New to INNER join

Question

I've never used Inner join everything is something new to learn I guess.

I will explain my problem: I've 2 tables into mysql, 1 called category and the second is post, all category names/rows are ofc into the table category and the posts related to that category are in post I make an example of a category name and a post.

Category name I use for ex: Test

A post related to the category Test have the ID count 1 so the link will be

/category.php?nameID=Test&id=1 this url just shows the content from row ID 1 of the table which is called post now when I replace Test in the url to ex. Hello /category.php?nameID=Hello&id=1 I still receive the content of ID 1 from the table post which I don't want because the post count ID 1 isn't related to the category of Hello I want to receive an error like This post doesn't exist in this category.

Here below is mime code of &id=: Have now this error Unknown column 'Test' in 'where clause'

<?php
    if (isset($_GET['id']))
{
        $naamID = mysql_real_escape_string($_GET['nameID']);
        $id     = mysql_real_escape_string($_GET['id']);
        $idnext = $id + 1;
        $goo    = mysql_query("SELECT * FROM category, post WHERE category.name = post.cat = ".$naamID."") or die(mysql_error());
        $gnn    = mysql_query("SELECT * FROM post WHERE id= $id ") or die(mysql_error());
        $gnnn   = mysql_fetch_assoc($gnn);
        $gooo   = mysql_fetch_assoc($goo);
        if($gooo['youtube'])
        {
                $fullurl1 = $gooo['youtube'];
                $videoid1=substr($fullurl1,-11);       
        ?>
                <h1> <?php echo htmlspecialchars($gooo["title"]); ?> </h1><br />
                <p>
                <a href="/editpost.php?id=<?php echo htmlspecialchars($gooo['id']);?>"><i>Edit this post</i></a><br />
                <iframe width="560" height="315" src="//www.youtube.com/embed/<?php echo htmlspecialchars($videoid1);?>" frameborder="0" allowfullscreen></iframe><br />
                </p>
        <?php }if($gooo['pic']){ ?>
                <p>
                <h1><?php echo htmlspecialchars($gooo["title"]); ?></h1><br />
                <a href="/editpost.php?id=<?php echo htmlspecialchars($gooo['id']);?>"><i>Edit this post</i></a><br />
                <img src="<?php echo htmlspecialchars($gooo["pic"]);?>" style="max-height: auto; max-width: 600px;"/><br>
                </p>
        <?php }
// END OF SHOWING CONTENT PAGE
} else {?>

Answer 1

There are multiple problems with this code, first, as alexander is pointing at, your data is not escaped.

You are passing Test directly into the query, which means that the query is not treating it as a string (it is expecting a column name), you can fix that by adding quotes around the variable ('$id'). Even though you've escaped it, the query needs quotes to identify it as a string.

If you wanted an inner join, the syntax would look like:

"SELECT * FROM category INNER JOIN post ON category.name = post.cat WHERE post.cat = '" .$naamID "'"

This essentially tells the DB, I want all the columns from category AND post, treat category.name as the same thing as post.cat, and only retrieve rows where post.cat = whatever. (note, if you put category.name instead it would do the same thing, since the inner join merges the two).