Hi Everyone
I'm now able to parse things from xml into a database with enormous help from this forum, I'm now coming near the end of my work. However I'm stuck on retrieving the information from the database using links, below is my code:
<?php
global $desc;
print "<a href='planets.php?id=Sun'>Sun</a> | <a href='planets.php?id=Moon'>Moon</a> | <a href='planets.php?id=Moon'>Moon</a> | <a href='planets.php?id=Mercury'>Mercury</a> | <a href='planets.php?id=Venus'>Venus<a> | <a href='planets.php?id=Mars'>Mars</a> | <a href='planets.php?id=Jupitor</a> | <a href='planets.php?id=Satrun'>Saturn</a> | <a href='planets.php?id=Uranus'>Uranus</a> | <a href='planets.php?id=Neptune'>Neptune</a> | <a href='planets.php?id=Pluto'>Pluto</a>";
$id="id";
if($_GET["id"]) {
$query = "SELECT * FROM planets WHERE name='".$id."'";
$result = mysql_query($query);
$row = mysql_fetch_array($result,MYSQL_ASSOC);
$desc =("<div id='image'>"."<img padding-right='10px' src='uploads/".$row["image"]."'/><strong>".($row["name"])."</strong><br /><p>".($row["desc"])."</p><strong>Keywords:<br />"
.($row["keywords"])."<br /><strong>Ruling Sign:</strong><br />".($row["ru_sign"]));
}
{
print $desc;
}
?>
Can anyone tell me where I'm going wrong? I've been at this for days, I know this is a pretty simple process but I can't see the wood for the trees.
Many thanks David it worked a treat I was beginning to go cross eyed!
Best Wishes
Madeleine
Hi Madeleine,
The code looks fine, but I notice that in the snippet posted there
is no MySQL connection being made, so I assume that is elsewhere in
your script and this code is being included.
If that's not the case, you will need to first establish your connection
with...
$link = mysql_connect("localhost","username","password");mysql_select_db("databasename",$link);
With that in place, I would add a mysql_error() call after the query
in order to see any error message from the database. In addition,
where you are creating an SQL query from $_GET content the value
should be "sanitised" with mysql_escape_string() in order to
prevent MySQL injection attacks on your site!
Note that your script is also relying on register globals being set, as
you are checking $_GET["id"] but then using $id directly.
Taking the above into account, try replacing these two lines in your script:
$query = "SELECT * FROM planets WHERE name='".$id."'";$result = mysql_query($query);
...with:
$query = "SELECT * FROM planets WHERE name='".mysql_escape_string($_GET["id"])."'";$result = mysql_query($query);
if (!$result) print mysql_error();
Hope this helps!
Cheers,
David.