If (var) contains (var)
I'm working on a CMS, and the info that is displayed is determined by what page id is in the url (ie: test.com/index?page=4). I want to pull all the id's out of the pages table (MySQL), save them in a variable, and then check if the page in the url is within that list. I also am still trying to figure out how to get all the id numbers from the table, which is set up like:
ID Name
1 Home
2 Products
3 Services
something like:
<?php
$pageids = (list of all the page ids)
$page = $_GET['page']
if($pageids (contains) $page){
$page = $_GET['page']
}else{
$page = \"1\"
}
?>
Busy posted this at 21:25 — 5th February 2006.
He has: 6,151 posts
Joined: May 2001
Wouldn't it be better to just check the url variable against what you have.
Your database could be megs big, putting all the info into an array (is how you'd do it) would suck up a lot of unnecessary resources.
Dux0r posted this at 02:34 — 6th February 2006.
She has: 31 posts
Joined: Jan 2006
Like Busy says, this seems like the long way round to me. Why not use a single mysql_query? It'd look something like:
$getPage=mysql_query("SELECT * FROM table WHERE id = {$_GET['id'} LIMIT 1");
if(mysql_num_rows($getPage)>0){
$page=$_GET['page'];
}else{
$page=1;
}
Dragon of Ice posted this at 03:27 — 6th February 2006.
He has: 578 posts
Joined: Jun 2004
Could you break this down a bit? I think it does what I want, but I'm not positive.
The first line tells it to get information where the page id is whatever page the url says.
I think the second line is where it doesn't work. Doesn't this just check to make sure the page id number is greater than 0? I need it to be a number that exists in the list of pages.
Please correct me if I'm wrong, I'm really new at this, and I just have to say thanks for your help!
Greg K posted this at 18:00 — 6th February 2006.
He has: 2,145 posts
Joined: Nov 2003
If you did just a copy and paste of his code then the problem is most likely just a missing ] after 'id' in the first line
<?php{$_GET['id']}
?>
$getPage is not an actual value (number, text), but a reference to the sql call.
The second line is checking that reference to see how many rows were returned. If the page number someone requested is in your database, then 1 record will return, resulting in 1, if not match was found, it will return 0. Not atually checking the page number, but how many times found in the database.
-Greg
Dragon of Ice posted this at 03:03 — 7th February 2006.
He has: 578 posts
Joined: Jun 2004
Ok, so it is checking the variable $getPage against the number of rows. I assume it's making sure that $getPage is somewhere in the number of rows, right?
Could you just rephrase this last sentence?
Not atually checking the page number, but how many times found in the database.
Busy posted this at 09:18 — 7th February 2006.
He has: 6,151 posts
Joined: May 2001
$getPage=mysql_query("SELECT * FROM table WHERE id = {$_GET['id']} LIMIT 1");
$getPage contains the result of the database query (table is the database tables name), Limit 1 just gets one result as there should only be one.
The $_GET['id'] is the value passed in the URL: webpage.com?id=1234, this is checked for in the mysql_query
if(mysql_num_rows($getPage)>0){
if the results is true - found a match
$page=$_GET['page'];
display whatever is related or whatever you do
}else{
$page=1;
}
no result was found so show default of something
Dragon of Ice posted this at 22:38 — 7th February 2006.
He has: 578 posts
Joined: Jun 2004
I'll just play with the code to see, but my exact question is:
mysql_num_rows($getPage)>0
Is this checking if the number of rows in the table is greater than zero? If not, what is it checking?
Dragon of Ice posted this at 22:46 — 7th February 2006.
He has: 578 posts
Joined: Jun 2004
Update! I think I've got it. I think that I understand what the code in my above post does, but I think I finally figured out how to check this thing!
<?php
// Define \"page\" Variable
$page = $_GET['page'];
$getrownums = mysql_query(\"SELECT * FROM pages\", $database);
// Check \"page\" for Malicious Code
if( (isset($page)) && (is_numeric($page)) && (mysql_num_rows($getrownums)==$page) ){
$page = $_GET['page'];
}else{
$page = \"1\";
}
?>
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.