Undefined variables, PHP execution not showing

Question

I have a code that uses $_GET to get [id], id is the number of the page I'm calling to.

So, I have a list of pages (loaded from MySQLi), I've been following a tutorial and what is supposed to happen is: When a post in the post list is clicked, the Title, Label and Body textboxes fill up with the content that's inside that post.

This is my code:

    <?php if(isset($_GET['id'])) 
            {

                $q= "SELECT * FROM pages WHERE id = $_GET[id]";
                $r= mysqli_query($mysql, $q);

             } 
                $opened = mysqli_fetch_assoc($r);                   
     ?>

It gives an error Undefined Variable: opened. The official mod on GitHub (the mod for the project I'm basing my work on) gave me this code:

<?php
if(isset($_GET['id'])&&is_numeric($_GET['id'])){
    $q= "SELECT * FROM pages WHERE id = $_GET[id]";
    $r= mysqli_query($mysql, $q);
    $opened = mysqli_fetch_assoc($r);    
}else{
    $opened = null;
}               
?>

But when I use it I get blank fields, nothing fills up.

Help please?

You might try troubleshooting with [`mysqli_error`](http://php.net/manual/en/mysqli.error.php). — showdev, Jul 18 '16 at 17:03
Just add the `}else{ $opened = null;` piece. Or add `$opened = null;` before the `if`. — AbraCadaver, Jul 18 '16 at 17:04
You haven't shown any code that fills your textboxes or results of any troubleshooting echo debugs — dbmitch, Jul 18 '16 at 17:05
Your code doesn't match the error. Your code, however, does not have an SQL injection vulnerability. Use prepared statements on user input (GET, POST, COOKIE) — Devon Bessemer, Jul 18 '16 at 17:06

Indrasis Datta · Answer 1 · 2016-07-18T17:16:26.053

0

Have you tried debugging within the if statement? To see if the statements within the block is executed?

Try this:

echo '<pre>';
print_r($_GET);  // Check what you get here

if (isset($_GET['id']) && is_numeric($_GET['id'])) {
     $q = "SELECT * FROM pages WHERE id = ".$_GET['id'];
     $r = mysqli_query($mysql, $q) or die(mysqli_error($q));  // Check if you get something here
     $opened = mysqli_fetch_assoc($r); 
     echo '<pre>';
     print_r($opened);       // Check your fetched data   
} else {
    $opened = null;
    var_dump($opened);       // Check your $opened value
}

edited Jul 18 '16 at 17:16

answered Jul 18 '16 at 17:07

Indrasis Datta

8,692
2
14
32

[SQL Injection much?](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – Machavity Jul 18 '16 at 17:10
Thank you for the reply, I get "NULL" as a result. – MJAzura Jul 18 '16 at 17:13
@Machavity: Yes, you're right. I was just trying to point out where they went wrong logically, which is the most preliminary step. You could always strengthen technical wise once your logic is clear. – Indrasis Datta Jul 18 '16 at 17:14
Well, looks like you're not getting the appropriate id in the query string itself, in that case. You could try var_dump($_GET); before these if else statements and let me know what you get. – Indrasis Datta Jul 18 '16 at 17:15

Undefined variables, PHP execution not showing

1 Answers1