Jump to content

SQL/PHP and Forms

jeeves245

By jeeves245
in MySQL Help

 Share

Recommended Posts

jeeves245 Member

jeeves245

Posted
Posted

Hi all,

 

i'm new to PHP and SQL, and i've been having some trouble writing a script. A friend told me this is the place to ask, so here I am!

 

Basically I have a form where a user enters their username. After they click submit I want the next page to display their records from the database BASED ON the username they entered. I also want them to be able to submit the form back to update their info, but that can come after I get the first part sorted out.

 

Now don't laugh at my crappy coding! :P As I said, i'm new to this, and any tips or nudges in the right direction would really be appreciated!

 

Here's what I have so far -

 

<html>
<body>
	<form action="username.php" method="post" name="UsernameSearchForm">
		Username: <input type"text" name"ForumUsername">
				  <INPUT type="submit" name="Update" value="Update">
	</form>
</body>
</html>

 

<?php

$db = mysql_connect("localhost", "*******", "*******");
@mysql_select_db("FBI_Order",$db);

$ForumUSername=$_GET['ForumUsername'];

$query = ("SELECT * FROM FBI_Applications WHERE $ForumUsername='ForumUsername'");
mysql_query($query);


$ForumUsername=('ForumUsername');
$Name=('Name');

echo "$ForumUsername";
echo "$Name";

mysql_close();

?>

Link to comment
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted

Your html is fine. The problem is to to do with your php code.

 

Line6 is incorrrect:

$ForumUSername=$_GET['ForumUsername'];

You are using $_GET to retrieve data submitted from your form. However in your html code for the form you use the POST method for submitting the form. You should change $_GET to $_POST. You use $_GET to retrieve data from the url not $_POST

 

The next problem is line8:

$query = ("SELECT * FROM FBI_Applications WHERE $ForumUsername='ForumUsername'");

The problem here is with the WHERE clause. You have your fieldname and value round the wrong way. It should be:

$query = "SELECT * FROM FBI_Applications WHERE ForumUsername='$ForumUsername'";

Also no need for the parenthesis '(' and ')'.

 

From then onwards the code is completely incorrect. Code with amendments:

<?php

$db = mysql_connect("localhost", "*******", "*******");
@mysql_select_db("FBI_Order", $db);

// I haved added mysql_real_escape_string to the POST variable below to protect against SQL Injection
$ForumUSername = mysql_real_escape_string($_POST['ForumUsername']);

$query  = "SELECT * FROM FBI_Applications WHERE ForumUsername='$ForumUsername'";
$result = mysql_query($query);

// check that a result was returned and that there is only 1 match
if(mysql_num_rows($result) == 1)
{
    // match found!
    // Lets get the data from the returned record set:
    // In order to get data out of a record set we must use one of the 
    // mysql_fetch_* functions (* standing for row, array or assoc)
    $row = mysql_fetch_assoc($result);

    // display data stored in the record set
    echo '<pre>' . print_r($row, true) . '</pre>';
}
// No matches returned
else
{
   echo 'Sorry user login invalid';
}

// You dont have to specify mysql_close at the end of your scripts.
// PHP automatically closes the connection at the end of script execition
mysql_close();

?>

Link to comment
Share on other sites
jeeves245 Member

jeeves245

Posted
  • Author
Posted

Ah, that makes sense! I wasn't expecting anyone to write the whole thing for me, but thank you! That's fantastic!  :D

 

It works perfectly ;)

 

How would I change it so it only outputs select fields from each record? I.e. if it has 'name' 'phone' and 'email', I only want it to return 'name' and 'phone'? I assume I wouldn't use an array in this case? Or can I use a conditional array? And is there a way to place the returned data into variables then display them in text boxes?

Link to comment
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted

If you only want to your query to select data from specific columns within a table then don't use * within the Select clause. Instead list the columns you wish to be returned. So if you only want the name and email columns returned from the FBI_Applications table then use the following as the query:

$query  = "SELECT name, email FROM FBI_Applications WHERE ForumUsername='$ForumUsername'";

 

Then use $row['name'] and $row['email'] to retrieve the data (after $row = mysql_fetch_assoc($result); line), eg:

if(mysql_num_rows($result) == 1)
{
    // match found!
    // Lets get the data from the returned record set:
    // In order to get data out of a record set we must use one of the 
    // mysql_fetch_* functions (* standing for row, array or assoc)
    $row = mysql_fetch_assoc($result);

    echo '<h1>Login successful!</h1>

<h2>Your details:</h2>
<b>Name:</b> ' . $row['name'] . '<br />
<b>Email:</b> ' . $row['email'];
}

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.