aikijohn Posted November 9, 2013 Share Posted November 9, 2013 Hey all, Been a while since ive coded php and am stuck already. Here is the issue, i have a list being made from the database using id as the identifier. so the link being rendered is client.php?id=1 etc. im trying to use this info to populate the page it directs too using the folowing add on script: <? $lin = mysqli_connect("*","*","*!","*") or die("Error 1 " . mysqli_error($lin)); //consultation: $query = "SELECT * FROM Clients WHERE ID=$id " or die("Error 2 in the consult.." . mysqli_error($lin)); //execute the query. $result = mysqli_query($lin, $query); while($row = mysqli_fetch_array($result)) { $name = $row['1']; $address = $row['2']; $city = $row['3']; $postcode = $row['4']; $phone = $row['5']; $email = $row['6']; } ?> Problem is this isnt working and i have no idea why Can anyone help? Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted November 9, 2013 Share Posted November 9, 2013 If the id is from the url then you need to use $_GET['id'] not $id Quote Link to comment Share on other sites More sharing options...
aikijohn Posted November 9, 2013 Author Share Posted November 9, 2013 (edited) Hey Ch0cu3r, thank you for the reply, i updated it to this: $query = "SELECT * FROM Clients WHERE ID=$_GET['id'] " or die("Error 2 in the consult.." . mysqli_error($lin)); however now the page no longer loads up? in dreamweaver its telling me i have a syntax error on that line too? Edited November 9, 2013 by aikijohn Quote Link to comment Share on other sites More sharing options...
aikijohn Posted November 10, 2013 Author Share Posted November 10, 2013 (edited) additionally, if i take the ' out of the ['id'] then the syntax error goes away but the page no longer loads EDIT: Fixed the issue Edited November 10, 2013 by aikijohn Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted November 10, 2013 Share Posted November 10, 2013 So...the issue is fixed? If so, could you make the thread as solved. For what it's worth, when having a variable like $_GET['id'] work in a double quoted string you can surround the variable with curly brackets: <?php $query = "SELECT * FROM Clients WHERE ID={$_GET['id']} " ?> Also note that using information from untrusted sources, like the GET variable, without any kind of validations will open your query up for SQL injection attacks. Assuming the ID is a number you could make sure it is with the ctype_digit() function: http://us1.php.net/ctype_digit Quote Link to comment Share on other sites More sharing options...
aikijohn Posted November 10, 2013 Author Share Posted November 10, 2013 i certainly will, can you guide me how too though lol as i cant seem to find anything to allow me to mark it as answered Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted November 10, 2013 Share Posted November 10, 2013 i certainly will, can you guide me how too though lol as i cant seem to find anything to allow me to mark it as answered There are button under each response to the right. For the response which most closely answers your question, click the one that says "Mark Solved". Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.