jeeves245 Posted September 16, 2007 Share Posted September 16, 2007 Hi all, i'm new to PHP and SQL, and i've been having some trouble writing a script. A friend told me this is the place to ask, so here I am! Basically I have a form where a user enters their username. After they click submit I want the next page to display their records from the database BASED ON the username they entered. I also want them to be able to submit the form back to update their info, but that can come after I get the first part sorted out. Now don't laugh at my crappy coding! As I said, i'm new to this, and any tips or nudges in the right direction would really be appreciated! Here's what I have so far - <html> <body> <form action="username.php" method="post" name="UsernameSearchForm"> Username: <input type"text" name"ForumUsername"> <INPUT type="submit" name="Update" value="Update"> </form> </body> </html> <?php $db = mysql_connect("localhost", "*******", "*******"); @mysql_select_db("FBI_Order",$db); $ForumUSername=$_GET['ForumUsername']; $query = ("SELECT * FROM FBI_Applications WHERE $ForumUsername='ForumUsername'"); mysql_query($query); $ForumUsername=('ForumUsername'); $Name=('Name'); echo "$ForumUsername"; echo "$Name"; mysql_close(); ?> Link to comment https://forums.phpfreaks.com/topic/69555-sqlphp-and-forms/ Share on other sites More sharing options...
wildteen88 Posted September 16, 2007 Share Posted September 16, 2007 Your html is fine. The problem is to to do with your php code. Line6 is incorrrect: $ForumUSername=$_GET['ForumUsername']; You are using $_GET to retrieve data submitted from your form. However in your html code for the form you use the POST method for submitting the form. You should change $_GET to $_POST. You use $_GET to retrieve data from the url not $_POST The next problem is line8: $query = ("SELECT * FROM FBI_Applications WHERE $ForumUsername='ForumUsername'"); The problem here is with the WHERE clause. You have your fieldname and value round the wrong way. It should be: $query = "SELECT * FROM FBI_Applications WHERE ForumUsername='$ForumUsername'"; Also no need for the parenthesis '(' and ')'. From then onwards the code is completely incorrect. Code with amendments: <?php $db = mysql_connect("localhost", "*******", "*******"); @mysql_select_db("FBI_Order", $db); // I haved added mysql_real_escape_string to the POST variable below to protect against SQL Injection $ForumUSername = mysql_real_escape_string($_POST['ForumUsername']); $query = "SELECT * FROM FBI_Applications WHERE ForumUsername='$ForumUsername'"; $result = mysql_query($query); // check that a result was returned and that there is only 1 match if(mysql_num_rows($result) == 1) { // match found! // Lets get the data from the returned record set: // In order to get data out of a record set we must use one of the // mysql_fetch_* functions (* standing for row, array or assoc) $row = mysql_fetch_assoc($result); // display data stored in the record set echo '<pre>' . print_r($row, true) . '</pre>'; } // No matches returned else { echo 'Sorry user login invalid'; } // You dont have to specify mysql_close at the end of your scripts. // PHP automatically closes the connection at the end of script execition mysql_close(); ?> Link to comment https://forums.phpfreaks.com/topic/69555-sqlphp-and-forms/#findComment-349581 Share on other sites More sharing options...
jeeves245 Posted September 16, 2007 Author Share Posted September 16, 2007 Ah, that makes sense! I wasn't expecting anyone to write the whole thing for me, but thank you! That's fantastic! It works perfectly How would I change it so it only outputs select fields from each record? I.e. if it has 'name' 'phone' and 'email', I only want it to return 'name' and 'phone'? I assume I wouldn't use an array in this case? Or can I use a conditional array? And is there a way to place the returned data into variables then display them in text boxes? Link to comment https://forums.phpfreaks.com/topic/69555-sqlphp-and-forms/#findComment-349756 Share on other sites More sharing options...
wildteen88 Posted September 17, 2007 Share Posted September 17, 2007 If you only want to your query to select data from specific columns within a table then don't use * within the Select clause. Instead list the columns you wish to be returned. So if you only want the name and email columns returned from the FBI_Applications table then use the following as the query: $query = "SELECT name, email FROM FBI_Applications WHERE ForumUsername='$ForumUsername'"; Then use $row['name'] and $row['email'] to retrieve the data (after $row = mysql_fetch_assoc($result); line), eg: if(mysql_num_rows($result) == 1) { // match found! // Lets get the data from the returned record set: // In order to get data out of a record set we must use one of the // mysql_fetch_* functions (* standing for row, array or assoc) $row = mysql_fetch_assoc($result); echo '<h1>Login successful!</h1> <h2>Your details:</h2> <b>Name:</b> ' . $row['name'] . '<br /> <b>Email:</b> ' . $row['email']; } Link to comment https://forums.phpfreaks.com/topic/69555-sqlphp-and-forms/#findComment-349924 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.