PDA

View Full Version : Is this code correct?


knight13
06-02-2009, 09:43 PM
I am trying to find out if this is the correct way to write this code.
what i am doing is on the firstpage.php i am taking all the names from the database and listing them as a link and then when someone clicks that link it will send them to the secondpage.php where that page will list their title username and email address the script works but i want to know if this is the correct way to do it.

for some reason everywhere i have asked this question no one is really giving me an answer all i want to know if this is the correct way to do this or is their a better way or a right way to do it Thanks!!!

firstpage.php ~~~

<?php
//Connects to the database.
$con = mysql_connect("localhost","blank","blank") or die (mysql_error());
$db = mysql_select_db("wsdatabase") or die (mysql_error());
// Selects username's from the user table.
$sql = "select username from users";
$query = mysql_query($sql);
// List's every name in the table with a link going to the secondpage.php.
while($row = mysql_fetch_array($query)) {
printf("<a href='secondpage.php?username=%s'>%s</a>"."<br/>",$row['username'],$row['username']);
}
?>
secondpage.php ~~

<?php
// Grabs the username with the get method.
if(isset($_GET['username'])) {
$username = $_GET['username'];
}
// Connects to the database.
$con = mysql_connect("localhost","blank","blank") or die (mysql_error());
$db = mysql_select_db("wsdatabase") or die (mysql_error());
// Selects everything from the database.
$sql = "select title,username,email from users where username = '$username' ";
$query = mysql_query($sql);
// Prints everything out from the database.
if($row = mysql_fetch_assoc($query)) {
echo "<b>".$row['title']."</b>";
echo "<br/>";
echo "<b>".$row['username']."</b>";
echo "<br/>";
echo "<b>".$row['email']."</b>";
}else{
echo header("location: blank.php");
}
?>

davidj
06-02-2009, 09:49 PM
what are you really wanting to know

http://www.webmaster-talk.com/php-forum/176304-the-_get-variable.html

I want to help but need to know what answer your wanting

If you want a chat then PM me and I will help you out

knight13
06-02-2009, 10:22 PM
I want to know if this is the correct way to write this code, people are giving me answers but since i am still new i need to understand if this is the way that this code it written like would this code that i just wrote here be good to put online and am i using the get method correctly.

Now people have told me how to write it differently but they do not ever really say why it should be written differently, i want to learn php the correct way not just put garbage together and put it online i want to understand what i am doing right or wrong with my scripts.

jaymo
06-03-2009, 12:45 AM
For security, I would always comment out the or die mysql_error when putting it online. Stops anyone seeing error messages and getting info on your database.

knight13
06-03-2009, 01:09 AM
No i would not leave them in the code if i was going to put it online but right now i am just trying to figure everything out, so i leave them in so that if anything messes up while i am learning it will tell me, right now i am just trying to figure out if i am doing my coding correctly before i get into any bad habits.

knight13
06-04-2009, 10:20 AM
If anyone could give me any help on this i would appreciate it.

davidj
06-04-2009, 10:56 PM
if($row = mysql_fetch_assoc($query)) {
echo "<b>".$row['title']."</b>";
echo "<br/>";
echo "<b>".$row['username']."</b>";
echo "<br/>";
echo "<b>".$row['email']."</b>";
}else{
echo header("location: blank.php");
}i wouldnt echo your results like this

I'd assign to a var and probably add a <table to display the results if your looping through them

then echo the var at the end

also you don't have to echo the header as its function is not to output

I normally add an exit; after the header call

knight13
06-08-2009, 05:48 AM
Ok i will do that thank you davidj.