Placing html code inside php

Question

Placing html code inside php

Asked 7 years, 12 months ago

Viewed 11,869 times

3

I’m trying to put a html code inside a php and it’s not working, as I do to fit html code inside php ?

<?php
if(isset($_POST['buscarNome']) && $_POST['buscarNome'] == 'Buscar') {
    $nome = $_POST['nome'];

    if(empty($nome)){
        echo "<script type='text/javascript'>alert('Informe o nome!');javascript:window.location='consulta.php';</script>";
    }else {
        $strcon = mysqli_connect("localhost", "root", "", "estagio") or die("<script type='text/javascript'>alert('Erro ao conectar no banco de dados!');javascript:window.location='consulta.php';</script>");
        $sql = "SELECT * FROM tbl_usuario WHERE nome LIKE '%''nome''%'";
        $con = mysqli_query($strcon, $sql) or die("<script type='text/javascript'>alert('Erro ao tentar fazer a consulta');javascript:window.location='consulta.php';</script>");
echo<<<HTML
<table border="1">
    <tr>
        <td>CPF</td>
        <td>Nome</td>
        <td>Sexo</td>
        <td>Idade</td>
        <td>Cidade</td>
        <td>Telefone</td>
        <td>Email</td>
    </tr>
    <?php while($dado = $con->fetch_array()){ ?>
        <tr>
            <td><?php echo $dado['cpf']; ?></td>
            <td><?php echo $dado['nome']; ?></td>
            <td><?php echo $dado['sexo']; ?></td>
            <td><?php echo $dado['idade']; ?></td>
            <td><?php echo $dado['cidade']; ?></td>
            <td><?php echo $dado['telefone']; ?></td>
            <td><?php echo $dado['email']; ?></td>
        </tr>
    <?php } ?>
</table>
HTML;
    }
?>

1 answer

Browser other questions tagged php

You are not signed in. Login or sign up in order to post.

by Bacco • **93,720** points · Answer 1 · 2016-11-23T01:00:02+00:00

The problem is that this line here:

<?php while($dado = $con->fetch_array()){ ?>

is inside a HEREDOC, so it is treated as text, not PHP.

The solution without touching your code too much is something like this:

<?php
if(isset($_POST['buscarNome']) && $_POST['buscarNome'] == 'Buscar') {
    $nome = $_POST['nome'];
}
if(empty($nome)){
    echo "<script type='text/javascript'>alert('Informe o nome!');javascript:window.location='consulta.php';</script>";
}else {
    $strcon = mysqli_connect("localhost", "root", "", "estagio") or die("<script type='text/javascript'>alert('Erro ao conectar no banco de dados!');javascript:window.location='consulta.php';</script>");
    $nome = mysqli_real_escape_string( $strcon, $nome );
    $sql = "SELECT * FROM tbl_usuario WHERE nome LIKE '%".$nome."%'";
    $con = mysqli_query($strcon, $sql) or die("<script type='text/javascript'>alert('Erro ao tentar fazer a consulta');javascript:window.location='consulta.php';</script>");
?>
<table border="1">
    <tr>
        <td>CPF</td>
        <td>Nome</td>
        <td>Sexo</td>
        <td>Idade</td>
        <td>Cidade</td>
        <td>Telefone</td>
        <td>Email</td>
    </tr>
<?php while($dado = $con->fetch_array()){ ?>
        <tr>
            <td><?php echo $dado['cpf']; ?></td>
            <td><?php echo $dado['nome']; ?></td>
            <td><?php echo $dado['sexo']; ?></td>
            <td><?php echo $dado['idade']; ?></td>
            <td><?php echo $dado['cidade']; ?></td>
            <td><?php echo $dado['telefone']; ?></td>
            <td><?php echo $dado['email']; ?></td>
        </tr>
<?php } ?>
'</table>';
<?php } ?>

Note also the adoption of this line to avoid SQL Injection:

        $nome = mysqli_real_escape_string( $strcon, $nome );

To avoid confusion, it pays to rethink the code to avoid too open and close <?php ?> mixed with echo.

Contrary to what is preached, it is not a problem to mix PHP with HTML (after all, PHP was made for this), but each case is a case, and in your code is getting a little confused, so you should know different ways to organize.