I’ve been working on this for hours and for some reason cannot get it to work correctly. My site uses Wordpress and I have a page with a parameter - /page/?myvar=1
I’m grabbing the parameter by using
$myvar = $_GET["myvar'']
All I want to do is select from my database where user = ‘$myvar’ - but it will not work!
Here is the main part of my code
function wpsl_store_search() {
global $wpdb;
$myvar = $_GET['myvar'];
$options = get_option( 'wpsl_settings' );
$distance_unit = ( $options['distance_unit'] == 'km' ) ? '6371' : '3959';
/* Check if we need to include the distance and radius limit in the sql query.
* If autoload is enabled we load all stores, so no limits required.
*/
if ( isset( $_GET['autoload'] ) && ( $_GET['autoload'] == 1 ) ) {
$sql_part = ' ORDER BY distance';
$placeholders = array(
$_GET["lat"],
$_GET["lng"],
$_GET["lat"]
);
} else {
$max_results = ( isset( $_GET['max_results'] ) ) ? $_GET['max_results'] : '';
if ( ( $max_results == 'NaN' ) || ( !$max_results ) ) {
$max_results = get_default_list_value( $type = 'max_results' );
}
$sql_part = ' HAVING distance < %d ORDER BY distance LIMIT 0, %d';
$placeholders = array(
$_GET["lat"],
$_GET["lng"],
$_GET["lat"],
$_GET["radius"],
$max_results
);
}
$result = $wpdb->get_results(
$wpdb->prepare( "
SELECT *, ( $distance_unit * acos( cos( radians( %s ) ) * cos( radians( lat ) ) * cos( radians( lng ) - radians( %s ) ) + sin( radians( %s ) ) * sin( radians( lat ) ) ) )
AS distance FROM $wpdb->wpsl_stores WHERE active = 1 && user = '$myvar'
$sql_part
",
$placeholders
)
);
I’m sure there is an easy way of doing this, but nothing is working for me! Help please?!
Try outputting the whole $GET value. If myvar isn’t in the collection, then I suspect that your “?myvar=1” might be overwritten on form submit via GET. (Assuming that the form ismethod="GET", that is.)
Out of curiousity, why put $myvar into the SQL string, when you’re binding all the other strings? Stick it into $pllaceholders with all your other variables and use another parameter replacement.
Well you’ve done that, but you’ve put it in the first spot of the array.
prepare has no concept of ‘what goes where’… so if it takes your parameters array, and just starts lining things up… where does $myvar end up? For that matter, where does $_GET['radius'] go? $max_results?
To be honest, I’m fairly new to PHP programming. Therefore I’m not sure where they actually end up. I’m trying to modify a plugin, and trying to understand how everything works inside the plugin and it’s pretty difficult.