• 0

[php & mySQL] Can't figure it out!


Question

Hi guys, i really need your help on this one. I am at this moment an intern at a ICT company and I am supposed to make a website for online shopping. The actual website and coding is actually allready done by other interns, but i am supposed to do the styling and design. Also i need to expand some parts of the websites with php.

So lets get to my problem.

I am trying to get information out of 2 tables. The first one is tblorder and second one is tblcustomer. Here are the tables:

tblorder

pkorderid (primary key)

fkklantid

date

excTotal

incTotal

status

tblcustomer

pkklnr (primary key)

klname

....

username

password

In the browser, when it goes to the detail page, it passes the pkorderid through URL and there you get the info all about the order. BUT I am supposed to add also the information of the customers. So what I need to do is to equal fkklantid (tblorder) to pkklnr (tblcustomer) and show the information of the customer.

At this moment (after a lot of trial and error) I have this:

$query3="SELECT * FROM tblklant, tblorder WHERE tblklant.pkklnr = tblorder.fkklantid ORDER BY '" . $HTTP_GET_VARS["pkorderid"] . "'";

$resultq3 = mysql_query($query3) or die ("ERROR: " . mysql_error());

But this is not right. I get only 1 customer and everytime I select an other pkorderid, I still get the same customer. I just don't get it, how am I supposed to do the sql query here????????

Link to comment
https://www.neowin.net/forum/topic/155009-php-mysql-cant-figure-it-out/
Share on other sites

8 answers to this question

Recommended Posts

  • 0

oh no, thats not it. klant = customer in dutch. i translated it for you that you could easily understand. but srry, it got mixed up :unsure:

so i tried it, but it didn't work...

btw, i tried the query on phpMyAdmin, and it worked fine there! :s i just don't understand, why it is not selecting the right information. I think it has to do something with the id wich is passed through URL, the pkorderid. but what???

  • 0

let me show you the whole code:

?$query="SELECT * FROM tblorder WHERE pkorderid='" . $HTTP_GET_VARS["pkorderid"] ."'";
 ?$resultq = mysql_query($query) or die ("FOUT: " . mysql_error());

 ?$query2="SELECT * FROM tblorderregels WHERE fkorderid='" . $HTTP_GET_VARS["pkorderid"] ."'";
 ?$resultq2 = mysql_query($query2) or die ("FOUT: " . mysql_error());

 ?$query3="SELECT * FROM tblklant, tblorder WHERE tblklant.pkklnr = tblorder.fkklantid ORDER BY '" . $HTTP_GET_VARS["pkorderid"] ."'";
 ?$resultq3 = mysql_query($query3) or die ("FOUT: " . mysql_error());

 ?
?>


<?php
while (list($pkorderid, $fkklantid, $datum, $excTotaal, $incTotaal, $status) = mysql_fetch_row($resultq))
	{
	$ud=$pkorderid;
	$vn=$fkklantid;
	$an=$datum;
	$un=$excTotaal;
	$pw=$incTotaal;
	$em=$status;
	}
?>

<?php
while (list($pkklnr, $klnaam, $anaam, $kladres, $pcode, $klwpl, $kltel, $klemail, $banknr) = mysql_fetch_row($resultq3))
	{
	$pkkln=$pkklnr;
	$klnaa=$klnaam;
	$anaa=$anaam;
	$kladre=$kladres;
	$pcod=$pcode;
	$klwp=$klwpl;
	$klte=$kltel;
	$klemai=$klemail;
	$bankn=$banknr;
	}
?>

and in the form I use this to print out the information:

<form action="<?php echo($_SERVER["PHP_SELF"]);?>" method="post">

<input type="hidden" name="bevestiging" value="1">

<input type="hidden" name="pkorderid" value="<?php echo($HTTP_GET_VARS["pkorderid"]);?>">

<table width="60%" border="0">

?<tr>

? ?<td>pkorderid ?: </td>

? ?<td><?php echo($ud);?></td>

?</tr>

?<tr>

? ?<td>Klant id:</td>

? ?<td><?php echo($vn);?></td>

?&lt<?php echo($ud);?>($ud);?> etc.

  • 0

This is unrelated to the original question, but I noticed you're using values right from $_GET without validation in your query. You might want to think about tweaking on that later. If for example your script runs on a server where magic_quotes are disabled then you run the risk of SQL injection attacks.

Googling for php/mysql security and escapequotes would be a good starting place.

  • 0

oh, thx the evn show!! although i didn't made al those codes, an other intern did, and it is not my assignment to secure it better :)

and guys, i got great news!!!!! I GOT IT SOLVED!!!!!! :D :D :D

my teacher came by our company and i tolled him my problem and he just solved it, so easily!!!!!

the code needed an AND statement!!!

this is how it has to be like:

$query3="SELECT * FROM tblklant, tblorder WHERE tblklant.pkklnr = tblorder.fkklantid AND pkorderid = '" . $HTTP_GET_VARS["pkorderid"] ."'";

i love my teacher!! and you to guys!!! THX FOR YOUR HELP TIMDORR

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • The Irony... China wouldn't be what it is today without Apple 😂
    • Microsoft makes it easier to find PC specs in Windows 11 Settings by Taras Buria Windows 11 has already received several improvements that make it easier to learn about your computer's specifications. Recently, Microsoft released Spec Cards for the System > About section, which provide basic information about the PC's main components, such as processor, memory, storage, graphics card, and video memory. Now, the Settings app is getting a new way to find your device info. Microsoft wants to display basic device information right on the Home page of the Settings app. The latest preview builds from the Dev and Beta Channels introduced a new "Your device info" card for the Settings' Home page. It displays specs like processor name and speed, graphics card and the amount of video memory, storage, and RAM. The card also has a link to the "About" section, where you will find more information about your computer, its Windows edition, product ID, and the recently introduced FAQ section that answers common hardware-related questions. The "Your device info" card joins the existing cards on the Settings app's home page. While the section offers useful information like quick access to Bluetooth devices, Wi-Fi, personalization, and recommended settings, users received it with mixed reactions, as many considered it another way for Microsoft to promote its services and subscriptions like Microsoft 365, OneDrive, and Game Pass (seriously, who thinks about Game Pass when opening Settings?). Now, the Settings' Home page is a bit more useful, as it saves you a few clicks when checking your computer's specs. If you want to test the new "Your device info" card, update your PC to build 26200.5622 or newer (Dev Channel). Just keep in mind that Microsoft is rolling it out gradually, and it requires signing in with a Microsoft Account in the United States. Other changes in build 26200.5622 include a new Settings section for Quick Machine Recovery, widget improvements, more app recommendations in the "Open with" dialog, and more. Check out the full release notes here.
    • Ponies will finally have good games to play after replaying Last of Us for the 100th time. Oh and I lied, Silent Hill f looks pretty great too, but we already knew about that.
  • Recent Achievements

    • Week One Done
      jbatch earned a badge
      Week One Done
    • First Post
      Yianis earned a badge
      First Post
    • Rookie
      GTRoberts went up a rank
      Rookie
    • First Post
      James courage Tabla earned a badge
      First Post
    • Reacting Well
      James courage Tabla earned a badge
      Reacting Well
  • Popular Contributors

    1. 1
      +primortal
      397
    2. 2
      +FloatingFatMan
      177
    3. 3
      snowy owl
      170
    4. 4
      ATLien_0
      167
    5. 5
      Xenon
      134
  • Tell a friend

    Love Neowin? Tell a friend!