1
    ?php
$Onum=$_POST{'Onum'};

$connect = mysql_connect("localhost","root","") or die("ok");
mysql_select_db("dbmsproj") or die ("Database not found");



$query = "SELECT `ITEM-NO` FROM `made-of` WHERE 'ORDER-NO' = '$Onum";
$results = mysql_query($query);

echo "<table>";

while($row = mysql_fetch_array($results)) {
            ?>
                <tr>
                    <td><?php echo $row['ITEM-NO']?></td>
                </tr>

            <?php
            }

       echo "</table>";
?>

I have a table with 3 columns ITEM-NO, ORDER-NO, and ORDER-QUANTITY. I want to display the item no of a specific order no. All I am getting is a blank page.

The code bellow is the html form. 

<div>
<form action="query1.php" method="post">

    <h3>Find Items in an Order</h3>

    <label for="Onum">Enter Order Number</label>
    <input type="Number" id="Onum" name="Onum" required>

    <button type="Submit">Submit</button>

</form>
</div>
Alex
  • 11
  • 1
  • 2
    `$_POST{'Onum'}` doesn't look right either. It looks like you basically have a ton of syntax errors here. Checking your PHP logs, checking for query errors, etc. will go a long way. You're also wide open to SQL injection, you'll want to refer to this: https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php – David Apr 27 '18 at 18:36
  • 1
    **WARNING**: Do not use the obsolete [`mysql_query`](http://php.net/manual/en/function.mysql-query.php) interface which was removed in PHP 7. A replacement like [PDO is not hard to learn](https://phpdelusions.net/pdo) and a guide like [PHP The Right Way](http://www.phptherightway.com/) helps explain best practices. Here parameters are **NOT** [properly escaped](http://bobby-tables.com/php) and this has severe [SQL injection bugs](http://bobby-tables.com/) in this code. Escape **any** and all user data, especially from `$_POST` or `$_GET`. – tadman Apr 27 '18 at 18:41

0 Answers0