No problem 🙂
Everything after the ? in the URL is part of the "query string", which consists of attribute name/value pairs, separated by & (although to express the ampersand character in html you need to use & since & denotes the start a character entity reference, in this case amp; which is the ampersand character).
PHP deals with parsing the query string and populates the super global (reachable from anywhere in your code) array $GET, which means you can those values like this
$_GET['id'];
But since there is no guarantee that $_GET contains the element 'id', you should always check if the element exists first, otherwise PHP will report an error.
# Depending on context, either
# check if the element exists
if (isset($_GET['id']))
# or, check if the element exists and isn't "empty": empty string, null, 0
if (!empty($_GET['id']))
However, all external data has to be handled with care, otherwise you introduce security risks, in this case SQL injection. Since id is supposed to be an integer, simply cast it as such
# if $_GET['id'] doesn't start with a numeric value, the type case results in the value 0, which
# will reference no primary key since those are 1 .. MAX_INT, and you are also safe from SQL injection
$id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
# another way to validate incoming data, is to check that it matches ok values
$ok_actions = array('edit', 'view', 'delete');
if (!isset($_GET['action']) || !in_array($_GET['action'], $ok_actions))
{
$action = 'view'; # default value
}
else
{
$action = $_GET['action']
}
At this point, you simply create your SQL query by adding a where clause and this id
$query = sprintf('SELECT some, fields FROM the_table WHERE id=%d',
$id);
if ($result = mysql_query($query))
{
# No need for a loop, there is only, at most, one record
$row = mysql_fetch_assoc($query);
# But there could also be 0 records - no matching id. Someone else may have deleted this
# record after you requested the page listing all records.
if ($row)
{
# Now you have the data for this row, display either html code to view it, or edit it
if ($action == 'edit'))
{
# output form and fill in the form elements with this row's data
}
elseif ($action == 'view')
{
# output the data without form and form elements. for viewing purposes only
}
}
else
{
# no record found
}
}
else
{
# Error executing the query: $result === false
}
If this script is also supposed to handle saving of updated information, you add code to handle this at the top of the script. Here I'm assuming a POST request, rather than a GET request. I.e. the form elements method attribute is set to "POST" rather than "GET", and I'm also assuming the submit button to save data is named "save"
# connection to the db has to be established first to make string values safe
somehow_connect_to_db();
# the "save" submit button was clicked
if (isset($_POST['save']))
{
$someStringValue = isset($_POST['someFormField']) : mysql_real_escape_string($_POST['someFormField']) : 'default value';
$someIntValue = isset($_POST['otherField']) : (int) $_POST['otherField'] : null;
$someFloatValue = isset($_POST['price']) : (float) $_POST['price'] : null;
# obviously, you may wish to check that some / all fields are present and not empty,
# since some fields are likely to be required for the record to be meaningful.
# If required fields are missing, you should inform the user and redisplay the form
# If some values don't meat requirements (digits in a name or letters in phone number)
# you should also inform the user about this
if ($all_is_ok)
{
$query = sprintf("UPDATE the_table SET intField = %d, stringField = '%s', floatField=%f
WHERE id=%d",
$intVal,
$stringVal,
$floatVal,
$id
);
if (mysql_query($query))
{
# information saved
}
else
{
# inform the user that the information could not be saved
}
}
}
There you have an ordinary structure for dealing with things like this. But I'd also recommend you to, instead of ouputting information here and there in the code, instead go with variable assignment of the strings to be shown, such as
# Define the variables, that will hold information to be shown, at the top of the script
$error = array();
$feedback = array();
$content = '';
# And then append to them throughout the script
if ($update_query_result === false)
{
$errors[] = 'The information could not be saved';
}
else
{
$feedback[] = 'Information saved';
}
if ($action == 'edit')
{
$content .= '<form ...>...</form>';
}
elseif ($action == 'view')
{
$content = '<div>...</div>';
}
Then, when all processing is done, displaying things will be easier.
?>
<html><head><title>Pagetitle</title></head>
<body>
<div>Menu etc</div>
<div id="content">
<?php
if (count($errors))
{
echo '<div class="errors">';
printf ('<div>%s</div>', implode('</div><div>', $errors));
echo '</div>';
}
if (count($feedback))
{
echo '<div class="feedback">';
printf ('<div>%s</div>', implode('</div><div>', $feedback));
echo '</div>';
}
echo $content;
?>
</body>
</html>
This way, all errors will appear at the same place in the page, before feedback, which in turn is also in one place, before the actual page contents. With proper styling, it's easy to make errors show in bigger font or with red font color etc.
