Hey there

I'd appreciate some help with variables please.

I have a search function on a site I'm building and would like to have it so that a user can click on a search result to see more columns from that row on the db, if you see what I mean. The best way seems to be to open a new page on which to display more detail on the chosen search result.

I express it like this

echo '<a href="newpage.php?w=' . $row['value'] . '">' . $r['value'] . '</a>';

That part works fine.

The problem is this - when I click through to the new page, all rows on the db are shown i.e. the search is made, result x is returned, click on x and in newpage.php x y and z (i.e. all rows) are displayed.

How do I structure things so that only x (and any other columns from row x that I choose) are displayed?

I'm thinking that I should be able to limit what it displayed with the SELECT but can't seem to find the right syntax to finish it off properly. Currently I have this on newpage.php

$query = "SELECT * FROM pro_words".$_SESSION['where clause'];  
	 
$result = mysql_query($query) or die(mysql_error());

while($row = mysql_fetch_array($result)){

echo '<center>' . $_GET['w'] . '</center> ';	
echo $row['word'] ;

}

I have defined the $_SESSION on search.php as

$_SESSION['word'] = $row['word']

Is that on the right lines?

I know a little PHP, enough to know where the problem is but not quite enough to solve the problem. I've not found an answer yet after hours of googling!

Any help/guidance/code would be really appreciated.

Thanks in advance.

This is wrong:

$query = "SELECT * FROM pro_words".$_SESSION['where clause'];

this should work:

$query = "SELECT * FROM pro_words WHERE word = ".$_GET['w']; # or $_SESSION['word']

but remember to sanitize data.

Thanks for that.

I get an SQL syntax error around WHERE - any idea what might cause that?

Try with backticks on word:

$query = "SELECT * FROM `pro_words` WHERE `word` = ".$_GET['w'];

Or just try to do a simple query, without $_GET, to see if that works.

There's something wrong with the $_GET since it won't echo (and it does on an earlier iteration) - I'll try and get that sorted and hopefully that will sort it out.

Thanks in the meantime.

try to put ticks around your get variable as well as I assume word in your db is a string.

$variable = '';
$variable = $_GET['w'];
if ($variable != '') {
    $query = "SELECT * FROM `pro_words` WHERE `word` = '".$variable."';
} else {
  echo "NO VARIABLE PASSED IN";
}
// just an example of at least checking for the value of what $_GET['w'] is before executing a query with it.

Ironed out the problem with $_GET that produced the SQL error (my mistake with a misnamed variable).

The original solution now produces this error

Unknown column 'example' in 'where clause'

Any tips on ironing this out? Doesn't seem as if it should be too far off now?

Thanks in advance for any help.

$query = "SELECT * FROM pro_words".$_SESSION['where clause'];

This SESSION perhaps is the problem.

Thanks for the reply.

Sorry, should have made it clearer that the code I am using is now this - the $query you reference would be incorrect.

$query = "SELECT * FROM pro_words WHERE word = " . $_GET['w'];
$result = mysql_query($query) or die(mysql_error());

while($row = mysql_fetch_array($result)){

echo $row['word'];
echo "<br />";

}

that was my next question...
ok, I'm not sure where 'example' is coming from, but I think you need to use 'ticks'
why type of column is 'word' in your database, it is a string, no?
so

$query = "SELECT * FROM pro_words WHERE word = '" . $_GET['w']."';  // add ticks
//the query syntax is expecting a string you have no string defined in your syntax above.

Thanks - I'll try that. 'example' above is just a row on the db.

The column is called word because that column contains a word in a dictionary.

(Yes, it would be a string as entries in column 'word' would all be literal constants).

ddymacek - thanks a lot, really appreciate your help!

This sorted it (your code but there was a missing double quotes).

$query = "SELECT * FROM pro_words WHERE word ='".$_GET['w']."'";

Thanks again - this has been bugging me for a while.

Please close the thread if you are satisfied with the answer.
Thanks.

how do I do that?

don't worry - silly question.

Thanks again!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.