Hi, I'm having a bit of trouble trying to get this to work. The aim is, if $_GET[service] is there it'll run something to only display the data where the id ($result[id]) is also in the other table ($whichtable). If the ID is there when it loops to find the ID it'll display the page which processes the info (include('advanceincludes/bussinfo.php');).

With this, it will currently loop through ONCE and find one correct result. I need it to, once it's found this correct result to loop through again until every result that had an ID in the other table also is displayed (eg, all 18 of them as specificed in $amountOfResults).

I accept there may be better ways of doing this. I have uploaded a picture of what it looks like when it runs (the company shown will be different, depending on which ID it picks to loop through on $result[id] first).

if($_GET[service]){
$arraytotalnew2 = 0;
$amountOfResults = 18; // this will be changed to something which actually counts it later
$streamhostquery = mysql_query("SELECT bussid FROM $whichtable WHERE $_GET[service]='y'") or die("Can't select from the sub catagory product table");
$arraytotal = 0;
//this was in the while to limit how many times it runs $arraytotalnew2 < $arraytotal &&

while($result = mysql_fetch_array($query)){
while($streamhostresult = mysql_fetch_array($streamhostquery)){


echo"before == if : $streamhostresult[bussid] | $result[id] | $arraytotal | $arraytotalnew2 <br/>";

if($streamhostresult[bussid] == $result[id] && $arraytotalnew2 != $amountOfResults){

include('advanceincludes/bussinfo.php');
$totalonpage = $totalonpage + 1;
$totalextraFeatures = $totalextraFeatures + 1;
echo"$streamhostresult[bussid] == $result[id] - if | $arraytotalnew2 <br/>";
$arraytotalnew2 = $arraytotalnew2 + 1;

}//if (id == id)

}//while (streamhostresult)

}//while (result[id])
}//first if (services?)
else{

while($result = mysql_fetch_array($query)){
include('advanceincludes/bussinfo.php');
$totalonpage = $totalonpage + 1;
$totalextraFeatures = $totalextraFeatures + 1;
}

}

Where is $query coming from?
while($result = mysql_fetch_array($query)){

Edit:

You also have an sql injection here:
$streamhostquery = mysql_query("SELECT bussid FROM $whichtable WHERE $_GET[service]='y'") or die("Can't select from the sub catagory product table");
Use mysql_real_escape_string().

Where is $query coming from?
while($result = mysql_fetch_array($query)){



That's coming from further up, depending on how they order the data, but something along the lines of:

$query = mysql_query("SELECT * FROM users WHERE auth='2' AND sex='$btype' ORDER BY name DESC") or die("olmadi");


You also have an sql injection here:
$streamhostquery = mysql_query("SELECT bussid FROM $whichtable WHERE $_GET[service]='y'") or die("Can't select from the sub catagory product table");
Use mysql_real_escape_string().

How would I convert it for the mysql_real_escape_string()?

Cheers!

Okay, I've changed what I've done and got a little closer with a different script. When this one problem is fixed I think it could work properly.

Basically, when the code below runs it'll output this...How come the bussID: XXXX loop only runs for the first one, and not for each of the userID: xxxx? If that makes sense? I need to check each userID against the bussIDs...and if they match it'll echo "woo" (well, in real life it'll do something better, but for testing that's fine!)

userID: 3193



bussID: 3223
bussID: 3226
bussID: 3243
bussID: 3193 woo
bussID: 3242
bussID: 3196
bussID: 3241
bussID: 3240
bussID: 3238
bussID: 3239
bussID: 3221
bussID: 3220
bussID: 3217
bussID: 3218
bussID: 3224
bussID: 3225
bussID: 3222
bussID: 3219



userID: 3221


userID: 3219

//let's get all the user IDs from the users table
while($result = mysql_fetch_array($query)){
echo "<br/>userID: $result[id] ";

echo"<br/><br/><br/>"; //TRIAL FORMATTING ONLY - REMOVE LATER

//Get the bussIDs and do any of these IDs match any of the bussIDs in the other services table?
while($extraServicesResult = mysql_fetch_array($extraServices)){
echo "<br/>bussID: $extraServicesResult[bussid] ";

//if they do, let's output the data for that company
if($extraServicesResult[bussid] == $result[id]){

echo"woo"; // include('advanceincludes/bussinfo.php'); (correct output when all working)
}
}//end of while($extraServicesResult

echo"<br/><br/><br/>"; //TRIAL FORMATTING ONLY - REMOVE LATER
}

DOH! Figured it out...was drifting off to sleep, wondering why it didn't work...then I twigged! Had to get up - woo hoo! It works :D

I don't really know what the heck you are trying to accomplish. But I have a distinct feeling you can accomplish this with joins (http://dev.mysql.com/doc/refman/5.0/en/join.html). You might want to read up, as it will make your life a heck of a lot easier (usually when your doing a ton of loops with SQL, your doing something wrong). Without joins your life will turn into into a horrible mash of recreating the wheel and pulling your hair out in frustration.

As for escaping:

mysql_query("SELECT bussid FROM $whichtable WHERE " . mysql_real_escape_string($_GET[service]) . "='y'")

Note that there needs to be an open connection to mysql for that to work (as it will factor in character encoding). If you don't properly escape input then people can inject extra commands into SQL - which is very, very bad. Never trust anything a user enters, otherwise you will end up scratching your head when your site is defaced, filled with malware and/or your tables deleted.

If the data your expecting is a id number, then I always use is_numeric($id) to ensure the data is only a number. I do not have time or energy to fully look over your code, but I am assuming by id you mean a number. If you do that, you do not need to use mysql_real_escape_string, but you should use that anytime you have data coming from the outside.