Not get mysql db data .... into html page with php (stumped)

Question

I am working on an assignment, and it requires me to select a "slip_id" from the 3aStudent_Slip.php and pass it to 4aservice_request.php and populate a table that is being built in the php code. I have NOT had any php classes so I am really struggling with why it's NOT getting any database from the "ProgrammingDatabase" on the server.

Using the following code ...

<?php
    require_once('auth.php');
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Service Requests</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
    <div id="innerWrapper">
<h1>Service request by <?php echo $_SESSION['SESS_FIRST_NAME'];?></h1>

<a href="index.php">Login Page</a> | 
<a href="amenu.php">Menu Page</a> | 
<a href="logout.php">Logout</a>

<?php
$slip_id = strtoupper($_POST['slip_id']);
echo("<h2>Services for Slip ID $slip_id</h2>");

//Verify Password
$vlogin=$_SESSION['vlogin'];
$vpassword=$_SESSION['vpasswd'];

//Connection String
$con=mysql_connect("localhost", $vlogin, $vpasswd);

if(!$con)
{
    die("Could not connect".mysql_error());
}

//Select Database
mysql_select_db("ProgrammingDatabase", $con);

//The actual SQL code goes below into the structured variable $result
$result=mysql_query("SELECT * FROM service_request");

//Constructing the table and column names
echo "<table border='1'>
<tr>
<th>Service ID</th>
<th>Description</th>
</tr>";

//Looping until there are no more records from $result
//If there are records, print the column for that row
//do the while loop below with the variables from $result

while($row=mysql_fetch_array($result))
{
    echo "<tr>";
    echo "<td>".$row['service_id']."</td>";
    echo "<td>".$row['description']."</td>";
    echo "</tr>";
}

echo "</table>";

//Close the SQL connection string
mysql_close($con);

?>

<br />
<form action="a4Services_Student.php " method="post">
<br />
</form>
</div>
</body>
</html>

Answer 1

As some of the comments have already stated, the function you are using is not safe and is also depreciated. The best way is to use PDO. I have an example of it here https://snippetbox.xyz/5c3db100112bca204643/

<?php 
    /** How to get information out a database securely **/

    $id = 6; // example value 
    //connect to mysql database using pdo
    $conn = new PDO('mysql:host=localhost;dbname=someDatabase', $username, $password);
    $query = "SELECT * FROM myTable WHERE id = :id";

    //prepare the statement to avoid sql injection
    $stmt = $conn->prepare($query);

    //load variable into the statement and execute
    $stmt->execute(array('id' => $id));

    //fetch the results
    $rows = $stmt->fetchAll(PDO::FETCH_OBJ);

    //loop through all the lines
    foreach ($rows as $row){
        //loop through results here

        //example
        //echo $row->value;
    }
?>