Jump to content

Understanding code

DanielW

By DanielW
in PHP Coding Help

 Share

Recommended Posts

DanielW Newbie

DanielW

Posted
Posted

HI I've been following a few youtube tutorials and have been playing around with querying databases, 

however I dont really fully understand whats going on, I've tried to seach on the web for an explination to the code but all I seem to find is more code examples without actully knowing whats happening

would someone be able to explain in laymans terms whats happening in this code.

 

sorry for being such a newbie but I like to get to grips and understand how things work

$result = mysql_query("SELECT * FROM car WHERE car_model='$car_id'") or die(mysql_error());
	
$cars = result_to_array($result);
foreach($cars as $car){
$car_p=$car['wheel_id'];

$result = mysql_query("SELECT * FROM wheel WHERE wheel_id='$car_p'") 
	or die(mysql_error());
$car_wheel_details = result_to_array($result);
foreach($car_wheel_details as $car_wheel_detail){ ?>

<div class="wheel_stuff">
<h1><?php echo $car_wheel_detail['wheel_name']; ?></h1>
<div class="plft"><img src="images/<?php echo $car_wheel_detail['wheel_image']; ?>" /></div>
<div class="prt">

<p><strong>Category : </strong><?php echo $car_wheel_detail['wheel_category']; ?></p>
<p><strong>Info : </strong><?php echo $car_wheel_detail['wheel_info']; ?></p>

<div style="clear:both"></div>
</div>

<div style="clear:both"></div>
</div>

 

 

Link to comment
Share on other sites
Jacques1 Prolific Member

Jacques1

Posted
Posted

Hi,

 

I fear you've chosen a very, very bad tutorial. The whole code is just awful and may only be used as an example of what you should not do:

  • The mysql_* functions are obsolete since more than 10 years and will be removed in the future. Do not use them for new projects! Nowadays, we use PDO or MySQLi.
  • There's no security whatsoever. They just throw everything together to see what happens. If this was on an actual server, it would be compromised in a matter of minutes.
  • There's no formatting, and the mixture of PHP and HTML makes this thing absolutely incomprehensible.

I think you should throw this away and not even try to understand it.

 

If you already have tried out databases, wouldn't it make more sense to build upon that and write your own code? I would do this:

  1. Create a test database or use your old one.
  2. Establish a connection to it with PDO. The link above explains how. Or check out this thread.
  3. Make a simple query like SELECT * FROM test.
  4. Fetch the rows and display them. (again check the link).
  5. Now try some variations: Add a WHERE clause, select specific columns, fetch only one row etc.
  6. After this, look at prepared statements as a mechanism to securely pass PHP values to queries. Try this out by passing a value through the URL.
Link to comment
Share on other sites
r3wt Member

r3wt

Posted
Posted 


function getWheelsByCar($car_id) {

	$mysqli = new mysqli("localhost","username","password","databasename");

	$wheel_id = null;

	$stmt = $mysqli->prepare("SELECT wheel_id FROM car WHERE car_model= ?");//initiate prepared statement

	$stmt->bind_param('i',$car_id);//when you bind parameters to a query, i stands for integer, s stands for string, d stands for double

	//the following line asks whether $stmt->execute() is true. i assume its an integer here, but it may be a string.

	if($stmt->execute()) {

		//if it did

		$stmt->bind_result($wheel_id);//bind our result object to a variable

		while($stmt->fetch())

		{

			$wheel_id = $wheel_id;//while fetching the statement, we force writing the result to the variable

		}

		if(!empty($wheel_id))

		{

			//if the wheel id exists, we close the first statement and run the second query.

			$stmt->close();

			$stmt = $mysqli->prepare("SELECT wheel_name,wheel_image,wheel_category,wheel_info FROM wheel WHERE wheel_id= ?");

			$stmt->bind_param('i',$wheel_id);

			if($stmt->execute())

			{

				$_array = array();//setup our result array

				$stmt->bind_result($wheel_name,$wheel_image,$wheel_category,$wheel_info);

				while($stmt->fetch())

				{

					$_array[] = array(

						'wheel_name'=>$wheel_name,

						'wheel_image'=>$wheel_image,

						'wheel_category'=>$wheel_category,

						'wheel_info'=>$wheel_info

					);//write an array with each result rows information

				}

				$stmt->close();

				foreach($_array as $key => $val)

				{

					//output the html/information to the view

					echo

					'

					<div class="wheel_stuff">

					<h1>'.htmlspecialchars($val['wheel_name']).'</h1>

					<div class="plft"><img src="images/'.htmlspecialchars(urlencode($val['wheel_image']).'" /></div>

					<div class="prt">

					<p><strong>Category : </strong>'.htmlspecialchars($val['wheel_category']).'</p>

					<p><strong>Info : </strong>'.htmlspecialchars($val['wheel_info']).'</p>

					<div style="clear:both"></div>

					</div>

					<div style="clear:both"></div>

					</div>

					';

				}

			}

		}

	}

}




//to call the function

getWheelsByCar($car_id);
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.