Displaying resulting table SQL

Question

I'm trying to display a new table based on the SQL query returned. This is the original table code that displays when the user loads the page.

TABLE:

<form action="walkthroughs.php" method="POST">
        Platform: <input type="text" name="platform"/><br/>
        <input type="submit" value="Search"/>
</form>
<body>
    <section class="container">
        <div class="row">
            <table id="table1" class="table table-bordered">
                <thead>
                    <th>ID</th>
                    <th width="25%">FAQ Title</th>
                    <th width="25%">Game</th>
                    <th width="*">Platform</th>
                    <th width="15%">Date Created</th>
                    <th width="15%">Date Modified</th>
                </thead>
                <tbody>
                    <?php
                        mysql_connect("localhost", "root", "password") or die(mysql_error()); //Connect to server
                        mysql_select_db("walkthroughs") or die("Cannot connect to database"); //connect to database
                        $query = mysql_query("Select * from faqlist"); // SQL Query
                        while($row = mysql_fetch_array($query))
                        {
                            Print "<tr>";
                                Print '<td align="center">'. $row['FAQ_ID'] . "</td>";
                                Print '<td align="center">'. $row['FAQ_Title'] . "</td>";
                                Print '<td align="center">'. $row['Game'] . "</td>";
                                Print '<td align="center">'. $row['Platforms'] . "</td>";
                                Print '<td align="center">'. $row['Date_Created'] . "</td>";
                                Print '<td align="center">'. $row['Date_Modified'] . "</td>";
                            Print "</tr>";
                        }
                    ?>
                </tbody>
            </table>
        </div>
    </section>
</body>

This is the PHP code I'm trying to execute. (I placed this on the bottom of my </html> tag.)

PHP:

<?php
    if($_SERVER["REQUEST_METHOD"] == "POST") // Added an if to keep the page secured
    {
        $platform = mysql_real_escape_string($_POST['platform']);

        mysql_connect("localhost", "root", "password") or die(mysql_error()); // Connect to server
        mysql_select_db("walkthroughs") or die("Cannot connect to database"); // Connect to database
        $query = mysql_query("SELECT FAQ_ID, FAQ_Title, Game, Platforms FROM faqlist WHERE 
Platforms LIKE '$platform' OR Platforms LIKE '%$platform' OR Platforms LIKE '$platform%' OR Platforms LIKE '%$platform%'"); // SQL Query
        while($row = mysql_fetch_array($query))
        {
            Print "<tr>";
                Print '<td align="center">'. $row['FAQ_ID'] . "</td>";
                Print '<td align="center">'. $row['FAQ_Title'] . "</td>";
                Print '<td align="center">'. $row['Game'] . "</td>";
                Print '<td align="center">'. $row['Platforms'] . "</td>";
            Print "</tr>";
        }
    }
    else
    {
        header("location: walkthroughs.php");
    }
?>

How do I update the HTML table with id "table1" without adding another table and hiding "table1" table? I'm currently starting out with PHP.

Every time you use [the `mysql_`](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php) database extension in new code **[a Kitten is strangled somewhere in the world](http://2.bp.blogspot.com/-zCT6jizimfI/UjJ5UTb_BeI/AAAAAAAACgg/AS6XCd6aNdg/s1600/luna_getting_strangled.jpg)** it is deprecated and has been for years and is gone for ever in PHP7. If you are just learning PHP, spend your energies learning the `PDO` or `mysqli` database extensions and prepared statements. [Start here](http://php.net/manual/en/book.pdo.php) — RiggsFolly, Jan 15 '17 at 12:34
Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) — RiggsFolly, Jan 15 '17 at 12:34
Move the code to after the first query is processed and before the `` — RiggsFolly, Jan 15 '17 at 12:36
@RiggsFolly thanks for the heads-up! I'll try it soon. Is there a way to update the HTML table without having to use JS to hide the original table? I've searched for threads on this but to no avail. — Norseback, Jan 15 '17 at 13:31

score 0 · Answer 1 · answered Jan 15 '17 at 13:34

This extension was deprecated in PHP 5.5.0, and it was removed in PHP 7.0.0. Instead, the MySQLi or PDO_MySQL extension should be used.

I share a different example in the same logic.

<?php
$con=mysqli_connect("localhost","my_user","my_password","my_db");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }

$sql="SELECT Lastname,Age FROM Persons ORDER BY Lastname";
$result=mysqli_query($con,$sql);

// Numeric array
$row=mysqli_fetch_array($result,MYSQLI_NUM);
printf ("%s (%s)\n",$row[0],$row[1]);

// Associative array
$row=mysqli_fetch_array($result,MYSQLI_ASSOC);
printf ("%s (%s)\n",$row["Lastname"],$row["Age"]);

// Free result set
mysqli_free_result($result);

mysqli_close($con);
?>

RESULT

Required. Specifies a result set identifier returned by mysqli_query(), mysqli_store_result() or mysqli_use_result()

RESULTTYPE

Optional. Specifies what type of array that should be produced. Can be one of the following values:

MYSQLI_ASSOC , MYSQLI_NUM , MYSQLI_BOTH ,

You can print with a very simple operation – Arda Kazancı Jan 16 '17 at 19:21 — Arda Kazancı, Jan 16 '17 at 19:21

Displaying resulting table SQL

1 Answers1