PHP if statement - Resource id issue

Question

I have some code below which retrieves data from a table named "tally_point"

What I am trying to is retrieve a value from a column named 'tpt_id'

On another table, there is a table named "tally_point_type", which has has the primary key 'tpt_id' as well.

What I am trying to do is get the 'tpt_name' value to print from the tally_point_type row. At the moment I can get the "Order Details" link to work but the $tpt_name value prints out a Resource id# value.

I knwo Im close but can't quite figure out how to get this to work.

    <?php

    $pointstype = $row['tpt_id'];

    $type = '<td align="center">';

    if($pointstype > '0') {

    $query = "SELECT tpt_name 
    FROM tally_point_type 
    WHERE'" . $row['tpt_id'] . "'=$pointstype";

    $tpt_name = mysql_query($query);
     $type .='<strong>' . $tpt_name . '</strong></td></tr>';
    }
    else {
     $type .='<strong><a href="view-ind-order.php?id=' . $pointsitem . '">Order Details</a></strong></td></tr>'; 
    }   
    echo $type; 
    ?>

Full code here:

        <?php # index.php

        require_once ('./includes/config.inc.php');

        $page_title = 'Title';
        include ('includes/header.html');

        if (!isset($_SESSION['admin_int_id'])) {

           $url = 'http://' . $_SERVER['HTTP_HOST']
            . dirname($_SERVER['PHP_SELF']);
           // Check for a trailing slash.
           if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
                $url = substr ($url, 0, -1); // Chop off the slash.
           }
           $url .= '/login.php'; 

        ob_end_clean(); // Delete the buffer.
        header("Location: $url"); 
        exit(); // Quit the script.
        }

        if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) )
           { // Accessed through view_users.php   
            $id = $_GET['id'];

        } elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) )
           { // Form has been submitted.   
            $id = $_POST['id'];
        } else { // No valid ID, kill the script.
            echo '<h1 id="mainhead">Page Error</h1>
            <p class="error">This page has been accessed in error.</p><p><br /><br /></p>';
            include ('./includes/header.html'); 
            exit();
        }

        require_once ('/database.php'); // Connect to the db.

        $display = 1000;

        if (isset($_GET['np'])) { // Already been determined.
            $num_pages = $_GET['np'];
        } else { // Need to determine.

            $query = "SELECT COUNT(*) FROM tally_point, users WHERE tally_point.users_id = users.users_id ORDER BY tally_points_entry_date DESC";   
            $result = @mysql_query ($query);
            $row = @mysql_fetch_array ($result, MYSQL_NUM);
            $num_records = $row[0];

            if ($num_records > $display) { // More than 1 page.
               $num_pages = ceil($num_records/$display);
            } else {
               $num_pages = 1;
            }

        } 

        if (isset($_GET['s'])) {
            $start = $_GET['s'];
        } else {
            $start = 0;
        }

        $link1 = "{$_SERVER['PHP_SELF']}?sort=lna";
        $link2 = "{$_SERVER['PHP_SELF']}?sort=fna";
        $link3 = "{$_SERVER['PHP_SELF']}?sort=dra";

        if (isset($_GET['sort'])) {

            switch ($_GET['sort']) {
               case 'lna':
                  $order_by = 'tally_points_in ASC';
                  $link1 = "{$_SERVER['PHP_SELF']}?sort=lnd";
                  break;
               case 'lnd':
                  $order_by = 'tally_points_in DESC';
                  $link1 = "{$_SERVER['PHP_SELF']}?sort=lna";
                  break;
               case 'fna':
                  $order_by = 'total ASC';
                  $link2 = "{$_SERVER['PHP_SELF']}?sort=fnd";
                  break;
               case 'fnd':
                  $order_by = 'total DESC';
                  $link2 = "{$_SERVER['PHP_SELF']}?sort=fna";
                  break;
               case 'dra':
                  $order_by = 'tally_points_entry_date ASC';
                  $link3 = "{$_SERVER['PHP_SELF']}?sort=drd";
                  break;
               case 'drd':
                  $order_by = 'tally_points_entry_date DESC';
                  $link3 = "{$_SERVER['PHP_SELF']}?sort=dra";
                  break;      
               default:
                  $order_by = 'tally_points_entry_date DESC';
                  break;
            }

            $sort = $_GET['sort'];

        } else { // Use the default sorting order.
            $order_by = 'tally_points_entry_date DESC';
            $sort = 'dra';
        }


        $query =   "SELECT ta.tally_points_in, ta.order_id, ta.total, ta.tpt_id , DATE_FORMAT(ta.tally_points_entry_date, '%d-%m-%Y') AS dr, ta.users_id
                    FROM tally_point AS ta
                    WHERE ta.users_id=$id 
                    ORDER BY
        ".$order_by." LIMIT ".$start.", ".$display;

        $result = @mysql_query ($query); // Run the query.

        echo ' 
        <table width="500" cellspacing="1" cellpadding="7">
        <tr class="top">
            <td align="left"><b>Date</b></td>
            <td align="center"><b>Credit</b></td>
            <td align="center"><b>Debit</b></td>
            <td align="center"><b>Description</b></td>

        </tr>
        ';

        $bg = '#ffffff'; // Set the background color.

        while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
            $pointsitem = $row['order_id'];
            $pointstype = $row['tpt_id']; 

            $bg = ($bg=='#eaeced' ? '#ffffff' : '#eaeced'); // Switch the background color.   
            //$entries = floor($row['ltd_entry_amount']/200);
            echo '<tr bgcolor="' . $bg . '">';
            echo '<td align="left">' . $row['dr'] . '</td>';
            echo  '<td align="center"><strong>' . $row['tally_points_in'] . '</strong></td> ';
            echo  '<td align="center">' . $row['total'] . '</td>';


            $type = '<td align="center">';
            if($pointstype > '0') {
            $query = "SELECT tpt_name
            FROM tally_point_type
            WHERE'" . $row['tpt_id'] . "'=$pointstype"; //THIS ALSO SEEMS WRONG column name should have backticks if you're trying to escape it and maybe value should be quoted? Also these values are the same, no? 
            $result = mysql_query($query);
            $tpt_name = mysql_fetch_assoc($result);
            $type .='<strong>' . $tpt_name['tpt_name'] . '</strong></td></tr>';
            } else {
            $type .='<strong><a href="view-ind-order.php?id=' . $pointsitem . '">Order Details</a></strong></td></tr>';
            }
            echo $type;


            }


        echo '</table>';

        mysql_free_result ($result); // Free up the resources.  

        mysql_close(); // Close the database connection.

        if ($num_pages > 1) {

            echo '<br /><p>';
            $current_page = ($start/$display) + 1;

            if ($current_page != 1) {
               echo '<a href="view_points_2.php?s=' . ($start - $display) . '&np=' .
                 $num_pages . '&sort=' . $sort .'">Previous</a> ';   
            }

            for ($i = 1; $i <= $num_pages; $i++) {
               if ($i != $current_page) {
                  echo '<a href="view_points_2.php?s=' . (($display * ($i - 1))) . 
                    '&np=' . $num_pages . '&sort=' . $sort .'">' . $i . '</a> ';   
               } else {
                  echo $i . ' ';
               }
            }

            if ($current_page != $num_pages) {
               echo '<a href="view_points_2.php?s=' . ($start + $display) . '&np=' . 
                 $num_pages . '&sort=' . $sort .'">Next</a> ';   
            }

            echo '</p>';

        }  
        include ('./includes/footer.html'); // Include the HTML footer.
        ?>

$result = mysql_query($query); $row = mysql_fetch_array($result); $tpt_name = $row[0]; — 5z- -, Apr 24 '15 at 03:18

score 0 · Answer 1 · edited Apr 24 '15 at 02:55

0

You need to fetch the result:

$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
$tpt_name = $row['tpt_name'];

edited Apr 24 '15 at 02:55

Nisse Engström

4,738
23
27
42

answered Apr 24 '15 at 02:42

Paul I

1
1

I tried putting this in as well in but with no luck, I have put the full code in the original post as a reference... – AdamMc Apr 24 '15 at 03:48

score 0 · Answer 2 · edited May 23 '17 at 12:22

0

You need to fetch the result.

<?php
$pointstype = $row['tpt_id'];
$type = '<td align="center">';
if($pointstype > '0') {
    $query = "SELECT tpt_name
            FROM tally_point_type
            WHERE'" . $row['tpt_id'] . "'=$pointstype"; //THIS ALSO SEEMS WRONG column name should have backticks if you're trying to escape it and maybe value should be quoted? Also these values are the same, no? 
    $result = mysql_query($query);
    $tpt_name = mysql_fetch_assoc($result);
    $type .='<strong>' . $tpt_name['tpt_name'] . '</strong></td></tr>';
} else {
    $type .='<strong><a href="view-ind-order.php?id=' . $pointsitem . '">Order Details</a></strong></td></tr>';
}
echo $type;
?>

Also see notes in the comment of your query, consider switching drivers to mysqli or PDO, and I'm not sure about where the data you're using is coming from but might be open to a SQL injection. How can I prevent SQL injection in PHP?

Here's the manual link for future reference http://php.net/manual/en/function.mysql-query.php. See example #2.

edited May 23 '17 at 12:22

Community

1
1

answered Apr 24 '15 at 02:43

chris85

23,846
7
34
51

I tried putting that in but with no luck, I have put the full code in the original post as a reference... – AdamMc Apr 24 '15 at 03:47
The updated code doesn't have this code in it. Can you put it in with the updated code and post back what you are getting now? Can you also take off the error suppressing? Also don't put user input directly into your queries and if you are unsure of the method the data will be transmitted use `$_REQUEST`. Also please include the full error/notice message you are getting. – chris85 Apr 24 '15 at 04:13
Hey there, I have updated the full code with your code. I got the following error: "An error occurred in script '/my-database-/view-ind-points.php' on line 283: Undefined index: order_id " – AdamMc Apr 24 '15 at 04:41
Take out the table aliases from that select or give the columns aliases. For example `ta.order_id as order_id`... – chris85 Apr 24 '15 at 04:53

PHP if statement - Resource id issue

2 Answers2