Putting html code inside php

Question

Putting html code inside php

Navigation

#1 by (4 votes)

1

I'm trying to put a html code inside a php and it's not working, how do I embed html codes within php?

<?php
if(isset($_POST['buscarNome']) && $_POST['buscarNome'] == 'Buscar') {
    $nome = $_POST['nome'];

    if(empty($nome)){
        echo "<script type='text/javascript'>alert('Informe o nome!');javascript:window.location='consulta.php';</script>";
    }else {
        $strcon = mysqli_connect("localhost", "root", "", "estagio") or die("<script type='text/javascript'>alert('Erro ao conectar no banco de dados!');javascript:window.location='consulta.php';</script>");
        $sql = "SELECT * FROM tbl_usuario WHERE nome LIKE '%''nome''%'";
        $con = mysqli_query($strcon, $sql) or die("<script type='text/javascript'>alert('Erro ao tentar fazer a consulta');javascript:window.location='consulta.php';</script>");
echo<<<HTML
<table border="1">
    <tr>
        <td>CPF</td>
        <td>Nome</td>
        <td>Sexo</td>
        <td>Idade</td>
        <td>Cidade</td>
        <td>Telefone</td>
        <td>Email</td>
    </tr>
    <?php while($dado = $con->fetch_array()){ ?>
        <tr>
            <td><?php echo $dado['cpf']; ?></td>
            <td><?php echo $dado['nome']; ?></td>
            <td><?php echo $dado['sexo']; ?></td>
            <td><?php echo $dado['idade']; ?></td>
            <td><?php echo $dado['cidade']; ?></td>
            <td><?php echo $dado['telefone']; ?></td>
            <td><?php echo $dado['email']; ?></td>
        </tr>
    <?php } ?>
</table>
HTML;
    }
?>

php

asked by anonymous 23.11.2016 / 01:53

1 answer

Limit of characters in a DIV Error in javascript / html code [closed]

score 4 · Accepted Answer

The problem is that this line here:

<?php while($dado = $con->fetch_array()){ ?>

is within a HEREDOC, so it is treated as text, not PHP.

The solution without messing around in your code is something like this:

<?php
if(isset($_POST['buscarNome']) && $_POST['buscarNome'] == 'Buscar') {
    $nome = $_POST['nome'];
}
if(empty($nome)){
    echo "<script type='text/javascript'>alert('Informe o nome!');javascript:window.location='consulta.php';</script>";
}else {
    $strcon = mysqli_connect("localhost", "root", "", "estagio") or die("<script type='text/javascript'>alert('Erro ao conectar no banco de dados!');javascript:window.location='consulta.php';</script>");
    $nome = mysqli_real_escape_string( $strcon, $nome );
    $sql = "SELECT * FROM tbl_usuario WHERE nome LIKE '%".$nome."%'";
    $con = mysqli_query($strcon, $sql) or die("<script type='text/javascript'>alert('Erro ao tentar fazer a consulta');javascript:window.location='consulta.php';</script>");
?>
<table border="1">
    <tr>
        <td>CPF</td>
        <td>Nome</td>
        <td>Sexo</td>
        <td>Idade</td>
        <td>Cidade</td>
        <td>Telefone</td>
        <td>Email</td>
    </tr>
<?php while($dado = $con->fetch_array()){ ?>
        <tr>
            <td><?php echo $dado['cpf']; ?></td>
            <td><?php echo $dado['nome']; ?></td>
            <td><?php echo $dado['sexo']; ?></td>
            <td><?php echo $dado['idade']; ?></td>
            <td><?php echo $dado['cidade']; ?></td>
            <td><?php echo $dado['telefone']; ?></td>
            <td><?php echo $dado['email']; ?></td>
        </tr>
<?php } ?>
'</table>';
<?php } ?>

Note also the adoption of this line, to avoid SQL Injection:

        $nome = mysqli_real_escape_string( $strcon, $nome );

To avoid confusion, it pays to rethink the code to avoid much opens and closes <?php ?> mixed with echo .

Contrary to what you preach, it's okay to mix PHP with HTML (after all, PHP was meant for that), but each case is a case, and your code is getting a bit confusing so you should know different ways to get organized.