Echoing Out A Mysql Query

Question

Alright. I have searched and searched for an answer, but I just could not find it.

I am writing a simple php script that takes the url information and runs it through a MySQL query to see if a result comes up. I try to echo the variable holding the query out, but nothing shows up. I know there must be a result because if I enter the query manually in MySQL it displays my desired result.

$result = mysqli_query("SELECT * FROM pages WHERE pageq = '" . $_GET['page'] . "'" );
$data = mysqli_fetch_assoc($result);
echo ("You have just entered in " . $data['id'] . "!!! YAY");

I have tried to echo out both the $result and $data. But there is nothing displayed. I am so new to programming, and this is my first StackOverflow post, so forgive me if I am making huge errors.

For starters, you should be error-checking ([`mysqli_error()`](http://php.net/manual/en/mysqli.error.php) and [`mysqli_errno()`](http://php.net/manual/en/mysqli.errno.php) are your friends). Second, are you sure you have connected to the database? Also, this is very important: you are wide open to [**SQL injection**](https://www.owasp.org/index.php/SQL_Injection). You should be using prepared statements; you should *never* pass something from the query string (i.e., `$_GET[...]`) directly to the database. — elixenide, Aug 12 '16 at 04:12
To my knowledge I am not getting any error messages. I know for a fact that I am connected to the database because I have other code that works fine. As far as SQL injection....oops lol sorry what should I be doing differently? — Daniel Cory, Aug 12 '16 at 04:17
@DanielCory Are you really sure you're connected? You haven't provided any connection code, and you haven't shown us the output of `mysqli_error()` or `mysqli_errno()`, which could be very helpful. As for SQL injection, see my link and comment above. You should also read [How can I prevent SQL-injection in PHP?](http://stackoverflow.com/q/60174/2057919) — elixenide, Aug 12 '16 at 04:19
@EdCottrell Yes, I am connected to the db...the reason I didn't provide all the code is because I am using ssh to write it on a remote computer, and I wasn't able to copy and paste all the code. I am having to write it all over again, but I am %100 sure that my database is connected. I have a query that is polling the amount of pages and echoing them out it html as links. It works perfectly. — Daniel Cory, Aug 12 '16 at 04:28
I suspect that you will need to escape the input string as it may contain quotes and other characters. I would just use a prepared query and all the problens will go away. — Ryan Vincent, Aug 12 '16 at 04:34
can you put this code just to check whether you are connected to your database or not **if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); }** — Mittul Chauhan, Aug 12 '16 at 04:40
tutorial: http://www.w3schools.com/php/php_mysql_prepared_statements.asp — Ryan Vincent, Aug 12 '16 at 04:40
you mentioned **echo out** .. i believe if you can try **print_r()** or **var_dump()** here .. also if you can **enable your debug mode if its off**. enable your **error_reporting()** if you find something. — Mittul Chauhan, Aug 12 '16 at 04:46
@Mit.agile that exact code is already in there, and it has never given me an error — Daniel Cory, Aug 12 '16 at 04:46
@Mit.agile I tried print_r() and it didn't change anything, and when I put var_dump() and before the intial "YOU HAVE..." string is displayed string(36) on my page. debug mode on my browser? — Daniel Cory, Aug 12 '16 at 04:50
i m talking about to enable debug mode from php side .. **error_reporting()** that is. http://php.net/manual/en/function.error-reporting.php — Mittul Chauhan, Aug 12 '16 at 04:51
also you have not mentioned here whether you are following OOP method or not in your code so i would suggest you to connect your database on the same page and try to make query there .. try to echo query as well from php side.. make static query put static value if possible for now to walk around the things. — Mittul Chauhan, Aug 12 '16 at 04:52
**error_reporting(E_ALL);** put this code in your same php page you are trying. — Mittul Chauhan, Aug 12 '16 at 04:53
@Mit.agile oh wow I didn't realize it was off! but yeah now its displaying errors: Warning: mysqli_query() expects at least 2 parameters, 1 given in /srv/http/index.php on line 22 Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, null given in /srv/http/index.php on line 23 — Daniel Cory, Aug 12 '16 at 04:55
good .. there you have it an error .. its showing warning as it requires 2 parameters as i had mentioned in my answer ... so add your connection parameter .. may be you are not getting it somehow ... include a file if you written your connect code in different page .. by using php's include or require functions .. and then check further. — Mittul Chauhan, Aug 12 '16 at 04:58
@Mit.agile Well I'll be. It fixed it! How do I change the status to answered? Thank you so much!! I didn't see your answer down there because of all these comments :p but I really do appreciate your help a lot!!! — Daniel Cory, Aug 12 '16 at 05:01

twodee · Answer 1 · 2016-08-12T07:15:16.580

1

The problem is that you're not setting up the connection in the query. mysqli_query() requires two parameters.

Make the connection first:

$conn = mysqli_connect("localhost", "user", "password", "dbname");

Now execute the query:

 $result = mysqli_query($conn,"SELECT * FROM pages WHERE pageq = '" . $_GET['page'] . "'" );

NOTE: Your code is heavily vulnerable to MySQL injections. Use MySQLi or PDO Prepared statements.

Also, you should use mysqli_errno() to find out your query bugs.

Edit: Also do this:

while($row=mysqli_fetch_assoc($result)){
//do the result output. 
  }

edited Aug 12 '16 at 07:15

answered Aug 12 '16 at 04:16

twodee

606
5
24

I wasn't showing all of my code, I am sorry. But no, I am connected because I have some other code that works and connects to the database just fine. – Daniel Cory Aug 12 '16 at 04:18
no, my previous code was working but I was echoing out in html...now I am trying to echo out a php variable – Daniel Cory Aug 12 '16 at 04:31
You should try out my answer. You didn't set up the connection in the first place. – twodee Aug 12 '16 at 04:36
At the top of my page I have an include which includes the following code: – Daniel Cory Aug 12 '16 at 04:39
$servername = "localhost" $username = "dantheman" $password = "password" $dbname = "supersecretdb" $conn = new mysqli($servername, $username, $password, $dbname); if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } Like I said also, I have other code that is using the database with no problem :) – Daniel Cory Aug 12 '16 at 04:41
Then what is the problem now? – twodee Aug 12 '16 at 05:00

Mittul Chauhan · Accepted Answer · 2016-08-12T04:56:38.760

Actually mysqli_query() requires two parameters... check the following sample example ..

<?php
$conn = mysqli_connect('localhost','root','','your_test_db');

$_GET['page'] = 1;

$result = mysqli_query($conn,"SELECT * FROM your_table WHERE id = '" . $_GET['page'] . "'");
$data = mysqli_fetch_assoc($result);


echo ("You have just entered in " . $data['id'] . "!!! YAY");

?>

As you have stated you are just in a learning phase, it is okay to code these sort of queries just to learn yourself but do not code these kind of queries as these queries are vulnerable so i would suggest you to use prepare queries or PDO...

Also never use SELECT * in your queries, this is a bad practice, only deal with the fields which you requires in return.

Also, you can always check whether your database is connected or not. So that you have a better idea.

// Check connection
if (mysqli_connect_errno())
{
   echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

you have not mentioned whether you are following OOP structure or not .. so i would suggest you to check error_reporting() and connect database on the same page to check the things around ..

Also you can check whether you without WHERE condition for now "SELECT * FROM your_table just to make sure whether you are getting atleast all the records or not.

Thank you! This solution fixed my problem! I didn't put the $conn variable in my query! — Daniel Cory, Aug 12 '16 at 05:04
Yes and **error_reporting** did the trick for you as you were able to see this error only after enabling it as it was off. Glad it helped you. — Mittul Chauhan, Aug 12 '16 at 05:06

Echoing Out A Mysql Query

2 Answers2