Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

fetch data in wordpress page resulting in page not found 1

Status
Not open for further replies.
thep1

thep1

IS-IT--Management
Oct 8, 2012
25
US
hello,
I created a template page in wordpress and want to get data from MySQL db table. when I pass the parameter in the search box I get Page NOT Found error.

here is the code in my template page

Code: 
<?php /*Template Name: ReportSearch-5 */

get_header(); ?>

	<?php do_action( 'spacious_before_body_content' ); ?>

	<div id="primary">
		<div id="content" class="clearfix">
			<?php while ( have_posts() ) : the_post(); ?>

				<?php get_template_part( 'content', 'page' ); ?>
					 
                     <form method="get" action="reportsearch2.php">
                     <input type="text" name="FetchReport" placeholder="Enter Report # To Search">
					 <input type="submit" value="Search" id="mySearch">
                     </form>
                   
<!-- Report Search code here  -->                  
                     <?php
					 
					 
$results = $wpdb->get_results( "SELECT * FROM wp_ilabs_reportsearch where reportnumber=' $_GET[FetchReport] '" ); // Query to fetch data from database table and storing in $results
if(!empty($results))                        // Checking if $results have some values or not
{    
    echo "<table width='100%' border='0'>"; // Adding <table> and <tbody> tag outside foreach loop so that it wont create again and again
    echo "<tbody>";      
    foreach($results as $row){   
    $userip = $row->user_ip;               //putting the user_ip field value in variable to use it later in update query
    echo "<tr>";                           // Adding rows of table inside foreach loop
    echo "<th>ID</th>" . "<td>" . $row->report . "</td>";
    echo "</tr>";
    echo "<td colspan='2'><hr size='1'></td>";
    echo "<tr>";        
    echo "<th>User IP</th>" . "<td>" . $row->cushape . "</td>";   //fetching data from user_ip field
    echo "</tr>";
    echo "<td colspan='2'><hr size='1'></td>";
    echo "<tr>";        
    echo "<th>Post ID</th>" . "<td>" . $row->col . "</td>";
    echo "</tr>";
    echo "<td colspan='2'><hr size='1'></td>";
    echo "<tr>";        
    echo "<th>Time</th>" . "<td>" . $row->cla . "</td>";
    echo "</tr>";
    echo "<td colspan='2'><hr size='1'></td>";
    }
    echo "</tbody>";
    echo "</table>"; 

}
?>
              
                     
                     
                     
                     
				<?php
					do_action( 'spacious_before_comments_template' );
					// If comments are open or we have at least one comment, load up the comment template
					if ( comments_open() || '0' != get_comments_number() )
						comments_template();
	      		do_action ( 'spacious_after_comments_template' );
				?>

			<?php endwhile; ?>

		</div><!-- #content -->
	</div><!-- #primary -->

	<?php spacious_sidebar_select(); ?>

	<?php do_action( 'spacious_after_body_content' ); ?>

<?php get_footer(); ?>

if i remove the $_GET[FetchReport] and add a value that exists in the table then i get records but i am trying to get the value by providing a search in the input textbox.

when i input value in search textbox and click Search button i get
i dont know much on wordpress so i dont know if this is wordpress issue or code. hopefully someone can point out what am i doing wrong. i checked out so many videos and samples on php but in this case its not working for me.
 
Sort by date Sort by votes
found the solution.

had to change the Permalinks to "Post name"


and changed the code for these 2 lines

Code: 
<form method="get">

$results = $wpdb->get_results( "SELECT * FROM wp_ilabs_reportsearch where reportnumber= $_GET[FetchReport] " );

 
Upvote 0 Downvote
Hi

thep1 said:
[pre]$results = $wpdb->get_results( "SELECT * FROM wp_ilabs_reportsearch where reportnumber= $_GET[FetchReport] " );[/pre]
Click to expand...
That is an invitation for Bobby Tables. I suggest to read the linked site, it explains in simple terms why not to do it like that and how to do it instead. ( Or just search the web for "sql injection", there are tons of sites about the subject. )


Feherke.
feherke.github.io
 
Upvote 0 Downvote
thanks for that advise feherke. pretty scary stuff.

now my question is what should be the approach i should take to accomplish this? i am not too familiar with php and MySQL stuff. is there some example you or someone can provide?
 
Upvote 0 Downvote
Hi

I am not familiar with WordPress, so just based on what the Bobby Tables site suggests for WordPress and the official documentation of [tt]wpdb::get_results()[/tt] and [tt]wpdb::prepare()[/tt] :
Code: 
[navy]$results[/navy] [teal]=[/teal] [navy]$wpdb[/navy][teal]->[/teal][COLOR=orange]get_results[/color][teal]([/teal][navy]$wpdb[/navy][teal]->[/teal][COLOR=orange]prepare[/color][teal]([/teal][i][green]"SELECT * FROM wp_ilabs_reportsearch where reportnumber= %s"[/green][/i][teal],[/teal] [navy]$_GET[/navy][teal][[/teal][i][green]'FetchReport'[/green][/i][teal]]))[/teal]

Feherke.
feherke.github.io
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
226
SashaBuilder3
SashaBuilder3
c0deM0nK424
  • Locked
  • Question
Gutenberg Block Editor - page edits and updates not working since wp site migration
Replies
1
Views
399
spamjim
spamjim
Brianfree
  • Locked
  • Question
Dropdown list data generator
Replies
3
Views
176
Brianfree
Brianfree
lflynnlrf
  • Locked
  • Question
wordpress/ shortcode/ PHP duplicating code
Replies
1
Views
108
spamjim
spamjim
EdLentz
  • Locked
  • Question
Partial link in email
Replies
1
Views
119
spamjim
spamjim

Part and Inventory Search

Sponsor

Back
Top