Assign MySQL database value to PHP variable
Solution 1
You will need to fetch data from your database
$price = mysql_query("SELECT price FROM products WHERE product = '$product'");
$result = mysql_fetch_array($price);
Now you can print it with
echo $result['price'];
As side note I would advise you to switch to either PDO
or mysqli
since mysql_*
api are deprecated and soon will be no longer mantained
Solution 2
If you read the manual at PHP.net (link), it will show you exactly what to do.
In short, you perform the query using mysql_query (as you did), which returns a Result-Resource. To actually get the results, you need to perform either mysql_fetch_array
, mysql_fetch_assoc
or mysql_fetch_object
on the result resource. Like so:
$res = mysql_query("SELECT something FROM somewhere"); // perform the query on the server
$result = mysql_fetch_array($res); // retrieve the result from the server and put it into the variable $result
echo $result['something']; // will print out the result you retrieved
Please be aware though that you should not use the mysql extension anymore; it has been officially deprecated. Instead you should use either PDO or MySQLi. So a better way to perform the same process, but using for example the MySQLi extension would be:
$db = new mysqli($host, $username, $password, $database_name); // connect to the DB
$query = $db->prepare("SELECT price FROM items WHERE itemId=?"); // prepate a query
$query->bind_param('i', $productId); // binding parameters via a safer way than via direct insertion into the query. 'i' tells mysql that it should expect an integer.
$query->execute(); // actually perform the query
$result = $query->get_result(); // retrieve the result so it can be used inside PHP
$r = $result->fetch_array(MYSQLI_ASSOC); // bind the data from the first result row to $r
echo $r['price']; // will return the price
The reason this is better is because it uses Prepared Statements. This is a safer way because it makes SQL injection attacks impossible. Imagine someone being a malicious user and providing $itemId = "0; DROP TABLE items;"
. Using your original approach, this would cause your entire table to be deleted! Using the prepared queries in MySQLi, it will return an error stating that $itemId is not an integer
and as such will not destroy your script.
M.G.Poirot
Apparently, this air prefers to keep of user an mystery about them.
Updated on November 09, 2020Comments
-
M.G.Poirot over 3 years
I have a MySQL Database Table containing products and prices. Though an html form I got the product name in a certain php file. For the operation in this file I want to do I also need the corresponding price.
To me, the following looks clear enough to do it:
$price = mysql_query("SELECT price FROM products WHERE product = '$product'");
However, its echo returns:
Resource id #5
instead a value like like:
59.95
There seem to be other options like mysqli_fetch_assoc mysqli_fetch_array But I can't get them to output anything meaningful and I don't know which one to use.
Thanks in advance.
-
Marc B about 10 yearsyes, exactly...
query()
returns a result HANDLE, not the data you were querying. You need to FETCH a row of results, e.g.$row = mysql_fetch_asssoc($result)
. -
Mario Segura about 10 yearsMight I add that
mysql_*
is deprecated andPDO mysql
ormysqli
should be used instead -
Phil about 10 years
-
-
Phil about 10 yearsDownvoting due to recommending deprecated libraries with potential security vulnerabilities.
-
Fabio about 10 yearsI don't agree, that's just an answer to the op problem, and it's correct though, I didn't encourage to use deprecated mysql_* functions
-
Tularis about 10 yearsBecause it is the answer to the actualy question, and I also mentioned alternatives which are better.
-
Phil about 10 yearsYou're promoting unsafe code. In my opinion, that deserves to receive minimal visibility. It's answers like this along with bad / old tutorials floating around the net that we still have to deal with the mysql extension
-
Fabio about 10 yearsI'm sorry but I didn't mean that, anyway i addd a side note
-
Phil about 10 yearsYour edit only makes it worse now. It's like saying "Here's how to do this with
eval()
. But for the love of God, don't useeval
!" -
Tularis about 10 yearsit DOES answer the question though, which is what this site is about. Helping the user: it answers the question, and also notes why the person should actually be doing something in a different way. Saying "this is a bad answer because it answers the question" is just daft IMO.
-
Phil about 10 yearsFYI, the mysql extension is (and has been for some time) unmaintained.
-
Tularis about 10 yearsI have updated my answer together with an explanation why the OP should use a different method as well as provided the actual preferred method. Now please remove the downvotes.
-
Phil about 10 yearsYour mysqli example is a little off. You need to perform a fetch on the
mysqli_result
object returned fromget_result()
(you also have a typo there). Easier to usebind_result()
when working withmysqli_stmt
IMO -
Tularis about 10 years@Phil sorry, it was late; was indeed a typo (happens if you write things off the top of your head). Thank you for noticing. Personally I don't like using bind_result since it assumes that the order in which you provide the parameters is the order in which the columns were selected in the query. It's easier not to bother with that, and go for named columns via fetch_object or fetch_assoc.
-
Gary almost 6 yearsTypical elitism, that is so frequent around this place. The answer was perfect. The question specifically referred to using mysql_query ; and not mysqli_query. The answer was fine.