form help - GET and $end

General PHP Help
#1

I am having 2 problem with this page. I am trying to send a variable from one page to another using ?id=*****

  1. the $_GET is not working properly and i ma getting a parse $end error.

please help

[code]<?php
include ‘dbc.php’;

$id = $_GET[‘id’];

$sql="SELECT * FROM players WHERE id = ‘$id’ ";
$res=mysql_query($sql) or die(mysql_error());
while($r=mysql_fetch_assoc($res))
{

$id = r($id);
$first = r($first);
$last = r($last);
$address = r($address);
$city = r($city);
$postal = r($postal);
$phone = r($phone);
$feet = r($feet);
$inches = r($inches);
$weight = r($weight);
$birth = r($birth);
$status = r($status);
$number = r($number);

?>

Update Player

<? //Call Menu include 'menu.php';

?>

  

Update Player Information



 














































First Name

Last Name

Address City

Postal Code

Phone Number

Height (ft / in)

/

 Weight (lbs)
Birthdate (yyyy/mm/dd)

Player Type:




Church




Import




Witness
Player ID: Player Number:
 

 

  

 

 

[/code]
#2

First off this is so unsecure, you need to validate that GET variable or at least escape it:

[php]$id = mysql_real_escape_string($_GET[‘id’]);
[/php]

Next you are getting the parse error because you do not have a closing bracket after the while loop.
also I don’t know if you noticed but there is a slash in between these lines:

[php]
/

[/php]

#3

the slash i meant to differentiate between ft / inches

the parse error is gone but now i get no data… any advice???

[code]<?php
include ‘dbc.php’;

$id = mysql_real_escape_string($_GET[‘id’]);

$sql="SELECT * FROM players WHERE id = ‘$id’ ";
$res=mysql_query($sql) or die(mysql_error());
while($r=mysql_fetch_assoc($res))
{

$id = r($id);
$first = r($first);
$last = r($last);
$address = r($address);
$city = r($city);
$postal = r($postal);
$phone = r($phone);
$feet = r($feet);
$inches = r($inches);
$weight = r($weight);
$birth = r($birth);
$status = r($status);
$number = r($number);
}

?>[/code]

#4

ahh I see the feet and inches thing sorry I just glanced at the code and did not read that :smiley: here I noticed you have:

[php]$id = r($id);
$first = r($first);
$last = r($last);
$address = r($address);
$city = r($city);
$postal = r($postal);
$phone = r($phone);
$feet = r($feet);
$inches = r($inches);
$weight = r($weight);
$birth = r($birth);
$status = r($status);
$number = r($number);[/php]

should be:

[php]$id = $r[‘id’];
$first = $r[‘first’];
$last = $r[‘last’];
$address = $r[‘address’];
$city = $r[‘city’];
$postal = $r[‘postal’];
$phone = $r[‘phone’];
$feet = $r[‘feet’];
$inches = $r[‘inches’];
$weight = $r[‘weight’];
$birth = $r[‘birth’];
$status = $r[‘status’];
$number = $r[‘number’];[/php]

#5

still nothing… :frowning:

#6

Wait a second I just started taking a better look at this and I am scratching my head. what exactly are you trying to do here?
You are running a while loop, but not echoing anything out before the closing bracket.
I look at the form and it look as though it is most likely only suppose to echo out a single persons information correct?
If this is so then you should not be using a while loop.

Now if you are trying to pull multiple peoples information onto the page then you need include something that will echo like so:
[php]
$id = mysql_real_escape_string($_GET[‘id’]);

echo"

";
$sql="SELECT * FROM players WHERE id = ‘$id’ ";
$res=mysql_query($sql) or die(mysql_error());
while($r=mysql_fetch_assoc($res))
{

$id = $r[‘id’];
$first = $r[‘first’];
$last = $r[‘last’];
$address = $r[‘address’];
$city = $r[‘city’];
$postal = $r[‘postal’];
$phone = $r[‘phone’];
$feet = $r[‘feet’];
$inches = $r[‘inches’];
$weight = $r[‘weight’];
$birth = $r[‘birth’];
$status = $r[‘status’];
$number = $r[‘number’];

echo"

";

}
echo"

$postal $phone $status $number
";
?>
[/php]
notice where the closing while loop bracket is!

Now if you are trying to pull one individuals information to the page then the script should be some like:

[php]

<?php include 'dbc.php'; $id = $_GET['id']; if(is_numeric($id)){ $sql="SELECT * FROM players WHERE id = '$id'"; $res=mysql_query($sql) or die(mysql_error()); $id = $r['$id']; $first = $r['$first']; $last = $r['$last']; $address = $r['$address']; $city = $r['$city']; $postal = $r['$postal']; $phone = $r['$phone']; $feet = $r['$feet']; $inches = $r['$inches']; $weight = $r['$weight']; $birth = $r['$birth']; $status = $r['$status']; $number = $r['$number']; }else{ die("You scumbag!");} ?>

[/php]

I am assuming that the GET variable is always going to be numeric so this is how I would do it.
I hope this explained a few things for you and assisted in your script.

Sponsor our Newsletter | Privacy Policy | Terms of Service