0

I am using the same working code used on one of my other websites and for some weird odd reason it is not echoing the 'title' field from my database. this is my code:

  <?php
$id = $_GET['meeting_id'];

$query = mysql_query("SELECT * FROM Meetings WHERE meeting_id = '$id'")
or die(mysql_error());  

while($info = mysql_fetch_array($query)) {
echo "";

$title = $info['title'];

}
?>

<form action="bookedsuccessfully.php" method="post">

<table width="100%" border="0">
  <tr>
    <td><label>Meeting Title:</label></td>
    <td><input type="text" value="<?php echo $title;?>" name="title" disabled/></td>
  </tr>
...

i want the title to be displayed but the field to be disabled from any edits. any help?

user1114080
  • 75
  • 7

2 Answers2

0

Dunno what is your problem but

the field to be disabled from any edits.

is because of disabled attribute, I believe.

while the code itself should work

with little refactoring and removing unnecessary code, it is going to be

<?php
error_reporting(E_ALL);
$query  = "SELECT * FROM Meetings WHERE meeting_id = ".intval($_GET['meeting_id'];
$result = mysql_query($query) or trigger_error(mysql_error()." ".$query);  
$info   = mysql_fetch_array($result));
$title  = htmlspecialchars($info['title']);
?>
<form action="bookedsuccessfully.php" method="post">
<table width="100%" border="0">
  <tr>
    <td><label>Meeting Title:</label></td>
    <td><input type="text" value="<?php echo $title ?>" name="title" /></td>
  </tr>
Your Common Sense
  • 156,878
  • 40
  • 214
  • 345
0

If you don't want to edit the field, don't render it as a form element. instead of : <input type="text" value="<?php echo $title;?>" name="title" disabled/> use : <p> <?php echo $title;?> <p/> Regarding your db problem, try to echo the meeting id and check to see if it is in the db. As others posted you are completely exposed to SQL injections,if someone only knew your domain he could have complete control on your database.

Assaf Karmon
  • 915
  • 1
  • 10
  • 23