Идентификатор MySQL не передается на следующую страницу

Question

Во-первых, я знаю, что SQL-инъекция не требует комментариев, поскольку эта форма НИКОГДА не подключается к Интернету и используется только двумя людьми.

Теперь мой вопрос заключается в том, что я использую этот код ниже в течение нескольких недель, и она работала отлично

<?php 
    $sql = "SELECT * FROM ".$SETTINGS["data_table"]." ORDER BY id " ; 
    $sql_result = mysql_query ($sql, $connection) or die ('request "Could not execute SQL query" '.$sql); 
    while ($row = mysql_fetch_assoc($sql_result)) { 


    } 
?> 


<input type="submit" name="button" id="table_button" value="Search" style="width: 45px" />&nbsp; 


<a href="search_football.php">Reset</a> </div> 
</form></fieldset> 
<br /><br /> 

<fieldset style="width: 725px"><legend>Search Results</legend> 
<?php 
// Define $color=1 
    $color="1"; 
    echo '<table width="100%" border="1" align="center" cellpadding="0" cellspacing="0">'; 
    echo '<th>ID</th><th>Division</th><th>Club</th><th>Roster Number</th><th>Last Name</th><th>First Name</th><th>Registered</th><th>Payment</th></th><th>View Player</th><th>Edit Player</th><th>Check Out</th><th>Check In</th><th>Make Badge</th><th>Delete</th>'; 

if ($_REQUEST["club"]<>'') { 
    $search_club = " AND club='".mysql_real_escape_string($_REQUEST["club"])."'"; 
} 
if ($_REQUEST["division"]<>'') { 
    $search_division = " AND division='".mysql_real_escape_string($_REQUEST["division"])."'"; 
} 
if ($_REQUEST["lname"]<>'') { 
    $search_lname = " AND lname='".mysql_real_escape_string($_REQUEST["lname"])."'";  
} 

if ($_REQUEST["club"]<>'' and $_REQUEST["division"]<>'' and $_REQUEST["lname"]<>'') { 
    $sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE club = '".mysql_real_escape_string($_REQUEST["club"])."' AND division = '".mysql_real_escape_string($_REQUEST["division"])."' AND lname = '".mysql_real_escape_string($_REQUEST["lname"])."'".$search_club.$search_division.$search_lname; 
} else { 
    $sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE id>0".$search_club.$search_division.$search_lname; 
} 

$sql_result = mysql_query ($sql, $connection) or die ('request "Could not execute SQL query" '.$sql); 
if (mysql_num_rows($sql_result)>0) { 
    while ($row = mysql_fetch_assoc($sql_result)) { 

    // If $color==1 table row color = #FFC600 
    if($color==1){ 
    echo "<tr bgcolor='#C6E7F7'> 
    <td><center>".$row['id']."</center></td><td><center>".$row['division']."</center></td><td><center>".$row['club']."</center></td><td><center>".$row['roster_number']."</center></td><td><center>".$row['lname']."</center></td><td><center>".$row['fname']."</center></td><td><center>".$row['registered']."</center></td><td><center>".$row['pay_status']."</center></td><td><center><a href=player_verification.php?id=$row[id]><img src=images/icons/view.png height='30' width='30' border='0'/></center></td><td><center><a href=edit_player.php?id=$row[id]><img src=images/icons/edit.png height='25' width='25' border='0'/></center></td><td><center><a href=equipment_checkout.php?id=$row[id]><img src=images/icons/out-icon.png height='30' width='30' border='0'/></center></td><td><center><a href=equipment_checkin.php?id=$row[id]><img src=images/icons/checkin.png height='30' width='30' border='0'/></center></td><td><center><a href=make_badge.php?id=$row[id]><img src=images/icons/badge.png height='30' width='30' border='0'/></center></td><td><center><a href=delete.php?id=$row[id]><img src=images/icons/delete.gif height='20' width='20' border='0'/></center></td></tr>"; 
    // Set $color==2, for switching to other color 
    $color="2"; 
    } 
    // When $color not equal 1, use this table row color 
    else { 
    echo "<tr bgcolor='#FFFFFF'> 
    <td><center>".$row['id']."</center></td><td><center>".$row['division']."</center></td><td><center>".$row['club']."</center></td><td><center>".$row['roster_number']."</center></td><td><center>".$row['lname']."</center></td><td><center>".$row['fname']."</center></td><td><center>".$row['registered']."</center></td><td><center>".$row['pay_status']."</center></td><td><center><a href=player_verification.php?id=$row[id]><img src=images/icons/view.png height='30' width='30' border='0'/></center></td><td><center><a href=edit_player.php?id=$row[id]><img src=images/icons/edit.png height='25' width='25' border='0'/></center></td><td><center><a href=equipment_checkout.php?id=$row[id]><img src=images/icons/out-icon.png height='30' width='30' border='0'/></center></td><td><center><a href=equipment_checkin.php?id=$row[id]><img src=images/icons/checkin.png height='30' width='30' border='0'/></center></td><td><center><a href=make_badge.php?id=$row[id]><img src=images/icons/badge.png height='30' width='30' border='0'/></center></td><td><center><a href=delete.php?id=$row[id]><img src=images/icons/delete.gif height='20' width='20' border='0'/></center></td></tr>"; 
    // Set $color back to 1 
    $color="1"; 
    } 

    } 
} else { 
?> 

Тогда я решил изменить его, чтобы добавить JQuery плагин для разбиения на страницы и теперь я м с помощью этого

<?php 
include 'elite-banner.php'; 

$con = mysql_connect("localhost", "root", "xxx"); 

if (!$con) { 
die("Error: " . mysql_error()); 
} 

mysql_select_db("xxx", $con); 

$result = mysql_query("SELECT * FROM players WHERE ID = id"); 
?> 
<br/> 
<!DOCTYPE html> 
<html> 
<head> 
    <title>DataTables</title> 
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 

    <script src="media/js/jquery.js" type="text/javascript"></script> 
    <script src="media/js/jquery.dataTables.js" type="text/javascript"></script> 

    <style type="text/css"> 
     @import "media/css/demo_table_jui.css"; 
     @import "media/themes/smoothness/jquery-ui-1.8.4.custom.css"; 



    *{ 
      font-family: arial; 
    } 
     #holder { 
     margin:auto; 
    } 

    .auto-style1 { 
     border-left: 1px solid #C0C0C0; 
     font-family: "Courier New", Courier, monospace; 
    } 
    .auto-style2 { 
     text-align: center; 
     border-right-style: solid; 
     border-right-width: 1px; 
     border-right-color:#C0C0C0 
    } 

    .auto-style3 { 
     font-family: "Agency FB"; 
    } 
    .auto-style4 { 
     font-family: "Courier New", Courier, monospace; 
    } 
    .auto-style5 { 
     text-align: center; 
     font-family: "Courier New", Courier, monospace; 
    } 
    tr:hover { 
     background-color:#99FF99; 
    } 


    </style> 
    <script type="text/javascript" charset="utf-8"> 
     $(document).ready(function(){ 
      $('#datatables').dataTable({ 
       "sPaginationType":"full_numbers", 
       "aaSorting":[[2, "desc"]], 
       "bJQueryUI":true 
      }); 
     }) 

    </script> 
    <?php 
    include 'menu.php'; 
    ?> 
</head> 
<body> 
<div id="holder" style="width:70%;"> 
    <div> 
     <table id="datatables" class="display"> 
      <thead> 
       <tr> 
        <th style="width: 22px" class="auto-style3">Div</th> 
        <th style="width: 180px" class="auto-style3">Club</th> 
        <th style="width: 125px" class="auto-style3">Last Name</th> 
        <th style="width: 129px" class="auto-style3">First Name</th> 
        <th style="width: 50px" class="auto-style3">Number</th> 
        <th style="width: 40px" class="auto-style3">View </th> 
        <th style="width: 40px" class="auto-style3">Edit </th> 
        <th style="width: 40px" class="auto-style3">Out</th> 
        <th style="width: 40px" class="auto-style3">In</th> 
        <th style="width: 40px" class="auto-style3">Badge</th> 
        <th style="width: 40px" class="auto-style3">Delete</th> 
       </tr> 
      </thead> 
      <tbody> 
       <?php 
       while ($row = mysql_fetch_array($result)) { 
        ?> 
        <tr> 
         <td class="auto-style1" style="width: 22px"><?=$row[division]?></td> 
         <td class="auto-style5" style="width: 180px"><?=$row[club]?></td> 
         <td class="auto-style5" style="width: 125px"><?=$row[lname]?></td> 
         <td class="auto-style5" style="width: 129px"><?=$row[fname]?></td> 
         <td class="auto-style5" style="width: 50px"><?=$row[roster_number]?></td> 
         <td class="dataTables_empty" style="width: 40px"><a href=player_verification.php?id=$row[id]> 
         <img src="images/icons/view.png" height="30" width="30" border="0" class="auto-style4"/></a></td> 
         <td class="dataTables_empty" style="width: 40px"><a href=edit_player.php?id=$row[id]> 
         <img src="images/edit.png" height="30" width="30" border="0" class="auto-style4"/></a></td> 
         <td class="dataTables_empty" style="width: 40px"><a href=check_out.php?id=$row[id]> 
         <img src="images/checkout.png" height="30" width="30" border="0" class="auto-style4"/></a></td> 
         <td class="dataTables_empty" style="width: 40px"><a href=check_in.php?id=$row[id]> 
         <img src="images/checkin.png" height="40" width="40" border="0" class="auto-style4"/></a></td> 
         <td class="dataTables_empty" style="width: 40px"><a href=make_badge.php?id=$row[id]> 
         <img src="images/badge.png" height="40" width="40" border="0" class="auto-style4"/></a></td> 
         <td class="auto-style2" style="width: 40px"><a href=delete.php?id=$row[id]> 
         <img src="images/delete.gif" height="30" width="30" border="0" class="auto-style4"/></a></td> 
        </tr> 
        <?php 
       } 
       ?> 
      </tbody> 
     </table> 
    </div> 
    </div> 
</body> 

Моя проблема теперь, когда я нажимаю на любую из ссылок в результатах поиска они не передают идентификатор на следующей странице он показывает это в URL сейчас

http://localhost/fb/player_verification.php?id=$row[id] 

вместо этого

http://localhost/fb/player_verification.php?id=139 

, как он привык, что я делаю не так?

Answer 1

Это не анализируется как PHP. Но как обычный текст.

<a href=player_verification.php?id=$row[id]>

Изменить все ваши URLs на что-то вроде

<a href="player_verification.php?id=<?php echo $row[id]; ?>">