Mysql query from URL

Question

Mysql query from URL

Navigation

#1 by (1 votes)
#2 by (0 votes)

0

Basically what I want to do is a query to MySQL with PHP and bring the results of the row specified in the URL.
For example, my URL is this: link
Then the query brings the results of the row that contains that nick (the nickname is unique, it is like an ID).

What I'm trying to do is this PHP query but something I'm doing wrong, I do not know the functions well and I do not know how to search it in google either.

conexion.php:

<?php
$host_name = '***';
$database = 'searya';
$user_name = 'plugins';
$password = '***';
$connect = mysqli_connect($host_name, $user_name, $password, $database);

if (mysqli_connect_errno()) {
    die('<p>Failed to connect to MySQL: '.mysqli_connect_error().'</p>');
} else {
    if(isset($_GET['nick'])){
        $nick=$_GET['nick']; 
        $query = "SELECT * FROM referralsystem3 WHERE name = '$nick'";
        $resultado = mysqli_query($connect,$query);
    }else{
        echo "No se pasaron datos en el GET";}
}
?>

index.php:

<?php
    include("php/conexion.php");
    while($fila = mysqli_fetch_array($resultado)){
?>
    <h1 class="***"><?php echo $fila['nick'] ?> Te ha invitado</h1>
<?php
    }
?>

The error I receive on the page is:

( ! ) SCREAM: Error suppression ignored for
( ! ) Notice: Undefined variable: name in X:\...\conexion.php on line 13

As you may have noticed, it is difficult for me to explain it since I do not really know what tools are used to do this, and I read in a forum that is with $ _GET.

Thank you very much!

mysql php query get

asked by Gabriel Benitez 18.01.2018 в 18:18

source

2 answers

0

Indeed, the variables that are sent by url are obtained with the variable $_GET , but here is an error, the url is link . The variable that you pass is called nick (and its value is Gabi3811, nick = Gabi3811) and you try to access it by means of name which is incorrect.

The correct query would be like this:

$query = "SELECT * FROM referralsystem3 WHERE name = $_GET['nick']";

and the result that you return is accessed like this:

<h1 class="header center teal-text text-lighten-2">
   <?php echo $fila['nick'] ?> Te ha invitado
</h1>

You can read more about the use of the $ _GET here .

Note: This code is for a didactic example, obviously it is necessary to validate the variable that we received to avoid a injection of code .

answered by 18.01.2018 в 18:23

Forms on Ionic [closed] Put conditions on the getter and setter in a class

score 1 · Accepted Answer

I will indicate in this answer the essential points that we have been commenting on until we reach a solution to the problem:

Verify with isset if the data was passed in GET and store it in a variable. So we write a clearer code
Since in the database you have a column called name , which is a MySQL , it is mandatory to enclose that column between two identification marks '' in the query.
Later (not too late), consider giving your code security, protecting it against the SQL injection a> .

Taking into account this last point, for the purpose of solving the current problem, the code may look like this:

Code:

if (mysqli_connect_errno()) {
    die('<p>Failed to connect to MySQL: '.mysqli_connect_error().'</p>');
} else {
    if(isset($_GET['nick'])){
        $nick=$_GET['nick']; 

        /*Cuidado aquí con la Inyección de código. Usa consultas preparadas*/
        $query = "SELECT * FROM referralsystem3 WHERE 'name' = '$nick'";
        $resultado = mysqli_query($connect,$query);
    }else{
        echo "No se pasaron datos en el GET";
    }
}