0

I am having the form. when the options are selected in the form and search button is clicked it searches in the database according to the given values.Here i am getting the result limited values of a user. But if anyone want to see more details of that particular user i am adding click here link to get more details of that particular user from the database. How can i achieve this any suggestion.

<?php
include('config.php');
include('header.php');
if(isset($_POST['search'])){
$category = $_POST['category'];
$State = $_POST['State'];
$city = $_POST['city'];
$sql = "SELECT user,category,State,city FROM userdetails Where userdetails.category = '$category' OR userdetails.State = '$State' AND userdetails.city = '$city'";
$records = mysql_query($sql);
}
?>
<html>
<body>
<table width= "800" border="2" cellpadding="1" cellspacing="1">
<legend>Search Screen</legend>
while ($userdetails=mysql_fetch_assoc($records)) {
echo "<div class='controls'><tr>";
echo "<p><label class='control-label' for='searchall'>Name:     </label>".$userdetails['user']."</p>";
echo "<p><label class='control-label' for='searchall'>Category:</label>".$userdetails['category']."</p>";
echo "<p><label class='control-label' for='searchall'>State:</label>".$userdetails['State']."</p>";
echo "<p><label class='control-label' for='searchall'>City:</label>".$userdetails['city']."</p>";
echo "<P><a href='userfullinfo.php'>More Info</a></p>";
echo "</tr></div>-------------------------------------------";
}
?>
</table>
</body>
</html>

How can i get the more column values of that particular user when clicking more info.

Thanks in advance

Karthik
  • 35
  • 8
  • create a link that will pass the id of the user... something like `www.sample.com/read_more.php?user_id=1` then in the page read_more.php create a query something like this `SELECT * FROM user where user_id = $_GET['user_id']`.. don't forget to sanitize first.. – Sam Teng Wong May 20 '15 at 11:50
  • Pass the `id` of the user along with the page url `href='userfullinfo.php?id=value' `.And retrieve it using `$_GET['id']` on the receiving page – AVM May 20 '15 at 11:52
  • [Your script is at risk for SQL Injection.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Please, [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Learn about [prepared statements](http://en.wikipedia.org/wiki/Prepared_statement) instead, and consider using PDO, [it's not as hard as you think](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard May 20 '15 at 11:56

0 Answers0