While doesn’t display if I use get id?

Asked

Viewed 72 times

0

Can someone help me understand why this code is failing to display the genre of the bank?

 <div class="first_info">
      <?php
       $vide = $_GET['i'];  
include "core/home/database.php";
$consultaGe = "SELECT * FROM generos WHERE id='$vide'";
$conGenre = $mysqli->query($consultaGe) or die (@mysqli_error());  

?>
      <strong>Generos:</strong>
    <?php while($gene = $conGenre->fetch_array()){ ?>
      <div>
         <h5 class="cop_genre" value="<?php echo $gene['id'];?>"><?php echo $gene['genre']; ?></h5>
      </div>
    <?php } ?>

If I take the WHERE id='$vide' Alas he displays, but he displays all the generous, and not only his. What is wrong there?

The structure of the table generos: inserir a descrição da imagem aqui

  • 1

    Do not concatenate the values directly into the query, as this leaves the application vulnerable to SQL Injection attacks. Read more about it here: https://answall.com/q/9734/112052

  • while is swallowing H5 and don’t know why

  • Just to clarify, in the URL called you are including the parameter "i"? For example https://example.com/index.php?i=generodesejado.

  • yes it is, so much so that everything else works, the only thing is that it takes the "i" of everything from the movie. Not only of the genre

  • Like, he’s not taking the genre of the genre bank, but the genre number on the film bench, I think that might be the problem, but I still don’t know how to fix it, so if I just put $v['genre']; it appears the gender number and not his name, so I tried that code up there, but without success, it does not show the name.

  • Could put the table structure generos?

  • sure I can

  • 1

    WHERE id='$vide', if $vide is 1, the query will be id='1', but the column id is of type INT, does not need the quotation marks. It should be id=$vide (but better than that would be if you used the prepare mysqli).

Show 4 more comments

1 answer

1


Vinicius, Like when you remove the condition WHERE id='$vide' are displayed all genres I believe the "problem" is in the parameter i.

By your comments and variable name ($vide) I believe you’re passing the id of the video and not of the genre. If so, you need to change your query so that you search for the gender id within the video table (in a sub-query) and use in the gender query.

It would look something like this (I don’t know what your video table looks like):

$consultaGe = "SELECT * FROM generos WHERE id=(SELECT id_genero FROM videos WHERE id='$vide')";

Edit: Listen to @hkotsubo’s comment and look for ways to improve your app’s security.

  • Thank you very much, in the case yes, i was paying for the video and not only the genre, but with the sub nsulta worked perfectly. Regarding security I am researching ways to improve this part in my code. But thank you very much helped

Browser other questions tagged

You are not signed in. Login or sign up in order to post.