1 
    $request = 'SELECT * FROM flight WHERE Id = \''.$_SESSION['LFLightRadio'].'\'';
    $data = mysql_fetch_array(mysql_query($request, $SQL));
    echo '<table class="table">';
    foreach($data as $key => $value) {
        echo '<th class="head" align="center" height="19">'.$key.'</th>';
    }
    echo '<tr>';
    foreach($data as $key => $value) {
        echo '<td class="cell" align="center" height="19">'.$value.'</td>';
    }
    echo '</tr></table>';

I know that the LFlightRadio value is set, and is a value returned by the Id value of a previously returned row from the flight database. So within "flight", a record definitely exists with this Id. But, this still gives me a non-array result, so that when I try to use foreach on it, it errors out. Suggestions?

Improve this question
1
  • 1
    Perhaps do var_dump($data) and see what it says? Commented May 7, 2010 at 17:31

4 Answers 4

Reset to default
2

before the echo '<table class="table">';, add:

echo '<br>$_SESSION[\'LFLightRadio\']="'.$_SESSION['LFLightRadio'].'"<br>';

to make sure you actually have a value to compare to flight.Id in the query. The way you are doing this is a huge SQL injection attack waiting to happen! See this question: mysql_real_escape_string() for $_SESSION variables necessary?

EDIT

add this before the echo '<table class="table">';:

echo '<br>$request="'.$request.'"<br>';

run that query on the database, are any rows returned?

Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

Doesn't matter - it's not a public site - and I already made sure that LFlightRadio exists, because I checked it repeatedly in statements that I cut.
when you do code a public site you will fall back into this habit.
Well, that was revealing. $_SESSION['LFlightRadio'] is 8. But the constructed $request doesn't actually contain this value.
Better to use parametrized queries for sure, but session variables should be safe as long as you're not putting user input in them.
The database is full of junk for demonstration purposes, and the exactitudes of my SQL communication are not the subject of the demo.
|
1

You have a mis-capitalization in your code.

$_SESSION['LFLightRadio'] is most likely intended to be $_SESSION['LFlightRadio']

Array keys are case sensitive.

Improve this answer

Comments

1

Did you mean to use

mysql_fetch_assoc

instead of mysql_fetch_array? Array would have keys like 0,1,2...

Improve this answer

1 Comment

It has both, actually. I just changed to assoc, cause I was dumping duplicates on the screen.
0 
    $var = $_SESSION['LFlightRadio'];
    $request = "SELECT * FROM flight WHERE Id = '$var'";
    $data = mysql_fetch_array(mysql_query($request, $SQL));

This works! For some reason, when I concatenated it straight, it didn't actually add the variable into the string. But when I've done that, it got put in and I got the expected.

Improve this answer

2 Comments

Concatenation should have worked. It's most likely a typo. Notice the case difference between 'LFlightRadio' and 'LFLightRadio'.
You see what you want to see, rather than what's there, I guess.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.