-4

I am originally getting my data from an external table, I am trying to create a details page that will show the details of one specific record in the table, I am trying to get a button that will redirect the user to a different page and will save a id that will be used to query the database on the second page.

Page 1 html 

<html>

<thead>
<tr>
    <th>id</th>
    <th>Name</th>
    <th>image</th>
    <th>Description</th>
    <br></br>
</tr>
</thead>
<tbody>
<?php
if( $result != null){       
    while( $row = mysqli_fetch_assoc( $result ) ){?>
            <tr>
               <!--<th>id</th>
               <td><?php echo $row['id']; ?></td> -->
               <th>Name:</th>
               <td><?php echo $row['hname']; ?></td>
               <br></br>
               <th>image:</th>
               <!--  <td><?php echo $row['himage']; ?></td> -->
               <td>
                   <a><img src="<?php echo $row['himage']; ?>" /></a>
               </td>
               <br></br>
               <th>Description:</th>
               <td><?php echo $row['hdesc']; ?></td>

I am trying to get this link to redirect to the second page and save the ID.

                               <p><a 
href="http://mayar.abertay.ac.uk/~1702520/UniwebsiteDetails.php">Redirect</a></p>

            </tr>
            <br></br>
            <?php
    }
}else{
    echo "Something went wrong with the result";
}
?>
</tbody>
 <?php //mysqli_close($conn); ?>
 </body>
 </html>

Page 2 (UniwebsiteDetails.php)

This is the query that I'm trying to use to find the record using the ID saved previously('id' is the name of the primary key in the table)

   $result = mysqli_query( $conn,'SELECT * FROM Pictures WHERE id = ID');
   $conn->close();
mattdoesnthaveaclue
  • 1
  • 1

1 Answers1

0

You can pass the data between pages in two different ways, with GET or POST.

With GET, simply add the data on the end of the URL you are generating;

href="http://mayar.abertay.ac.uk/~1702520/UniwebsiteDetails.php?id=the_id">

It will then be available in $_GET['id'] on the second page.

With POST, you will need to wrap each individual link element in a <form> and put the ID field as an 

<input type="hidden" name="id" value="the_id">

inside the form. The value will then be accessible from $_POST['id'] on the second page.

As far as your query goes on the second page, remember that you are handling data that can be manipulated by any visitors to your site. To avoid SQL injection you should be using prepared statements or better still an ORM to handle your data access.

Skrrp
  • 660
  • 7
  • 11