subhomoy Posted January 13, 2013 Share Posted January 13, 2013 Hii I am trying to use the id of each student in the next page where it will be called to see their details... The code is shown below... <?php include('header.php'); ?> <div id="content"> <h1>Members</h1> <center><table width="550px"; class="table" cellspacing="10px" cellpadding="10px"> <tr> <td class="border">SL</td> <td class="border">Course Id</td> <td class="border">First Name</td> <td class="border">Last Name</td> <td class="border">Email</td> </tr> <?php $sl =1; $sql="SELECT student_id, course_id, student_fname, student_lname, student_email FROM student"; $result=mysql_query($sql); while($row=mysql_fetch_array($result)){ ?> <tr> <td class="border"><?php echo $sl; ?></td> <td class="border"><?php echo $row['course_id']; ?></td> <td class="border"><?php echo $row['student_fname']; ?></td> <td class="border"><?php echo $row['student_lname']; ?></td> <td class="border"><?php echo $row['student_email']; ?></td> <td class="border">[b][color=#ff0000]<a href="members_details.php?uid=<?php echo $row['student_id'];?>[/color][/b]">User Details</a></td> </tr> <?php $sl++; } ?> </table></center> </div> </div> </div> <?php include('footer.php'); ?> </body> </html> And the code where i want to show is <?php include('header.php'); ?> <?php [color=#ff0000][b]$uid=$_REQUEST['uid'];[/b][/color] $sql="SELECT * FROM student WHERE student_id='$uid'"; $result=mysql_query($result); while($row=mysql_fetch_array($result)){ ?> <div id="content"> <h1>Members</h1> <center><table width="550px"; class="table" cellspacing="10px" cellpadding="10px"> <tr> <td>First Name:</td> <td></td> </tr> <tr> <td>Last Name:</td> <td></td> </tr> <tr> <td>Email Id:</td> <td></td> </tr> <tr> <td>Phone No:</td> <td></td> </tr> <tr> <td>Gender</td> <td></td> </tr> <tr> <td>D.O.B</td> <td></td> </tr> <tr> <td>College:</td> <td></td> </tr> <tr> <td>State:</td> <td></td> </tr> <tr> <td>City:</td> <td></td> </tr> <tr> <td>Country:</td> <td></td> </tr> <tr> <td>Zip:</td> <td></td> </tr> </table></center> <?php } ?> </div> </div> </div> <?php include('footer.php'); ?> </body> </html> Where each blank <td></td> will be filled with their details queried from database... Plz help me out... Link to comment https://forums.phpfreaks.com/topic/273089-plz-help-anyone/ Share on other sites More sharing options...
oaass Posted January 13, 2013 Share Posted January 13, 2013 You will use the same approach as the first code block you posted <td><?php echo $row['student_fname']; ?></td> As a side note. Your code is as open for SQL injection as it can be. You should sanitize your $uid with mysql_real_escape_string before passing the variable to the query Link to comment https://forums.phpfreaks.com/topic/273089-plz-help-anyone/#findComment-1405316 Share on other sites More sharing options...
Christian F. Posted January 13, 2013 Share Posted January 13, 2013 Actually, that depends upon what type of data is contained in the ID. If it's a numerical value, then you should type cast it (to int, most likely) and remove the single quotes around it in the SQL query. However, if it is indeed a string, then you should be using real_escape_string () on it. Link to comment https://forums.phpfreaks.com/topic/273089-plz-help-anyone/#findComment-1405322 Share on other sites More sharing options...
subhomoy Posted January 14, 2013 Author Share Posted January 14, 2013 Thanks guysss it worked... Link to comment https://forums.phpfreaks.com/topic/273089-plz-help-anyone/#findComment-1405467 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.