Welcome to Webmaster World LoGaN.

If $rbr is not an integer, you'd need to add quotes:

"SELECT * FROM proizvodi WHERE rbr='$rbr'" 

It is a integer.Can I use some exception for this code to see where is my mistake?

You can try the following, it may tell you where your error is, although you should definatley remove it before opening your site to the public:

$result = mysql_query("SELECT * FROM proizvodi WHERE rbr='$rbr'") or die(mysql_error());

Hi there logan,

Formatting is the issue here methinks:-

Change this:-

<td> <?php echo"<a href='proizvod.php?rbr=$result_ar[rbr]'>$rbr Detaljnije</a>";?> </td>

to this..

<td><a href="proizvod.php?rbr=<?php echo $result_ar['rbr']; ?> ><?php echo $rbr;?> Detaljnije</a></td>

Just breaking in and out of php is easier on the formatting ;-p

And as you are looping through the returned array from the sql query, you have assigned $i = "0"; so I would have thought that it would be easier doing $i++; and not $i+=; That is unless I have misunderstood the code ;)

The queries too, though this is just a matter of preference, but I always do this just in case there is ever a space in the field name, ie: using the backticks:-

"SELECT * FROM `proizvodi` WHERE `rbr` ='".$rbr."'"

Using double quotes you need to add the vars to the string, I consider this to be tidier and easier to read, though I can guess as Readie will disagree with me there (just my preference Readie!)

If you are having trouble with the queries build them in a var then just echo the var to see that they are being populated as expected - I prefer doing this to placing the query directly into the mysql_query() function a la:-

$sqlQuery = "SELECT * FROM `proizvodi` WHERE `rbr` ='".$rbr."'";
$sqlQuerySent = mysql_query($sqlQuery) or die(mysql_error());

Though you only need the error handler on there when you are developing, don't leave it there when you release.

Hope this helps,

Cheers,
MRb

Using double quotes you need to add the vars to the string, I consider this to be tidier and easier to read, though I can guess as Readie will disagree with me there (just my preference Readie!)

Oh come on, I'm not that argumentative!

Anyways, on my code I tend to do the same thing, just with the quotes the other way around:

'SELECT * FROM proizvodi WHERE rbr = "' . $rbr . '"'

So I actually agree with you there :P

Heh, I just argued about how much I argue.

LOL . . . and I use different quoting related to standards in validation of output. Single quotes will validate fine, but often produces final documents of mixed quoting, so it's an issue of consistency for me.

but it won't working.

Elaborate on *how* it's not working, may be chasing the wrong problem here. Link empty or broken, generating an error, what?

Here is a potential problem as M says in a different way:

<td> <?php echo"<a href='proizvod.php?rbr=$result_ar[rbr]'>$rbr Detaljnije</a>";?> </td>

Although the output string is double quoted, which allows interpolation of variables, it's an associative array reference which won't print that way. I've seen this approach but I don't use it:

<td> <?php echo"<a href='proizvod.php?rbr={$result_ar['rbr']}'>$rbr Detaljnije</a>";?> </td>

and being untested, that may not work . . .

Another solution: I am not a fan of mix-match PHP and HTML, makes it hard(er) to debug. Your while loop, taking that into account:

$out=null; // squelch undefined variable errors due to concatenation 
while($result_ar = mysql_fetch_assoc($result)) { 
 // 
 $style = ($i%2 == 1)?'class="body2"':'class="body1"'; 
 $out .= " 
 <tr $style> 
 <td height=\"33\"><img src=\"/test/" . $result_ar['slika'] . "\" width=\"80\" height=\"80\"></td> 
 <td>" . $result_ar['naziv_artikla'] . "</td> 
 <td>" . $result_ar['opis'] . "</td> 
 <td><a href=\"proizvod.php?rbr=" . $result_ar['rbr'] . "\"> $rbr Detaljnije</a></td> 
 </tr> 
 "; 
 $i++; // Terse version of += 1 
} 
// Output once 
echo $out; 

I bolded $rbr because I don't see where it's being set, may be trivial.

You can do
$out .= '
//etc
';

To get rid of the toothpick syndrome \", but will have to concatenate all the variables that would otherwise interpolate in double quoting. Whatever's less work.

Thank you all for such a fast response.Here's what I've tried:

Matthew1980:Tried, but won't work(must close a link to work, either won't work if I close:

<a href="proba.php?=<?php echo $result_ar['rbr']; ?>[b]"[/b]> <?php echo $rbr;?>Detaljnije</a>

Readie:tried, i am not getting any exception, and I changed query like Matthew said.

rocknbil:I tried this, still no data showing, but there is an exception in second page saying "Query was empty", I am gonna look into that.

My query in second page is good and it's returning data like example:

"SELECT * FROM proizvodi where rbr=1"

I've done lot of queries in VB.NET and SQL to see that this must pass, but I think a problem is in a sending a $rbr to second page query.

Hi there LoGaN,

You have me wondering now! When you do a mouse over on the link, what does the status bar say & what does the page source say? as the code I was suggesting should work fine, I use similar to that myself sometimes so it should function :)

And if the query is empty, echo it before it gets sent to see how it is getting populated, and if its correct ;)

I assume the second page is getting data from the link, if so catch the data using $_GET['rbr'] on the second page, this is of course if I have understood you correctly.

Cheers,
MRb

@Matthew:

I said only that the link need to be closed in HTML as I remember with double quotes, example:

<a href="proba.php"</a>

but your example didn't had that(you maybe forgot).Anyhow it's not working for me.

The status bar is fine I think with my old code and with rocknbil code it's the same,it says:

http://localhost/test/proizvod.php?rbr=1

for the first table row.

Some example for catch the data using $_GET['rbr']?

Hi there LoGaN,

Oops, Well its past my bedtime, and I have been driving most of today, so yes I missed the closing " from the link, should have read:-

<td><a href="proizvod.php?rbr=<?php echo $result_ar['rbr']; ?>" ><?php echo $rbr;?> Detaljnije</a></td>

That will now be fine.

Example of using $_GET['rbr']...

This is in the receiving file/script & can only be used if set from the sending script/file:-

if(isset($_GET['rbr']) && is_numeric($_GET['rbr'])){
//assign and clean then use where ever its needed
$GotRbr = strip_tags($_GET['rbr']);
}else{
//throw error as rbr isn't numerical...
//can redirect back to previous page for example
}

Hope this makes things a little clearer :)

Cheers,
MRb

This is the actual problem, then?

there is an exception in second page saying "Query was empty", I am gonna look into that.

Right, using M's comments above,

Some example for catch the data using $_GET['rbr']?

Cleanse it into a variable, then do an echo

$query = "select * from table where field='$rbr'";

(@Matthew1980, curious . . .why would you strip_tags if you've already done a numeric test?)

Hi Rocknbil,

Oops, Well its past my bedtime, and I have been driving most of today

That's my excuse ;)

Your quite right there, thanks for pointing that out. My mistake..

Cheers,
MRb

Ty all,it's working.Link is like Matthew said:

<a href="proizvod.php?rbr=<?php echo $result_ar['rbr']; ?>"><?php echo $rbr;?> Detaljnije</a>

and on the second page added variable and sql changed:

$rbr = $_GET['rbr'];
$connection = mysql_connect("localhost", "root", "") or die("Error connecting to database");
mysql_select_db("glavna", $connection);
$result = mysql_query("select * from proizvodi where rbr=$rbr", $connection) or die("error querying database");

ty all again for guidance. 8)

Hi there LoGaN,

Excellent, it was a collective effort! I will though however just point you to your query:-

"select * from proizvodi where rbr=$rbr"

I personally would format it like:-

"SELECT * FROM `proizvodi` WHERE `rbr` = '".$rbr."' "

But if it's working, it's up to you ;)

Cheers,
MRb

Not a "mistake" M, just thought there was a reason I wasn't aware of.

LoGan: Do take care to note M's post at the top of the page, this is important. What if I do this?

proizvod.php?rbr=5+and+1=1

1 is always equal to 1, so it will display all records. In this case it's a simple unexpected behavior, but this is how databases get hacked with more malicious input.

Verifying it's numeric is a simple way to avoid this, in this case.

if (isset($_GET['rbr']) and is_numeric($_GET['rbr'])) {
$rbr = $_GET['rbr'];
}
else {
echo "invalid data";
exit;
}

Error trapping also helps you figure out situations like this when you expect one thing and something else is being passed.