I have a problem. I have a variable of smarty which is assigned in a textbox like:
<input type="text" name="blogID" id="blogID" value="{$e.id}">
I want this text value in {php}{/php}
and I want to select all data from a database table on this text box value. Here is an example:
{php}
$select = mysql_query("select * from tbl_blog where id = '".$_POST['blogID']."'");
{/php}
This is not working how can i solve it?
As others have said mysql_query
is deprecated and PDO is good to protect from sql injection
$hostname = "localhost";
$dbname = "database";
$username = "username";
$password = "password";
$pdo = new PDO("mysql:host=".$hostname.";dbname=".$dbname."", $username, $password);
$stmt = $pdo->prepare("SELECT * FROM tbl_blog WHERE id = :id");
$stmt->bindValue(':id', $_POST['blogID'], PDO::PARAM_INT);
$stmt->execute();
$select = $stmt->fetch(PDO::FETCH_ASSOC);
The solution depends on a lot of things-
mysql_connect()
on the page somewhere? post
on the same page? You can also try encapsulating your php code in an if()
block, like-
{php} if (isset($_REQUEST['blogID'])) { $select = mysql_query("select * from tbl_blog where id = '".$_REQUEST['blogID']."'"); } {/php}
Also I'd recommend having a separate document for php and using $smarty->assign()
and not using the deprecated functions.
{php} tags are deprecated from Smarty, and should not be used. Put your PHP logic in PHP scripts or plugin functions instead.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.