PHP mysql require assistance handling a var with and without a set value

Question

$read2 = "SELECT * FROM `elmtree_transactions` WHERE sellerid ='$sellerid'";
if ($result2 = $conn->query($read2)) {
    while ($row2 = $result2->fetch_assoc()) {
        $rating = $row2['rating'];
    }
}
echo "                  
    <div class='col-sm-3 pt-3'>
    <div class='card'>
    <div class='card-header'>
        <strong>$user</strong><br>
        Seller Rating : $rating / 5 <img src='/elmtree/images/star.png' class=' img-rating' />
        </div>
    ";

Set up a seller rating. If the seller has a rating in the MySQL table it displays it on the page. If they don't it throws an error cause the $rating var to be undefined, which causes the webpage to look broken. Would like to be bale to manage this and show 0/5 or "seller has no rating yet" when no rating is in the MySQL table

Did u try to declare $rating =0; before $read2?. your code seem to be missing a default value for $ratng. Beside that, you can also do this on echo ($rating==""?0:$rating) — AntKoki, Mar 26 '19 at 01:11
Your code is vulnerable to [SQL Injection](https://stackoverflow.com/questions/601300/what-is-sql-injection) in it. — , Mar 26 '19 at 01:37

Nicolas Racine · Answer 1 · 2019-03-26T01:30:11.737

0

Your mysql query while will only loop through if there is a value returned from mysql

In OP there isn't really a accurate defenition of the error your getting. But I am assuming now that your experiencing a warning error about the variable not already initialized.

So, By good practice i would init the variable $rating before that loop like so

$rating = null;
$read2 = "SELECT * FROM `elmtree_transactions` WHERE sellerid ='$sellerid'";
if ($result2 = $conn->query($read2)) {
    while ($row2 = $result2->fetch_assoc()) {
        $rating = $row2['rating'];
    }
}
echo "                  
    <div class='col-sm-3 pt-3'>
    <div class='card'>
    <div class='card-header'>
        <strong>$user</strong><br>
        ".(is_numeric($rating)?"Seller Rating : $rating / 5 <img src='/elmtree/images/star.png' class=' img-rating' />":'No rating available yet')."
        </div>
    ";

edited Mar 26 '19 at 01:30

answered Mar 26 '19 at 01:11

Nicolas Racine

979
2
10
34

what is `underfined` string coming from and why? – Marcin Orlowski Mar 26 '19 at 01:19
just assuming like said in my reply, based on the OP saying his output is undefined. – Nicolas Racine Mar 26 '19 at 01:22
$read2 = "SELECT * FROM `elmtree_transactions` WHERE sellerid ='$sellerid'"; if ($result2 = $conn ->query($read2)){ while ($row2 = $result2->fetch_assoc()){ $rating = $row2['rating']; } } if($rating == 'undefined'){ echo "

$user
Seller Rating : Seller has no rating yet
"; }else{ echo etc etc ect @NicolasRacine I did that but its throwing an error
– Lux Mar 26 '19 at 01:23
This answer has [SQL Injection](https://stackoverflow.com/questions/601300/what-is-sql-injection) in it. – Mar 26 '19 at 01:29
@Lux see my updated anwser. Also Chipster is right. You have the posibility of having SQL injection if the value $sellerid is in any way interactable with user data i would setup my mysql request properly. – Nicolas Racine Mar 26 '19 at 01:32
@Chipster this should be a coment for the OP, not the anwser ;) I aint going to change the code not asked for. – Nicolas Racine Mar 26 '19 at 01:33
@NicolasRacine That worked perfectly, youre a star, thank you so much!! – Lux Mar 26 '19 at 01:38

PHP mysql require assistance handling a var with and without a set value

1 Answers1