Jump to content

PHP & MySQL: Using $_GET['id'] to query matching table id


Recommended Posts

Hey guys having a bit of bother here, I don't understand why my PHP script isn't working.

 

So I will first show the code and then go over the issue I am having:

 

include('select-stock.php');
include('db-affinity/header-main.php'); ?>
<?php $carId = $_GET['id']; ?>
<?php 
try {
$carview = $db->prepare("SELECT Make, Model, Colour, FuelType, Year, Mileage, Bodytype, Doors, Variant, EngineSize, Price, Transmission, PictureRefs, ServiceHistory, PreviousOwners, Options, FourWheelDrive, FullRegistration FROM import WHERE FullRegistration = $carId");
} catch (Exception $e) {
  echo "Error.";
  exit;
}
  $cardata = $carview->fetch(PDO::FETCH_ASSOC)
?>
<div class="container">
  <div class="row">
    <div class="col-md-12 col-sm-12">
    <?php echo "$carId"; ?>
    <?php echo mysql_errno($carview) ?>
    <?php echo '<ul class="overwrite-btstrp-ul other-specs-ul h4-style">
   <li>Mileage: '.number_format($cardata["Mileage"]).'</li>
   <li>Engine size: '.$cardata["EngineSize"].'cc</li>
 </ul>'
 ?>
    </div>
  </div>
</div>
<?php include('db-affinity/footer.php') ?>

So basically what I am trying to achieve from this code is giving my page dynamic content based on if the the ?id= of a URL matches a row of my 'FullRegistration' column.

 

So for example if I have a URL like this "www.cars.com/carview.php?id=NG61CWJ" I then want my script check if there is a row that has that value in the 'FullRegistration' column of my table and then echo out the results of certain columns of that row like this example currently in my code:

<?php echo '<ul class="overwrite-btstrp-ul other-specs-ul h4-style">
   <li>Mileage: '.number_format($cardata["Mileage"]).'</li>
   <li>Engine size: '.$cardata["EngineSize"].'cc</li>
 </ul>'
 ?>

In theory 

FROM import WHERE FullRegistration = $carId

should make this happen however for some reason on my server when I use the script above I get nil results returned instead of the results of the row that matches the GET id I get:

 

  • Mileage: 0
  • Engine size: cc

I am aware my code is insecure at the moment however it isn't an issue at this moment in time.

 

Any ideas why I might be getting nil results returned, my other queries to this table have worked flawlessly however I am having bother with this one, can you see anything in this code that might cause this issue?

 

Here is the database connection file that is included at the top of the code block just in case this could be a bit of a problem:

 

<?php
include('database.php');
try {
  $results = $db->query("SELECT Make, Model, Colour, FuelType, Year, Mileage, Bodytype, Doors, Variant, EngineSize, Price, Transmission, PictureRefs, ServiceHistory, PreviousOwners, Options, FourWheelDrive, FullRegistration FROM import ORDER BY Make ASC");
} catch (Exception $e) {
  echo "Error.";
  exit;
}
///carousel-vehicle results
try {
  $fourresults = $db->query("SELECT Make, Model, Colour, FuelType, Year, Mileage, Bodytype, Doors, Variant, EngineSize, Price, Transmission, PictureRefs, ServiceHistory, PreviousOwners, Options, FourWheelDrive FROM import ORDER BY Make LIMIT 0, 4");
} catch (Exception $e) {
  echo "Error.";
  exit;
}


try {
  $fourresultsone = $db->query("SELECT Make, Model, Colour, FuelType, Year, Mileage, Bodytype, Doors, Variant, EngineSize, Price, Transmission, PictureRefs, ServiceHistory, PreviousOwners, Options, FourWheelDrive FROM import ORDER BY Make LIMIT 4, 4");
} catch (Exception $e) {
  echo "Error.";
  exit;
}


try {
  $fourresultstwo = $db->query("SELECT Make, Model, Colour, FuelType, Year, Mileage, Bodytype, Doors, Variant, EngineSize, Price, Transmission, PictureRefs, ServiceHistory, PreviousOwners, Options, FourWheelDrive FROM import ORDER BY Make LIMIT 8, 4");
} catch (Exception $e) {
  echo "Error.";
  exit;
}


try {
  $makeFilter = $db->query("SELECT DISTINCT Make FROM import ORDER BY Make ASC");
} catch (Exception $e) {
  echo "Error.";
  exit;
}


try {
  $modelFilter = $db->query("SELECT DISTINCT Model FROM import ORDER BY Make ASC");
} catch (Exception $e) {
  echo "Error.";
  exit;
}
?>

All of these queries are working flawlessly on the live site so the db connection is obviously working.

 

your use of a prepared query is incorrect. you do not put the value/variable directly into the sql statement, you put a place-holder into the sql statement where the value belongs and bind the value/variable to that place-holder.

 

you are also not running the query that you are preparing.

 

i recommend that you read the relevant sections of the php.net documentation as it shows working examples.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.