ben.matthews18 Posted May 20, 2011 Share Posted May 20, 2011 Hi this is what I have set up - SQL tables - Members - memberid - primary key Username Password Orders - Orderid - primary key memberid - foreign key orderno In my sql table there are two members and two orders. 1 order is assigned to 1 member and the other order to the other member. After each member logs in I need to 'echo' that order on the page. I've not been able to write any succesful php code that 'gets' the specific order that is related to the member that has signed in. I would appreciate help on this! Thanks Quote Link to comment Share on other sites More sharing options...
btherl Posted May 20, 2011 Share Posted May 20, 2011 Can you please post the code you have (that isn't working) Quote Link to comment Share on other sites More sharing options...
ben.matthews18 Posted May 20, 2011 Author Share Posted May 20, 2011 Here is the sql i used to create tables - members - CREATE TABLE `members` ( `memberid` int(4) NOT NULL auto_increment, `Username` varchar(65) collate latin1_general_ci NOT NULL, `Password` varchar(65) collate latin1_general_ci NOT NULL, PRIMARY KEY (`memberid`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=1002 ; -- -- Dumping data for table `members` -- INSERT INTO `members` VALUES(1000, 'flour', '1234'); INSERT INTO `members` VALUES(1001, 'xrated', 'password'); orders - CREATE TABLE `Orders` ( `Orderid` int(11) NOT NULL, `Orderno` int(11) NOT NULL, `memberid` int(11) default NULL, PRIMARY KEY (`Orderid`), KEY `memberid` (`memberid`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci; -- -- Dumping data for table `Orders` -- INSERT INTO `Orders` VALUES(1010, 5892584, 1000); INSERT INTO `Orders` VALUES(1011, 1234567, 1001); here is my php code i'm using on the page to get the orders - <?php $host="host"; // Host name $username="user"; // Mysql username $password="password"; // Mysql password $db_name="db_name"; // Database name $tbl_name="Orders"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $Orderid=$_GET['Orderid']; $sql="SELECT * FROM $tbl_name WHERE Orderid='$Orderid'"; $rows=mysql_fetch_array($result); ?> <table width="50%" border="0" align="center" style="margin-top:100px;"> <tr> <td width="23%">Order ID -</td> <td width="77%">Echo Order ID</td> </tr> <tr> <td><? echo $rows['orderid']; ?></td> <td><? echo $rows['orderno']; ?></td> </tr> <tr> <td> </td> <td> </td> </tr> <tr> <td> </td> <td> </td> </tr> </table> <?php mysql_close(); ?> Quote Link to comment Share on other sites More sharing options...
btherl Posted May 20, 2011 Share Posted May 20, 2011 Thanks for posting the code. There is a step missing here: $sql="SELECT * FROM $tbl_name WHERE Orderid='$Orderid'"; $result = mysql_query($sql) or die("Error in $sql: " . mysql_error()); # <--- This line was missing $rows=mysql_fetch_array($result); Also you should ensure that the final version of your code checks that the order id requested really belongs to the user, otherwise anyone can view anyone's order. The other thing you should do before making this public is deal with mysql injection. I can give more info about that if you are interested. Quote Link to comment Share on other sites More sharing options...
ben.matthews18 Posted May 20, 2011 Author Share Posted May 20, 2011 Thanks for the code. Also you should ensure that the final version of your code checks that the order id requested really belongs to the user, otherwise anyone can view anyone's order. that is what i'm trying to do, i've been unable to write a php script that does this.. i'm trying to do that with the script I posted for you. thanks Quote Link to comment Share on other sites More sharing options...
ben.matthews18 Posted May 20, 2011 Author Share Posted May 20, 2011 By the way, i've just tried the code you edited and it doesn't echo anything at all. Quote Link to comment Share on other sites More sharing options...
btherl Posted May 23, 2011 Share Posted May 23, 2011 Do you have a login page where users log in to your site? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.