0

Not able to figure out what is wrong. The connection is working fine. I used the same connection.php file to store data. But not able to pre populate in a different form. Please help. This is the code i have written:

<?php 
session_start();
if (!isset($_SESSION['email']))
    header('location: index.php');
?>
<!DOCTYPE html>
<html lang="en">
    <head>
        <title>Welcome</title>
    </head>
    <body>
<form  action="app_script.php" method="POST">
<input class="form-control" placeholder="Name" name="name" required = "true" value="<?php require_once("connection.php"); $eventid = $_GET['ID'];$field = $_GET['Name'];$result = mysql_query("SELECT $field FROM `persons` WHERE `ID` = '$eventid' ");$row = mysql_fetch_array($result);echo $row[$field]; ?>">
<button type="submit" name="submit" class="btn btn-primary pull-right">Submit</button>
                </form>
</body>
</html>
Aaryan
  • 31
  • 4
  • 1
    Oh wow, never seen *that* before. The query right there in the input `value`. What is the error you're receiving? 'Not able to pre-populate' isn't much to work with. – mferly Apr 13 '16 at 16:26
  • the field in the form is empty. i want the name to be pre populated from the db – Aaryan Apr 13 '16 at 16:31
  • you can move the whole code in `value` attribute to somewhere up on the page, and `echo` it there to see if you are able to get the value. Might not make a difference, but it's much confusing now and error prone. – Mohit Bhardwaj Apr 13 '16 at 16:37
  • Yes, you really need to `echo` your query to see that is properly formed, ie. Is `$field` the value you're looking for? Etc. And your query is wide open to SQL Injection (http://php.net/manual/en/security.database.sql-injection.php). You'll want to look into that as well. – mferly Apr 13 '16 at 16:40
  • i tried it writing seperately. Its not working. I have problem in the php part. and now i know the problem more specifically. The problem is with getting the current user ID in "$eventid=$_GET['ID']". Does any1 know how to get it? – Aaryan Apr 13 '16 at 16:55

1 Answers1

0
 <?php 
   session_start();
    if (!isset($_SESSION['email']))
        header('location: index.php');

     require_once("connection.php");
     $eventid = $_GET['ID'];
     $field = $_GET['Name'];
     $result = mysql_query("SELECT $field FROM `persons` WHERE `ID` = '$eventid' ");
     if(mysql_num_rows($result)>0)
     {
     $row = mysql_fetch_array($result);
     $output =  $row[$field]; // to populate
     }
     else
     {
    $output ='';         
         }
     ?>

    <!DOCTYPE html>
    <html lang="en">
        <head>
            <title>Welcome</title>
        </head>
        <body>
    <form  action="app_script.php" method="POST">
    <input class="form-control" placeholder="Name" name="name" required = "true" 
    value="<?php echo $output; ?>">
    <button type="submit" name="submit" class="btn btn-primary pull-right">Submit</button>
                    </form>
    </body>
    </html>
seguro
  • 11
  • 3
  • Change the code $result = mysql_query("SELECT $field FROM `persons` WHERE `ID` = '$eventid' ") or die(mysql_error()); Whether you are getting any error in Query ? – seguro Apr 13 '16 at 17:18
  • Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Apr 13 '16 at 18:01
  • Why should the OP try this? A ***good answer*** will always have an explanation of what was done and why it was done in such a manner, not only for the OP but for future visitors to SO. – Jay Blanchard Apr 13 '16 at 18:01
  • @seguro The problem is with "$eventid=$_GET['ID']". I want to get the current user ID but this won't give me the current user id. Does any1 know how to get the current user ID? – Aaryan Apr 13 '16 at 20:25