StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POPHP using $_GET at sql query returning no results
primarykey
Id
18237625
data
AcceptedAnswerId
18237760
AnswerCount
2
ClosedDate
CommentCount
5
CommunityOwnedDate
CreationDate
2013-08-14T16:47:29.840
FavoriteCount
0
LastActivityDate
2013-08-14T17:03:05.440
LastEditDate
2013-08-14T16:59:51.757
LastEditorUserId
2471429
OwnerUserId
2585294
ParentId
0
PostTypeId
1
Score
0
ViewCount
635
LastEditorDisplayName
text
Body
I have this php file in which i send a variable called user_email in an url like this: http://**********/android_connect/get_all_products.php?user_email="m" through my android app code. However even if it should return me some data it returns me "No products found" from the else! If i use the test1 query however it returns me the right data! I know that the code is valnurable to SQL Injection but what i have to do to fix it like this?? Please help i really need this!!!!!!! <pre><code><?php /* * Following code will list all the products */ // array for JSON response $response = array(); $user_email = $_REQUEST['user_email']; //echo $user_email; // include db connect class require_once __DIR__ . '/db_connect.php'; // connecting to db $db = new DB_CONNECT(); // get all products from products table $test = "SELECT *FROM products WHERE user_email= '" . $user_email . "'"; //$test1= "SELECT * FROM products where user_email='m'" ; //echo $test; $result = mysql_query($test) or die(mysql_error()); // check for empty result if (mysql_num_rows($result) > 0) { // looping through all results // products node $response["products"] = array(); while ($row = mysql_fetch_array($result)) { // temp user array $product = array(); $product["pid"] = $row["pid"]; $product["firstname"] = $row["firstname"]; $product["lastname"] = $row["lastname"]; $product["email"] = $row["email"]; $product["phone"] = $row["phone"]; $product["address"] = $row["address"]; $product["created_at"] = $row["created_at"]; $product["updated_at"] = $row["updated_at"]; $product["user_email"] = $row["user_email"]; // push single product into final response array array_push($response["products"], $product); } // success $response["success"] = 1; // echoing JSON response echo json_encode($response); } else { // no products found $response["success"] = 0; $response["message"] = "No products found"; // echo no users JSON echo json_encode($response); } ?> </code></pre>
Tags
<java><php><android><mysql><sql>
Title
PHP using $_GET at sql query returning no results
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USimmulatin
UserOwnerUserId
1. USappLogic
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POPHP using $_GET at sql query returning no results
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTApproveEditSuggestion
2. VO
 singulars
 PostPostId
 POPHP using $_GET at sql query returning no results
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTDownMod
3. VO
 singulars
 PostPostId
 POPHP using $_GET at sql query returning no results
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.