Jump to content

Variable from url into db


sprinjee

Recommended Posts



I have a variable in my url: [a href=\"http://www.test.com/test.php?linkcode=call\" target=\"_blank\"]http://www.test.com/test.php?linkcode=call[/a]

I can get and call the variable without any problem:

[code]
$linkcode = $_GET['linkcode'];
echo "the word is: $linkcode";
[/code]

however I haven't managed to insert it in MySql:

[code]
$sql_insert = "INSERT INTO `".DB_NAME."`.`".TABLE_SURVEY_RESULTS."` (`id_survey`,`LinkCode`,`timestamp`,`ip`,`uniq`)";
            $sql_insert .= " VALUES ('".getP("survey_id")."','$linkcode',unix_timestamp(now()),'".$_SERVER["REMOTE_ADDR"]."'";
            if ($params["uniq"] != '') {
                $sql_insert .=", '".$params["uniq"]."')";
            } else {
                $sql_insert .=", '')";
            }

            dbQuery($sql_insert);
            $id_result = dbInsertId();
            dbQuery("UNLOCK TABLES");
[/code]

I've been trying everything but the record in the database remains empty! Please help me out I've been trying to solve this for hours now.
Link to comment
Share on other sites

[!--quoteo(post=379920:date=Jun 4 2006, 10:56 AM:name=homchz)--][div class=\'quotetop\']QUOTE(homchz @ Jun 4 2006, 10:56 AM) [snapback]379920[/snapback][/div][div class=\'quotemain\'][!--quotec--]
is anything being inserted? or just not the $linkcode variable??
[/quote]

just not the linkcode variable
Link to comment
Share on other sites

modify your dbQuery function so that it echoes out the MySQL error AND the query that was passed to the function ...
[code] .. or die("Error: ". mysql_error(). " with query ". $sql_insert";[/code]

When the error is identified, it should be simple to spot the problem.
Link to comment
Share on other sites

The problem is that my variable linkcode is reset to "" before the actual inserting takes place. Is there anyway I can prevent this? I'm just editing this code and my knowledge op php is limited
I'd really appreciate the help!!

[code]
<?php
    require_once('appTop.php');
echo "the word is: $linkcode";
if (empty($lnkcode)) {
     $lnkcod = $_GET['linkcode'];
echo "the word is: $linkcode";
     $params = array();
          
     if (getG("uid") != '') {
         // display the survey
         $params["mode"] = "survey";
         $sql ="SELECT * FROM `".DB_NAME."`.`".TABLE_SURVEYS."` WHERE uniqid='".getG("uid")."' LIMIT 1";
         $rez = dbQuery($sql);
         $row = dbFetchArray($rez);
         $params["display_survey"] = $row;
        
         $sql2 ="SELECT `t1`.*, `t2`.`max_responses_from_ip` FROM `".DB_NAME."`.`".TABLE_USER_DETAILS."` `t1`, `".DB_NAME."`.`".TABLE_USERS."` `t2`  WHERE  t1.id_user=t2.id AND t2.id='".$row["id_user"]."' LIMIT 1";
         $rez2 = dbQuery($sql2);
         $row2 = dbFetchArray($rez2);
         $params["user"] = $row2;

         $sql_q = "SELECT * FROM `".DB_NAME."`.`".TABLE_QUESTIONS."` WHERE `id_survey`='".$row["id"]."' ORDER BY `position`";
         $res_q = dbQuery($sql_q);
         $i     = 0;
         while ($row_q = dbFetchArray($res_q)) {
             $params["display_survey"]["questions"][$i] = $row_q;
             if($row_q["type"] != "text") {
                 $sql_a = "SELECT * FROM `".DB_NAME."`.`".TABLE_QUESTION_ANSWERS."` WHERE `id_question`='".$row_q["id"]."' ORDER BY `position`";
                 $res_a = dbQuery($sql_a);
                 $j     = 0;
                 while ($row_a = dbFetchArray($res_a)) {
                     $params["display_survey"]["questions"][$i]["answers"][$j] = $row_a;
                     $j++;
                 }  // end while
             }  // end if
             $i++;
         } // end while  
    
     } elseif (getP("survey_id") != '') {
        // the client answred the survey
        $params["mode"] = "answers";
        $params["uniq"] = getP("hidden_uniq");

        // extra verif (for emails only)
        // if the user got the survey through email he must have a hidden_uniq set - we verify if he already completed the survey
        if ($params["uniq"] != '') {
            $sql_verif = "SELECT COUNT(`id`) AS `noResponses` FROM `".DB_NAME."`.`".TABLE_SURVEY_RESULTS."`  WHERE `id_survey`='".getP("survey_id")."' AND `uniq`='".$params["uniq"]."' ";
            $rez_verif = dbQuery($sql_verif);
            $row_verif = dbFetchAssoc($rez_verif);
            if ($row_verif['noResponses'] > 0) {
                $params["err"] = 1;
            }
        }

        $sql ="SELECT * FROM `".DB_NAME."`.`".TABLE_SURVEYS."` WHERE id='".getP("survey_id")."' LIMIT 1";
        $rez = dbQuery($sql);
        $row = dbFetchArray($rez);
        $params["display_survey"] = $row;
        
        $sql2 ="SELECT `t1`.*, `t2`.`max_responses_from_ip` FROM `".DB_NAME."`.`".TABLE_USER_DETAILS."` `t1`, `".DB_NAME."`.`".TABLE_USERS."` `t2`  WHERE  t1.id_user=t2.id AND t2.id='".$row["id_user"]."' LIMIT 1";
        $rez2 = dbQuery($sql2);
        $row2 = dbFetchArray($rez2);
        $params["user"] = $row2;

        // verify if the user already answered at this survey
        $sql_verif = "SELECT COUNT(`id`) AS `noResponses` FROM `".DB_NAME."`.`".TABLE_SURVEY_RESULTS."` WHERE ";
        $sql_verif.= "`id_survey`='".getP("survey_id")."' AND `ip`='".$_SERVER["REMOTE_ADDR"]."'";
        $rez_verif = dbQuery($sql_verif);
        $info      = dbFetchAssoc($rez_verif);

        if ($info['noResponses'] >= $params["user"]["max_responses_from_ip"] OR $_COOKIE[$row["uniqid"]] == "y") {
            //error: the user already answered at thos survey
            $params["err"] = 1;
        }

        if ($params["err"] == '') {
            dbQuery("LOCK TABLES `".DB_NAME."`.`".TABLE_SURVEY_RESULTS."` WRITE");
            $sql_insert = "INSERT INTO `".DB_NAME."`.`".TABLE_SURVEY_RESULTS."` (`id_survey`,`LinkCode`,`timestamp`,`ip`,`uniq`)";
            $sql_insert .= " VALUES ('".getP("survey_id")."','".$lnkcod."',unix_timestamp(now()),'".$_SERVER["REMOTE_ADDR"]."'";
            if ($params["uniq"] != '') {
                $sql_insert .=", '".$params["uniq"]."')";
            } else {
                $sql_insert .=", '')";
            

            dbQuery($sql_insert);
echo "$sql_insert";
            $id_result = dbInsertId();
            dbQuery("UNLOCK TABLES");


            foreach ($_POST as $key=>$val) {
                if (!(strpos($key,"quest_") === false)) {
                    $temp_ar = explode ("_",$key); //$temp_ar[1] - question id


                    // multiple select, multiple answers
                    if (is_array($val)) {
                        foreach ($val as $option) {
                            // insert the option answers
                            $sql_insert2 = "INSERT INTO `".DB_NAME."`.`".TABLE_SURVEY_RESULTS_ANSWERS."` (`id_survey_result`,`id_question`,`id_answer`, `answer_text`)";
                            $sql_insert2.= " VALUES ('".$id_result."','".$temp_ar[1]."', '".$option."', '')";
                            dbQuery($sql_insert2);
                        }
                    } else {
                        //find out the question type
                        $sql_t = "SELECT `type` FROM `".DB_NAME."`.`".TABLE_QUESTIONS."` WHERE id='".$temp_ar[1]."' LIMIT 1";
                        $rez_t = dbQuery($sql_t);
                        $row_t = dbFetchAssoc($rez_t);
                        $type = $row_t["type"];

                        // insert the answer
                        $sql_insert2 = "INSERT INTO `".DB_NAME."`.`".TABLE_SURVEY_RESULTS_ANSWERS."` (`id_survey_result`,`id_question`,`id_answer`, `answer_text`)";
                        $sql_insert2.= " VALUES ('".$id_result."','".$temp_ar[1]."'";
                        if ($type == "text") {
                            $sql_insert2 .= ", '','".$val."')";  //text answer
                        } else {
                            $sql_insert2 .= ",'".$val."','')";  //option answer
                        }
                        dbQuery($sql_insert2);
                    }



                }
            }

            //set the cookie for an year
            setcookie($row["uniqid"], "y", time() + 365 * 24 * 3600);
       }

     } else {
        $params["mode"] = "none";
     }        
    
     }
     }

    $smarty->assign('params', $params);
    $smarty->display('content_survey.tmpl.html');
?>
[/code]
Link to comment
Share on other sites

$lnkcod
$linkcode
$lnkcode

I suspect part 2 of the problem is that what I think is the same variable has been given different names in different sections of the code, which is perhaps why it is blank.

Part 1 of the problem is it isn't obvious why the value of that variable would even be available to the script - unless it's relying on register_globals being ON (nominally insecure).
Link to comment
Share on other sites

[!--quoteo(post=379966:date=Jun 4 2006, 12:41 PM:name=AndyB)--][div class=\'quotetop\']QUOTE(AndyB @ Jun 4 2006, 12:41 PM) [snapback]379966[/snapback][/div][div class=\'quotemain\'][!--quotec--]
$lnkcod
$linkcode
$lnkcode

I suspect part 2 of the problem is that what I think is the same variable has been given different names in different sections of the code, which is perhaps why it is blank.

Part 1 of the problem is it isn't obvious why the value of that variable would even be available to the script - unless it's relying on register_globals being ON (nominally insecure).
[/quote]

I messed the code up bit...but the different names is not the issue...
There is a submit button when you access the page...the variables in the url dissappear when clicking the button...there are two variables in the url uid and linkcode, I'm convinced if only the uid variable is errased that the problem is solved...I realy don't see a submit button in this php script though
Link to comment
Share on other sites

[!--quoteo(post=379975:date=Jun 4 2006, 01:03 PM:name=sprinjee)--][div class=\'quotetop\']QUOTE(sprinjee @ Jun 4 2006, 01:03 PM) [snapback]379975[/snapback][/div][div class=\'quotemain\'][!--quotec--]
I messed the code up bit...but the different names is not the issue...
There is a submit button when you access the page...the variables in the url dissappear when clicking the button...there are two variables in the url uid and linkcode, I'm convinced if only the uid variable is errased that the problem is solved...I realy don't see a submit button in this php script though
[/quote]

Yep that's it..solved it using

$lnkcod = str_replace("http://www.koenvissers.nl/survey/survey.php?uid=14482e0bec0181&linkcode=", "" , $_SERVER['HTTP_REFERER']);

Thanx for everyones efforts
Link to comment
Share on other sites

[!--quoteo(post=380009:date=Jun 4 2006, 02:31 PM:name=sprinjee)--][div class=\'quotetop\']QUOTE(sprinjee @ Jun 4 2006, 02:31 PM) [snapback]380009[/snapback][/div][div class=\'quotemain\'][!--quotec--]
hmm there are some severe limitations to 'HTTP_REFERER'. If an url entered directly it will not work. Seems I'm still in need of a better solution.
[/quote]


Nevermind used session variables to solve the issue...works great
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.