how to get URL parameter to show on result page

**mbbarnett** · 02-28-2010, 07:14 AM

*** i'm new and

***

i can connect to my little mysql db just fine in php AND i can output all files (only 2 rows of data right now).

problem: how do i grab the parameter in

http://customtvis.com/caddetails_res...number=TVIS101

result page code thus far (minus the private stuff):

<?php

//make connection
mysql_connect ("", "",
"") or die ('I cannot connect to the database because:' .mysql_error());
mysql_select_db ("cad");

//build query
$query = mysql_query("SELECT * FROM cad");

//display results
while ($row = mysql_fetch_array($query)) {
echo "<br /><h3>" .$row['number'].
"<br />".$row['title'].
"</h3><h4>".$row['category'].
"<br />".$row['subtitle'].
"</h4><br /> Downloads: ".$row['pdf'].
" | ".$row['dwg'].
"<br />".$row['image'].
"<br /> <br />".$row['description'].
"<br /> <br /><em>Notes: ".$row['notes'].
"</em><br />";}

?>

**fileserverdirect** · 03-01-2010, 12:37 AM

This is quite simple:

PHP Code:


$number =$_GET['number'];
$query = mysql_query("SELECT * FROM cad WHERE number=`$number`");
//etc...

**mbbarnett** · 03-01-2010, 01:11 AM

thank you for the quick reply. at first this didn't work but then i realized the tick marks around the 2nd reference to 'number' seemed somewhat slanted so i changed them and it worked perfect.

**fileserverdirect** · 03-01-2010, 01:37 AM

Yeah sorry about that, little mistake... glad it works though...

**djr33** · 03-01-2010, 05:39 AM

Since this is user input, you should make sure that there is no risk to the security of your database by the user inserting something like "; delete database" and ending the query with that

$number = mysql_real_escape_string($_GET['number']);

Use this every time you have user input directly in a query.

Thread: how to get URL parameter to show on result page

Thread Tools

Search Thread

how to get URL parameter to show on result page

Big thanks!

Bookmarks

Bookmarks

Posting Permissions