SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Wizard subnet_rx's Avatar
    Join Date
    Aug 2001
    Location
    Hattiesburg, MS
    Posts
    1,085
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Looking for logic ideas

    I'm setting up a page that pulls information from a database. The customer wants this

    List of links that start (do not need to come from db)

    (visitor clicks on one of the links)

    Visitor would then get this tabulated format:

    List of starting links ---> List of secondary links


    And so on to a third tier of links

    I started using $_GET variables for this, but run into issues trying to sanitize the input properly because of the large amount of variables that will end up being strings because I'm just pulling data from the db and trying to set it as a variable. They do not want a submit button, just click links. Should I just continue setting get variables as something like "General Studies" and sanitize the strings? Any ideas?

  2. #2
    SitePoint Zealot Dachande663's Avatar
    Join Date
    Feb 2005
    Location
    Birmingham, UK
    Posts
    151
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What is your database structure at the moment? As for sanitising input, what do you mean? Surely you only need to sanitise two GET variables (secondary id, tertiary id).
    Web Developer & Geek: hybridlogic.co.uk ~ lukelanchester.com

  3. #3
    SitePoint Wizard subnet_rx's Avatar
    Join Date
    Aug 2001
    Location
    Hattiesburg, MS
    Posts
    1,085
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the replying, right now, the database is one table with about 8 fields. Clicking on the data in field 1 would open all matches and give you field 2. So basically, clicking "color" would give you a list of colors. Then clicking "red" would give you all shades of red.

    As for sanitizing input, I mean preventing injection attacks.

  4. #4
    SitePoint Zealot Dachande663's Avatar
    Join Date
    Feb 2005
    Location
    Birmingham, UK
    Posts
    151
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What is the structure of that table? I'm trying to understand how you're storing the data.
    Web Developer & Geek: hybridlogic.co.uk ~ lukelanchester.com

  5. #5
    SitePoint Wizard subnet_rx's Avatar
    Join Date
    Aug 2001
    Location
    Hattiesburg, MS
    Posts
    1,085
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Basically, ID-College-Department-Degree

    Clicking a college would give all departments within the college, then clicking departments would give all degrees within that dept.

  6. #6
    Fully Sweet Car noddy's Avatar
    Join Date
    Aug 2002
    Location
    Perth, Western Australia
    Posts
    759
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    you could use the url a a key => value paid in the links url.

    Sanitise the data by checking each key value pair is what you expected. eg index.php?id=53&collage=stives etc

    When you receive the values check the value of (int) $_GET['id'] is only integers.

    Could also do this with regex


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •