I'm working on a project, and I want the following to happen: A client signs up and posts a listing (this part has been coded and works properly). A contributor then signs up and accesses the listing page, which populates a list of listing from a database (this part has been coded and works properly). Now, this is that part that I haven't figured out yet. A contributor should be able to click on one of the generated links and be taken to a page with that listing's title, description, etc. The index of listings is located on listings.php, and when an individual listing is clicked, its data should be displayed on the page listings.php?id=[whatever]. How do I do that? I got the url to point to a page with the above format based on a listingId stored in the database, but it doesn't do anything when it's clicked on. Any help is greatly appreciated.
if( isset( $_GET["id"] ) { // Get the ID and set it as a variable $id = $_GET["id"]; // *** No idea if the next if statement will work, never used 'is_numeric' before *** \\ // Just an extra check ... Is the ID numeric? if( is_numeric( $id ) ) { // Send off the id to get all the info from the database $lookup = mysql_query( "SELECT data1,data2,data3 FROM `table` WHERE `id`='".$id."'" ); // Dump it into an array $row = mysql_fetch_array( $lookup ) ) // Echo it all out echo "Data 1: ".$row[ "data1" ]."<br />"; echo "Data 2: ".$row[ "data2" ]."<br />"; echo "Data 3: ".$row[ "data3" ]; } else { echo "Trying to hax, eh?"; } } PHP: I would highly suggest putting $id through a 'Clean' function to remove any unwanted injections you may get (or use mysql_re
It makes sense, but I'm having some problems. Namely, it's not working Here's what I have: mysql_connect($dbhost, $dbuser, $dbpass) or die("Unable to connect" . mysql_error()); mysql_select_db($dbname) or die(mysql_error()); $query = "SELECT * FROM listings WHERE status='open'"; $result = mysql_query($query); while ($row = mysql_fetch_array($result)) { echo '<a href="listings.php?id=' . $row['listingId'] . '" title="' . $row['title'] . '">' . $row['title'] . '</a><br>'; } if (isset($_GET['listingId'])) { $listingId = $_GET['listingId']; $query = "SELECT * FROM listings WHERE listingId='$listingId'"; $row = mysql_fetch_array($result)); echo "Title: " . $row['title']; echo "Description: " . $row['description']; } PHP: I echo'd $_GET['listingId'] and it's not returning a value, so that's a problem.
Just to clarify: The way you've set it up would require this: listings.php?listingId=1010101 Is that how it should be?
it should be echo $listingId; PHP: & by the way ur code will give u http://yourdomain.com/filename.php?listingId= if you dont want this then simply change it with the code below so it will give you http://yourdomain.com/filename.php?id= mysql_connect($dbhost, $dbuser, $dbpass) or die("Unable to connect" . mysql_error()); mysql_select_db($dbname) or die(mysql_error()); $query = "SELECT * FROM listings WHERE status='open'"; $result = mysql_query($query); while ($row = mysql_fetch_array($result)) { echo '<a href="listings.php?id=' . $row['listingId'] . '" title="' . $row['title'] . '">' . $row['title'] . '</a><br>'; } if (isset($_GET['[id'])) { $listingId = $_GET['id']; $query = "SELECT * FROM listings WHERE listingId='$listingId'"; $row = mysql_fetch_array($result)); echo "Title: " . $row['title']; echo "Description: " . $row['description']; } PHP: the above code might have a slight problem but just try it & if it gives prob i will look into it
Great, it works now. But the problem is $_GET['id'] is always the value stored in the first returned row of the database. So no matter which listing I click on, it prints the data corresponding to listingId=0 (the first in the database). How do I fix that? Here's the updated code: mysql_connect($dbhost, $dbuser, $dbpass) or die("Unable to connect" . mysql_error()); mysql_select_db($dbname) or die(mysql_error()); $query = "SELECT * FROM listings WHERE status='open'"; $result = mysql_query($query); if (isset($_GET['id'])) { $listingId = $_GET['id']; $query = "SELECT * FROM listings WHERE listingId='$listingId'"; $row = mysql_fetch_array($result); echo "Listing ID: " . $row['listingId'] . "<br>"; echo "Title: " . $row['title'] . "<br>"; echo "Description: " . $row['description'] . "<br>"; } else { while ($row = mysql_fetch_array($result)) { echo '<a href="listings.php?id=' . $row['listingId'] . '" title="' . $row['title'] . '">' . $row['title'] . '</a><br>'; } } PHP:
It's actually pretty obvious. You're running mysql_query at the top with the non-specific query (select * from listings where status = open). Then, you're referencing this result inside your array (mysql_fetch_array($result)). Hold on... mysql_connect($dbhost, $dbuser, $dbpass) or die("Unable to connect" . mysql_error()); mysql_select_db($dbname) or die(mysql_error()); if (isset($_GET['id'])) { $listingId = $_GET['id']; $query = "SELECT * FROM listings WHERE listingId='$listingId'"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result); $listingid = $row['listingid']; $title = $row['title']; $desc = $row['description']; echo "Listing ID:" . $listingid . "<br />"; echo "Title:" . $title . "<br />"; echo "Description:" . $desc . "<br />"; } else { $query = "SELECT *FROM listings WHERE status = 'open'"; $result = mysql_query($query) or die(mysql_error()); while ($row = mysql_fetch_array($result)) { $listingid = $row['listingID']; $title = $row['title']; echo "<a href=\"listings.php?id=$listingid\" title=\"$title\">$title</a><br />"; } } PHP:
You really need to clean up that user input, this code is wide open to SQL injection. Simplest way is to change: $listingId = $_GET['id']; Code (markup): to $listingId = intval($_GET['id']); Code (markup): Cheers, George