Jump to content

Archived

This topic is now archived and is closed to further replies.

DoggerWatson

Problem with $_GET

Recommended Posts

Outline:
I'm trying to get the results from a MySQL database & display them.
Just using
FROM
`books` WHERE image_by LIKE '%".$_GET ['artistID')."%' AND (books.Image_Sml != '/images/thumbs/NoImage_th.jpg' )";

Will not differentiate between <a href="http://site1.biz/'>name1</a>
and
<a href="http://site2.com/'>name2</a>
Gives me erroneous results, but works if the returned value is not an URL
SO I searched through the forum& figured that I needed to use htmlspecialchars as per below
NOW I get no results returned at all

$linkID = mysql_connect('localhost', 'Lida', 'ttb1lq')
or die(
"Error, database not accessing!");

mysql_select_db('twihjlight',$linkID);
$query = "SELECT
books.Id,
books.Titles,
books.image_by,
books.Image_Sml
FROM
`books` WHERE image_by LIKE '%".htmlspecialchars($_GET ['artistID'])."%' AND (books.Image_Sml != '/images/thumbs/NoImage_th.jpg' )";
if(!
$result = mysql_query($query, $linkID))
echo
mysql_error($linkID); //cry if the query fails

Share this post


Link to post
Share on other sites
why dont you just store the get statement into a variable then bobs ya uncle it will be done
so do
$searchtext = $_GET['Your-Thing-Here']

sql statement
select * from Blah WHERE name =' $searchtext'

and that should get ya going

Share this post


Link to post
Share on other sites
Thanks for the prompt response, but it still doesnt answer why

<a href="http://site1.biz/'>Name1</a>
<a href="http://site2.biz/'>Name2</a>
appear to return the same values wheras

name3 works
These are to populate a select list with values from the DB
which then displays the images associated with them

Share this post


Link to post
Share on other sites
Hey i aint full understanding your problem
are you tring to send data through the URL or what

Share this post


Link to post
Share on other sites
[!--quoteo(post=376629:date=May 24 2006, 06:24 AM:name=predator12341)--][div class=\'quotetop\']QUOTE(predator12341 @ May 24 2006, 06:24 AM) [snapback]376629[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Hey i aint full understanding your problem
are you tring to send data through the URL or what
[/quote]


Maybe this might make it clearer
These first two produce the desired result:
value in DB= John Jones
[a href=\"http://twilighttimes-publications.biz/catalogue2.php\" target=\"_blank\"]http://twilighttimes-publications.biz/catalogue2.php[/a]?[b]artistID=John[/b]&Submit=Go
value in DB= Judith Warr
[a href=\"http://twilighttimes-publications.biz/catalogue2.php\" target=\"_blank\"]http://twilighttimes-publications.biz/catalogue2.php[/a]?[b]artistID=Judith[/b]&Submit=Go

These two don't work
value in DB= <a href="http://www.site1.com/">Peter Smith</a>
[a href=\"http://twilighttimes-publications.biz/catalogue2.php\" target=\"_blank\"]http://twilighttimes-publications.biz/catalogue2.php[/a]?[b]artistID=%3Ca[/b]&Submit=Go
value in DB= <a href="http://www.site2.com/">Joe Bloggs</a>
[a href=\"http://twilighttimes-publications.biz/catalogue2.php\" target=\"_blank\"]http://twilighttimes-publications.biz/catalogue2.php[/a]?[b]artistID=%3Ca[/b]&Submit=Go

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.