call a certain id row

harmor

I want to have the code below to display the data from a user.
Like here on this forum.
member.php?s=&action=getinfo&userid=168454
It'll display the profile of that userid

Now this is the code I have in profile.php

<?php
$result = mysql_query("SELECT name,email,aim_name,icq_number,location,website,yahoo  FROM users WHERE id = '1'");
if (!$result) {
   echo 'Could not run query: ' . mysql_error();
   exit;
}
$row = mysql_fetch_row($result);
{



// HTML

echo "<table width=\"50%\" align=\"center\" border=\"1\" bordercolor=\"#000000\" cellspacing=\"0\" cellpadding=\"3\">
<tr><td>Username: ".$row[0]."</td>
</tr>
<tr><td>E-Mail: ".$row[1]."</td>
</tr>
<tr><td>AIM: ".$row[2]."</td>
</tr>
<tr><td>ICQ: ".$row[3]."</td>
</tr>
<tr><td>Location: ".$row[4]."</td>
</tr>
<tr><td>Website: ".$row[5]."</td>
</tr>
<tr><td>Yahoo: ".$row[6]."</td>
</tr>
</table><br>";


}
?>

mrhappiness

Originally posted by harmor
Now this is the code I have in profile.php

bad code as it dosn't use $_GET['userid'] but 1 as requested value for your id column

jkurrle

I think you need to understand how information is passed and received via the POST and GET methods. Here's a short primer:

When you create a web form, you have a tag that looks something like this:

The 'method' part of this tag tells the browser how to send the information. If you use GET, it sends the information appended on the end of the browser URL. If you use POST, it sends the information through an internal web server process. As a test, create this form on a web page and a blank myscript.php to receive the data. Click the button and look at your URL of your script page. Next, change the method from POST to GET in your form tag, and then resubmit the form. You should notice a change in your script page's URL.

So, let's continue to myscript.php and see how we get that information:

$my_variable=$_POST['Variable_1'];

Basically, we look up server posted variable name Variable_1, take its value, and assign it to a variable called $my_variable. At this point, we can use this information any way we want.

GET works the same way, processing-wise. We just use $GET['Variable_1'] instead of $POST['Variable_1']. So why use one over the other? Here are the main differences:

POST - Requires some sort of user interaction, like filling out a line, clicking on a button, etc. Because all information is passed via a hidden server process, you don't see any information attached onto the end of the URL. Therefore, the information is more secure and also you have a large amount of environment space to work in.

GET - Parses information on the end of a URL. The first delimiter is a question mark (?), which separates the URL from attached parameters. Then you have a variable name, followed by an equals sign, followed by the variable's value. If another variable needs to be passed, an ampersand (& ) is then used to delimit between passed variables.

Because, information is parsed onto the URL, user interaction can be effectively bypassed. Simply meta-refresh the page to the new URL with the parsed information and off you go! Also, you can create personalized web links that you can send in email, by parsing pertinent information on the end of the URL.

GET has some serious limitations. First, the data is passed out in the open, which opens it up to hacking. Second, you have a limited amount of environment space to pass information with. If you are passing a <TEXTAREA> type of parameter, chances are, you need especially to use the POST method, as you blow up your browser by appending too much information on the URL using GET.

Hope this helps to explain things a little better...