-2

I have a little problem, I have been testing numbers of variants but I don´t get it to work. I have a link in the search result.. (Full text search working)

> while($row = mysql_fetch_assoc($query)){
> 
> $id = $row['id'];
> 
> echo '<a href=profile1.php?id= . $row["id"] . >.INFO.</a>';

It shows INFO as a link and when i click on it, i jump to profile1.php but I´m not seeing any results, it is totaly blank page. the url I get is .../profile1.php?id=

Here is my profile.php

<?php

$mysqli = new mysqli("", "", "", ""); /* REPLACE NECESSARY DATA */

/* ESTABLISH CONNECTION */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

$id=$_GET["id"];

if ($stmt = $mysqli->prepare("SELECT name, brand FROM table WHERE id=?")) {

    $stmt->bind_param("d", $id); /* BIND DATA TO QUERY */

    $stmt->execute(); /* EXECUTE QUERY */

    $stmt->bind_result($name, $brand); /* BIND RESULT TO VARIABLE */

    $stmt->fetch(); /* FETCH DATA */

    printf("%s - %s", $name, $brand); /* ECHO DATA */

    $stmt->close(); /* CLOSE STATEMENT */
}

$mysqli->close();

?>

I hope someone can help me.. Thanks!!!

weehoo
  • 1
  • 3

2 Answers2

0

Do this . 

 echo "<a href=profile1.php?id=$row[id]>INFO</a>";

or this.

echo '<a href=profile1.php?id='.$row['id'].'>INFO</a>'
jay temp
  • 1,207
  • 12
  • 11
-1

Note:

  • You assigned your id to a variable, so better use that variable to the link. You should learn how to incorporate variables to your link.
  • Better use a single tick (') when using a variable inside. It's okay not to use single tick (') in your query IF the variable you are binding is an integer type.

Your link should look like this:

 $id = $row['id'];

 echo '<a href="profile1.php?id='.$id.'" >.INFO.</a>';

And your select query should look like this (profile1.php):

$sql ="SELECT * FROM table WHERE id='".$_GET["id"]."'";

It is also recommendable to use mysqli_* rather than the deprecated mysql_* API. Read here to learn more about SQL injections.

If you had it into mysqli_* prepared statement, it would look like this (profile1.php):

<?php

  /* RE-ESTABLISH YOUR MYSQL CONNECTION */
  $con = new mysqli("YourHost", "yourUsername", "YourPassword", "YourDB"); /* REPLACE NECESSARY DATA */

  /* CHECK CONNECTION */
  if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
  }

  if ($stmt = $con->prepare("SELECT name, brand FROM table WHERE id = ?")){
    $stmt->bind_param("i", $_GET["id"]); /* PARAMETIZE GET ID TO QUERY */  
    $stmt->execute(); /* EXECUTE QUERY */    
    $stmt->bind_result($name, $brand); /* BIND RESULT TO VARIABLE */
    $stmt->fetch(); /* FETCH DATA */
    printf("%s - %s", $name, $brand); /* ECHO DATA */
    $stmt->close(); /* CLOSE STATEMENT */
  }

  $con->close();

?>
Community
  • 1
  • 1
Logan Wayne
  • 6,001
  • 16
  • 31
  • 49