PHP- getting the value of a cell for use with an api

StackOverflow https://stackoverflow.com/questions/22388946

  •  14-06-2023
  •  | 
  •  

Question

Sorry if this is a stupid question, I'm pretty new at PHP.

So first, here is what I'm trying to do:

I am pulling information from MYSQL and displaying the info on a page. specifically this bit:

while($rowsID = mysql_fetch_assoc($sIDD))
{
echo '<tr>';
foreach($rowsID as $key => $cell){
    print '<td>'.$cell.'</td>';
}

This works fine and displays the info I want.

The information from that cell, I want to plug into:

$sid = $rowsID['steamID'];
$key = '<yoink>';
$slink =file_get_contents('http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=' .        $key . '&steamids=' . $sid . '&format=json');
$myarray = json_decode($slink, true);
print '<img src=';
print $myarray['response']['players'][0]['avatarmedium'];
print '>'; `

This does not work. It won't pull the actual number from the cell and put it into $sid. I've at a loss here. I'm googled for days, and most of my code is frankenstiened from bits I've found around here, so I'm not even sure I'm on the right track. I hope I've clearly explained my problem and provided enough info. Thanks for any help.

The full code: 

<?php
$hostname = "";   // eg. mysql.yourdomain.com (unique)
$username = "";   // the username specified when setting-up the database
$password = "";   // the password specified when setting-up the database
$database = "";   // the database name chosen when setting-up the database (unique)

$imgR =  "<td><img src='/images/red-dot2.png".$cell['red-dot2.png']."'></td>";
$imgG =  "<td><img src='/images/green-dot2.png".$cell['green-dot2.png']."'></td>";
setlocale(LC_MONETARY, 'en_US');
// Line 10
$_GET['id'];
$name = $_GET['id'];

$link = mysql_connect($hostname,$username,$password);
mysql_select_db($database) or die("Unable to select database");

$sql = "SELECT Members.PID, Members.ID, Members.Steam_Name, Members.SG_ID\n"
    . "FROM Members WHERE Members.PID = '$name%' ";

//Line 20
$gas = "SELECT Giveaways.title, Giveaways.cv, Members_1.Page, Giveaways.B, Giveaways.entries\n"
    . "FROM Members_1 INNER JOIN (Members INNER JOIN Giveaways ON Members.SG_ID = Giveaways.giver) ON Members_1.SG_ID = Giveaways.status\n"
    . "WHERE (((Members.PID)='$name'))";

$cvGiven = "SELECT Members.PID, Sum(Giveaways.cv) AS SumOfcv\n"
    . "FROM Members INNER JOIN Giveaways ON Members.SG_ID = Giveaways.giver\n"
    . "GROUP BY Members.PID\n"
    . "HAVING (((Members.PID)=$name)) ";

//Line 30
$winResults = "SELECT Giveaways.title, Members_1.Page, Giveaways.cv, Giveaways.B, Giveaways.entries\n"
    . "FROM Members INNER JOIN (Members_1 INNER JOIN Giveaways ON Members_1.SG_ID = Giveaways.giver) ON Members.SG_ID = Giveaways.status\n"
    . "WHERE (((Members.PID)=$name)) ";

$cvWon = "SELECT Members.PID, Sum(Giveaways.cv) AS SumOfcvW\n"
    . "FROM Members INNER JOIN Giveaways ON Members.SG_ID = Giveaways.status\n"
    . "GROUP BY Members.PID\n"
    . "HAVING (((Members.PID)=$name)) ";

$sID = "SELECT Members.ID\n"
    . "FROM Members\n"
    . "WHERE (((Members.PID)=$name))";

$get = "SELECT Members.PID, Members.SG_ID\n"
    . "FROM Members";

//Line 40

$result = mysql_query($sql,$link) or die("Unable to select: ".mysql_error());
$result2 = mysql_query($gas,$link) or die("Unable to select: ".mysql_error());
$cvTotal = mysql_query($cvGiven,$link) or die("Unable to select: ".mysql_error());
$cvTotalW = mysql_query($cvWon,$link) or die("Unable to select: ".mysql_error());
$wins = mysql_query($winResults,$link) or die("Unable to select: ".mysql_error());
$sIDD = mysql_query($sID,$link) or die("Unable to select: ".mysql_error());
$getN= mysql_query($get,$link) or die("Unable to select: ".mysql_error());


if (!$result) {
    die("Query to show fields from table failed");
}

if (!$result2) {
    die("Query to show fields from table failed");
}
if (!$cvTotal) {
    die("Query to show fields from table failed");
}
if (!$sIDD) {
    die("Query to show fields from table failed");
}

if (!$getN) {
    die("Query to show fields from table failed");
}

//Line 60
if (!$cvTotalW) {
    die("Query to show fields from table failed");
}
if (!$wins) {
    die("Query to show fields from table failed");
}


///////////////////////////////////////////////////////////////////////////////////
//////////////////////////Start Structure//////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////


//Display name
echo '<h2>[[Breadcrumbs?showHomeCrumb = 0  ]]</h2>';

//Display Steam ID
$sid = $rowsID['steamID'];
$key = '';

   $slink = file_get_contents('http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=' . $key . '&steamids=' . $sid . '&format=json');
   $myarray = json_decode($slink, true);
    print $myarray['response']['players'][0]['avatarmedium'];
   // print '>'; 
print $sid;


echo '<table>';

while($rowsID = mysql_fetch_assoc($sIDD))
{
echo '<tr>';
    foreach($rowsID as $key => $cell){
        print '<th>Steam ID:</th>'.'<td>'.$cell.'</td>';

    }
echo'</tr>';
}
echo '</table>';

//CV totals
$row = mysql_fetch_assoc($cvTotal);
$sum = $row['SumOfcv'];
$rowW = mysql_fetch_assoc($cvTotalW);
$sumW = $rowW['SumOfcvW'];

//Start CV table
echo '<div class=cv>';
echo '<table>';
echo '<tr>';
echo '<td>Total CV Given:</td>';
echo '<td> $'. number_format ($sum,2). '</td>';
echo '<tr>';
echo "<td>Total CV Won:</td>";
echo '<td> $'. number_format ($sumW,2). '</td>';
echo '</tr>';
echo "</tr>\n\n";
echo '</table>';
echo '</div>';




//Start Giveaways List
echo '<h3>Giveaways</h3>';
echo '<div class=llamatable>';
echo"<table>\n";
echo'<th>Game</th><th>CV</th><th>Winner</th><th></th><th>NB?</th><th>Entries</th>';


while($row = mysql_fetch_assoc($result2)) {



    print "<tr>\n";
      //Is it a bundle?
      foreach($row as $key => $cell){
       if ($key == 'B' && strpos($cell,'1') !== false){
         $cell = str_replace('1',$cell,$imgR);
        } 
        elseif($key == 'B' && $cell == "0"){
            $cell= $imgG;
       }
      //Set cv format
       if($key == 'cv'){
         $cell= '$'. number_format ($cell,2); //Line 80
        }
        //set breaks if multiple winners
       if (strpos($cell,',') !== false){
         $cell= str_replace(',','<br />',$cell);
        }
       if($key == 'status' && strpos($cell, $nameName)){
         $cell = $test;
       }        
        echo"<td>$cell</td>\n";

    }


    print "</tr>\n";


    //print "</br>\n";
}// End Giveaways list
//////////////////////////////////////////////////////////////////////////////////////////

print "</table>\n";
print "</div>";


//Start Wins List
echo '<h3>Wins</h3>';
echo '<div class=llamatable>';
//$fields_num = mysql_num_fields($results);
echo"<table>\n";
echo'<th>Game</th><th>Contributor</th><th>cv</th><th></th><th>NB?</th><th>Entries</th>';


while($row = mysql_fetch_assoc($wins)) {

    print "<tr>\n";
      //Is it a bundle?
      foreach($row as $key => $cell){
       if ($key == 'B' && strpos($cell,'1') !== false){
         $cell = str_replace('1',$cell,$imgR);
        } //Line 110
        elseif($key == 'B' && $cell == "0"){
            $cell= $imgG;
       }
      //Set cv amount
       if($key == 'cv'){
         $cell= '$'. number_format ($cell,2);
        }
        //set breaks if multiple winners
       if (strpos($cell,',') !== false){
         $cell= str_replace(',','<br />',$cell);
        }
        echo"<td>$cell</td>\n";

    }
print "</tr>\n";



}// End wins list
print "</table>\n";
    echo "</div>";



//echo '</table>';
//echo '</div>';
mysql_close($link);
?>

I realize the code is probably a disaster, I plan on cleaning it up once I have it working and understand more fully what I'm looking at. I've copie and patched together code from a lot of different sources, as well as attempted my own. Don't hate me. :-)

Was it helpful?

Solution

There are a few problems. First, and foremost, you are using the $rowsID variable before it has data.

$sid = $rowsID['steamID']; 
        ^-------- You don't assign this a value until 12 lines later, here:

while($rowsID = mysql_fetch_assoc($sIDD))

Second, you should not use the mysql_* functions. Instead look into mysqli or PDO as a replacement for the deprecated mysql functions

Third, SANITIZE YOUR INPUT. You are taking the value in $_GET['id'] and passing it directly to your queries. Hello, Little Bobby Tables.

Solving those problems should get you on your way.

A few things you may want to consider improving:

  • If I am reading your queries correctly, you are querying based on player name, right? What happens if two people have the name Llama?
  • If you are going to be querying the Steam API for each user, build a string of profile IDs separated by a comma and then pass all of those (up to 100) to the steamids variable when you make your API call. This reduces the number of round trips you have to make to Valve's servers
  • I don't know your database structure, but several of those queries look like they can be combined with some fancy SQL. If you know more complicated SQL, it'd be a good idea to reduce the number of calls to the database for performance improvements.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top