I am trying to build a customer e-commerce backend. I've done stuff like this many times before and don't consider myself "new" to php & mysql, but I am stuck and can't figure out what is wrong.
I just want to display the content of a mysql row at a specific location (using the "WHERE" command).
But when I load the page, the content part (in the tables) comes up empty. There is definitely content within the table at that location and everything else on the page displays EXCEPT for the actual customerResults.
Here is my code:
<head>
<title>Customer Summary</title>
<?php
session_start();
require 'database_connect.php';
$customerTable = "customer";
if(isset($_GET['customer_click'])){
$customerId = $_GET['customer_click'];
}
?>
</head>
<h3>Customer <?php echo"$customerId"?></h3>
<table align="center" width="600px">
<tr>
<td><a href="index.php">Summary</a></td>
<td><a href="personal.php">Personal</a></td>
<td><a href="billing.php">Billing</a></td>
<td><a href="order_history.php">Order History</a></td>
</tr>
</table>
<table align="center" width="400px">
<tr>
<?php
$customerSelect = "SELECT * FROM $customerTable WHERE id = '$customerId' ";
$customerResult = mysql_query($customerSelect);
if (!$customerResult){
echo "No results, but why?!?!? </br/>";
}
if (mysql_num_rows($customerResult)==0){
echo "Results are empty...but why!?!?!";
}
while ($customerData = mysql_fetch_assoc($customerResult)){
echo $customerData['id'];
echo $customerData['email'];
}
?>
</tr>
</table>
I could be over-looking something simple, but I really can't figure this out
Let's see:
'customerSelct'.'customerDdata'.'result'.Plus Please, don't use mysql_* functions in new code. They are no longer maintained and the deprecation process has begun on it. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.
Example code using PDO:
<?php
try {
session_start();
if (!isset($_GET['customer_click'])) {
throw new Exception('Customer ID not provided.');
}
//Assuming the ID must be a number.
if (!is_numeric($_GET['customer_click'])) {
throw new Exception('Customer ID must be numeric.');
}
$customerID = $_GET['customer_click'];
$db = new PDO("mysql:host=localhost;dbname=database_name_here", "user", "pass");
//Have PDO to not emulate prepared statements by default.
//Instead use MySQL's native prepare engine.
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
//PDO will throw PDOExceptions on every error.
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$query = "SELECT * FROM `customer` WHERE `id` = :id";
$stmt = $db->prepare($query);
//Bind ID as a number and not as string.
$stmt->bindValue(":id", $customerID, PDO::PARAM_INT);
$stmt->execute();
//Fetch all results into $result.
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
catch (PDOException $e) {
//A database error has occurred!
die("Database Error occurred! " . $e->getMessage());
}
catch (Exception $e) {
//General error occurred!
die("Error! " . $e->getMessage());
}
?>
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<pre>
<?php print_r($result); ?>
</pre>
</body>
</html>