show.php?show_num=1

Forum Moderators: coopster

Message Too Old, No Replies

show.php?show_num=1

what does this code tell my php page?

bobnew32

1:25 am on May 1, 2003 (gmt 0)

Well I have the idea fully developed (well sorta) and the database completed for a television show. I discussed this before in another thread, but when I type in the show.php?show_num=1, what exactly is this sending my page? I know its saying look at show.php with the show_num equal to 1, but how can I utlize this in my coding?

Would this mean that when the person sends this to their address bar, a variable show_num would be created with the value of 1 automatically and I could just use $show_num anywhere on the php coding and it would equal one when they load the page that way? (Lol I ask alot but I really thank you guys for your help since I am a beginner :P)

grahamstewart

1:30 am on May 1, 2003 (gmt 0)

Would this mean that when the person sends this to their address bar, a variable show_num would be created with the value of 1

Yes, but only if you have

register_globals

turned On in your php.ini file (which is how many example scripts will do it, but it is a bad idea because they can be a security hole).

instead you can access it through the $_GET pre-defined variable like this..


<?php
 
if ( isset($_GET['show_num']) ) {
 print 'Show number = '.$_GET['show_num'];
}
 
?>

lorax

1:31 am on May 1, 2003 (gmt 0)

Bingo - that's precisely what it does.

Setting up a link in that fashion passes the var $show_num=1 on the URL. When you get to show.php you can use the var with in your code - but only on that page unless you set it up as a session var. In which case you wouldn't pass it on the URL.

bobnew32

1:32 am on May 1, 2003 (gmt 0)

Thx for the help grahamstewart, is there any way to alter the code you gave to instead print it, make it into a variable, preferably $showid? Thx alot!

Edit, oh wait is the variable already created, is it show_num?

grahamstewart

1:41 am on May 1, 2003 (gmt 0)

Well it is a variable already, just a variable thats stored in an array. Moving it into another variable won't make any speed difference but if you think it will make your code more readable then do this..

[pre]
if ( isset($_GET['show_num']) and ctype_digit($_GET['show_num']) )
  $showid = $_GET['show_num'];
else
  $showid = -1;
[/pre]

I've added an extra little check in there to make sure that the show_num is a number. Otherwise naughty little users might break your code by entering and address like show.php?show_num=foobar.

Rule 1 of writing interactive php scripts: Always check that inputs from the users are what you expect them to be. Assume users hate you and that they will always look for a way to break your scripts :)

bobnew32

2:14 am on May 1, 2003 (gmt 0)

Since I know I can type text in to select the entire entry where show_num=1 with

$sql = 'SELECT * FROM `Show_Data` WHERE 1 AND `show_num` = $show_num LIMIT 0, 30';

Is there a way to make the show_name for entry 1= $show_name? What i'm trying to do is select all the data (one entry) where show_num is equal to one number (is unique and incrementing). Then once its all selected make it into variables so I can display it on the page.

grahamstewart

2:45 am on May 1, 2003 (gmt 0)

Okay, without knowing what fields there are in your Show_data table I can't give you a full answer. But just try to expand on what I am doing here..

[pre]
$connection = mysql_connect(DB_SERVER, DB_USER, DB_PASSWORD )
  or die( "Unable to connect to database: ".mysql_error() );
 
mysql_selectdb( DB_NAME )
  or die( "Unable to select database: ".mysql_error() );
 
$sql = 'select name, description from show_data where show_num = '.$showid;
 
$result = mysql_query( $sql, $connection )
  or die( "Invalid SQL: ".mysql_error() );
 
if ( $row = mysql_fetch_assoc($result) ) {
  print '<h1>'.$row['name'].'</h1>';
  print '<div id="showdesc">;
  print $row['description'];
  print '</div>';
}
else
  print 'Show '.$showid.' not found.';
[/pre]

Note that DB_SERVER, DB_USER, DB_PASSWORD and DB_DATABASE should be defined in another PHP file which is not under your document root, and then use the

include

statement to read it in this script.

That way if php fails for some reason, and the server starts dishing out your scripts in plain text, the users won't get to find out your password.

bobnew32

2:50 am on May 1, 2003 (gmt 0)

I kind of understand what your talking about (I know the database connect :p) and part of the select, but could you demonstrate it on 3 fields (I'll fill in the other 24 fields, I just need a little "push"). Thankyou very much for answering my questions, this forum is a great place to learn and meet new people. :P

grahamstewart

2:59 am on May 1, 2003 (gmt 0)

Well this part of the SQL..

'select name, description, field3 from...

..lists what fields you want to select from the table.

And then once you have done the

$row = mysql_fetch_assoc

then the contents of these fields are all available in the $row array...

$row['name']

$row['description']

$row['field3']

...

okay?

grahamstewart

3:04 am on May 1, 2003 (gmt 0)

Heres a good tutorial from WebMonkey [hotwired.lycos.com] that will get you through the basics of using MySql with PHP.

bobnew32

3:11 am on May 1, 2003 (gmt 0)

Thx alot, I always make it harder than it seems! :P