0

hi ,
please can any body help me. i am making a website so i am using the combination of mysql and php.there is a error in fetching the field from url.i have made a hypertext as C LANGUAGE and behind this url is
<a href="indexblank.php?course=C LANGUAGE">C language</a>
now on page indexblank.php i am retrieving data from mysql data base so my lines of code are:
<?php
$connection=mysql_connect('localhost',"a","aaa") or die(mysql_error());
$db='a';
mysql_select_db('a') or die (mysql_error());
//echo 'connection a successful';?>

<?php
$c=$_get;
$query="select * from ittraining where course like ' $c'";
$result=mysql_query($query) or die (mysql_error());
if($row = mysql_fetch_array($result))
{echo $row . " " ;
echo $row . " " ;
echo $row . " " ;
echo $row . " " ;
}
else
{
mysql_error();
mysql_free_result($result);
}
?>
now the prob here is that it is saying undefined variable at line where $c=$_get is written that is in declaring the variable.so,kindly remove my error and help me out if any body can.i will be really thankful to you.

Edited by ssana: n/a

3
Contributors
8
Replies
9
Views
7 Years
Discussion Span
Last Post by ssana
0

Always use code tags:

<?php
$connection=mysql_connect('localhost',"a","aaa") or die(mysql_error());
$db='a';
mysql_select_db('a') or die (mysql_error());
//echo 'connection a successful';?>

<?php
$c=$_get['course'];
$query="select * from ittraining where course like ' $c'";
$result=mysql_query($query) or die (mysql_error());
if($row = mysql_fetch_array($result))
{echo $row['course'] . " " ;
echo $row['content'] . " " ;
echo $row['clink'] . " " ;
echo $row['fees'] . " " ;
}
else
{
mysql_error();
mysql_free_result($result);
}
?>

>> Line 7 - You added a extra <?php, which is not needed. This probably causes the error

>> Line 8 - It is better when you use $c = $_GET. Also, when retrieving variables from the url it is safer to first remove any harmful content: $c = addslashes(htmlentities($_GET['course'])); Also make sure there is a variable named course in the url, and if not, you use a default value:

if (isset($_GET['course'])) {
$c = addslashes(htmlentities($_GET['course']));
} else {
$c = 1;
}

~G

0

Graphix is right, also you should consider using URL encoding on your URL I.E

indexblank.php?course=C LANGUAGE

Should become

indexblank.php?course=C+LANGUAGE
0

tell me one thing more.that is
if (isset($_GET)) {
$c = addslashes(htmlentities($_GET));
} else {
$c = 1;
}
that is i will add these lines of code but should i write the sqlquery in this if else clause or like before.

0

It should be on the top of the script. It just simply makes sure that there is a value for "c". The sql-query should be after it. Example:

<?php
$connection=mysql_connect('localhost',"a","aaa") or die(mysql_error());
$db='a';
mysql_select_db('a') or die (mysql_error());
//echo 'connection a successful';?>

if (isset($_GET['course'])) {
$c = addslashes(htmlentities($_GET['course']));
} else {
$c = 1;
}
$query="select * from ittraining where course like ' $c'";
$result=mysql_query($query) or die (mysql_error());
if($row = mysql_fetch_array($result))
{echo $row['course'] . " " ;
echo $row['content'] . " " ;
echo $row['clink'] . " " ;
echo $row['fees'] . " " ;
}
else
{
mysql_error();
mysql_free_result($result);
}
?>

Also, you need to change the $c into whatever you want as default, I don't know wether you use strings as the primary key of ittraining or auto-incremented numbers.

~G

0

thankyou sir. i have done it in the same way as you are telling me and using a string as a primary key which is namely "course".now when i have implied your piece of code the error of undefined variable has removed but it is still not showing me any result although the rows has been inserted in the data base.

0

I think you misinterpeted me:

With auto-incremented numbers I mean:

CREATE TABLE ittraining (
.... The other columns
course INT(9) AUTO_INCREMENT NOT NULL,
PRIMARY KEY(course) )

And with strings I mean

CREATE TABLE ittraining (
.... The other columns
course CHAR(255) NOT NULL,
PRIMARY KEY(course) )

So when there is not an value set in the url:

mypage.php

A default value for $c is used, of which I don't know wether it should be a string or a number so I used 1 as value.

And when there is set a value in the url:

mypage.php?course=35

That value is used for the query.

~G

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.