Jump to content

urgent help needed for select query using phpmysql

sulkhanz

By sulkhanz
in Applications

 Share

Recommended Posts

sulkhanz Newbie

sulkhanz

Posted
Posted

Urgent help needed. i am a newbie, and starting to have a headache with this problem,

i am using form to enter firstname so that all the details of that person can be pulled.

 

where am i doing it wrong?

its showing me the headings of firstname, lastname, and age but no data in it. when data is actually available in database.

 

 

databasename=testdb

table name = persons1

 

please check both of my files below.

 

1) Pullform.html

<html>

<body>

 

<form action="get1.php" method="post">

<strong>last:</strong>

<input type="text" name="Firstname" />

 

<input type="submit" name="submit" value="Check employee" />

</form>

 

</body>

</html>

 

 

2) get1.php

 

<?php

$con = mysql_connect("localhost","root","");

if (!$con)

  {

  die('Could not connect: ' . mysql_error());

  }

 

mysql_select_db("testdb", $con);

  // by just adding ORDER By, i could fetch info in alphabetical order.

$sql = ("SELECT * FROM persons1 WHERE Firstname='$Firstname'");

$result = mysql_query($sql);

echo "<table border='1'>

<tr>

<th>Firstname</th>

<th>Lastname</th>

<th>Age</th>

</tr>";

 

while($row = mysql_fetch_array($result))

  {

  echo "<tr>";

  echo "<td>" . $row['Firstname'] . "</td>";

  echo "<td>" . $row['Lastname'] . "</td>";

  echo "<td>" . $row['Age'] . "</td>";

  echo "</tr>";

  }

echo "</table>";

 

mysql_close($con);

?>

Link to comment
Share on other sites
Mark Baker Member

Mark Baker

Posted
Posted

You're submitting the form using the post method, so the data passed through to get1.php is in the $_POST array.

The content of your <input type="text" name="Firstname" /> isn't in $Firstname (unless you have register globals on, which isn't advised because it's insecure), it's in $_POST['Firstname'].

 

You should also be escaping data passed through from a form before using it in a SQL query. Not only does this handle certain characters such as quotation marks in the input field, but also helps prevent SQL injection, so it's a good habit to get into.

 

 

 

 

Link to comment
Share on other sites
sulkhanz Newbie

sulkhanz

Posted
  • Author
Posted

You're submitting the form using the post method, so the data passed through to get1.php is in the $_POST array.

The content of your <input type="text" name="Firstname" /> isn't in $Firstname (unless you have register globals on, which isn't advised because it's insecure), it's in $_POST['Firstname'].

 

You should also be escaping data passed through from a form before using it in a SQL query. Not only does this handle certain characters such as quotation marks in the input field, but also helps prevent SQL injection, so it's a good habit to get into.

 

Thanks, so, should i replace $Firstname with $_POST['Firstname'] ? in my get1.php?

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.