How to show this image?

Question

<?php
require 'db.php';
include_once("header.php");
include_once("functions.php");
include_once("profile.php");

if(isset($_POST['search_term'])){
    $search_term = mysql_real_escape_string(htmlentities ($_POST['search_term']));

    if(!empty($search_term)){

        $search = mysql_query("SELECT `username`,`id` FROM `users` WHERE `username` LIKE '%$search_term%' and `business` <> 'business'");


        $result_count = mysql_num_rows($search);



        $suffix = ($result_count != 1) ? 's' : '';


        echo '<div data-theme="a">Your search for <strong>' , $search_term ,'</strong> returned <strong>', $result_count,' </strong> record', $suffix, '</div>';



        while($results_row = mysql_fetch_assoc($search)){
            echo '<div data-theme="a"><strong>', "<img src='/image/<?php echo $image; ?>' width= 50px height=50px>", $results_row['username'],  '</strong></div>';



$following = following($_SESSION['userid']);


    if (in_array($key,$following)){
        echo ' <div action= "action.php" method="GET" data-theme="a">
        <input type="hidden" name="id" value="$key"/>
        <input type="submit" name="do" value="follow" data-theme="a"/>
</div>';

    }else{
        echo " <div action='action.php' method='GET' data-theme='a'>
        <input type='hidden' name='id' value='$key'/>
        <input type='submit' name='do' value='follow' data-theme='a'/>
        </div>";

}

}

        }

}

?>

I would like some help putting the user image into the echo section of this code. I am not exactly sure how to do this so that it puts the image on the correct line of the search. Any advice would be greatly appreciated. Below is the line of code that I am referring too. Thanks.

while($results_row = mysql_fetch_assoc($search)) {

echo '', "' width= 50px height=50px>", $results_row['username'], '';

Also, use prepared statements when building SQL queries. Check this post to see why `mysql_real_escape_string` won't protect your database from SQL injection - http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string — laurent, Jul 10 '12 at 01:45

score 1 · Accepted Answer · answered Jul 10 '12 at 01:42

I don't see $image defined anywhere in your code, so I'm going to assume the image is being pulled from the database.

If that's the case then you'll want to do something like this:

while($results_row = mysql_fetch_assoc($search)){
    echo '<div data-theme="a"><strong><img src="/image/'.$results_row['image'].'" style='width:50px;height:50px' />'.$results_row['username'].'</strong></div>';
}

score 0 · Answer 2 · answered Jul 10 '12 at 01:45

just write:

..."<img src='/image/<?php echo $image; ?>' width='50' height='50'>", ...

but are you sure that 50x50 is suitable? you might want to set only width=50 and leave the browser to set height accordingly.

score 0 · Answer 3 · answered Jul 10 '12 at 01:45

0

$image = 'someImage.png';    
echo '<div data-theme="a"><strong>', "<img src='/image/{$image}' width= 50px height=50px>", $results_row['username'],  '</strong></div>';

answered Jul 10 '12 at 01:45

Anton Kucherov

307
1
6

score 0 · Answer 4 · answered Jul 10 '12 at 01:45

You would want something like this:

<?php 
while($results_row = mysql_fetch_assoc($search)){
?>
<div data-theme="a">
  <img src="/image/<?php echo $image; ?>" width="50px" height="50px">
  <strong>
    <?php echo  $results_row['username']; ?>
  </strong>
</div>

<?php
}
?>

A few things to check though:

dont use tags to wrap tags. They're generally used for text only
You're not selecting any image on your query.
don't use echo to output html its ugly.
don't use GET.
Use prepared statements (PDO or mysqli) to protect from mysql injection.

how would you output html? instead of echo? – Steven Jul 10 '12 at 02:04 — Steven, Jul 10 '12 at 02:04

How to show this image?

4 Answers4