 |  |  |  |  |  |  |  |
Pull info from MySQL database
Please support our PHP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
 |
I have a database that I want query and pull an users specific details into a "$profile" variable.
the url would be:
"www.website.com/profile.php?id=12345"
Thus, I use the $_REQUEST["id"] to put the id number into a variable and then I query the database using this id number.
The code is below:
For some reason the code keeps on returning the "Profile does not exist..." results, even though I know the profile does exist...
I'm new to PHP/SQL, so what am I doing wrong...?
the url would be:
"www.website.com/profile.php?id=12345"
Thus, I use the $_REQUEST["id"] to put the id number into a variable and then I query the database using this id number.
The code is below:
<?php
/*OPEN THE DATABASE*/
$con = mysql_connect("localhost","user","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
/*PULL INFO FROM URL FOR GENERATION OF PUBLIC PROFILE*/
$idnum=$_REQUEST["id"];
/*PULL INFO FROM THE DATABASE*/
$pullprofile="SELECT * FROM 'accounts' WHERE (idnum = '$idnum')";
if(mysql_query($pullprofile,$con))
{
$profile[]=mysql_fetch_array($pullprofile,$con);
echo "Success loading profile!";
echo "Your id number is ".$profile['idnum'];
}
else
{
echo "Profile does not exist...";
}
/*CLOSE THE DATABASE*/
mysql_close($con);
?>For some reason the code keeps on returning the "Profile does not exist..." results, even though I know the profile does exist...
I'm new to PHP/SQL, so what am I doing wrong...?
•
•
Join Date: Apr 2008
Posts: 297
Reputation: 
Solved Threads: 11
Posting Whiz in Training
PHP Syntax (Toggle Plain Text)
Use this..
•
•
•
•
Originally Posted by redgem 
I have a database that I want query and pull an users specific details into a "$profile" variable.
the url would be:
"www.website.com/profile.php?id=12345"
Thus, I use the $_REQUEST["id"] to put the id number into a variable and then I query the database using this id number.
The code is below:
<?php /*OPEN THE DATABASE*/ $con = mysql_connect("localhost","user","password"); if (!$con) { die('Could not connect: ' . mysql_error()); } /*PULL INFO FROM URL FOR GENERATION OF PUBLIC PROFILE*/ $idnum=$_REQUEST["id"]; /*PULL INFO FROM THE DATABASE*/ $pullprofile="SELECT * FROM 'accounts' WHERE (idnum = '$idnum')"; if(mysql_query($pullprofile,$con)) { $profile[]=mysql_fetch_array($pullprofile,$con); echo "Success loading profile!"; echo "Your id number is ".$profile['idnum']; } else { echo "Profile does not exist..."; } /*CLOSE THE DATABASE*/ mysql_close($con); ?>
For some reason the code keeps on returning the "Profile does not exist..." results, even though I know the profile does exist...
I'm new to PHP/SQL, so what am I doing wrong...?
1. Using a raw id like this may be a bit dangerous. You should md5 it with a 'salt' or something, to protect your data access.
2. Try to avoid
$_REQUEST whenever possible. Use $_GET for url parameters and $_POST for form data (general rule of thumb).3. You need to clean and validate the incoming data (see posts elsewhere).
[/OPTIONAL]
4. Pass the cleaned variable to the query:
PHP Syntax (Toggle Plain Text)
Notice the change in syntax.
5. Run query and check for results:
PHP Syntax (Toggle Plain Text)
$_GET id really is in the DB. I'm not entirely sure but wouldn't
I would rather use something like this:
if(mysql_query($pullprofile,$con)) return true only if the query was accepted not if there was a row result?. That means that your query is generating an error probably due to the fact that you are requesting literally $idnum, use {$idnum} to make sure it goes through not as static but a variable. But that will still only tell you that the code went through, I think.I would rather use something like this:
php Syntax (Toggle Plain Text)
|
Similar Threads
- How do you SELECT multiple tables from mysql ? (PHP)
- href links with variables? (PHP)
- An if statement inside a while statement (PHP)
- mysql search and display data help.... (MySQL)
- PHP MySQL problem (PHP)
- need help setting up a php/mysql search (PHP)
- HTML Form post to PHP? (PHP)
- question about connecting odbc to sql through php script (PHP)
Other Threads in the PHP Forum
- Previous Thread: What is the PHP Script to GET OS Bit Version?
- Next Thread: losing my newlines?
Views: 952 | Replies: 3
| Thread Tools | Search this Thread |
Latest PHP Posts
- Today's Posts
- Unanswered Threads
Related Forum Features
Tag cloud for PHP
.htaccess access ajax apache api array beginner binary broken cakephp checkbox class cms code cron curl database date directory display download dynamic ebooks echo email error file files folder form forms function functions google href htaccess html image include insert integration ip java javascript joomla jquery js limit link login loop mail mediawiki menu methods mlm mod_rewrite multiple mysql oop parse paypal pdf php problem query radio random recursion regex remote script search select server sessions sms soap source space speed sql stored structure subdomain syntax system table tutorial update updates upload url validation validator variable video web xml youtube
