SitePoint Sponsor

User Tag List

Results 1 to 11 of 11
  1. #1
    SitePoint Enthusiast
    Join Date
    Aug 2007
    Posts
    42
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Passing Variable

    Hi all,

    I'm successfully passing the variable brand_id on the URL.

    This works:

    PHP Code:
    if ((isset($_GET['brand_id'])) && (is_numeric ($_GET['brand_id'])) ) {

    $bid = (int) $_GET['brand_id']; 
    PHP Code:
    WHERE products.brand_id brands.brand_id AND brands.brand_id=$bid  ORDER BY price ASC LIMIT $start$display"; 
    The problem occurs on the second trip through the script when multiple pages are displayed and the user selects any page past the first.

    Any recommendations for change here?

    PHP Code:
    else if ((isset($_POST['brand_id'])) && (is_numeric ($_POST['brand_id'])) ) { //From form submission

    $bid = (int) $_POST['brand_id'];

    } else { 
    // No valed Brand ID, kill the script.

    echo '<p>This page has been accessed in error.</p>';


    Thanks in advance for any suggestions.
    Last edited by Maxwell Lockwood; Nov 18, 2009 at 18:16. Reason: typo

  2. #2
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    FWIW

    PHP Code:
    if( !isset( $_GET['brand'] ) || (int) $_GET['brand'] === ) {
    // fail early, usually leads to more readable code
    // otherwise you have reams of positive actions

    }

    // now we go on and do the positive things 
    Typecasting to (int) turns strings or anything else into 0.

  3. #3
    SitePoint Wizard
    Join Date
    Nov 2005
    Posts
    1,191
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Not sure I understand. You have a link to, say, mysite.com?b=nike and then a link on that page which is, say, mysite.com?i=shoes, but the shoes page requires the "b=nike" to function?

  4. #4
    SitePoint Wizard PHPycho's Avatar
    Join Date
    Dec 2005
    Posts
    1,201
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Why don't you following function in Query:
    <?php
    function quote($value){
    // Stripslashes
    if (get_magic_quotes_gpc()) {
    $value = stripslashes($value);
    }
    // Quote if not a number or a numeric string
    if (!is_numeric($value)) {
    $value = "'" . mysql_real_escape_string($value) . "'";
    }
    return $value;
    }
    //usage
    $sql = "SELECT * FROM table WHERE some_field = ".quote($some_value);
    ?>

  5. #5
    SitePoint Wizard PHPycho's Avatar
    Join Date
    Dec 2005
    Posts
    1,201
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Why don't you following function in Query:
    PHP Code:
    <?php
    function quote($value){
        
    // Stripslashes
        
    if (get_magic_quotes_gpc()) {
            
    $value stripslashes($value);
        }
        
    // Quote if not a number or a numeric string
        
    if (!is_numeric($value)) {
            
    $value "'" mysql_real_escape_string($value) . "'";
        }
        return 
    $value;
    }
    //usage
    $sql "SELECT * FROM table WHERE some_field = ".quote($some_value);
    ?>

  6. #6
    Non-Member
    Join Date
    Oct 2009
    Posts
    1,852
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHPycho, there shouldn't be stripslashes section in this function.
    It is very bad practice.
    Data quoting shouldn't be tied to gpc in any form.
    Want to get rid of magic quoes? Do it separated, in the beginning of your script.
    Overthise you can broke your data if it goes not from gpc.

  7. #7
    Non-Member
    Join Date
    Oct 2009
    Posts
    1,852
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hey Maxwell.
    may be you're asking about query string creation?
    http_build_query() will help you to pass variables to another pages.

  8. #8
    SitePoint Enthusiast
    Join Date
    Aug 2007
    Posts
    42
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you for your responses and patience. After reading your responses, I'm quite sure this can be approached from a better angle. The variable is initially passed like this:

    brand_results.php?brand_id=101&go-Go&submitted=TRUE //This works for the 1st page of results.

    When I began this thread I was selecting pg 2 with the following:

    brand_results.php?s=3&p=2 which was 'painfully obvious now' not passing a brand_id to the new page.

    In an effort to to append to the above $start=3 & $page=2. I would like to write something like:

    brand_results.php?s=3&p=2&$bid=101 with the following:

    PHP Code:
            echo '<a href="brand_results.php?s=' . ($start $display) . '&p=' $pages '&$bid=' $bid '">Previous</a> '
    I'm challenged with the syntax with above as it does not render a value for $bid. So I use the following print statement & a value is printed.

    PHP Code:
    echo "<pre>"; echo '$bid'print_r($bid); echo "</pre>"
    Thanks for your guidance,

    Maxwell
    Last edited by Maxwell Lockwood; Nov 19, 2009 at 05:36. Reason: had changed the print test

  9. #9
    Non-Member
    Join Date
    Oct 2009
    Posts
    1,852
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    you passed variable named "$bid" but your code expects 'brand_id'

  10. #10
    Non-Member
    Join Date
    Oct 2009
    Posts
    1,852
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    also, it is strictly required to cast $start variable to int type, if you don't have it already.
    like
    PHP Code:
    $start=intval($_GET['s']); 
    and I am sure you don't need both $start and $page variables. Only one of them is quite enough.

  11. #11
    SitePoint Enthusiast
    Join Date
    Aug 2007
    Posts
    42
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Shrapnel N5, brand_id took care of it and I eliminate the 2nd section of script displayed in my first post ... so I believe we a good to go.

    Thanks much!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •