Noob PHP question!

[Fehm]

I know very basci MySQL, lol Im ok with PHPmyAdmin and the likes and Google is now my best friend tehe

Can someone help me with something though, (MySQL related)
If i was to make a user system, a very small one just to test me own abilities.. and learn new things

How would i display all the data in one column of a Sql database,
Say if i had a database called users, and i wanted a page to be all the users usernames, what would i have to put?
Would it be like

$_GET[FROM ""] lol ive tried googling, came up with nothing

Thanks for the info above btw ill rep if i can =D!

[Moh]

I know very basci MySQL, lol Im ok with PHPmyAdmin and the likes and Google is now my best friend tehe

Can someone help me with something though, (MySQL related)
If i was to make a user system, a very small one just to test me own abilities.. and learn new things

How would i display all the data in one column of a Sql database,
Say if i had a database called users, and i wanted a page to be all the users usernames, what would i have to put?
Would it be like

$_GET[FROM ""] lol ive tried googling, came up with nothing

Thanks for the info above btw ill rep if i can =D!

PHP Code:

<?php
include("connector.php"); // This is the MySQL connector file

$sql = mysql_query("SELECT * FROM `users` WHERE `id` = '{$_GET["id"]}'"); // Selects all the data from the database. Use filename.php?id=*ID HERE* (e.g. filename.php?id=1)

if(mysql_num_array($sql) == 0) // Checks if the ID exists
{
    echo("ID does not exist!");
}
else while($fetch = mysql_fetch_array($sql)) // ID does exisit, so lets fetch the data. The fetch creates an array like the previous posts :)
{ 
    $username = $fetch["username"]; // username is the field name in the table
    $email = $fetch["email"]; // email is the field name in the table
    $name = $fetch["name"]; // name is the field name in the table
    $gender = $fetch["gender"]; // gender is the field name in the table
    
    echo("<strong>Username:</strong>$username (id: {$_GET["id"]})<br />
    <strong>Email:</strong>$email <br />
    <strong>Name:</strong>$name <br />
    <strong>Gender:</strong>$gender <br />");
}
?>

[Fehm]

Thanks alot for that OInly problem is, i dont like it when people give me the code, i like to type it outmyself so it'll all go in .

Thanks alot though, and it has helped soo much

[Dentafrice]

PHP Code:

<?php
include("connector.php"); // This is the MySQL connector file

$sql = mysql_query("SELECT * FROM `users` WHERE `id` = '{$_GET["id"]}'"); // Selects all the data from the database. Use filename.php?id=*ID HERE* (e.g. filename.php?id=1)

if(mysql_num_array($sql) == 0) // Checks if the ID exists
{
    echo("ID does not exist!");
}
else while($fetch = mysql_fetch_array($sql)) // ID does exisit, so lets fetch the data. The fetch creates an array like the previous posts :)
{ 
    $username = $fetch["username"]; // username is the field name in the table
    $email = $fetch["email"]; // email is the field name in the table
    $name = $fetch["name"]; // name is the field name in the table
    $gender = $fetch["gender"]; // gender is the field name in the table
    
    echo("<strong>Username:</strong>$username (id: {$_GET["id"]})<br />
    <strong>Email:</strong>$email <br />
    <strong>Name:</strong>$name <br />
    <strong>Gender:</strong>$gender <br />");
}
?>

I've been commanded to crucify you for your horrible, I mean horrible code.

You're so inconsistent, and you're trying to help someone!

PHP Code:

include("connector.php"); // This is the MySQL connector file 


include is not a function/method, why are you using parenthesis? it's a language construct.

include "bla.php";

PHP Code:

$sql = mysql_query("SELECT * FROM `users` WHERE `id` = '{$_GET["id"]}'"); 


Can you say SQL Injection??

Why don't you define it and clean it first! before just throwing it in the query..

You're helping him with MySQL right?

WHAT THE HELL IS THIS? mysql_num_array

WHAT THE HELL IS THAT? mysql_num_array

I mean seriously.. mysql_num_rows..!

PHP Code:

echo("ID does not exist!"); 


Echo is a language construct! Not a method/function.. no parenthesis.

PHP Code:

else while($fetch = mysql_fetch_array($sql)) // ID does exisit, so lets fetch the data. The fetch creates an array like the previous posts :)
{ 


Oh that's real valid... my god.

You have XSS vulns, SQL Injection, wrong function names, wrong syntax, and you're attempting to help him?!

My god kid, just don't attempt anymore.. I can't be bothered to go through your post more it's so damn awful.

Use heredoc for that hideous HTML too.. gah.

[Fehm]

:L so. i wont be using that post to help me (Y)

!

[Moh]

I've been commanded to crucify you for your horrible, I mean horrible code.

You're so inconsistent, and you're trying to help someone!

PHP Code:

include("connector.php"); // This is the MySQL connector file 


include is not a function/method, why are you using parenthesis? it's a language construct.

include "bla.php";

PHP Code:

$sql = mysql_query("SELECT * FROM `users` WHERE `id` = '{$_GET["id"]}'"); 


Can you say SQL Injection??

Why don't you define it and clean it first! before just throwing it in the query..

You're helping him with MySQL right?

WHAT THE HELL IS THIS? mysql_num_array

WHAT THE HELL IS THAT? mysql_num_array

I mean seriously.. mysql_num_rows..!

PHP Code:

echo("ID does not exist!"); 


Echo is a language construct! Not a method/function.. no parenthesis.

PHP Code:

else while($fetch = mysql_fetch_array($sql)) // ID does exisit, so lets fetch the data. The fetch creates an array like the previous posts :)
{ 


Oh that's real valid... my god.

You have XSS vulns, SQL Injection, wrong function names, wrong syntax, and you're attempting to help him?!

My god kid, just don't attempt anymore.. I can't be bothered to go through your post more it's so damn awful.

Use heredoc for that hideous HTML too.. gah.

*REMOVED*

Edit by Robbie! (Forum Moderator): Please do not be rude to other members.

[Dentafrice]

Yes, and you have always been a great coder, hypocritical ******* :eusa_whis

Thanks for the -REP! it really meant a lot.

The point I'm trying to make here, is if you're going to help someone new, at least provide correct code to make yourself not look on the same level.

It's sorta like the saying, "the blind leading the blind".. well that's what happened here.

You provided ****** coding to someone just starting out, how do you think that's going to help him? He's going to get stupid errors and then come back asking why he got them.

And it all comes down to bad practices and bad advice from someone who doesn't have jack idea what they are talking about./

[Moh]

Thanks for the -REP! it really meant a lot.

The point I'm trying to make here, is if you're going to help someone new, at least provide correct code to make yourself not look on the same level.

It's sorta like the saying, "the blind leading the blind".. well that's what happened here.

You provided ****** coding to someone just starting out, how do you think that's going to help him? He's going to get stupid errors and then come back asking why he got them.

And it all comes down to bad practices and bad advice from someone who doesn't have jack idea what they are talking about./

Well in future, don't talk down to people. Because, I get along with most people, but the one type of people I seriously hate, are people who talk down to others. Thats the reason I gave you -rep, because you lost my respect.

All because I made one mistake by putting "array" instead of "rows".

[Dentafrice]

No, the code was awful in general, and you're going to get him started on a pathway he doesn't need to be in, and neither do you. I outlined what was wrong.

I'm talking down to you, because you posted crappy code when you were in a position to provide "correct" and "helpful" device, which you didn't.. and until you do, you'll continue to be talked down upon.

Your respect doesn't really matter to me.

[Agnostic Bear]

PHP Code:

<?php
function checkUser( $id ) {

    # Are we using a valid ID?
    if( ctype_digit( $id ) === false ) {
        # No, we're not, lets return an error message / code / secret nazi encryption string.
        return 'badid';
    }
    
    # Ok we're using a valid id (we didn't catch in the if)
    
    # Lets run a query to find our guys. note how we didn't have to do anything to id as we checked it
    # for a type (a digit), so if it's not the type we want it'll never get here and if it does, it's clean anyway.
    $query = mysql_query( 'SELECT * FROM `users` WHERE `id` = \'' . $id . '\'' );
    
    # Count the rows returned, did we get any?
    if( mysql_num_rows( $query ) === 0 ) {
        # No, we didn't, lets return an error message / code / bill bailey musical performance
        return 'nouser';
    }
    
    # Loop through the results (the proper way)
    while( false !== ( $fetch = mysql_fetch_assoc( $query ) ) ) {
        
        # Add the information to the end of the array, and then continue.
        $buildArray[] = array(
            'username'     => $fetch[ 'username' ],
            'email'        => $fetch[ 'email' ],
            'name'        => $fetch[ 'name' ],
            'gender'    => $fetch[ 'gender' ]
        );
        
    }
    
    # We've done it (what?), return the array and lets get out of here.
    return $buildArray;
}

# Setup a heredoc to contain our HTML.
$templateNoPost = <<<HTML
<form method="post" action="">
    Enter a user id to search for:<br />
    <input type="text" name="id" />
    <input type="submit" name="submit" value="Do it" />
</form>
HTML;

# And a heredoc to contain our processed form HTML.
$templatePost = <<<HTML
<table>
    <tr>
        <td>Name</td>
        <td>Username</td>
        <td>Email</td>
        <td>Gender</td>
    </tr>
    
    {html}
    
</table>
HTML;

# Do we have an id? (you could put an id checker here, but I decided not to. why? z.)
if( empty( $_POST[ 'id' ] ) === false ) {

    # We have no id, lets just send out the form and get on with it.
    echo $templateNoPost;
    
} else {

    # Require the MySQL connection file (do magic here) only once.
    require_once( 'mysql.php' );
    
    # Run the checkUser function, get any information that we need from it.
    $users = checkUser( $id );
    
    # Did it come back as an array?
    if( !is_array( $users ) ) {
        # No, it didn't, lets handle it.
        
        # Is our id bad?
        if( $users === 'badid' ) {
            # Yes, set the status variable for later
            $htmlStatus = 'Bad user id';
        }
        
        # No, but is it a bad user?
        elseif( $users === 'nouser' ) {
            # Yes, set the status variable for later
            $htmlStatus = 'No user in the database with that id.';
        }
    } else {
        # It did, lets loop and build!
        
        # Count the amount of keys (amount of users, basically) in the array        
        $count = count( $users );
        
        # Shut PHP strict errors up (not setting a variable before adding to it)
        $buildHtml = '';
        
        # Loop through the amount defined in $count
        for( $i = 0; $i < $count; $i++ ) {
            
            # Add the HTML to the variable using .=
            $buildHtml .= '
                <tr>
                    <td>' . $users[ $i ][ 'name' ] /* Pull out the username of the "$i"th array (decided by the loop we're on) */ . '</td>
                    <td>' . $users[ $i ][ 'username' ] . '</td>
                    <td>' . $users[ $i ][ 'email' ] . '</td>
                    <td>' . $users[ $i ][ 'gender' ] . '</td>
                </tr>
                
            ';
        }
        
        # Replace "{html}" with the HTML variable we just build using "$buildHtml .="
        $templatePost = str_ireplace( '{html}', $buildHtml, $templatePost );
        
        # And send it out in the wild
        echo $templatePost;
    }
}
?>

that covers arrays, queries, looping of different types, data manipulation, data handling and form processing

eat me.