PHP MySQL database query using variable passed in hyperlink query string

Question

printman55 0 Light Poster

13 Years Ago

I need help in using a variable passed in a hyperlink query string to do PHP query of a MySQL database. I want use the variable to query the database and return the unique row field data to display in a table
The hyperlink is:

http://www.site.com/bios.php?pc=ab

After connecting to the database sucessfully do query like this maybe? need help writing code:need help setting guery string into variable

$per = $_GET['pc'];

Need help with query statement

$query = "select name,title,bio,picture from the_table where per=ab";

then use info to print table:

{
 Print "<tr><td class='ParaText' align='left' valign='top'>name</td><td class='ParaText'>".$name."</td><td class='ParaText' align='left' valign='top'>" .$bio."</td></tr>"; 
}

mysql perl php

5 Contributors
17 Replies
555 Views
1 Year Discussion Span
Latest Post 12 Years Ago Latest Post by phpkiller123

six_sic6 0 Light Poster

13 Years Ago

I need help in using a variable passed in a hyperlink query string to do PHP query of a MySQL database. I want use the variable to query the database and return the unique row field data to display in a table
The hyperlink is:
http://www.site.com/bios.php?pc=ab
After connecting to the database sucessfully do query like this maybe? need help writing code:need help setting guery string into variable
$per = $_GET['pc'];
Need help with query statement
$query = "select name,title,bio,picture from the_table where per=ab";
then use info to print table:
{
 Print "<tr><td class='ParaText' align='left' valign='top'>name</td><td class='ParaText'>".$name."</td><td class='ParaText' align='left' valign='top'>" .$bio."</td></tr>"; 
}

Your query should be like this

$per = $_GET['pc'];
$query = "select name,title,bio,picture from the_table where per=".$_GET['pc']."";

phpology 8 Newbie Poster

13 Years Ago

also dont forget to sanitize your database query, else you could be hit by sql injection.

Also as your parameter is not numeric, your query should be something like this

$query = "select name,title,bio,picture from the_table where per = '".mysql_real_escape_string($_GET['pc'])."'";

http://php.net/manual/en/function.mysql-real-escape-string.php

phpology 8 Newbie Poster

13 Years Ago

Try this, i wrote this top of my head so excuse me for errors

$query = "select name,title,bio,picture from the_table where per = '".mysql_real_escape_string($_GET['pc'])."'";

$recordset = mysql_query($query) or die(mysql_error());
$num_rows = mysql_num_rows($recordset);
if($num_rows > 0)
{
while($result = mysql_fetch_array($recordset))
{
echo $result['column_name'];
}
}

phpology 8 Newbie Poster

13 Years Ago

$recordset = mysql_query($query) or die(mysql_error());
$result = mysql_fetch_assoc($recordset))
$num_rows = mysql_num_rows($recordset);
if($num_rows > 0)
{
		echo $result['name'];
		echo $result['title'];
		echo $result['bio'];
		echo $result['picture'];
}

phpology 8 Newbie Poster

13 Years Ago

Yep that should be fine

printman55 commented: very helpful, thanks +1

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

printman55 0 Light Poster · Answer 1 · 2011-02-15T20:36:46+00:00

Many thanks.
Do I need another line of code to define the result or can I just go to the print table row part?

printman55 0 Light Poster · Answer 2 · 2011-02-15T21:22:16+00:00

Thanks for the extra code!
This query is for a distinct row. That is only one row has unique "pc" value in a field.
So would your code also enable me to print the following?:

{
echo $result['name','title','bio','picture'];
}

printman55 0 Light Poster · Answer 3 · 2011-02-15T22:23:02+00:00

Thanks:
Can I also incorporate the field results in a table like this

{
      Print "<tr><td class='ParaText' align='left' valign='top'>name</td><td class='ParaText'>".$name."</td><td class='ParaText' align='left' valign='top'>" .$bio."</td></tr>";
      }

smantscheff 265 Veteran Poster · Answer 4 · 2011-02-15T22:37:38+00:00

You can, if you assign the variables first. And for readablity I think it's easier to integrate the variables in the string (at least if you're using a decent PHP editor with syntax highlighting).

$name = $result['name'];
$bio = $result['bio'];
Print "<tr><td class='ParaText' align='left' valign='top'>name</td><td class='ParaText'>$name</td><td class='ParaText' align='left' valign='top'>$bio</td></tr>";

printman55 0 Light Poster · Answer 5 · 2011-02-15T22:52:11+00:00

Thanks so let me try to put the parts together please review:

$query = "select name,title,bio,picture from the_table where per = '".mysql_real_escape_string($_GET['pc'])."'";
 
      $recordset = mysql_query($query) or die(mysql_error());

      $num_rows = mysql_num_rows($recordset);
   
      if($num_rows > 0)
 
      {
      while($result = mysql_fetch_array($recordset))
       $name = $result['name'];
       $bio = $result['bio'];
      {
      Print "<tr><td class='ParaText' align='left' valign='top'>name</td><td class='ParaText'>$name</td><td class='ParaText' align='left' valign='top'>$bio</td></tr>";
      }

      }

phpology 8 Newbie Poster · Answer 6 · 2011-02-15T23:01:24+00:00

try this:

Print "<tr>
<td class='ParaText' align='left' valign='top'>name</td>
<td class='ParaText'>".$name."</td>
<td class='ParaText' align='left' valign='top'>".$bio."</td>
</tr>";

printman55 0 Light Poster · Answer 7 · 2011-02-16T20:30:06+00:00

Thanks!
So now the code looks like this. Are the two lines of code under the while statement in the right place? Please review

$query = "select name,title,bio,picture from the_table where per =  '".mysql_real_escape_string($_GET['pc'])."'";
   
      $recordset = mysql_query($query) or die(mysql_error());
      $num_rows = mysql_num_rows($recordset);
      if($num_rows > 0)
    
      {
      while($result = mysql_fetch_array($recordset))
      $name = $result['name'];
      $bio = $result['bio'];
      {
      Print "<tr>
      <td class='ParaText' align='left' valign='top'>name</td>
      <td class='ParaText'>".$name."</td>
      <td class='ParaText' align='left' valign='top'>".$bio."</td>
      </tr>";
        }
        }

phpology 8 Newbie Poster · Answer 8 · 2011-02-16T20:55:50+00:00

No it goes above the Print line (line 12).

Are you not testing this code?

printman55 0 Light Poster · Answer 9 · 2011-02-16T21:13:32+00:00

Thanks so it would be like this:

$query = "select name,title,bio,picture from the_table where per = '".mysql_real_escape_string($_GET['pc'])."'";
       $recordset = mysql_query($query) or die(mysql_error());
      $num_rows = mysql_num_rows($recordset);
        if($num_rows > 0)
      {
      while($result = mysql_fetch_array($recordset))
     
        {
        $name = $result['name'];
        $bio = $result['bio'];
      Print "<tr>
      <td class='ParaText' align='left' valign='top'>name</td>
       <td class='ParaText'>".$name."</td>
        <td class='ParaText' align='left' valign='top'>".$bio."</td>
       </tr>";
       }
       }

printman55 0 Light Poster · Answer 10 · 2011-02-16T22:43:08+00:00

printman55 0 Light Poster

13 Years Ago

Many thanks to all!!!

phpology 8 Newbie Poster · Answer 11 · 2011-02-16T22:50:27+00:00

if you are happy with the response, can you rate and mark it answered :-)

phpkiller123 0 Newbie Poster · Answer 12 · 2012-08-25T05:08:54+00:00

How to fetch data from the mysql database with querstring???