smarty variable in php

Question

I have a problem. I have a variable of smarty which is assigned in a textbox like:

<input type="text" name="blogID" id="blogID" value="{$e.id}">

I want this text value in {php}{/php} and I want to select all data from a database table on this text box value. Here is an example:

{php}
$select = mysql_query("select * from tbl_blog where id = '".$_POST['blogID']."'");
{/php}

This is not working how can i solve it?

Answer 1

As others have said mysql_query is deprecated and PDO is good to protect from sql injection

$hostname = "localhost";
$dbname = "database";
$username = "username";
$password = "password";

$pdo = new PDO("mysql:host=".$hostname.";dbname=".$dbname."", $username, $password);
$stmt = $pdo->prepare("SELECT * FROM tbl_blog WHERE id = :id");
$stmt->bindValue(':id', $_POST['blogID'], PDO::PARAM_INT);
$stmt->execute();
$select = $stmt->fetch(PDO::FETCH_ASSOC);

Answer 2

The solution depends on a lot of things-

1. What error are you getting, if any?
2. If you are including the mysql_connect() on the page somewhere?
3. Whether you're submitting the form as post on the same page?

4. You can also try encapsulating your php code in an if() block, like-

    {php} if (isset($_REQUEST['blogID'])) { $select = mysql_query("select * from tbl_blog where id = '".$_REQUEST['blogID']."'"); } {/php} 

Also I'd recommend having a separate document for php and using $smarty->assign() and not using the deprecated functions.

Answer 3

{php} tags are deprecated from Smarty, and should not be used. Put your PHP logic in PHP scripts or plugin functions instead.

http://www.smarty.net/docs/en/language.function.php.tpl