1

Just trying to pass a variable on URL so that when echoed I can click on it and open it's own content based on the database record. Right now this one shows all the records from database but what I was trying to do was pass a URL so each blog IDs will have it's own URL and when clicked on it will open the individual entries rather than all the entries.

Edited Now I'm able to show rows of entries with IDs where 'IDs' has URL variable at the end. Do I need to create another query to echo the individual entry on my mini blog?

<?

$db = // connection to db and authentication to connecting to db;

#$postID = $_GET['postID']; // I'm thinking to use a $_GET global variable to work with URL variable
$command = "select * from $table_name"; // I'm thinking to add the Id here or something or create another query to echo the linked URL 'viewblog.php?postID=$data->blogID'
$result = $db->query($command);

while ($data = $result->fetch_object()) {
echo "<TR><TD><a href='viewblog.php?postID=$data->blogID'>".$data->blogID."</a></TD>";
echo "<TD>".$data->author."</TD>";
echo "<TD>".$data->date."</TD>";
echo "<TD>".$data->entry."</TD></TR>\n";
}
$result->free();
$db->close;
Improve this question
4
  • @Fred-ii- did this same result while($data = $result->fetch_row()) { echo '<TR><TD><a href="lab11_obj1_viewblog.php?postID='.$row['blogID'].'">'.$row['blogID'].'</a></TD>'; echo "<TD>".$data['author']."</TD>"; echo "<TD>".$data['date']."<BR></TD>"; echo "<TD>".$data['entry']."</TD></TR>\n"; } Commented Dec 16, 2013 at 22:00
  • Yes I thought about that after, which is why I deleted my comment. Commented Dec 16, 2013 at 22:02
  • You're question isn't very clear, @mythoslife. Also, you don't need to concatenate you're variables if you're using double quotes. Commented Dec 16, 2013 at 22:04
  • @RossWilson On concatenation variables yes but you can just as if I don't have to show my entries in tables optionally I can make it nicer in form. Question isn't clear because I'm not sure the "scope" of the issue I was just asking a question that I know isn't formulated clearly but does its job. Commented Dec 17, 2013 at 19:45

4 Answers 4

Reset to default
3

Why this script is giving all entries?

Because the final query that is being sent to the database is something like 

select * from TABLE_NAME

which will return all entries since your are using the asterix * after SELECT

What you are asking for can be obtained if the executed final query contains the "blogID" before retrieving the results and start fetching them.

http://www.w3schools.com/sql/sql_where.asp

You should also use the fetched or post ID in the echoed result (so that when clicked, each blog has its own id in the link).

It could be something like this

$postID = $_GET['postID']; 

//Add filtering by id to select statement
$command = "select * from '$table_name' obj WHERE obj.blogID = '$postID'";

$result = $db->query($command);
while($data = $result->fetch_assoc()){
$data['blogID'] = $postID; 

//Add ID to echoed link 
echo "<TR><TD><a href='viewblog.php?postID='".$data['blogID']."> Some Blog  (ID: ".$data['blogID'].") </a> </TD>"; 
echo "<TD>".$data['author']."</TD>";
echo "<TD>".$data['date']."</TD>";
echo "<TD>".$data['entry']."</TD></TR>\n";
}

WATCH OUT for security issues regarding this code. You should use a safer way to do this. I'm only explaining the results.

As for Auto Increment, it can be initiated when you first created the table. This is for when you INSERT a new row into the database. When you use Auto Increment, you don't have to give an ID manually.

http://www.w3schools.com/sql/sql_autoincrement.asp

Notice : The HTML BR ELEMENT should not be used inside TABLE structures.

Hope it helps.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Thanks I tried and this one just shows variable on URL but now I want to echo it. #$postID = $_GET['postID']; ??? $command = "select * from $table_name"; // add more? $result = $db->query($command); while ($data = $result->fetch_object()) { print "<TR><TD><a href='viewblog.php?postID=$data->blogID'>".$data->blogID."</a></TD>"; print "<TD>".$data->author."</TD>"; print "<TD>".$data->date."<BR></TD>"; print "<TD>".$data->entry."</TD></TR>\n"; } $result->free(); $db->close; any ideas?
I edited @Braza... I'm still trying to make it so that the echoed rows where the ID is linked is opened into a new window that echoes it's individual content/entry.
This should be done by adding a TARGET attribute inside your ANCHOR, with value '_blank' such as: <a href="somelink" target="_blank"> TEXT </a>
Hello @braza nope I don't have to not for this one... I'm able to solve this
0

You could create some function like this for returning single post based on url

function single_blog($Post_id){
$sql = "SELECT * FROM your_table WHERE post_id = ? LIMIT 1";
$stmt = $this->db->prepare($sql);
$stmt->execute(array($Post_id);
return $stmt->fetch();
}
Improve this answer

1 Comment

Hmm @Muhammet not sure I understand that function at this time.
0

You are selecting all entries from your table. Use the following:

$db = // connection to db and authentication to connecting to db;

$postID = $_GET['postID']; // ??
$db->real_escape_string(trim($postID));
$command = "select * from $table_name WHERE `postID`=$postID";
$result = $db->query($command);
// Ensure results before outputting
if ($result->num_rows) while($data = $result->fetch_assoc()){
  $data['blogID'] = $postID;
  echo "<TR><TD><a href='viewblog.php?postID='>".$data['blogID']."</a> </TD>"; //??
  echo "<TD>".$data['author']."</TD>";
  echo "<TD>".$data['date']."<BR></TD>";
  echo "<TD>".$data['entry']."</TD></TR>\n";
} else echo "No entry found!";
$result->free();
$db->close;
Improve this answer

10 Comments

That is vulnerable to SQL injection
Please do not teach beginners insecure code like this. This is the reason we have to tell people that they have to change all their code because they did insecure code to start with, and this is the reason most people go oh, I'll do it later and never get around to it. This is more destructive than it's good (because they'll copy paste this code when they want to make another SQL call).
Noted. I've updated my code to prevent insecurity through the mysql_real_escape_string() function.
I did that $command = "select * from $table_name where blogID = $postID"; $result = $db->query($command); while($data = $result->fetch_row()) { echo '<TR><TD><a href="viewblog.php?postID='.$row['blogID'].'">'.$row['blogID'].'</a></TD>'; echo "<TD>".$data['author']."</TD>"; echo "<TD>".$data['date']."<BR></TD>"; echo "<TD>".$data['entry']."</TD></TR>\n"; } $result->free(); $db->close; I actually have an error Fatal error: Call to a member function fetch_row() on a non-object
I've updated the code. This checks for records before outputting.
|
0 
<?php
//$db connect to database

// Entry form sanitation of $_POST

// Insert PHP file to MySQL

// View all blog posts

$postID = $_GET['postID']; // I guess I should sanitize this as well
if (!empty($postID)) {
  $command = "select * from $table_name where blogID = $postID";
  $result = $db->query($command);
  while ($data = $result->fetch_object()) {
    $postID = $data->blogID;
    echo "<TR><TD>".$postID."</TD>";
    echo "<TD>".$data->author."</TD>";
    echo "<TD>".$data->date."</TD>";
    echo "<TD>".$data->entry."</TD></TR>\n";
  }
  $result->free();  
}
else {
$command = "select * from $table_name"; 
$result = $db->query($command);
while ($data = $result->fetch_object()) {
   $postID = $data->blogID;
   echo "<TR><TD><a href='viewblog.php?postID=$postID'>".$postID."</a></TD>";
  echo "<TD>".$data->author."</TD>";
  echo "<TD>".$data->date."</TD>";
  echo "<TD>".$data->entry."</TD></TR>\n";
}
$result->free();
}


$db->close;

?>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.