0

I am currently in the process of building a simple forum for a small project. I have a page called forum.php. This page contains the contents that a person would see once they are logged. This page contains the following code:

 <?php                                      
    include ('databaseconnect.php');

    $query = "select * from Categories";       

    $result = mysqli_query($db,$query);

  while ($row = mysqli_fetch_array($result)) {
     echo '<tr>';
      echo '<td class="leftpart">';
        echo '<h3><a href="category.php?id">' . $row['Categoryname'] . 
                  '</a></h3>' . $row['Categorydescription'];  
        echo '</td>';
        echo '<td class="rightpart">';
           echo '<a href="topic.php?id=">Topic subject</a> at 10-10';
        echo '</td>';
     echo '</tr>';
   }
 $result = $db->query($query);
?>

This is the Overview of the forum

When a person clicks on any of the category links for example 'Community Events', it takes them to a page called category.php. Now, on this page I would like them to see an overview of the topics created for a specific category. So the following code was used:

  <?php 
      include ('databaseconnect.php');  

      $sql1= "SELECT Categoryid, Categoryname, Categorydescription
        FROM Categories 
      WHERE Categoryid= '" . mysqli_real_escape_string($db,$_GET['id'])."'";

      $result1= mysqli_query($db,$sql1);

 if(!$result1)
   {
echo "<font color = 'Red' .<p> Category Cannot be displayed, Contact the 
      administrator </p> </font>". mysqli_error($db); 
   }

if(mysqli_num_rows($result1) == 0)
   {
    echo "<font color = 'Red' .<p>This category does not exist.</p> </font>". 
  mysqli_error($db); 
   }

 while($row = mysqli_fetch_assoc($result1))
     {
        echo '<h2>Topics in ′' . $row['Categoryname'] . '′ Category</h2>';
   }        
 ?>

So the specific problem I am experiencing is when I click on any of the links I am getting the error that I defined which is:

'This category does not exist'

So, I tried changing the id of the categories.php page to 1 and I got the following result: Category Result

But when I went and click on the Health and Fitness category instead of saying 'Topics in 'Health and Fitness' Category it still says 'Topics in Community Events Category'. So I changed the id to 2 and the opposite resulted whereby it says 'Topics in 'Health and Fitness' Category on both pages. So is the solution I have to make the id's dynamic or is there a syntactic error. Your help would be greatly appreciated.

Your Common Sense
  • 156,878
  • 40
  • 214
  • 345
  • 1
    You aren't passing any id here it should be something like – Funk Doc Oct 19 '17 at 15:38
  • That is what I stated in the question I did do that and it took me to the 'Topics in Community Events Category' but when I clicked on the other category called 'Health and Fitness' it took me back to the same page called Topics in Community Events Category' –  Oct 19 '17 at 18:59

1 Answers1

0

You are not posting the category id to your Category page. and if you set it static id=2 then it is normal that you get the wrong title.

You have to dynamicaly create the link with the id in it

Change this line:

echo '<h3><a href="category.php?id">'.$row['Categoryname'].'</a></h3>'.$row['Categorydescription'];

To 

echo '<h3><a href="category.php?id='.$row['Categoryid'].'">'.$row['Categoryname'].'</a></h3>.$row['Categorydescription'];

Also take a look at Prepared Statements because your code is vulnerable to sql injection. mysqli_real_escape_string is not safe.

Dimitris Filippou
  • 809
  • 6
  • 12