FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » take two - fetch items from a row.
Show: Today's Messages :: Unread Messages :: Show Polls :: Message Navigator
| Subscribe to topic | Bookmark topic 
Switch to threaded view of this topic Create a new topic Submit Reply
take two - fetch items from a row. [message #181295] Fri, 03 May 2013 19:02 Go to next message
richard is currently offline  richard   
Messages: 213
Registered: June 2013
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
This code may reside on a page in a line.
< a href="http:www.code.com/gettable.php?number=1">


Where I show id=$number, is that the way I want to show it or is there a
beter way?
I want to retrieve the row corresponding to the id number given in the
link.

<?php


$number=$_GET["number"];
if (empty($number)) {$number=1;}
$number=(int)$number;

// connections code left out intentionally //


$result = mysql_query("SELECT id,email FROM people WHERE id = $number");
if (!$result) {
echo 'Could not run query: ' . mysql_error();
exit;
}
$row = mysql_fetch_row($result);

echo $row[0]; // 42
echo $row[1]; // the email value
?>
Re: take two - fetch items from a row. [message #181296 is a reply to message #181295] Fri, 03 May 2013 19:13 Go to previous messageGo to next message
richard is currently offline  richard   
Messages: 213
Registered: June 2013
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
On Fri, 3 May 2013 19:02:58 -0400, richard wrote:

> This code may reside on a page in a line.
> < a href="http:www.code.com/gettable.php?number=1">
>
>


My idea worked just fine.

http://www.mroldies.net/six0.php
Re: take two - fetch items from a row. [message #181297 is a reply to message #181295] Fri, 03 May 2013 19:32 Go to previous messageGo to next message
Richard Yates is currently offline  Richard Yates
Messages: 86
Registered: September 2013
Karma: 0
Member
add to buddy list
ignore all messages by this user
On Fri, 3 May 2013 19:02:58 -0400, richard <noreply(at)example(dot)com>
wrote:

> This code may reside on a page in a line.
> < a href="http:www.code.com/gettable.php?number=1">
>
>
> Where I show id=$number, is that the way I want to show it or is there a
> beter way?
> I want to retrieve the row corresponding to the id number given in the
> link.
>
> <?php
>
>
> $number=$_GET["number"];
> if (empty($number)) {$number=1;}
> $number=(int)$number;
>
> // connections code left out intentionally //
>
>
> $result = mysql_query("SELECT id,email FROM people WHERE id = $number");
> if (!$result) {
> echo 'Could not run query: ' . mysql_error();
> exit;
> }
> $row = mysql_fetch_row($result);
>
> echo $row[0]; // 42
> echo $row[1]; // the email value
> ?>

Your code does work. There are details about it that could be improved
and others made suggestions about in response to your first post. I
notice that in this post your id field in the database is assumed to
be a number where the last time it seemed to be a string. Do yuou know
which it is?

Have you learned about validating and sanitizing user input yet?
Re: take two - fetch items from a row. [message #181298 is a reply to message #181297] Fri, 03 May 2013 19:54 Go to previous messageGo to next message
richard is currently offline  richard   
Messages: 213
Registered: June 2013
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
On Fri, 03 May 2013 16:32:59 -0700, Richard Yates wrote:

> On Fri, 3 May 2013 19:02:58 -0400, richard <noreply(at)example(dot)com>
> wrote:
>
>> This code may reside on a page in a line.
>> < a href="http:www.code.com/gettable.php?number=1">
>>
>>
>> Where I show id=$number, is that the way I want to show it or is there a
>> beter way?
>> I want to retrieve the row corresponding to the id number given in the
>> link.
>>
>> <?php
>>
>>
>> $number=$_GET["number"];
>> if (empty($number)) {$number=1;}
>> $number=(int)$number;
>>
>> // connections code left out intentionally //
>>
>>
>> $result = mysql_query("SELECT id,email FROM people WHERE id = $number");
>> if (!$result) {
>> echo 'Could not run query: ' . mysql_error();
>> exit;
>> }
>> $row = mysql_fetch_row($result);
>>
>> echo $row[0]; // 42
>> echo $row[1]; // the email value
>> ?>
>
> Your code does work. There are details about it that could be improved
> and others made suggestions about in response to your first post. I
> notice that in this post your id field in the database is assumed to
> be a number where the last time it seemed to be a string. Do yuou know
> which it is?
>
> Have you learned about validating and sanitizing user input yet?

I am assuming that "id" is an integer since that is how it is in the
database field.
the int() function changes the string to an integer so that's no big deal.

As with anything you do, you refine your output as time marches on.
After all, we all know YOU were born an expert in the field right?
Re: take two - fetch items from a row. [message #181299 is a reply to message #181296] Fri, 03 May 2013 20:59 Go to previous messageGo to next message
Denis McMahon is currently offline  Denis McMahon
Messages: 634
Registered: September 2010
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
On Fri, 03 May 2013 19:13:18 -0400, richard wrote:

> On Fri, 3 May 2013 19:02:58 -0400, richard wrote:
>
>> This code may reside on a page in a line.
>> < a href="http:www.code.com/gettable.php?number=1">

> My idea worked just fine.
>
> http://www.mroldies.net/six0.php

It didn't:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL
result resource in /home/richbull/public_html/mroldies.net/showtable.php
on line 94

I see that in 15 years you haven't learned a damn thing.

--
Denis McMahon, denismfmcmahon(at)gmail(dot)com
Re: take two - fetch items from a row. [message #181300 is a reply to message #181298] Fri, 03 May 2013 22:20 Go to previous messageGo to next message
Richard Yates is currently offline  Richard Yates
Messages: 86
Registered: September 2013
Karma: 0
Member
add to buddy list
ignore all messages by this user
On Fri, 3 May 2013 19:54:33 -0400, richard <noreply(at)example(dot)com>
wrote:

> On Fri, 03 May 2013 16:32:59 -0700, Richard Yates wrote:
>
>> On Fri, 3 May 2013 19:02:58 -0400, richard <noreply(at)example(dot)com>
>> wrote:
>>
>>> This code may reside on a page in a line.
>>> < a href="http:www.code.com/gettable.php?number=1">
>>>
>>>
>>> Where I show id=$number, is that the way I want to show it or is there a
>>> beter way?
>>> I want to retrieve the row corresponding to the id number given in the
>>> link.
>>>
>>> <?php
>>>
>>>
>>> $number=$_GET["number"];
>>> if (empty($number)) {$number=1;}
>>> $number=(int)$number;
>>>
>>> // connections code left out intentionally //
>>>
>>>
>>> $result = mysql_query("SELECT id,email FROM people WHERE id = $number");
>>> if (!$result) {
>>> echo 'Could not run query: ' . mysql_error();
>>> exit;
>>> }
>>> $row = mysql_fetch_row($result);
>>>
>>> echo $row[0]; // 42
>>> echo $row[1]; // the email value
>>> ?>
>>
>> Your code does work. There are details about it that could be improved
>> and others made suggestions about in response to your first post. I
>> notice that in this post your id field in the database is assumed to
>> be a number where the last time it seemed to be a string. Do yuou know
>> which it is?
>>
>> Have you learned about validating and sanitizing user input yet?
>
> I am assuming that "id" is an integer since that is how it is in the
> database field.
> the int() function changes the string to an integer so that's no big deal.
>
> As with anything you do, you refine your output as time marches on.
> After all, we all know YOU were born an expert in the field right?

No, i am a (possibly advanced) beginner and I am not sure what your
attitude is about. I've tried out your code and answered your
questions (twice). The (basic) beginner level of your code and
questions implied that a gentle question about input validation was
reasonable. Apparently not.
Re: take two - fetch items from a row. [message #181301 is a reply to message #181300] Fri, 03 May 2013 23:37 Go to previous messageGo to next message
Beauregard T. Shagnas is currently offline  Beauregard T. Shagnas
Messages: 154
Registered: September 2010
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
Richard Yates wrote:

> richard the sto0pid wrote:
>> After all, we all know YOU were born an expert in the field right?
>
> No, i am a (possibly advanced) beginner and I am not sure what your
> attitude is about. I've tried out your code and answered your questions
> (twice). The (basic) beginner level of your code and questions implied
> that a gentle question about input validation was reasonable. Apparently
> not.

This must be your first encounter with RtS - richard the sto0pid. As you
can see from Denis's reply, he knows RtS.

RtS is an idiot.

--
-bts
-This space for rent, but the price is high
Re: take two - fetch items from a row. [message #181306 is a reply to message #181295] Sat, 04 May 2013 07:00 Go to previous message
SwissCheese is currently offline  SwissCheese
Messages: 17
Registered: December 2012
Karma: 0
Junior Member
add to buddy list
ignore all messages by this user
On 05/03/2013 07:02 PM, richard wrote:
> This code may reside on a page in a line.
> < a href="http:www.code.com/gettable.php?number=1">
>
>
> Where I show id=$number, is that the way I want to show it or is there a
> beter way?
> I want to retrieve the row corresponding to the id number given in the
> link.
>
> <?php
>
>
> $number=$_GET["number"];
> if (empty($number)) {$number=1;}
> $number=(int)$number;
>
> // connections code left out intentionally //
>
>
> $result = mysql_query("SELECT id,email FROM people WHERE id = $number");
> if (!$result) {
> echo 'Could not run query: ' . mysql_error();
> exit;
> }
> $row = mysql_fetch_row($result);
>
> echo $row[0]; // 42
> echo $row[1]; // the email value
> ?>
>

<?php
$number = isset($_GET["number"]) ? $_GET["number"] : 0;
$number = (is_numeric($number) && ctype_digit($number)) ? $number : 0;

if ($number == 0) {
/* bad input - do something here
since 1 is more than likely a valid record you may not want to give
out that data based on bad input.
*/

exit;
}

// ... connection code ...

$result = mysql_query("SELECT id.email FROM people WHERE id = $number");
if (!$result) {
echo 'Could not run query: ' . mysql_error();
exit;
}
$row = mysql_fetch_row($result);

echo $row[0]; // 42
echo $row[1]; // the email value
?>

There are many different ways to go about sanitising your input, some
of which you can download.

....and here's a good source (found on bobby-tables.com):

http://download.oracle.com/oll/tutorials/SQLInjection/index.htm

--
Norman
Registered Linux user #461062
-Have you been to www.php.net yet?-
Quick Reply
Formatting Tools:   
  Switch to threaded view of this topic Create a new topic
Previous Topic: SoapServer constructor parameters: what is actor uri?
Next Topic: replacing spaces with newline
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Dec 13 00:33:49 EST 2017

Total time taken to generate the page: 0.00729 seconds