开发者

PHP link to template page with database content

I am setting up a webpage for a student organization with bios for the officers along with pictures and whatnot.

the first page simply is html and css. it has a picture, name under it and a link to the full bio where it links to "bio.php?id=" and then the id in my SQL database for that person.

now i am trying to make the php page to allow a simple template php page using the user's id. unfortunately when i do everything that I think is right, I get an odd error.

here is my code

<html>
<body>
<?php

//connection to database 
//specify database 

 $id= $GET['id'];

 $sql = " SELECT * FROM Members_table WHERE Id='$id' ";
 $result = mysql_query($sql) or print ("Can't select entry from table bloghomepage.<br />" . $sql . "<br />" . mysql_error());

 WHILE($row = mysql_fetch_array($result)) {
    $name = $row['Name'];
    $position = $row['Position'];
    $major = $row['Major'];
    $hometown = $row['Hometown'];
    $awards = $row['Awards'];
    $bio = $row['Description'];
    $act = $row['Activities'];
    $pic = $row['Picture'];
    $misc = $row['other'];


   ?>
   <h1><?php 开发者_Python百科print $name; ?></h1>
   <p><?php print   '<img src="' . $pic . '"'; ?>
   <?php } ?>
</body>
</html>

This is what i see on my webpage:

" . $sql . " " . mysql_error()); WHILE($row = mysql_fetch_array($result)) { $name = $row['Name']; $page_id= $id; $position = $row['Position']; $major = $row['Major']; $hometown = $row['Hometown']; $awards = $row['Awards']; $bio = $row['Description']; $act = $row['Activities']; $pic = $row['Picture']; $misc = $row['other']; ?>

and thats all. any ideas what i am doing wrong?


you just don't have PHP enabled on your host.

Hint: always see page source, not picture rendered by browser. It's HTML code being result of your PHP script, so, you have to check HTML code, not a picture rendered from it.


The PHP isn't being parsed, presumably because the necessary module/content handler isn't set up within your web server.


It's not directly related to the topic but you might want to cast the value of the GET parameter as an integer before reusing it in a query to prevent basic SQL injection

$id = intval( $_GET['id'] );
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜