php echo no output to display very puzzled, why?

Question

I am getting no where with this, I am not getting any output from my echo ,can someone help, thanks in advance...singhy

code below...

  $strSQL = "SELECT * FROM <tablename>  WHERE id='" . $_GET["serviceName"] . "'";
    $rs = mysql_query($strSQL);

while($row = mysql_fetch_array($rs)){
       echo "<dt>Name:</dt><dd>" . $row["serviceType"] . " " . $row["serviceName"] . "</dd>";
 echo "<dt>Phone:</dt><dd>" . $row["Phone"] . "</dd>";
 echo "<dt>Birthdate:</dt><dd>" . $row["BirthDate"] . "</dd>";

}

    // Close the database connection
mysql_close();
?>
    <p><a href="li.php">Return to the list</a></p>
    </body>
   </html>

can someone tell me where i am going wrong, ive tried various options, thanks in advance, singhy

Try `echo mysql_num_rows($rs);` before calling the `while` loop. I'm guessing no rows are being returned. Just as a note, you're using a deprecated API. You should consider using `mysqli_*` or `PDO` functions instead. In addition, your query is ***very*** susceptible to SQL Injection attacks... — War10ck, Jun 13 '14 at 15:16
The `mysql_*` family of functions are deprecated and you shouldn't be using them in new code. Consider PDO as an alternative. — user229044, Jun 13 '14 at 15:17
Add error reporting to the top of your file(s) `error_reporting(E_ALL); ini_set('display_errors', 1);`, see if that helps. — Funk Forty Niner, Jun 13 '14 at 15:18
You should avoid using [`mysql_*` functions because they deprecated](http://www.exchangecore.com/blog/update-deprecated-mysql-extension-pdo_mysql/) you are also prone to sql injection using $_GET in your query string — Joe Meyer, Jun 13 '14 at 15:18
Your code is susceptible to [SQL Injection](https://www.owasp.org/index.php/SQL_Injection) — PhearOfRayne, Jun 13 '14 at 15:18
Try removing the `where` clause to see if the condition is the problem. — ForguesR, Jun 13 '14 at 15:19
`var_dump($_GET["serviceName"]);` that will tell you if anything's being passed in your query. You now have enough information given by everyone to troubleshoot/debug your code. — Funk Forty Niner, Jun 13 '14 at 15:19
In [**your other question**](http://stackoverflow.com/q/24201312/) you are using single quotes `$row['serviceName']` where in this one, you are using doubles. That could be part of the problem. — Funk Forty Niner, Jun 13 '14 at 15:22
hi war10ck thanks for quick response if I echo before while loop I get out as 0, I had tried that before, thanks singhy — user3723480, Jun 13 '14 at 15:22
I am glad that your code does not return anything. Its better for your own security. Never inject values from `$_GET` into a query or anything without sanitizing it. — GGio, Jun 13 '14 at 15:22
Also, in your other question, you are using `ID` (`$row['ID']`) and in this one you are using lowercase `id`. `ID` and `id` are two different animals altogether when it comes to column names. ;-) so try `WHERE ID=...` if that is the case. — Funk Forty Niner, Jun 13 '14 at 15:25
hi steven thanks for the info, this is just a development piece to polish up my php !, thanks singhy — user3723480, Jun 13 '14 at 15:27
Also make sure that your form's element is named. I.e.: `name="serviceName"` if you are using a form. Go over ALL of the comments in this thread, including error reporting code. — Funk Forty Niner, Jun 13 '14 at 15:29
hi with error reporting I get warning on line 20 Warning: Undefined index: serviceName in /detail.php on line 20 which is my select ==> $strSQL = "SELECT * FROM WHERE id='" . $_GET['serviceName'] . "'"; — user3723480, Jun 13 '14 at 15:33
Well...... there you go, as per [`this comment`](https://stackoverflow.com/questions/24208698/php-echo-no-output-to-display-very-puzzled-why#comment37378874_24208698) I left earlier. You need to use `isset` in your code and assign it to a variable. I'm batting a thousand today ;-) — Funk Forty Niner, Jun 13 '14 at 15:36
So your query ends up looking like `SELECT * FROM WHERE id=''` because `$_GET['serviceName']` is returning nothing. That's a query that will produce no rows (and thus no output.) — sjagr, Jun 13 '14 at 15:36
Plus, remember this: `serviceName` is not the same as `servicename` should there be a typo in your element. You need to show full code at this point in time. No sense commenting back and forth while answers given are not resolving your issue. — Funk Forty Niner, Jun 13 '14 at 15:39

CMPS · Answer 1 · 2014-06-13T15:26:16.153

1

Try this debugging code:

$serviceName = mysql_real_escape_string($_GET['serviceName']); // Read PS note at the end
$strSQL = "SELECT * FROM `tablename`  WHERE id='$serviceName'";
$rs = mysql_query($strSQL) or die(mysql_error()); // Display any query error

echo "Total number of rows: ". mysql_num_rows($rs); // Echo number of rows

while($row = mysql_fetch_assoc($rs)){
      echo "<dt>Name:</dt><dd>" . $row["serviceType"] . " " . $row["serviceName"] . "</dd>";
      echo "<dt>Phone:</dt><dd>" . $row["Phone"] . "</dd>";
       echo "<dt>Birthdate:</dt><dd>" . $row["BirthDate"] . "</dd>";

}

Please note

You should escape the $_GET request and never use it directly in a query statement. Use mysql_real_escape_string() for that. (This method will be deprecated, read next bullet)
many of the functions you are using will be deprecated starting php 5.5.0 Alternatively you can use PDO prepared statements

edited Jun 13 '14 at 15:26

answered Jun 13 '14 at 15:20

CMPS

7,733
4
28
53

You should not put $_GET right into the query and, btw, your code is equivalent to what OP wrote – Damien Pirsy Jun 13 '14 at 15:22
@DamienPirsy Thanks for you remarks, I am adding a note now in my answer. I've added some debugging statements check the comments in my code – CMPS Jun 13 '14 at 15:24
2

Why not provide a more correct solution right away, instead of "do this, but don't" – Damien Pirsy Jun 13 '14 at 15:25
You need to get an associated array, otherwise a typical array is by index. Use mysql_fetch_assoc() in your while loop instead. – user1890328 Jun 13 '14 at 15:28

score -4 · Answer 2 · answered Jun 13 '14 at 15:20

-4

replace

 $_GET["serviceName"]

with this

 $_GET['serviceName']

use single quotes in $_GET in your case.

answered Jun 13 '14 at 15:20

Tooba

41
8

This doesn't matter unless special characters like `$` are contained in the quotes. – sjagr Jun 13 '14 at 15:22
Totally useless. `'foo'` and `"foo"` are identical as far as PHP is concerned. `'$foo'` and `"$foo"` are very different, however. – Marc B Jun 13 '14 at 15:22
double quotes after double quotes? What are you talking about. – GGio Jun 13 '14 at 15:24
1

@GGio I think they have some confusion with how string concatenation works. They think `id='" . $_GET["serviceName"] . "'"` breaks because the string is concatenated with another double quote string (which is obviously wrong.) – sjagr Jun 13 '14 at 15:26
in above query its id='" . $_GET["serviceName"] . "', if it will be id='" . $_GET['serviceName'] . "' it works – Tooba Jun 13 '14 at 15:27
@sjagr I see, well thats why `GOD` created `php.net` to look at documentation – GGio Jun 13 '14 at 15:27
hi tooba,gigo and other guys I am still having problems trying to get output, put in a error catching (error_reporting(E_ALL); ini_set('display_errors', 1);) getting a Warning: Undefined index: serviceName in /det.php on line 20 ($strSQL = "SELECT * FROM WHERE id='" . $_GET['id'] . "'"; and can not figure out why !!, thanks in advance....singhy – user3723480 Jun 16 '14 at 09:58
@user3723480 When you load the script, are you using a path with something like `det.php?serviceName=somevalue`? You need to understand how GET variables and query strings work here.. – sjagr Jun 16 '14 at 14:16

php echo no output to display very puzzled, why?

2 Answers2