Join the Stack Overflow Community
Stack Overflow is a community of 6.7 million programmers, just like you, helping each other.
Join them; it only takes a minute:
Sign up
up vote -1 down vote favorite

Ok so what I am doing is 'looking' through a database where a user's id is equal to the id in the url. Then I will pull all the info on that person with that ID. If that made any sense, can somebody help me? Thank you soooo much!

$prof = $_GET['profile'];
$id = SELECT id FROM *table-name* WHERE id = '$prof'
$item1 = SELECT item1 FROM *table-name* WHERE id = '$prof' 
$item2 = SELECT item2 FROM *table-name* WHERE id = '$prof' 
$item3 = SELECT item3 FROM *table-name* WHERE id = '$prof'
share|improve this question
1  
no quotes around the query and semi-column at the end? – Book Of Zeus Dec 13 '11 at 1:24
1  
This is a very vague "request". – Jared Farrish Dec 13 '11 at 1:25
2  
What are you asking for (other than "can somebody please build an entire codeset for me")? – JM4 Dec 13 '11 at 1:25
    
Looking at your code, I think some basics of PHP might help you first. It's also best not to directly place a $_GET[] variable inside a query as you will be exposed to SQL-injection. Making a search for "PHP and MySQL Introduction" is a good place to start, good luck! – sooper Dec 13 '11 at 1:26
1  
more like: $id = "SELECT id FROM table-name WHERE id = '" . mysql_real_escape_string($prof) . "'"; – Book Of Zeus Dec 13 '11 at 1:29
up vote 2 down vote accepted 
$prof = $_GET['profile'];
$prof = addslashes(htmlentities($prof));
$result = "SELECT * FROM table WHERE id = '$prof'";
$q = mysql_query($result, $dbconnect);
$qarr = mysql_fetch_array($q);
print_r($qarr);

VERY basic code there to get you started. You'd do well to study up on MySql a bit more. Everyone starts somewhere. No harm in asking when you are just learning.

share|improve this answer
    
you could also use mysql_real_escape_string() function as well instead of addslashes. – JM4 Dec 13 '11 at 1:39
    
True. Could also use is_numeric if the ID is always numeric. – Scott Dec 13 '11 at 1:41
up vote 1 down vote

I typically would not respond to such a poor question but I assume you are looking to access multiple variables from the same table based on a URL ID. Your code above technically could work though very bad practice. You would also need to actually execute the sql statements you have created. You are creating variables from within statements, not the results of those statements.

First off, you open yourself up to SQL Injection directly. I would recommend learning about SQL Injection as well as PHP Data Objects.

You may not have an understanding of PHP or MySQL at all based on the way this question is worded and code is shown so starting at step one is best here I think.

share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.