Connection to db SQLITE and SELECT * FROM recycle_data WHERE $ variable

-1

I'm making a program that allows the user to enter the ID of the person in question, and then displays all the data in a table.

So far, I have these two codes:

<!doctype html>
    <html lang="en">

    <head>
        <meta charset="UTF-8">
        <title>Untitled Document</title>
        <link rel="stylesheet" href="/css/main.css">
    </head>

    <body>
        <form action="search_php.php" method="post">
            ID: <input type="text" name="name"><br>
            <input type="submit">
        </form>

    </body>

    </html>

E

<?php
$db = "database_arduino.db"
$name = ["name"]

$sql = "SELECT * FROM reciclagem_data WHERE personID = $name"

?>

    <!doctype html>
    <html lang="en">

    <head>
        <meta charset="UTF-8">
        <title>Untitled Document</title>
        <link rel="stylesheet" href="/css/main.css">
    </head>

    <body>
        <table></table>

    </body>

    </html>

From what I know, I'm having problems with the PHP connection to the SQLITE3 database, and in the second code, on the SELECT * FROM reciclagem_data WHERE $name line. I want the program to register the variable that the user types and then, with that same database, be used to display the user's data.

    
asked by anonymous 25.07.2018 / 23:00

2 answers

1

You are currently searching for the value of $_POST incorrectly here:

$name = ["name"]

An example of how to pull it:

$name = filter_input(INPUT_POST, 'name');

Using filter_input , it also helps against SQL injection.

A connection / query form with SQLite:

$obj = new SQLite3;
$obj -> open("local_do_arquivo_db");
$obj -> query("sua_query");

About using the PDO, it should be parsed. It would be good to search more about, because sometimes you will use something without necessity.

    
30.07.2018 / 18:15
1

To connect to SQLITE you must use the PDO

<?php 
     // Cria uma conexão com o banco de dados indicado no caminho
     $myPDO = new PDO('sqlite:/home/example/books.db'); 

     // Para rodar uma query
     $result = $myPDO->query("SELECT * FROM reciclagem_data WHERE $name");
?>

An example to be able to populate the table after getting the result:

<table>
    <thead>
        <th>Coluna 1</th>
        <th>Coluna 2</th>
        <th>Coluna 3</th>
    </thead>
    <?php foreach($result as $row) { ?>
        <tbody>
            <td><?php echo $row['nome'] ?></td>
            <td><?php echo $row['idade'] ?></td>
            <td><?php echo $row['sexo'] ?></td>
        </tbody>
    <?php } ?>
</table>
    
26.07.2018 / 03:59