id='$trackcount['$i']'";//like this
problem is with your query
$sql = "SELECT * FROM tracks WHERE id='$trackcount['$i']'";//change
to
$sql = "SELECT * FROM tracks WHERE id='$trackcount[$i]'";
Generally you would want to use the IN operator with this type of query, so for you this would be:-
$sql="SELECT * FROM `tracks` WHERE `id` in (".$track.");";
or, if the $ids are in an array,
$sql="SELECT * FROM `tracks` WHERE `id` in (".implode( ',', $array ) .");";
<?php
if (!isset($_POST['submitted'])) {//1
// Checs for the ID
if (isset($_GET['id']) && is_numeric($_GET['id'])) {//2
// MySQL Connect
require_once('mysql_connect.php');
$id = mysql_real_escape_string($_GET['id']);
$query = "SELECT id, name FROM websites WHERE id = $id";
$result = mysql_query($query) OR die (mysql_error());
$row = mysql_fetch_array($result, MYSQL_ASSOC);
?>
// ROW WITH THE ERROR
<?php echo $row['name']; ?></strong><br /><?php echo $row['banner']; ?><? echo $row['description'];?>
<?php
} else {
echo '<font color="red">You have to select a server to view</font>';
die();
}
} else {
// MySQL Connect
require_once('mysql_connect.php');
$id = mysql_real_escape_string($_POST['id']);
// Choose the web for votes
$query = "SELECT id, votes FROM websites WHERE id = $id";
$result = mysql_query($query) OR die(mysql_error());
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$votes = $row['votes'];
$url = $row['url'];
$id = $row['id'];
$banner = $row['banner'];
$result = mysql_query($query) OR die(mysql_error());
} // end
?>
All that is printing is the Name, the rest is not being printed.
I'm just wondering where i'm going wrong?
Its supposed to print the Name, Banner, and description from $id.
You never actually select banner and description in your query so they are not available in your resultset.
$query = "SELECT id, name, banner, description FROM websites WHERE id = $id";
You need to specify ALL desired fields that you wish to retrieve in your SQL query:
$query = "SELECT id, name, banner, description FROM websites WHERE id = $id";
Alternatively, use SELECT * FROM websites to retrieve all available rows.
I am creating a function that will retrieve an id number from a table with multiple columns, put it in a variable which i want to use to send as a "claims number" in an email to a claimant and also echo on a confirmation screen. Here's what I have so far.
$sql = "SELECT id FROM warranty_claim where lname=$lname";
$result = mysql_query($sql);
$claim_id = $result;
$result = mysql_fetch_array(mysql_query($sql));
$claim_id = $result['id'];
Supposing you are sure that you will receive 1 row.
$sql = "SELECT id FROM warranty_claim where lname=$lname";
$result = mysql_query($sql);
$c = mysql_fetch_assoc($result);
$claim_id = $c['lname'];
NB*: And get ready for a lecture. Someone is going to tell you that mysql is depracated.
Start using MySQLi or PDO (recommended).
Try :
$sql = "SELECT id FROM warranty_claim where lname=$lname";
$result = mysql_query($sql);
$row = mysql_fetch_row($result);
$claim_id = $row[0];
or
$sql = "SELECT id FROM warranty_claim where lname=$lname";
$result = mysql_query($sql);
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$claim_id = $row['id'];
}
$row = mysql_fetch_array($result);
$claim_id = $row['id'];
please note that you should also check for errors (e.g. if($result === FALSE)). Also, there are other ways to fetch data - I recommend looking at mysql_fetch_array, mysql_fetch_row, mysql_fetch_assoc and mysql_fetch_object
Also, don't rely on the statement always returning exactly one row - make sure that the result is as expected: mysql_num_rows
Give this a try:
$sql = "SELECT id FROM warranty_claim where lname='".$lname."'";
$result = mysql_query($sql);
$objResult = mysql_fetch_array($result);
$claim_id = $objResult['id'];
So I'm trying to fetch data in a many-to-many relationship.
So far I have this, which finds the user:
$user = $_SESSION['user'];
$userID = mysql_query("SELECT * FROM users WHERE user='$user'") or die(mysql_error());
And I know that to echo this information I have to put it in an array like so:
while ($r = mysql_fetch_array($userID)) {
echo $r["0"];
}
This works fine, but when I try to find this variable in another table, I'm not sure what to use as the variable:
$projects = mysql_query("SELECT projects_ID FROM projects_users WHERE users_ID='???'") or die(mysql_error());
I've tried replacing ??? with $userID and $r, but to no avail. I know the code works because it's fine when I put a user ID in manually - where have I gone wrong?
$user = $_SESSION['user'];
$query = mysql_query("SELECT * FROM users WHERE user='".mysql_real_escape_string($user)."' LIMIT 1") or die(mysql_error()); //--note the LIMIT
$result = mysql_fetch_array($query);
$userID = $result[0];
$projects = mysql_query("SELECT projects_ID FROM projects_users WHERE users_ID='$userID'") or die(mysql_error());
Untested, but this should work:
$user = mysql_real_escape_string($_SESSION['user']);
$query = mysql_query("SELECT * FROM users WHERE user='$user'") or die(mysql_error());
$result = mysql_fetch_array($query);
$userID = $result[0];
$projects = mysql_query("SELECT projects_ID FROM projects_users
WHERE users_ID='$userID'") or die(mysql_error());
I your case, you'd need to place $r[0] there.
I think this code is helpful for beginners when you want to get data in array form
we use mysqli instead of mysql to protecting your data from SQL injection.
Before use this code check the database connection first
<?php $tableName='abc';
$qry="select * from $tableName";
$results=mysqli_query($qry);
while($records=mysqli_fetch_array($results))
{
$firstrecord=$records[1];
$secondrecord=$records[2];
}
?>
You can get your projects with one query:
$user = mysql_real_escape_string($_SESSION['user']);
$query = mysql_query("SELECT pu.projects_ID FROM users u
INNER JOIN projects_users pu ON (pu.users_ID = u.users_id)
WHERE u.user='$user'") or die(mysql_error());
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
echo $row['projects_ID'];
}