I'm having trouble getting my website to show products saved in a database when I upload it to my IPage account . It works fine on my local machine and it says that it's connecting to the database, but it's not displaying the products . I know the database and tables exist with relevant data in them.
Here's a link to the page :
http://wisconsindairyfarmers.com/Design1/search.php?search=sweets
The code:
$db = new mysqli('****', '****', '*****', '****');
// this is in the connect file
$search = $_GET['search'];
require 'db/connect.php';
$result = $db->query("SELECT * FROM products WHERE ProductSearch = '$search'");
if($result->num_rows){
echo '<table border="0" cellspacing="0" style="width:100%;">';
echo '<tr><td></td><td><u>Product Name</u></td><td><u>Price</u></td><td><u>Wisconsin Artisans</u></td></tr>';
while($row = $result->fetch_assoc()){
$ProductId = $row['ProductId'];
$ProductImage = $row['ProductImage'];
$ProductName = $row['ProductName'];
$ProductPrice = $row['ProductPrice'];
echo '<tr>';
echo '<td><a href="productpage.php?productid=' . $row['ProductId'] . '"><img height="80px" width="80px" src="' . $row['ProductImage'] . '"/></a></td>';
echo '<td><a id="productlink" href="productpage.php?productid=' . $row['ProductId'] . '">' . $row['ProductName'] . '</a></td>';
echo '<td> $' . $row['ProductPrice'] . '</td>';
echo '<td> ' . $row['ProductVendor'] . '</td>';
//echo '<td><input type=button onClick="location.href=\'cart.php?ProductId=', $ProductId, '&ProductName=', urlencode($ProductName), '&ProductPrice=', $ProductPrice, '&ProductQty=1\'" value=\'Add to Cart\' id="addtocart"></td></tr>';
echo '<td><input type=button onClick="location.href=\'productpage.php?productid=' . $ProductId . '\'" value=\'Add to Cart\' id="addtocart"></td></tr>';
}
echo '</table>';
$result->free();
}
else{
echo '<h3 style="color:black;">No products here just yet, but there will be soon!</h3>';
}
I don't know if this question is already answered / solved but your code should be like this:
$db = new mysqli('****', '****', '*****', '****');
// this is in the connect file
$search = mysqli_real_escape_string($_GET['search']);
require 'db/connect.php';
$result = $db->query("SELECT * FROM products WHERE ProductSearch = '".$search."'");
if($result->num_rows > 0){
echo '<table border="0" cellspacing="0" style="width:100%;">';
echo '<tr><td></td><td><u>Product Name</u></td><td><u>Price</u></td><td><u>Wisconsin Artisans</u></td></tr>';
foreach($result->rows as $product){
$ProductId = $product['ProductId'];
$ProductImage = $product['ProductImage'];
$ProductName = $product['ProductName'];
$ProductPrice = $product['ProductPrice'];
echo '<tr>';
echo '<td><a href="productpage.php?productid=' . $product['ProductId'] . '"><img height="80px" width="80px" src="' . $product['ProductImage'] . '"/></a></td>';
echo '<td><a id="productlink" href="productpage.php?productid=' . $product['ProductId'] . '">' . $product['ProductName'] . '</a></td>';
echo '<td> $' . $product['ProductPrice'] . '</td>';
echo '<td> ' . $product['ProductVendor'] . '</td>';
//echo '<td><input type=button onClick="location.href=\'cart.php?ProductId=', $ProductId, '&ProductName=', urlencode($ProductName), '&ProductPrice=', $ProductPrice, '&ProductQty=1\'" value=\'Add to Cart\' id="addtocart"></td></tr>';
echo '<td><input type=button onClick="location.href=\'productpage.php?productid=' . $ProductId . '\'" value=\'Add to Cart\' id="addtocart"></td></tr>';
}
echo '</table>';
} else {
echo '<h3 style="color:black;">No products here just yet, but there will be soon!</h3>';
}
mysqli_real_escape_string($_GET['search'])
is used to escape characters which can be used for sql injections.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.