Jump to content

How to get $_GET to work in this manner?


CrashOkami

Recommended Posts

Hello,

 

I'm setting up a page, where I'll dynamically post news. I've gotten the template to work, but now, it's static, as it only gets the last result from the database table.

 

On the index page's slider, if you click on the image, you get to the template. All this works fine, but my problem is that I can't get the $_GET function to work, so it prints the data owned by the clicked item (i.e., the clicked "News_ID").

 

My code in the news.php (template) page is this:

 

<?php
mysql_connect("localhost", "root") or die("Failed to connect.");
mysql_select_db("starblind_database") or die("Failed to find database.");
$query = "SELECT * FROM news WHERE News_ID='$id'";
$result = mysql_query($query) or die("Failed to execute query.");
while($row = mysql_fetch_array($result))
{
	$title = $row["Title"];
	$sdesc = $row["Small_desc"];
	$desc = $row["Description"];
	$author = $row["Author"];
	$id = $_GET["News_ID"];
	$date = $row["Date"];
}
?>

 

Which is on top of the page, above all, since I also want the page's title to be dynamic. But, I get "Undefined variables" for every variable I set in the "While" brackets, save for $id = $_GET["News_ID"];.

 

Can someone help me understand what is the problem? I'm a beginner in Php, and this is a huge project, I'm actually glad I got it this far. Do not necessarily fix the code, but just point me in the right direction - no one is here to do my work for me. What am I doing wrong? Thank you in advance!

Link to comment
Share on other sites

Nevermind, mark this as solved. I was dumb enough to not define the variable atop the SQL code. Translated in code:

 

<?php $id = $_GET["News_ID"]; ?>

<?php
mysql_connect("localhost", "root") or die("Failed to connect.");
mysql_select_db("starblind_database") or die("Failed to find database.");
$query = "SELECT * FROM news WHERE News_ID='$id'";
$result = mysql_query($query) or die("Failed to execute query.");
while($row = mysql_fetch_array($result))
{

	$id = $_GET["News_ID"];
	$title = $row["Title"];
	$sdesc = $row["Small_desc"];
	$author = $row["Author"];
	$desc = $row["Description"];
	$date = $row["Date"];
}
?>

Thanks for stopping by anyway 

Link to comment
Share on other sites

Ok, now that I've got my fill of tunes, here's the answer to your Q:

 

Since you're only expecting 1 result, use LIMIT 1 and use an if... construct instead of a while... loop.

 

Throwing an exit/die if nothing is found will help you debug further.

 

I suspect that your QS param is not called "News_ID", but likely "news_id".  Note that Linux / Apache is case-sensitive.

 

<?php
mysql_connect("localhost", "root") or die("Failed to connect.");
mysql_select_db("starblind_database") or die("Failed to find database.");
        $id = intval($_GET['News_ID']);
$query = "SELECT * 
	FROM `news` 
	WHERE `News_ID`='$id 
	LIMIT 1'";
$result = mysql_query($query) or die("Failed to execute query.");
$row = mysql_fetch_array($result);
if (!$row || empty($row)) {
	die("Article not found ({$id}).");
}
$title = $row["Title"];
$sdesc = $row["Small_desc"];
$desc = $row["Description"];
$author = $row["Author"];
$id = $_GET["News_ID"];
$date = $row["Date"];
?>

Link to comment
Share on other sites

Here, cleaned up a little:


<?php
// Try to get the requested ID
$id = intval($_GET["News_ID"]);
if (!$id) die("No id provided.");

// Try to connect
mysql_connect("localhost", "root") or die("Failed to connect.");
mysql_select_db("starblind_database") or die("Failed to find database.");

-	// Try to get a record
$query = "SELECT * 
	FROM `news` 
	WHERE `News_ID`='$id 
	LIMIT 1'";
$result = mysql_query($query) or die("Failed to execute query.");
$row = mysql_fetch_array($result);
if (!$row || empty($row)) die("Article not found ({$id}).");

// Get data
$title = $row["Title"];
$sdesc = $row["Small_desc"];
$desc = $row["Description"];
$author = $row["Author"];
$date = $row["Date"];
?>

 

Link to comment
Share on other sites

Wow, although I got it to work, thank you for your detailed replies :) I will surely implement your code, since it looks (obviously) more professional than mine, and it looks it can give more/better results on errors, queries etc. Thank you :)

 

PS: The parameter is indeed News_ID, my teacher always told me that it should always be lower-case, but I want everything to look tidy - I'm sure I'll change along the way, though, and use lower-case, as does the rest of the world :P

Link to comment
Share on other sites

PS: The parameter is indeed News_ID, my teacher always told me that it should always be lower-case, but I want everything to look tidy - I'm sure I'll change along the way, though, and use lower-case, as does the rest of the world :P

Sooner or later you are going to be working on a large project and forget which way you capitalized it and run into silly problems.  having one standard methodology will save you from some petty issues in the future.

 

/my ¢¢

Link to comment
Share on other sites

Unless you're working with Microsoft technologies:

 

[*]Always use lowercase urls (including querystring parameters).  Only IIS ignores case, and thus, lowercase has become the convention

[*]Always use lowercase_underscore database entity naming.  Many databases support (and default to) case-insensitivity, but there are some that do not (e.g. older versions of Oracle and Informix).  Additionally, many databases don't support hyphens or spaces in entity names.  Thus, lowercase_underscore is the least-common-denominator.

Link to comment
Share on other sites

Another tip: when writing MySQL queries, always encase entity names in `back-ticks` so that MySQL to prevent any possible conflicts with reserved words.  Of course, even better not to use reserved words in your queries, but also a best-practice to use back-ticks (in MySQL... other databases have their own standards for identifying entity names, such as [brackets]).

Link to comment
Share on other sites

Another tip: unless you have a compelling reason not to do so (like maybe your version of PHP doesn't support it), move away from the old and deprecated mysql extension to mysqli or PDO. In the process, move to prepared statements and gain SQL injection prevention built-in.

Link to comment
Share on other sites

Another tip: when writing MySQL queries, always encase entity names in `back-ticks` so that MySQL to prevent any possible conflicts with reserved words.  Of course, even better not to use reserved words in your queries, but also a best-practice to use back-ticks (in MySQL... other databases have their own standards for identifying entity names, such as [brackets]).

 

Personally I think "always" using back-ticks is a little overkill. If you know that there are reserved words and are vaguely aware of the ones which may conflict with common names for columns, I don't see the need. Just my opinion of course, but I find them awkward to read.

Link to comment
Share on other sites

Personally I think "always" using back-ticks is a little overkill. If you know that there are reserved words and are vaguely aware of the ones which may conflict with common names for columns, I don't see the need. Just my opinion of course, but I find them awkward to read.

Fair enough. 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.