PDA

View Full Version : PHP Issue


Mr Macro
21-07-2007, 03:49 PM
When i try to echo out of the database, it echos nothing with no error.


<?php
if(!$_GET[category]){
echo('
<a href="products.php?category=soccer">Soccer Trophies</a>
<br />

');
}else{

$query = "SELECT * FROM catalogue WHERE category = '$_GET[category];'";

$result = mysql_query($query) or die(mysql_error());

$row = mysql_fetch_array($result) or die(mysql_error());

echo("

<table border='1'>
<tr>
<td><img src='images/".$row[item_number].".JPG'></td>
</tr>
<br>
<tr>
<td>Item Number: ". $row['item_number']."</td>
</tr>
</tr><br>
<tr><td>".$row[price]." GBP (Great Brittish Pounds)</td></tr>
<br>
</table>
<br>
");
}
?>
Blob
21-07-2007, 04:10 PM
<?php
if( $_GET[category] == "" )
{
echo '<a href="products.php?category=soccer">Soccer Trophies</a> <br />
';
}
else
{
$query = mysql_query( "SELECT * FROM `catalogu`e WHERE category = '{$_GET[category]}'" );
while( $row = mysql_fetch_array( $result ) )
{
echo '<table border="1">
<tr>
<td><img src="images/' . $row[item_number] . '.JPG"></td>
</tr>
<br />
<tr>
<td>Item Number: ' . $row['item_number'] . '</td>
</tr>
<br />
<tr>
<td>' .$row[price] . " GBP (Great Brittish Pounds)</td></tr>
<br />
</table>
<br/>
';
}
}
?>
Invent
21-07-2007, 04:53 PM
Ryan's was incorrect so:



<?php
if( $_GET[category] == "" )
{
echo '<a href="products.php?category=soccer">Soccer Trophies</a> <br />
';
}
else
{
$query = mysql_query( "SELECT * FROM `catalogue` WHERE category = '{$_GET[category]}'" );
while( $row = mysql_fetch_array( $result ) )
{
echo '<table border="1">
<tr>
<td><img src="images/' . $row[item_number] . '.JPG"></td>
</tr>
<br />
<tr>
<td>Item Number: ' . $row['item_number'] . '</td>
</tr>
<br />
<tr>
<td>' .$row[price] . ' GBP (Great Brittish Pounds)</td></tr>
<br />
</table>
<br/>
';
}
}
?>
Blob
21-07-2007, 04:55 PM
My mistake - soz
Mr Macro
21-07-2007, 04:58 PM
Its still blank.Im confused.
Sygon..
21-07-2007, 07:03 PM
Make sure the tables & rows exists.
Eric30
21-07-2007, 11:14 PM
<?php
if( $_GET[category] == "" )
{
echo '<a href="products.php?category=soccer">Soccer Trophies</a> <br />
';
}
else
{
$query = mysql_query( "SELECT * FROM `catalogu`e WHERE category = '{$_GET[category]}'" );
while( $row = mysql_fetch_array( $query ) )
{
echo '<table border="1">
<tr>
<td><img src="images/' . $row[item_number] . '.JPG"></td>
</tr>
<br />
<tr>
<td>Item Number: ' . $row['item_number'] . '</td>
</tr>
<br />
<tr>
<td>' .$row[price] . " GBP (Great Brittish Pounds)</td></tr>
<br />
</table>
<br/>
';
}
}
?>
Eric30
22-07-2007, 10:57 AM
Cant Edit Last Post,

Sorry, i was tired when i looked at that and that wont work either lol,

This will work:


<?php
if( $_GET['category'] == "" ){
echo '<a href="products.php?category=soccer">Soccer Trophies</a> <br />';
}else{
$category = $_GET['category'];
$query = mysql_query( "SELECT * FROM `catalogue` WHERE category = '$category'" );
while( $row = mysql_fetch_array( $query ) ){
echo '<table border="1">
<tr>
<td><img src="images/' . $row['item_number'] . '.JPG"></td>
</tr>
<br />
<tr>
<td>Item Number: ' . $row['item_number'] . '</td>
</tr>
<br />
<tr>
<td>' .$row['price'] . ' GBP (Great Brittish Pounds)</td></tr>
<br />
</table>
<br/>';
}
}
?>
Mr Macro
22-07-2007, 11:11 AM
No, still doesn't work.
Eric30
22-07-2007, 11:13 AM
Try this and tell me the error which it says:


<?php
if( $_GET['category'] == "" ){
echo '<a href="products.php?category=soccer">Soccer Trophies</a> <br />';
}else{
$category = $_GET['category'];
$query = mysql_query( "SELECT * FROM `catalogue` WHERE category = '$category'" ) or die("MySQL Error: <br>".mysql_error());
while( $row = mysql_fetch_array( $query ) ){
echo '<table border="1">
<tr>
<td><img src="images/' . $row['item_number'] . '.JPG"></td>
</tr>
<br />
<tr>
<td>Item Number: ' . $row['item_number'] . '</td>
</tr>
<br />
<tr>
<td>' .$row['price'] . ' GBP (Great Brittish Pounds)</td></tr>
<br />
</table>
<br/>';
}
}
?>
Invent
22-07-2007, 01:20 PM
If thats the WHOLE code of the file, make sure you're including the file which contains your database information.
ScottDiamond.
22-07-2007, 01:25 PM
If thats the WHOLE code of the file, make sure you're including the file which contains your database information.

Ditto. config.php, for example.
*
22-07-2007, 05:11 PM
WOW that code is SO insecure.
By having a GET variable directly inputted into a query is suicide.
That easily allows SQL injection and could delete the whole of your database.
TOTAL FIX + SECURITY FIX:



<?php
if(empty($_GET['category']) == true) {
echo "<a href="products.php?category=soccer">Soccer Trophies</a><br />"; }else{
$cat = addslashes($_GET['category']);

$query = mysql_query("SELECT * FROM catalogue WHERE category = '$cat'");

if(mysql_error()) {
print(mysql_error());
}

while($row = mysql_fetch_array($query)) {
echo("

<table border='1'>
<tr>
<td><img src='images/".$row[item_number].".JPG'></td>
</tr>
<br>
<tr>
<td>Item Number: ". $row['item_number']."</td>
</tr>
</tr><br>
<tr><td>".$row[price]." GBP (Great Brittish Pounds)</td></tr>
<br>
</table>
<br>
");
}
?>



Rep if this works :rolleyes:
Jamie.
23-07-2007, 08:09 PM
<?php
$conn = mysql_connect("localhost","USERNAME","PASSWORD");
mysql_select_db(DATABASENAME) or die(mysql_error());
if(empty($_GET['category']) == true) {
echo "<a href="products.php?category=soccer">Soccer Trophies</a><br />"; }else{
$cat = addslashes($_GET['category']);

$query = mysql_query("SELECT * FROM catalogue WHERE category = '$cat'");

if(mysql_error()) {
print(mysql_error());
}

while($row = mysql_fetch_array($query)) {
echo("

<table border='1'>
<tr>
<td><img src='images/".$row[item_number].".JPG'></td>
</tr>
<br>
<tr>
<td>Item Number: ". $row['item_number']."</td>
</tr>
</tr><br>
<tr><td>".$row[price]." GBP (Great Brittish Pounds)</td></tr>
<br>
</table>
<br>
");
}
?>
ScottDiamond.
23-07-2007, 09:56 PM
<?php
$conn = mysql_connect("localhost","USERNAME","PASSWORD");
mysql_select_db(DATABASENAME) or die(mysql_error());
if(empty($_GET['category']) == true) {
echo "<a href="products.php?category=soccer">Soccer Trophies</a><br />"; }else{
$cat = addslashes($_GET['category']);

$query = mysql_query("SELECT * FROM catalogue WHERE category = '$cat'");

if(mysql_error()) {
print(mysql_error());
}

while($row = mysql_fetch_array($query)) {
echo("

<table border='1'>
<tr>
<td><img src='images/".$row[item_number].".JPG'></td>
</tr>
<br>
<tr>
<td>Item Number: ". $row['item_number']."</td>
</tr>
</tr><br>
<tr><td>".$row[price]." GBP (Great Brittish Pounds)</td></tr>
<br>
</table>
<br>
");
}
?>

No they would have to inculde the config.
Jamie.
23-07-2007, 09:59 PM
yeh but i was just showing -.- so neh :P
Tomm
24-07-2007, 08:20 AM
Create a file with this and include all the configs, etc.



<?php
require_once('myconfig.php');

$query = "SHOW TABLES;";
$res = mysql_query($query) or die (mysql_error());
$rows = mysql_fetch_assoc($res);
do {
var_dump($rows);
} while($rows = mysql_fetch_assoc($res));

?>


If this returns nothing then there is a problem on the MySQL side, is it returns all the tables in the current database there is a problem with your script.
*
24-07-2007, 12:52 PM
Jamie why take my code :S
Jamie.
25-07-2007, 07:05 PM
i adapted it actually ;)
Blob
25-07-2007, 07:24 PM
$conn = mysql_connect("localhost","USERNAME","PASSWORD");
mysql_select_db(DATABASENAME) or die(mysql_error());



Jamie why take my code :S

You talking about that? Because that aint your code, so he can use it all he likes.
Jamie.
25-07-2007, 07:29 PM
You talking about that? Because that aint your code, so he can use it all he likes.

hey ryan nice to see you around :p
Blob
25-07-2007, 07:32 PM
hey ryan nice to see you around :p

Hey xD

Have you found a code that works yet :S?
Jamie.
25-07-2007, 07:44 PM
Hey xD

Have you found a code that works yet :S?

Sorry its not my code :)
but me u n george shud meet :P someday haha

Want to hide these adverts? Register an account for free!