mattm1712 Posted September 20, 2010 Share Posted September 20, 2010 <html> <?php include connect.inc; $id = $_GET['id']; mysql_query("UPDATE count SET clicks=clicks+1 WHERE id='$id'"); $sql = mysql_query("SELECT link FROM count WHERE id='$id'"); $fetch = mysql_fetch_row($sql); $result = mysql_query($sql); while($row = mysql_fetch_array($result)) { echo "Name :{$row['id']} <br>" . "Subject : {$row['link']} <br>" . "Message : {$row['count']} <br><br>"; } mysql_close(); ?> <a href='/index.php?id=1'>link1</a> <a href='/index.php?id=2'>link2</a> </html> Quote Link to comment Share on other sites More sharing options...
the182guy Posted September 20, 2010 Share Posted September 20, 2010 You've got mysql_query calls and fetch calls mixed up. Try <?php include 'connect.inc'; $id = $_GET['id']; // if this is an integer change it to $id = (int)$_GET['id'] which will force as an int, and prevent SQL injection mysql_query("UPDATE count SET clicks=clicks+1 WHERE id='$id'"); $sql = "SELECT link FROM count WHERE id='$id'"; $result = mysql_query($sql); while($row = mysql_fetch_assoc($result)) { echo "Name :{$row['id']} <br>" . "Subject : {$row['link']} <br>" . "Message : {$row['count']} <br><br>"; } mysql_close(); ?> Also, don't use .inc as a file extension for a PHP include. Unless you have the web server setup to deny direct access, anybody could just browse directly to that file and the contents will be displayed - i.e database credentials. It looks like the id field is an integer PK for the table, if so you don't need a while loop if there will only ever be 1 record with that id. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.