0

i have this file which displays the blog entry in db what i need to do is get id when click on read more and show the data on that particular id.. 

<?php

    $results = $mysqli->query("SELECT * FROM blog ORDER BY id ASC");
    if ($results) { 

        //fetch results set as object and output HTML
        while($obj = $results->fetch_object())
        {
            echo '<div class="product">'; 
            echo '<div class="product-thumb"><img src="'.$obj->blog_img_name.'"></div>';

            echo '<div class="product-content"><h3>'.$obj->blog_name.'</h3>';
             echo '<div class="product-desc"><b>'.$obj->blog_date.'</b>'.'</div>';
            echo '<div class="product-desc">'.$obj->blog_desc.'</div>';
            echo '<div class="product-info">';
            echo '<a href="sunblog1.php?action=add&id=$id">Read more</a>';
            echo '</div></div>';
            echo '</div>';
        }

    }
    ?>

for the above mentioned purpose i have made the following file named

sunblog1.php

<?php


if (isset($_GET['id']) &&  isset($_GET['action'])) {
    $blog_id= $_GET["id"];   //the blog id from the URL
    $action= $_GET["action"]; //the action from the URL
    }
    ?>
    <?php
$results = $mysqli->query("SELECT * FROM blog WHERE id =$blog_id");
    if ($results) { 

        //fetch results set as object and output HTML
        while($obj = $results->fetch_object())
        {

            echo '<div class="product">'; 

            echo '<div class="product-content"><h3>'.$obj->blog_name.'</h3>';
             echo '<div class="product-desc"><b>'.$obj->blog_date.'</b>'.'</div>';
            echo '<div class="product-desc">'.$obj->blog_desc.'</div>';
                        echo '<div class="product-desc">'.$obj->blog_main.'</div>';

            echo '<div class="product-info">';
            echo '</div></div>';
            echo '</div>';
        }    
    }
    ?>

but its giving me only a blank page....

can anyone help....

urv_a_shi
  • 5
  • 5
  • first of all you should learn to sanitize any input from user especially when querying database. – KA. Jun 23 '15 at 06:16
  • Sorry i'm new and i dont know how to do it. and is it effecting the code....?? – urv_a_shi Jun 23 '15 at 06:21
  • yes. It is insecure to query database like that. Google for "SQL injection". read this question for more info http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php – KA. Jun 23 '15 at 06:48
  • Thank You i will read and research the topic briefly then will use it in the code....!! – urv_a_shi Jun 23 '15 at 07:10

2 Answers2

0

Its give you blank page, because it doesnt gets a id from your link

change your $id to $obj->id 

 <?php

$results = $mysqli->query("SELECT * FROM blog ORDER BY id ASC");
if ($results) { 

    //fetch results set as object and output HTML
    while($obj = $results->fetch_object())
    {
        echo '<div class="product">'; 
        echo '<div class="product-thumb"><img src="'.$obj->blog_img_name.'"></div>';

        echo '<div class="product-content"><h3>'.$obj->blog_name.'</h3>';
         echo '<div class="product-desc"><b>'.$obj->blog_date.'</b>'.'</div>';
        echo '<div class="product-desc">'.$obj->blog_desc.'</div>';
        echo '<div class="product-info">';
        echo '<a href="sunblog1.php?action=add&id='.$obj->id.'">Read more</a>';
        echo '</div></div>';
        echo '</div>';
    }

}
?>
Meenesh Jain
  • 2,532
  • 2
  • 19
  • 29
0

Here may be many reasons. First of all make $blog_id=(int)$_GET["id"]; to avoid mysql injection. (not the reason in this situation, but anyway useful practice). First of all try to add echo "OK"; in the end of code (possibly you have some fatal error later). If ok is shown, than add such line 

echo $result->num_rows;

after 

$results = $mysqli->query("SELECT * FROM blog WHERE id =$blog_id");

This will show the number of rows this query returned. If it is zero, than look in db, likely you pass incorrect id.

Vasya
  • 260
  • 1
  • 2
  • 13