Not able to limit the no.of records retrieved from database

Question

<?php
include_once("Colour_farmer_Backend/cf_connect.php");
  $cat_id = isset($_REQUEST['cat_id'])?$_REQUEST['cat_id']:'';
  $str_images ="select * from cf_images";
  if ($cat_id!='') 
    $str_images.="where cat_id=".$cat_id;
    $records_images=mysqli_query($con,$str_images);
?> 

<div class="row" style="margin-bottom: 150px;">
    
    <?php
    while ($row_images=mysqli_fetch_assoc($records_images)) 
    {
    ?>
    <div class="col-md-3">
      <div class="cat_card scale_animation">
        <?php
        $path="Colour_farmer_Backend/Images_backend/Category_images/".$row_images['image_name'];
        echo "<img src='".$path."' class='img-fluid'>";
          $str ="SELECT * FROM cf_categories WHERE id='".$row_images['cat_id']."'LIMIT 4";
          $cat_record=mysqli_query($con,$str);
          $cat_row=mysqli_fetch_assoc($cat_record);
          echo"<h4>".$cat_row['cat_name']."</h2>";
        ?>
      </div>
      <br>
    </div>
    <?php } ?>

    </div>

I want that only first 4 records should be displayed from database but it's displaying all records even after applying limit clause.

**Warning:** You are wide open to [SQL Injections](https://php.net/manual/security.database.sql-injection) and should use [parameterized prepared statements](https://stackoverflow.com/q/60174/9193372). — Syscall, Feb 27 '23 at 23:29

score -2 · Answer 1 · answered Feb 25 '23 at 10:43

-2

Check you query add space before the LIMIT word

$str ="SELECT * FROM cf_categories WHERE id='".$row_images['cat_id']."' LIMIT 4";

answered Feb 25 '23 at 10:43

Kaushal Patel

259
2
7

Since he has single quote around `$row_images['cat_id']` , it will work without space before the `LIMIT` – Indra Kumar S Feb 25 '23 at 16:36

Not able to limit the no.of records retrieved from database

1 Answers1