get url id in php and display result in html

Question

Hi i have written this code in order to get the news id from url and display the news result from this id which is stored in mysql. I dont know what i am doing wrong. But i am getting any output. I have also test my query which is running fine in mysql.I am doing small misatke which is not able to identif may be syntax or quotation somewhere. Thanks. Here is my Url:

http://autodo/admin/news.php?id=2043

Here is my code:

    <?php
   $ID=$_GET['id']; 
   $sql="   SELECT DISTINCT ad_news.datum, ad_news_texte.text, ad_news_texte.headline, ad_news_texte.id
                    FROM autodo.ad_news_texte, autodo.ad_news
                    WHERE ad_news_texte.id =".$ID."
                    GROUP BY ad_news_texte.text, ad_news_texte.headline, ad_news_texte.id";
  echo $sql_select=mysql_query($sql);
   if($row = mysql_fetch_assoc($sql_select)){       
            $news_id= $row['id'];   
            $news_datum= $row['datum']; 
          $news_text= $row['text']; 
            $news_headline= $row['headline']; 
?>
<div class="welcome-rahmen lng toggleNews" id="<?= $news_id ?> ">
<p class="welcome-breadcrump"><?= $news_datum ?></p>
<p class="welcome-subheadline"><?= $news_headline ?></p>
<div class="newsText">
<?= $news_text ?>
</div>
</div>
<? } ?>

Answer 1

Some mistakes,

1. You mixing shorthand and echo for printing output.
2. Missing ; semi-colon at end of echo statment.
3. Syntax error in query

Firstly turn on your errors adding ini_set("display_errors",1); on top of your file. Use below statemnt for everywhere you output the variable,

<?php echo $news_id; ?>

Or,

<?= $news_id ?>

Query should be,

$sql=" SELECT DISTINCT ad_news.datum, ad_news_texte.text, ad_news_texte.headline, ad_news_texte.id
                    FROM autodo.ad_news_texte, autodo.ad_news
                    WHERE ad_news_texte.id = '$ID'
                    GROUP BY ad_news_texte.text, ad_news_texte.headline, ad_news_texte.id";

Waring: Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.

Answer 2

first change quote to variable in where of query like

WHERE ad_news_texte.id ='$ID'

then no use of echo in

<?= echo $news_datum ?> try in all of your code <?= $news_datum ?>

so your whole code will be

<?php
   $ID=$_GET['id']; 
   $sql="SELECT DISTINCT ad_news.datum, ad_news_texte.text, ad_news_texte.headline, ad_news_texte.id FROM autodo.ad_news_texte, autodo.ad_news WHERE ad_news_texte.id ='$ID' GROUP BY ad_news_texte.text, ad_news_texte.headline, ad_news_texte.id";
  $sql_select=mysql_query($sql);
  $checkrow = mysql_num_rows($sql_select);
  if($checkrow > 0) {
     if($row = mysql_fetch_assoc($sql_select)){       
            $news_id= $row['id'];   
            $news_datum= $row['datum']; 
          $news_text= $row['text']; 
            $news_headline= $row['headline']; 
    ?>
     <div class="welcome-rahmen lng toggleNews" id="<?= $news_id ?> ">
    <p class="welcome-breadcrump"><?= $news_datum ?></p>
    <p class="welcome-subheadline"><?= $news_headline ?></p>
   <div class="newsText">
   <?= $news_text ?><?php } 
 }
 else {
   echo 'query does not return any rows';
 }?>

Answer 3

You have used <?= echo - <?= alone is the same as <?php echo Additionally, as another pointed out you are missing several ; at the end of lines.

Regardless, I would encourage you to use prepared statements or otherwise sanitize the data you are pulling from the query string as your query as written is vulnerable to SQL injection.

Answer 4

You should concatenate $ID and sql string by .

For example:

 $sql="   SELECT DISTINCT ad_news.datum, ad_news_texte.text, ad_news_texte.headline, ad_news_texte.id
                    FROM autodo.ad_news_texte, autodo.ad_news
                    WHERE ad_news_texte.id =".$ID."
                    GROUP BY ad_news_texte.text, ad_news_texte.headline, ad_news_texte.id";