<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Prac 2 Task 8</title>
</head>
<body>
<?php
$conn = mysql_connect("localhost", "<username>", "<password>");
mysql_select_db("warehouse<##>", $conn)
or die ('Database not found ' . mysql_error() );
$input = $_GET["custID"];
$sql = "select orderNumber, orderDate, shipped from orders where customerID = $input
order by orderDate";
$rs = mysql_query($sql, $conn)
or die ('Problem with query' . mysql_error());
//validate result set here
if(mysql_num_rows($rs)>0)
{
?>
<?php
if (orderNumber != "") { ?>
<p>the following information was received from the user:</p>
<p><strong>customerID = </strong> <?php echo "$input"; ?><br/><br/>
<table border="1" summary="Order Details">
<tr>
<th>Order Number</th>
<th>Order Date</th>
<th>Shipped</th>
</tr>
<?php
while ($row = mysql_fetch_array($rs)) { ?>
<tr>
<td><?php echo $row["orderNumber"]?></td>
<td><?php echo $row["orderDate"]?></td>
<td><?php echo $row["shipped"]?></td>
</tr>
<?php }}
else {
$txt ="The CustomerID you entered was either invalid or does not exist";
echo $txt;?>
<?php }
}//endif
else{
//you error message here
}
mysql_close($conn); ?>
</table>
</body></html>
Generating error message for empty database query in PHP
-
29-05-2022 - |
Question
The following code's purpose is to get an input (from a separate HTML file) for the customerID in a database from the user and then display the order number, order date and shipped status for that customerID. The code works fine and I am able to do this, however I also want to create an error message if a customerID that does not exist in the database is entered, instead of just an empty table. I am new to PHP and any help on how to do this is appreciated. (Please note, it has to be in either PHP or mysql)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Prac 2 Task 8</title>
</head>
<body>
<?php
$conn = mysql_connect("localhost", "<username>", "<password>");
mysql_select_db("warehouse<##>", $conn)
or die ('Database not found ' . mysql_error() );
$input = $_GET["custID"];
$sql = "select orderNumber, orderDate, shipped from orders where customerID = $input
order by orderDate";
$rs = mysql_query($sql, $conn)
or die ('Problem with query' . mysql_error());
?>
<?php
if (orderNumber != "") { ?>
<p>the following information was received from the user:</p>
<p><strong>customerID = </strong> <?php echo "$input"; ?><br/><br/>
<table border="1" summary="Order Details">
<tr>
<th>Order Number</th>
<th>Order Date</th>
<th>Shipped</th>
</tr>
<?php
while ($row = mysql_fetch_array($rs)) { ?>
<tr>
<td><?php echo $row["orderNumber"]?></td>
<td><?php echo $row["orderDate"]?></td>
<td><?php echo $row["shipped"]?></td>
</tr>
<?php }}
else {
$txt ="The CustomerID you entered was either invalid or does not exist";
echo $txt;?>
<?php }
mysql_close($conn); ?>
</table>
</body></html>
Solution
OTHER TIPS
You have many ways to do this, and this is one of so many:
- encapsulate your code into a try-catch so it is easy to manage errors, much better way than use "or die" stuff
- verify the validity of your GET and POST variables to avoid SQL injections for security
- you may use a "select count(*) ..." before the main query, or just count the quantity of results of the main query (what I put there)
this gives approx that:
<body>
<?php
$conn = mysql_connect("localhost", "<username>", "<password>");
mysql_select_db("warehouse<##>", $conn)
or die ('Database not found ' . mysql_error() );
try
{
$input = $_GET["custID"];
// Protect yourself from SQL injection
if (!is_numeric($input))
throw new Exception('Error: the customer ID is not a number');
$sql = "select orderNumber, orderDate, shipped from orders where customerID = $input
order by orderDate";
$rs = mysql_query($sql, $conn)
or die ('Problem with query' . mysql_error());
?>
<?php
if ( mysql_num_rows($rs) > 0 )
{ ?>
<p>the following information was received from the user:</p>
<p><strong>customerID = </strong> <?php echo "$input"; ?><br/><br/>
<table border="1" summary="Order Details">
<tr>
<th>Order Number</th>
<th>Order Date</th>
<th>Shipped</th>
</tr>
<?php
while ($row = mysql_fetch_array($rs)) { ?>
<tr>
<td><?php echo $row["orderNumber"]?></td>
<td><?php echo $row["orderDate"]?></td>
<td><?php echo $row["shipped"]?></td>
</tr>
<?php }
else
{
echo "There is no results for this customer";
}
}
else {
$txt ="The CustomerID you entered was either invalid or does not exist";
echo $txt;?>
<?php }
}
catch (Exception $e)
{
echo "Error: ".$e;
}
mysql_close($conn); ?>
</table>
</body>
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow