...

View Full Version : PHP/MySQL Question



saikou
05-08-2006, 12:10 AM
I've begun to develop a script using JavaScript/MySQL/PHP. The basic idea is when a user clicks a link a new window opens with relevant information..

On "index.php" there are links formatted as so:



<a href="javascript:box('popup.php?id=1');">Link A</a><br>


The script for this is:



<script>
var newwindow;
function box(url)
{
newwindow=window.open(url,'Info Box','height=400,width=200');
if (window.focus) {newwindow.focus()}
}
</script>


That works. Now onto what doesn't work..

"popup.php" would then take the "?id="s part of the link and use the value to select a row from the mysql table...This is the code I have so far (with help from WebmasterWorld.com)



<?php

$dbhost='localhost';
$dbusername='xxx';
$dbuserpass='xxx';
$dbname='info';

mysql_connect ($dbhost, $dbusername, $dbuserpass);

if (!mysql_select_db($dbname)) die(mysql_error());

$sql = "SELECT * FROM info WHERE id=".mysql_escape_string($_GET["id"])";
$result = mysql_query($query) or die('Error, query failed');
while ($row = mysql_fetch_array($result)) {
echo "<table border='5'>
<tr>
<td>
'.$row['name'].'
</td>
</tr>
<tr>
<td>
'.$row['description'].'
</td>
</tr>
</table>";
}
?>


When you click a link, the box pops up...But it displays nothing and when you go to 'View Page Source' nothing is there.

This is my first script I've tried to create on my own so I'm kind of lost..Here's some info on my server..

PHP = 4.40
Apache = 2.0.54
MySQL = 4.1.14
OS = Windows Server 2003

If any other info is needed just ask.

Regards,
Ken

Kakao
05-08-2006, 12:29 AM
What if you delete the last double quote?


$sql = "SELECT * FROM info WHERE id=".mysql_escape_string($_GET["id"]);

If it does not work echo the sql string:


$sql = "SELECT * FROM info WHERE id=".mysql_escape_string($_GET["id"]);
echo $sql;
exit;

saikou
05-08-2006, 12:36 AM
What if you delete the last double quote?


$sql = "SELECT * FROM info WHERE id=".mysql_escape_string($_GET["id"]);



Change $_GET["id"]); to $_GET['id']); ?



If it does not work echo the sql string:


$sql = "SELECT * FROM info WHERE id=".mysql_escape_string($_GET["id"]);
echo $sql;
exit;


The first suggestion did nothing...The second provided this:



SELECT * FROM info WHERE id=1


It just displayed the sql query...

Could this be the problem?


$sql = "SELECT * FROM info WHERE id=".mysql_escape_string($_GET["id"]); - $sql=" starts the query, then you have id="...Wouldn't that end the query... My thought is that it's actually reading it as this:

$sql = "SELECT * FROM info WHERE id="

Kakao
05-08-2006, 12:51 AM
The code you posted had an extra double quote at the end:


$sql = "SELECT * FROM info WHERE id=".mysql_escape_string($_GET["id"])";



The first suggestion did nothing...The second provided this:

Code:

SELECT * FROM info WHERE id=1


It means the string is correctly built. Now just take the exit comand out and run. If it returns nothing is because there is no id=1 in the table.

saikou
05-08-2006, 01:03 AM
Okay..Should the code be:


<?php

$dbhost='localhost';
$dbusername='xxx';
$dbuserpass='xxx';
$dbname='info';

mysql_connect ($dbhost, $dbusername, $dbuserpass);

if (!mysql_select_db($dbname)) die(mysql_error());

$sql = "SELECT * FROM info WHERE id=".mysql_escape_string($_GET["id"]);
echo $sql;
?>


Or...What? Because even after removing 'exit;' it still displays the query...

Kakao
05-08-2006, 01:07 AM
You can take the echo out. Now use your whole script. The only thing wrong with it was the extra double quote.

saikou
05-08-2006, 01:17 AM
As a precaution I ran this first:



<?php

$dbhost='localhost';
$dbusername='xxx';
$dbuserpass='xxx';
$dbname='info';

mysql_connect ($dbhost, $dbusername, $dbuserpass);

if (!mysql_select_db($dbname)) die(mysql_error());

$sql = "SELECT * FROM info WHERE id=".mysql_escape_string($_GET["id"]);
$result = mysql_query($query) or die('Error, query failed');
echo $result;
?>


Result:


Error, query failed


Then I ran the normal code without the quote and it displayed nothing, with no source as well.

saikou
05-08-2006, 01:40 AM
<?php

$dbhost='localhost';
$dbusername='xxx';
$dbuserpass='xxx';
$dbname='info';

mysql_connect ($dbhost, $dbusername, $dbuserpass);

if (!mysql_select_db($dbname)) die(mysql_error());

$query = "SELECT * FROM info WHERE id=".mysql_escape_string($_GET["id"]);
$result = mysql_query($query) or die('Error, query failed');
echo $result;
?>


Gives me this when ?id= 1,2, or 3



Resource id #3


However if no value is there for ?id= (such as visiting popup.php directly)

I get the "error, query failed" message.

Figured it out!



<?php

$dbhost='localhost';
$dbusername='xxx';
$dbuserpass='xxx';
$dbname='info';

mysql_connect ($dbhost, $dbusername, $dbuserpass);

if (!mysql_select_db($dbname)) die(mysql_error());

$query = "SELECT * FROM info WHERE id=".mysql_escape_string($_GET["id"]);
$result = mysql_query($query) or die('Error, query failed');
while ($row = mysql_fetch_assoc($result)) {
echo $row['id'];
echo $row['name'];
echo $row['description'];
}
?>


Returns the values of the table...Now I just have to format them. Thanks for your help Kakao

saikou
05-08-2006, 02:38 AM
Can you echo an image? o.o...

Like...



echo "<img src='path/to/image/$row['image']'>";


Or how would you do that?



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum