Reply to Re: [PHP] Using GET to build multiple sql queries

Your name:

Reply:


Posted by Greg Donald on 06/02/05 23:23

On 6/2/05, Jack Jackson <jackson.linux@gmail.com> wrote:
> Thanks for the reply, Greg,
>
> I see how that is useful. I am confused as to how I would implement it
> here. Please bear with me as I am a newbie and am now perhaps more
> confused than ever!:

Bummer, sorry.

> I'm trying to use the number given in the $_GET URL to build one piece
> of the sql:
>
> If there is anything set in the $_GET field other than ?c=[valid int] or
> ?p=[valid int] or ?s=[valid int] then I want to bounce to a plain index.

if( !( isset( $_GET[ 'c' ] ) && is_int( $_GET[ 'c' ] )
|| isset( $_GET[ 'p' ] ) && is_int( $_GET[ 'p' ] )
|| isset( $_GET[ 's' ] ) && is_int( $_GET[ 's' ] ) ) )
{
header( 'Location: index.php' );
exit;
}

> If it's a valid int (a positive int which corresponds to a valid row)
> then I want to set its value to the appropriate variable: either $c, $p
> or $s,

If it's in the URL it's already set as $_GET[ 'c' ], $_GET[ 'p' ], or
$_GET[ 's' ].

> and thus set the values of $fields, $from and $where.
>
>
> <?php //IF there is a valid query by cartoon, use $c to build the SQL
> $fields = 'SELECT art.*,publisher.*,subject.*';
> $from = 'FROM art,subject
> LEFT JOIN publisher
> ON publisher.publisher_id=art.publisher_id';
> $sort = "ORDER BY art.art_pub_date";
> $where = "WHERE art.art_id = '$c' AND

WHERE art.art_id = '$_GET[c]'

> subject.subject_id=art.subject_id";
> ?>
>
> If that were instead a $p then I would do:
>
> <?php //IF there is a valid query by publisher, use $p to build the SQL
> $fields = "SELECT art.*,publisher.*,subject.*";
> $from = "FROM art,subject
> LEFT JOIN publisher
> ON publisher.publisher_id=art.publisher_id";
> $where = "WHERE publisher.publisher_id=art.publisher_id AND
> art.publisher_id = '$p' AND

art.publisher_id = '$_GET[p]' AND

> subject.subject_id=art.subject_id";
>
> ?>
> If that were instead an $s then I would do:
>
> <?php //IF there is a valid query by subject, use $s to build the SQL
> $fields = "SELECT art.*,publisher.*,subject.*";
> $from = "FROM art,subject
> LEFT JOIN publisher
> ON publisher.publisher_id=art.publisher_id";
> $where = "WHERE publisher.publisher_id=art.publisher_id AND
> art.subject_id = '1' AND
> art.subject_id=subject.subject_id";
> ?>
>
> I'm sure your method works ( ;) ). If I understand it, as my friend
> Darrell said about your suggestion:
>
> '...We iterate through the array seeing if there's a submitted HTML form
> field name that matches the current database column name. If so, we add
> the column name and the value submitted in the form to a string that is
> being built into a database query.'

It's just a matter of checking for variables in the $_GET array and
doing what you need to do if they exist and are valid or not. Do you
know about print_r() yet?

echo '<pre>';
print_r( $_GET );
echo '</pre>';


--
Greg Donald
Zend Certified Engineer
http://destiney.com/

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация