0

I'm having a little problem with passing a parameter for a query to another page.

I want to make the name of the restaurant a link that would pass the name of the product to process a query on the next page. 

echo "<p class='p2'><a class='link' href='restaurant.php?name=". $row['name'] ."'><strong>". $row['name'] ."</strong></a>

on the restaurant page

<?php
require ("db.php");
$name = $_GET['name'];

$query = "SELECT * FROM restaurant WHERE name =\"$name\"";
$result = mysql_query($query);
$row = mysql_fetch_array($result);   
?>

but nothing is displayed.

Any idea what I'm doing wrong?

Improve this question
4
  • 2
    Please don't use mysql_* functions in new code. They were removed from PHP 7.0.0 in 2015. Instead, use prepared statements via PDO or MySQLi. See Why shouldn't I use mysql_* functions in PHP? for more information. Commented Jul 26, 2012 at 20:28
  • you need to learn about SQL injection, especially when you are a beginner: bobby-tables.com Commented Jul 26, 2012 at 20:28
  • What name are you trying to pass? You may have to use urlencode() to pass the name in the url. Commented Jul 26, 2012 at 20:29
  • Stupid question, but... did you var_dump or print_r your $row? I mean, on the restaurant page. Commented Jul 26, 2012 at 20:34

2 Answers 2

Reset to default
4

First, a note: you should pass an ID rather than the name, since certain characters aren't great in URLs.

Second, try using urlencode() on the name.

echo "<p class='p2'><a class='link' href='restaurant.php?name=". urlencode($row['name']) ."'><strong>". $row['name'] ."</strong></a>
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

@user1354275 you should also make a note of what everyone else is saying about your code being wide open to SQL injection and mysql_* functions being deprecated.
1

Of course it won't display anything, because you don't have any print functions (echo, print, var_dump, ...) in your file.

Anyways, you probably thought that your query doesn't work. If so, try to echo your $row['name']. If everything's OK, check if your variable is set, but it probably isn't because you get null.

To fix that issue, use isset() or empty().

Example:

if(!empty($_GET['name'])) $name = $_GET['name'];
else die('Variable name is empty');

Try also to add ini_set('display_errors', true) to the top of your pages to see if there's any errors.

Note that your code is very insecure and vulnerable. Use mysql_real_escape_string() before executing queries.

Example:

$name = mysql_real_escape_string($_GET['name']);
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.