0

I have content.php page that when I click on "More" it must give me the same content with the id number

<a class="btn text_3 color_3" href="contentdesc.php?contentid=<?=$content["id"]?>">more</a>

the problem is when i Click on More, it direct me to contentdesc.php and gives me the last row in the table by this query:

  <?php   
   $select="SELECT * FROM content WHERE id HAVING COUNT(*) > 1";
                $query=mysql_query($select);
                while($row=mysql_fetch_assoc($query)) {
                    ?>

                <div class="grid_12">   
                            
                <div class="box3">
        <h3 class="text_4   equal" data-mh="3"><?=$row['name']?></h3>
                                
        <div class="divider"></div>

                                
        <p class="text_8 color_6"><?=$row['description']?></p>
                                
                            </div>
                            
                        </div>  
                        
                        
        <?php } ?>

Please can anyone help me to bring the content as same id number in the row?

HoldOffHunger
  • 18,769
  • 10
  • 104
  • 133
Ahmad Baba
  • 31
  • 1
  • 1
  • 4
  • this is the normal behaviour because you are telling your script that `href="contentdesc.php?contentid==$content["id"]?>"` – hassan Mar 16 '17 at 11:18
  • yeah this script is working, I am asking that the content on page "contentdesc.php" is not giving me the row with the same ID number. – Ahmad Baba Mar 16 '17 at 11:24

1 Answers1

0

Your SQL query in your contentdesc.php page is a little strange.

SELECT * FROM content WHERE id HAVING COUNT(*) > 1

What does it mean?

  • SELECT * return all columns
  • FROM content from this table
  • WHERE id where the value of the id column evaluates to true. That is, for every row with a nonzero id. (Probably not what you wanted.)
  • HAVING COUNT(*) > 1 if the table has two or more rows. (Probably not what you wanted).

It's probably incorrect. You probably need to use this SQL statement instead:

  SELECT name, description FROM content WHERE id=DESIRED_ID_VALUE;

In php, it will look something like this. 

 $select="SELECT name, description FROM content WHERE id=" . 
             intval($_REQUEST["contentid"]) . ";";

The hyperlink in your first code line generates a URL that looks like this.

contentdesc.php?contentid=123

The value of $_REQUEST["contentid"] comes from that contentid parameter on the URL. intval() turns the value into an integer, to avoid sql injection.

Warning. The mysql_ calls you are using are obsolete and insecure. Please consider using mysqli_ or PDO instead.

Community
  • 1
  • 1
O. Jones
  • 103,626
  • 17
  • 118
  • 172