0

I am currently getting data from a database using PHP and echoing the data out using:

$data[0]

This displays a full list of account numbers, I am wanting to put a href around this so that when I click on each one of the account numbers it runs another MYSQL query which breaks down to more information based on the account number that has been clicked.

How can this be done?

lukehemingway
  • 74
  • 7
  • if you're getting a "full list" of data from just that one item, then your DB is probably structured incorrectly, and your FIRST job is to [normalize](http://en.wikipedia.org/wiki/Database_normalization) it. – Marc B Jun 02 '14 at 14:22
  • It isn't just that one item I am just using it as an example, the report is run by dates, and rep name which is selected via a previous HTML form then posted to the page which runs the query. – lukehemingway Jun 02 '14 at 14:26
  • in any case, since you don't show ANY details of what's in this mysterious string, we can't really help you. I suggest you look at http://php.net/explode, which is a go-to method for taking a delimited string and turning it into an array. – Marc B Jun 02 '14 at 14:40

1 Answers1

2

The href could point to another script which evaluates the $_GET parameters and builds a query from it, like in

<a href="details.php?id=12345">12345</a>

and

<?php // details.php
...
mysql_query( "select * from mydata where id=$_GET['id']" );

This is just a pointer, and the example is prone to SQL injection etc.

Alex Monthy
  • 1,827
  • 1
  • 14
  • 24
  • Have a look at: http://stackoverflow.com/questions/5414962/protection-against-xss-exploits to see how to implement XSS protection in addition to above :) – PeteAUK Jun 02 '14 at 14:46