|
|
Posted by Jochem Maas on 10/04/64 11:10
Jackson Linux wrote:
> Hi, All,
> A php variable question.
>
> I've done this to take the requested category from the URL
> (www.foo.com/file.htm?r=1)
> and use it to build the page:
>
if the category number is really always supposed to be an integer
(and that it must always be greater than 0, actually in 'real' DBs
an id doesn't have to be a positive number, zero and minus-numbers
are also fine) then:
if ( isset($_GET['r']) &&
!empty($_GET['r']) &&
($r = intval($_GET['r'])) )
{
// ...
} else {
// ...
}
if you are sure that $r is a positive integer there is
no need to wrap it in quotes for use in the SQL, or
why not place the single quotes directly in the SQL:
$r = 1;
$sql = "
SELECT cv.cv_id,cv.category,dates,cv.job_title,cv.company,cv.job,cv.sort,jobcat.category
FROM cv, cvjobcats, jobcat
WHERE cvjobcats.cv_id=cv.cv_id AND cvjobcats.jobcat_id = $r AND
jobcat.jobcat_id=cvjobcats.jobcat_id";
// OR
$sql = "
SELECT cv.cv_id,cv.category,dates,cv.job_title,cv.company,cv.job,cv.sort,jobcat.category
FROM cv, cvjobcats, jobcat
WHERE cvjobcats.cv_id=cv.cv_id AND cvjobcats.jobcat_id = '$r' AND
jobcat.jobcat_id=cvjobcats.jobcat_id";
i.e. DONT WRAP change $r into a string which contains an integer wrapped in
single-quotes - JUST LEAVE IT AS AN INTEGER.
> if (isset($_GET['r']) && !empty($_GET['r'])) {
> $r = "'{$_GET['r']}'"; //Set the variable $r to mean the category number
> $fields = '*';
> } else {
> $where = '';
> $fields =
> 'cv.cv_id,cv.category,dates,cv.job_title,cv.company,cv.job,cv.sort,
> jobcat.category';
> $sort = "ORDER BY cv.sort";
> }
>
> $sql = "
> SELECT
> cv.cv_id,cv.category,dates,cv.job_title,cv.company,cv.job,cv.sort,jobcat
> .category
> FROM cv, cvjobcats, jobcat
> WHERE cvjobcats.cv_id=cv.cv_id AND cvjobcats.jobcat_id = $r AND
> jobcat.jobcat_id=cvjobcats.jobcat_id";
>
> In this case $r comes out literally to the number surrounded by single
> quotes (ie, '1'). And it works great.
>
> But I need *just* the number for something later (to fetch an include
indeed - STORE THE NUMBER IN $r - leave the single quotes out of it!
> based on the category selected by $r). Since I've set the value of the
> field cv.category to mean the english translation from the intersecting
> table, using
>
..... and then this will 'just work'
> <php include_once "/path/to/cv.$r.include.php"; ?> asks for
> cv.'1'.include.php ... And I need it to ask for cv.1.include.php
>
> How can I make a variable to fetch the literal number from the field
> cv.category?
if you a really stubborn SOB then you could do this:
$r = "'1'";
$x = (int) str_replace("'",'',$r); // warning this is lame
>
> Thanks in advance!
> Jack
>
[Back to original message]
|