选择带有变量的语句，但不起作用

Question

i try to select statement with variable, but not work maybe i miss something.

<!--Get data from user--> 
    <?php while ($row_settings = mysql_fetch_array($rs_settings4)) {
            $get_id_friend=$row_settings['friend_id'];
    } ?>
<!--Get data from user--> 


  <div id="wrap-box"><!--Loop-box-->
<?php $results  = mysql_query("select * from users where id='$get_id_friend'");  ?>  
  <?php while ($row_friend_loop = mysql_fetch_array($results)) {?>
        <div class="img">
            <img src="<?php echo $row_friend_loop['img']; ?>" width="49"/>
        </div>

        <div id="request">
            <div class="name">
            <p><?php echo $row_friend_loop['user_name']; ?></p>
            </div>
            <div class="btn">
            <a href="#"><img src="images/btn-confirm.jpg" class="hover" /></a><a href="#">
            <img src="images/btn-ignore.jpg" class="hover" /></a>
            <div class="clear"></div>
            </div>
        </div>
       <?php } ?><!--Loop-box-->

i try to change from

where id='$get_id_friend'"); 

to

where id='.$get_id_friend.'"); 

but still not work, sorry i'm still newbie here

first i want get id from table friend, and if id from table friend is related with table user , all data with related id will be loop .

Answer 1

I recommend you read up on sql injection and the PDO library. Also, I have a feeling you do not have a very efficient database structure.

I'm just guessing on your motive and database here, but you should start with something like this:

TABLE friends
int id PRIMARY
int user_id
int friend_id

TABLE users
int user_id
VARCHAR(64) img
VARCHAR(24) user_name

This way, one table holds all the user information, and the second table holds all the 'friend' data. The correct way to access this info would be to use prepared statements and then you can loop through the resulting array, ie: the following:

$sql = "SELECT 
           friends.friend_id AS friend_id,
           users.img AS friend_img,
           users.user_name AS friend_user_name,
        FROM friends
        LEFT JOIN users ON (friend.user_id = users.user_id)
        WHERE friend.user_id = :user_id";
$sth = PDO->prepare($q);
$sth->bindParam(":user_id",$user_id_to_get_friends_for);

try{
     $sth->execute();
     $friends = $sth->fetchAll();
} catch (PDOException $e) {
     //  Do something with the error
}

// Now loop through the array
foreach($friends as $f) {
     echo "<td><img src='".$f['friend_img']."' alt='' />".$f['friend_user_name']."</td>";
}

Now, this is oversimplified i'm sure, but if you follow this format, and do a little research on the functions i'm using here (namely LEFT JOIN and PDO stuff), you should be off to a good start.

I hope this helps you.

Answer 2

Syntactically there's absolutely no difference in how your two versions of building the where clause work - if neither works, then $get_id_friend is not set properly. Neither of your queries have any error handling, and you don't show the query string for the initial query, only how you fetch data from it.

A proper minimalist 'safe' query structure is:

$sql = "SELECT ...";
$result = mysql_query($sql);
if ($result === FALSE) {
    die(mysql_error . "<br />$sql");
}

Since your last comment indicates you're looping over multiple user records and displaying data on those users, you'd be better of using a single joined query, rather than an "outer" query that causes repeated inner queries.

Something like this:

SELECT friends.img, friends.user_name
FROM users AS friends
LEFT JOIN users ON users.friend_id = users.id
WHERE users = $userID;

That's just a guess, since we have very little information about your table structure. But basically: given some userID, fetch the images and user_names of all their friends. Now you've reduced your code to:

$sql = "select query from above";
$result = mysql_query($sql);
if ($result === FALSE) {
    die(mysql_error() . "<br />$sql");
}
while($row = mysql_fetch_assoc($result)) {
    ... your html stuff as before ...
}

One loop, one query, less fuss and muss.