Member Avatar for Eric_28

I want to create a php function that i can use to get a particular user details and display the info gotten in my ProfileActivity when a user profile is been clicked in my app. so i wrote this php code to get user details from my database but when i run the code nothing is returned in my browser. please what could be causing this?

<?php
require("config.php");

function getdetails($id)
{
    $array = array();
    $q = mysql_query("SELECT * FROM 'users' WHERE 'id'=".$id);
    while($r = mysql_fetch_assoc($q))
    {
         $array['id'] =  $r['id'];
         $array['name'] =  $r['name'];
    }
    return $array;
}

function getId($name)
{
    $q = mysql_query("SELECT 'id' FROM 'users' WHERE 'name'=".$name);
    while($r = mysql_fetch_assoc($q))
    {
        return $r['id'];
    }

}   

?>
Edited by happygeek because: moved
  • 2 Contributors
  • 2 Replies
  • 500 Views
  • 3 Hours Discussion Span
  • Latest Post Latest Post by AndrisP

Recommended Answers

All 2 Replies

Member Avatar for AndrisP

Table name and column name in MySQL query string should be without quotes or you can use backticks.

Edited by AndrisP
Member Avatar for AndrisP

But string variable value should be in quotes

$q = mysql_query("SELECT `id` FROM `users` WHERE `name`='".$name."'");

this also is not good solution - use prepared statement to prevent from SQL injection

$stmt = mysqli_prepare($link, "SELECT `id` FROM `users` WHERE `name`=?");

and then bind variables, execute statement and fetch result

mysqli_stmt_bind_param($stmt, "s", $name);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $id);
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
Edited by AndrisP
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.