GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Tech What a wild 3 weeks (and php question).

sarettah · 08-29-2021, 11:01 AM

First, stay safe.

Second, as someone said above, you have an error in your if statement, you are missing a paren.

You have:

// check incoming params exist
if ( ! isset($_GET['id'] ) {
// missing param, go to an error page for example
header('Location: index.php');
exit;
}

That should be:

// check incoming params exist
if ( ! isset($_GET['id'] ) ){
// missing param, go to an error page for example
header('Location: index.php');
exit;
}

Thirdly:

In the recipe.php you do not establish a database connection. In the first program you are establishing a mysqli connection. In the Recipe.php you do not establish any database connection and then you try to use a pdo connection that does not exist.

Instead of mixing between mysqli and pdo, use one. You are using mysqli in the first program, use that again in the second. You use it at the bottom of the second to iterate through the rows.

Put an error_reporting(E_ALL) at the start of the program and it should show you your errors. Once you have everything debugged change that to error_reporting(0) so it won't show the errors.

<?php
error_reporting(E_ALL);

// check incoming params exist
if ( ! isset($_GET['id'] ) ){
// missing param, go to an error page for example
header('Location: index.php');
exit;
}

// open a mysqli connection
$con=mysqli_connect("localhost","recipes","passwor d","recipelist");

// Check connection
if (mysqli_connect_errno())
{
die("Failed to connect to MySQL: " . mysqli_connect_error());
}

$table = "Recipes";
$sql = "SELECT * FROM" . $table . " WHERE id =" . $_GET['id'];

// do the query
$result = mysqli_query($con, $sql);

echo "<table>";
while($row = mysqli_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['Title'] . "</td>";
echo "<td>" . $row['Ingredients'] . "</td>";
echo "<td>" . $row['Method'] . "</td>";
echo "</tr>";
}
echo "</table>";
?>

Something like that should work. I have not checked to see if there are any other syntax issues.

You should also do some validation on $_GET['id']. I used it raw above and that is not really safe. It is fine for right now while you are trying to figure things out but for something open to the net it isn't.

For example is the id field an integer?

Then you would want to do a validation such as making sure it is an int coming in.

$recipeid=0;

if(isset($_GET['id']))
{
$recipeid=intval($_GET['id']);
}

if($recipeid==0)
{
echo "Bad id value coming in or something like that...";
}

.

08-29-2021, 11:01 AM
sarettah see you later, I'm gone Industry Role: Join Date: Oct 2002 Posts: 14,057	First, stay safe. Second, as someone said above, you have an error in your if statement, you are missing a paren. You have: // check incoming params exist if ( ! isset($_GET['id'] ) { // missing param, go to an error page for example header('Location: index.php'); exit; } That should be: // check incoming params exist if ( ! isset($_GET['id'] ) ){ // missing param, go to an error page for example header('Location: index.php'); exit; } Thirdly: In the recipe.php you do not establish a database connection. In the first program you are establishing a mysqli connection. In the Recipe.php you do not establish any database connection and then you try to use a pdo connection that does not exist. Instead of mixing between mysqli and pdo, use one. You are using mysqli in the first program, use that again in the second. You use it at the bottom of the second to iterate through the rows. Put an error_reporting(E_ALL) at the start of the program and it should show you your errors. Once you have everything debugged change that to error_reporting(0) so it won't show the errors. <?php error_reporting(E_ALL); // check incoming params exist if ( ! isset($_GET['id'] ) ){ // missing param, go to an error page for example header('Location: index.php'); exit; } // open a mysqli connection $con=mysqli_connect("localhost","recipes","passwor d","recipelist"); // Check connection if (mysqli_connect_errno()) { die("Failed to connect to MySQL: " . mysqli_connect_error()); } $table = "Recipes"; $sql = "SELECT * FROM" . $table . " WHERE id =" . $_GET['id']; // do the query $result = mysqli_query($con, $sql); echo "<table>"; while($row = mysqli_fetch_array($result)) { echo "<tr>"; echo "<td>" . $row['Title'] . "</td>"; echo "<td>" . $row['Ingredients'] . "</td>"; echo "<td>" . $row['Method'] . "</td>"; echo "</tr>"; } echo "</table>"; ?> Something like that should work. I have not checked to see if there are any other syntax issues. You should also do some validation on $_GET['id']. I used it raw above and that is not really safe. It is fine for right now while you are trying to figure things out but for something open to the net it isn't. For example is the id field an integer? Then you would want to do a validation such as making sure it is an int coming in. $recipeid=0; if(isset($_GET['id'])) { $recipeid=intval($_GET['id']); } if($recipeid==0) { echo "Bad id value coming in or something like that..."; } . __________________ All cookies cleared!