mysql_num_rows() Error
<html>
<form action="update.php" method="POST" name="ID">
<input type="text" name="ID"">
<input type="Submit" value="Submit">
</form>
</html>
Up there is the submit form to get an ID number. I try to get that ID entered by user ( NOTE: It's a number) and show mysql table row coresponding to that ID. Example : User enter 2 and开发者_C百科 row number 2 from database is shown. My problem is that all rows are shown and not only wanted one. - Extra Question : How can I show user an error if he entered a NULL value ?
<?php
$id=$_POST['ID'];
.
.
.
mysql_connect($host,$username,$password);
if (!mysql_select_db($database))
die("Can't select database");
$query="SELECT * FROM table WHERE ID= '$id'";
$result = mysql_query("SELECT * FROM vbots");
$num=mysql_num_rows($result) or die("Error: ". mysql_error(). " with query ". $query);
mysql_close();
.
.
.
?>
You're not running your query.
You have this:
$query="SELECT FROM table WHERE ID= '$id'";
$result = mysql_query("SELECT * FROM vbots");
You want this:
$query="SELECT FROM table WHERE ID= '$id'";
$result = mysql_query( $query);
**Insert nag about SQL injection**
It should be this.
<?php
$id=$_POST['ID'];
mysql_connect($host,$username,$password);
if (!mysql_select_db($database))
die("Can't select database");
$query="SELECT * FROM table WHERE ID= '$id'";
$result = mysql_query($query);
$num=mysql_num_rows($result) or die("Error: ". mysql_error(). " with query ". $query);
mysql_close();
?>
to check if $id is null: if (!isset($id)) die("Enter a value for id!");
精彩评论