bravo14 Posted March 8, 2009 Share Posted March 8, 2009 Hii guys the section in the code below that says echo($row['content']); does not display the data from the database <?php include('includes/connect.php'); ?> <?php $sql=('SELECT * FROM `tbl_content` WHERE `page_id` = \'' . $_GET['page_id'] . '\' LIMIT 1'); $result=mysql_query($sql); while($row = mysql_fetch_array($result)) { echo(' <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Project Renovations | '.$row['title'].'</title>'); } ?> <link rel="stylesheet" href="css/template_css.css" type="text/css" /> <link rel="shortcut icon" href="images/favicon.ico" /> </head> <body> <div align="center"> <table align="center" width="600px" bordercolor="#000066" border="2px single" > <tr><td><table> <tr><td valign="top"> <div id="header"> <div id="nav"> <?php include_once('includes/nav_menu.php'); ?> </div> </div> </td> </tr> <tr><td align="right"> </td> <tr> <td><div id="content"> <div> <div id="maintext"> <?php echo($row['content']); ?> </div> <div id="randomgallery"> <?php include "randomimage.php"; ?> </div> </div> </div></td> </tr> </table> </tr></tr></table> </div> </body> </html> Where have I gone wrong? Quote Link to comment Share on other sites More sharing options...
v3nom Posted March 8, 2009 Share Posted March 8, 2009 Try: echo "$row[content]"; Quote Link to comment Share on other sites More sharing options...
opalelement Posted March 8, 2009 Share Posted March 8, 2009 $result=mysql_query($sql); while($row = mysql_fetch_array($result)) { echo(' <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Project Renovations | '.$row['title'].'</title>'); } ?> ... <?php echo($row['content']); ?> Where have I gone wrong? Forgive me if I am seeing this incorrectly, but wouldn't that red } mean that $row[] is no longer the mysql result? Quote Link to comment Share on other sites More sharing options...
Philip Posted March 8, 2009 Share Posted March 8, 2009 Forgive me if I am seeing this incorrectly, but wouldn't that red } mean that $row[] is no longer the mysql result? It would show as the last row --- Try: echo "$row[content]"; It's good practice and correct syntax to have the quotes around the key, otherwise PHP will look for a constant with the name "content" first, then assume you meant with the key name "content" --- @OP: whew, I don't know where to start on this one. A few things I see right off the bat. - No need for the loop if you're just going to limit the query to 1 result. - No need to echo out the entire header of the page, just for the title - There is no attribute for a table with "bordercolor" (use style="...") With that being said, here is the updated code: <?php include('includes/connect.php'); $sql=("SELECT * FROM `tbl_content` WHERE `page_id` = '" . $_GET['page_id'] . "' LIMIT 1"); $result=mysql_query($sql); if(mysql_num_rows($result)==0) { die("Database problems!"); } $row = mysql_fetch_array($result); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Project Renovations | <?php echo $row['title'];?> </title> <link rel="stylesheet" href="css/template_css.css" type="text/css" /> <link rel="shortcut icon" href="images/favicon.ico" /> </head> <body> <div align="center"> <table align="center" width="600px" style="border: 2px solid #000066;" > <tr><td><table> <tr><td valign="top"> <div id="header"> <div id="nav"> <?php include_once('includes/nav_menu.php'); ?> </div> </div> </td> </tr> <tr><td align="right"> </td> <tr> <td><div id="content"> <div> <div id="maintext"> <?php echo($row['content']); ?> </div> <div id="randomgallery"> <?php include "randomimage.php"; ?> </div> </div> </div></td> </tr> </table> </tr></tr></table> </div> </body> </html> Now, if you still aren't getting content, replace echo($row['content']); with: echo '<pre>'; print_r($row); echo '</pre>'; and copy/paste the results here. Quote Link to comment Share on other sites More sharing options...
bravo14 Posted March 8, 2009 Author Share Posted March 8, 2009 I have changed it a couple of times, trying a couple of things <?php include('includes/connect.php'); ?> <?php $sql=('SELECT * FROM `tbl_content` WHERE `page_id` = \'' . $_GET['page_id'] . '\' LIMIT 1'); $result=mysql_query($sql); $row = mysql_fetch_array($result); echo(' <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Project Renovations | '.$row['title'].'</title>'); ?> <link rel="stylesheet" href="css/template_css.css" type="text/css" /> <link rel="shortcut icon" href="images/favicon.ico" /> </head> <body> <div align="center"> <table align="center" width="600px" bordercolor="#000066" border="2px single" > <tr><td><table> <tr><td valign="top"> <div id="header"> <div id="nav"> <?php include_once('includes/nav_menu.php'); ?> </div> </div> </td> </tr> <tr><td align="right"> </td> <tr> <td><div id="content"> <div> <div id="maintext"> <?php echo $row["content"]; ?> </div> <div id="randomgallery"> <?php include "randomimage.php"; ?> </div> </div> </div></td> </tr> </table> </tr></tr></table> </div> </body> </html> the text is still not displaying Quote Link to comment Share on other sites More sharing options...
richard_PHP Posted March 8, 2009 Share Posted March 8, 2009 echo " <!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'> <html xmlns='http://www.w3.org/1999/xhtml'> <head> <title>Project Renovations | ".$row['title']."</title>"; try that Quote Link to comment Share on other sites More sharing options...
richard_PHP Posted March 8, 2009 Share Posted March 8, 2009 wont let me edit but.. try this instead, in place of the already existing echo: echo " <!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'> <html xmlns='http://www.w3.org/1999/xhtml'> <head> <title>Project Renovations | ".$row['title']."</title>"; Quote Link to comment Share on other sites More sharing options...
Philip Posted March 8, 2009 Share Posted March 8, 2009 <?php include('includes/connect.php'); $sql=("SELECT * FROM `tbl_content` WHERE `page_id` = '" . $_GET['page_id'] . "' LIMIT 1"); $result=mysql_query($sql); if(mysql_num_rows($result)==0) { die("Database problems!"); } $row = mysql_fetch_array($result); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Project Renovations | <?php echo $row['title'];?> </title> <link rel="stylesheet" href="css/template_css.css" type="text/css" /> <link rel="shortcut icon" href="images/favicon.ico" /> </head> <body> <div align="center"> <table align="center" width="600px" style="border: 2px solid #000066;" > <tr><td><table> <tr><td valign="top"> <div id="header"> <div id="nav"> <?php include_once('includes/nav_menu.php'); ?> </div> </div> </td> </tr> <tr><td align="right"> </td> <tr> <td><div id="content"> <div> <div id="maintext"> <?php echo($row['content']); ?> </div> <div id="randomgallery"> <?php include "randomimage.php"; ?> </div> </div> </div></td> </tr> </table> </tr></tr></table> </div> </body> </html> Now, if you still aren't getting content, replace echo($row['content']); with: echo '<pre>'; print_r($row); echo '</pre>'; and copy/paste the results here. Quote Link to comment Share on other sites More sharing options...
bravo14 Posted March 8, 2009 Author Share Posted March 8, 2009 This iw aht is in the code <?php include('includes/connect.php'); $sql=("SELECT * FROM `tbl_content` WHERE `page_id` = '" . $_GET['page_id'] . "' LIMIT 1"); $result=mysql_query($sql); if(mysql_num_rows($result)==0) { die("Database problems!"); } $row = mysql_fetch_array($result); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Project Renovations | <?php echo $row['title'];?> </title> <link rel="stylesheet" href="css/template_css.css" type="text/css" /> <link rel="shortcut icon" href="images/favicon.ico" /> </head> <body> <div align="center"> <table align="center" width="600px" style="border: 2px solid #000066;" > <tr><td><table> <tr><td valign="top"> <div id="header"> <div id="nav"> <?php include_once('includes/nav_menu.php'); ?> </div> </div> </td> </tr> <tr><td align="right"> </td> <tr> <td><div id="content"> <div> <div id="maintext"> <?php echo '<pre>'; print_r($row); echo '</pre>'; ?> </div> <div id="randomgallery"> <?php include "randomimage.php"; ?> </div> </div> </div></td> </tr> </table> </tr></tr></table> </div> </body> </html> And I am still getting a blank result Quote Link to comment Share on other sites More sharing options...
redarrow Posted March 8, 2009 Share Posted March 8, 2009 $result=mysql_query($sql)or die(mysql_error()); also echo the query out to make sure it correct. and while($row = mysql_fetch_assoc($result)){ //<<<start loop }// end loop Quote Link to comment Share on other sites More sharing options...
Philip Posted March 8, 2009 Share Posted March 8, 2009 $result=mysql_query($sql)or die(mysql_error()); also echo the query out to make sure it correct. and while($row = mysql_fetch_assoc($result)){ //<<<start loop }// end loop Yeah, add the or die on the query. The while loop is unneeded, as stated before, since you're just limiting to 1 row Quote Link to comment Share on other sites More sharing options...
MadnessRed Posted March 8, 2009 Share Posted March 8, 2009 whoah, $sql=("SELECT * FROM `tbl_content` WHERE `page_id` = '" . $_GET['page_id'] . "' LIMIT 1"); can I ask what happens when someone views the page page.php?page_id=1; DROP TABLE `tbl_content`; SELECT * FROM `tbl_content` WHERE `page_id` = '1' you would be running these queries SELECT * FROM `tbl_content` WHERE `page_id` = '1'; DROP TABLE `tbl_content`; SELECT * FROM `tbl_content` WHERE `page_id` = '1' LIMIT 1 called sql injection $sql=("SELECT * FROM `tbl_content` WHERE `page_id` = '" . mysql_real_escape_string(intval($_GET['page_id'])) . "' LIMIT 1"); if $_GET['page_id'] is not an integer, remove the intval bit. Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted March 8, 2009 Share Posted March 8, 2009 @OP add the following lines error_reporting(E_ALL); ini_set('display_errors', 1); before this line: include('includes/connect.php'); Your code should output something, even if nothing was returned from the query. If you're getting a blank page then it seems there is an error somewhere, and thus nothing is displayed. Adding the lines I suggested above should force PHP to spit errors out if there is a problem. Quote Link to comment Share on other sites More sharing options...
bravo14 Posted March 8, 2009 Author Share Posted March 8, 2009 The site is at www.projectrenovations.co.uk and click on Services or Who Are We, and you will see thre result The menu at the top is pulled using the same query and the title is populqated using the same query. Quote Link to comment Share on other sites More sharing options...
redarrow Posted March 8, 2009 Share Posted March 8, 2009 protect the database look at this example please. <?php $num_or_letter=('1234'); echo "<a href='{$_SERVER['PHP_SELF']}?cmd=$num_or_letter'>link</a>"; if($_GET['cmd']){ if(is_numeric($_GET['cmd'])){ // if using a database then use mysql_real_ecsape_string() $id=(md5($_GET['cmd'])); echo " <br> my id is:\n <br> $id"; }else{ echo "<br> What that going in my database!"; exit; } } ?> ?> Quote Link to comment Share on other sites More sharing options...
redarrow Posted March 8, 2009 Share Posted March 8, 2009 little bit more advance if not a programmer. <?php $num_or_letter=base64_encode('abc'); echo "<a href='{$_SERVER['PHP_SELF']}?cmd=$num_or_letter'>link</a>"; if($_GET['cmd']){ if(is_numeric(base64_decode($_GET['cmd']))){ // if using a database then use mysql_real_escape_string() $id=(md5($_GET['cmd'])); echo " <br> my id is:\n <br> $id"; }else{ echo "<br> What that going in my database!"; exit; } } ?> Quote Link to comment Share on other sites More sharing options...
bravo14 Posted March 9, 2009 Author Share Posted March 9, 2009 I have got it sorted, I had replaced $row[] in the nav menu include silly me Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.