php syntax for dynamic webpage

Forum Moderators: coopster

Message Too Old, No Replies

php syntax for dynamic webpage

highseas

8:29 pm on Oct 26, 2010 (gmt 0)

This code below worked on one host and now it does not work on another host. Not sure of the parameters regarding php and mysql versions or anything else. Anyone have an idea why this works on one site and not on another, all other things are totally equal.

This shows the list of obituaries

echo "<a href=\showobit.php?id=$obit_data[obit_id]\>" . $obit_data['first_name'] . " " . $obit_data['last_name'] . "   " . $obit_data['dod'] . "</a>" . "<br/>";

This shows the individual obituary details once the user clicks on an obit in the above page listing.

$the_id = $_GET['id'];
$result = mysql_query("select * from obits where obit_id = '$the_id'")
or die(mysql_error());

while($obit_data=mysql_fetch_array($result)){
echo $obit_data['first_name'];
echo $obit_data['last_name'];
echo $obit_data['dod'];
echo $obit_data['dob'];
echo $obit_data['obit_text'];
echo "<br/><br/>";
}

?>

any ideas? Thanks a lot.

rocknbil

8:41 pm on Oct 26, 2010 (gmt 0)

What happens when you view source? I see two things, niether should matter (much)

echo "<a href=\showobit.php?id=$obit_data[obit_id]\>"

Note the escapes before the s =\s and the carat \>.

Those escapes are only there because at some point you *had* quotes around the attribute (and you should.) It's possible (not probable!) something in obit data has a quote and is causing the entire chunk to disappear because the browser thinks it's the end of the anchor. IMpossible if obit_id is an integer, as it should be. View the source anyway.

The other thing is

$obit_data[obit_id]

There is a possibility (also not likely) PHP is interpreting obit_id as a constant, you don't have it quoted. Try

echo "<a href=\"showobit.php?id=" . $obit_data['obit_id'] . "\">" . $obit_data['first_name'] . " " . $obit_data['last_name'] . "   " . $obit_data['dod'] . "</a>" . "<br/>";

I doubt either of those are the problem, they're the only things that stick out ATM.

highseas

8:50 pm on Oct 26, 2010 (gmt 0)

rocknbil:

okay let me check the source. i think that i tried the second thing you mention, the single quote of ['obit_id'} and that, if i remember correctly, caused the page to not show up.

checking the source now...

thanks.

highseas

8:54 pm on Oct 26, 2010 (gmt 0)

ok, there are two record sets in the db, nothing suspicious, although one decease year was 1895, deleted the record, but still have the same issue.

here is the error displayed on the web page...

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''1\'' at line 1

Matthew1980

9:12 pm on Oct 26, 2010 (gmt 0)

Hi there highseas,

I will only add this to what Rocknbil has already suggested:-

$the_id = (int)$_GET['id'];
$result = mysql_query("SELECT * FROM `obits` WHERE `obit_id` = ".$the_id." ")
or die(mysql_error());

If it definitely an int, you won't need to quote it, but by typecasting it (int) this would force it to be a whole number (not a float), otherwise add the quotes, but I doubt as this would harm anything if left off.

Only reason I suggest this is because the sql error points to that piece of the code.

Cheers,
MRb

highseas

9:28 pm on Oct 26, 2010 (gmt 0)

hello Matthew1980,

ok, let me try that now. thanks for your input!

i will let all know what happens.....

highseas

9:34 pm on Oct 26, 2010 (gmt 0)

Matthew1980,

my mate, you win the gold star for the week! That did the trick! that (int) piece.

Thank you very much!

Thanks to all Demaestro-rocknbil-Matthew1980 who posted and helped me as I am new to php....

Cheers all!

Matthew1980

8:10 am on Oct 27, 2010 (gmt 0)

Hi there highseas,

Thanks for that, all as I have done is convert the string $_GET['id']; (as all $_GET & $_POST array's are strings) into an int (by typecasting - I do this sort of thing in pagination) so that you could use it without the quotes ('') in the sql, I learned this little trick from Rocknbil a while back as you shouldn't quote int's in sql, but you should quote strings..

Hope that makes sense anyway, glad your sorted now though.

Cheers,
MRb