[SOLVED] $_GET problem

[DEVILofDARKNESS]

I don't know what's wrong with this code I never used before the $_GET maybe that's the reason

an example link is: www.site.com/dir/dir/test.php?test=1

 

<html>
<head>
<title>{$PName}</title>
</head>
<body>
<?php
// database settings aren't fill in for security reasons :-)
if (isset($_GET['test'])) {
   $test = (int)$_GET['test'];
}else {
   $test = 0;
}

if(isset($test)) {
if($test = 0) {
	$PText = "THIS PAGE DOESN'T EXIST OR IS UNDER CONSTRUCTION";
	$PName = "ERROR";
} else {
	$str = "test=";
	$test = "{$str}" . "{$test}";
	$query = sprintf("SELECT PText from gedichten WHERE (category = 'test') AND (URL = '{$test}')",
		mysql_real_escape_string($_GET['test']));
	$result = mysql_query($query);
	list($PText) = mysql_fetch_row($result);

	$query = sprintf("SELECT PName from gedichten WHERE (category = 'test') AND (URL = '{$test}')",
		mysql_real_escape_string($_GET['test']));
	$result = mysql_query($query);
	list($PName) = mysql_fetch_row($result);
}
}
{$PText}
?>
</body>
</html>

[dreamwest]

Change:

 

$test = (int)$_GET['test'];

 

To:

 

$test = $_GET['test'];

[RichardRotterdam]

maybe that's the reason

an example link is: www.site.com/dir/dir/test.php?test=1

thats correct. But what are the errors? and don't change what dreamwest said. If your id's are only suppose to be integers its more secure that way

[DEVILofDARKNESS]

It just don't show any text,

and the <title> shows the url instead of the PName ?

[Daniel0]

Remove {$PText} near the bottom. You can't do that. You probably want to to echo $PText;

[DEVILofDARKNESS]

so if I  change

{$PText}

into

echo $PText

it should work?.

 

And what with the header?

[Daniel0]

Yeah that too, but there you would make it <?php echo $PText ?> seeing as it needs to be inside a PHP block to be interpreted by PHP.

[blueman378]

dude are you using smarty?

 

because smarty doesnt allow you to put php in your .tpl file, which would explain why nothing is being shown.

[DEVILofDARKNESS]

Thanks Daniel0!!!

 

And no I don't use smarty, I used to, but I changed to just plain php script,

[blueman378]

just cause im curious then... what templating engine are you using?

 

im assuming you are because of the {$PName}

[DEVILofDARKNESS]

I don't use anyone..., its because I used smarty in the past I sometimes write {$something}

 

But it still doesn't work.

 

<html>
<head>
<title><?php echo $PName ?></title>
</head>
<body>
<?php
//database settings are left away for security reasons
if (isset($_GET['test'])) {
   $test = (int)$_GET['test'];
}else {
   $test = 0;
}

if(isset($test)) {
if($test = 0) {
	$PText = "THIS PAGE DOESN'T EXIST OR IS UNDER CONSTRUCTION";
	$PName = "ERROR";
} else {
	$str = "test=";
	$test = "{$str}" . "{$test}";
	$query = sprintf("SELECT PText from gedichten WHERE (category = 'test') AND (URL = '{$test}')",
		mysql_real_escape_string($_GET['test']));
	$result = mysql_query($query);
	list($PText) = mysql_fetch_row($result);

	$query = sprintf("SELECT PName from gedichten WHERE (category = 'test') AND (URL = '{$test}')",
		mysql_real_escape_string($_GET['test']));
	$result = mysql_query($query);
	list($PName) = mysql_fetch_row($result);
}
}
echo $PText
?>
</body>
</html>

[Daniel0]

You will have to explain us how it doesn't work.

 

Try to echo your queries and make sure they actually look like you want them to.

[DEVILofDARKNESS]

Al right,

there is a page where you can add a poem,

if you've fill in the form, the php sends a query to the database with the Author, the date,...

if you click on a certain link you will see a page wich demands that info from the database and diplays it.

 

That last page is the problem.

[RichardRotterdam]

Ok noticed something

 

you have this in your title tag

<title><?php echo $PName ?></title>

and you do the query later on the assign a value to $PName

 

thats not how php works. You should give $PName a value before you echo it out

I'll give you a little tip that works most of the time. Do your query before your html starts

so before your doctype and <html> etc. That way you will have the values before you output it.

 

And I see you tidied up your php syntax. It's getting better since your last poem script.

Keep it up and eventually you'll get there

[Daniel0]

Is the URL field in your table the primary key (the id)? If that's the case then try to delete

      $str = "test=";
      $test = "{$str}" . "{$test}";

 

Dj Kat, good catch.

[DEVILofDARKNESS]

Well, I already tried it with the php code for the html,

but it didn't work either.

 

And Indeed I've made tidied it a bit up.

I'm actually making that poem site for my school,

I don't like poems at all, but if I make it I don't need to analyze them.

 

No url isn't the primary.

id is the primary but I don't need it right here.

[Daniel0]

You're testing like e.g. WHERE URL = 'test=4'. I don't see the point in that. Why not just WHERE id = '4'?

[DEVILofDARKNESS]

there are 7 category's where you can add poems in.

each category has an own 'home page' like www.site.com/poems/love/love.php

 

I store all my poems in one database, so I can make easy a statistics page.

if I would use the id's it would be a mess to code it I guess?

[Daniel0]

I don't see why it would be a problem to use the PK instead.

[RichardRotterdam]

Ah now I see what the problem is. You're getting the hang of queries. And you're trying to retrieve all the poems inside a category right?

The following bit of code needs to be rewritten.

$str = "test=";
      $test = "{$str}" . "{$test}";
      $query = sprintf("SELECT PText from gedichten WHERE (category = 'test') AND (URL = '{$test}')",
         mysql_real_escape_string($_GET['test']));
      $result = mysql_query($query);
      list($PText) = mysql_fetch_row($result);

      $query = sprintf("SELECT PName from gedichten WHERE (category = 'test') AND (URL = '{$test}')",
         mysql_real_escape_string($_GET['test']));
      $result = mysql_query($query);
      list($PName) = mysql_fetch_row($result);

 

change it to something like this

$query="select * from gedichten where category={$test}";
$result = mysql_query($query);

 

then put something like this inside your html

while($row = mysql_fetch_array($result)){
  //output html
}

and what is the URL for? I don't get that part

[Daniel0]

And as a side-note, it's generally considered good practice to make name all variables, functions, classes, methods, properties, database tables, table fields, etc. in English regardless of what the output language is going to be like.

[DEVILofDARKNESS]

No, the page love.php works fine, it show me the title of each poem with the category love.

if I click on one of those titles I'm going to the page lovepoem.php?love=number.

This number is the same as url in the database.

 

I will try it with the PK, but I don't know why it shouldn't work with the number in the link?

 

these are the tree pages that are used for the 'test' category:

 

page 1 home page of the test category named test.php:

<html dir="ltr">
    <head>
        <title>TEST</title>
        <link href="../../standard.css" type="text/css" rel="stylesheet" />
<link href='dichtkunst.css' type='text/css' rel="stylesheet" />
    </head>
    <body>
        <table class="look" height="100%" width="100%" border="1">
            <tbody>
                <tr>
                    <td width="10%" height="100%"><iframe class="frames" src="../../functieknoppen/functieknoppendichtkunst.htm" frameborder="0" width="100%" height="100%" scrolling="no"></iframe>
                    </td>
                    <td><center>
                    <?php
// database settings are left away for security reasons.
$query = sprintf("SELECT PName,UName,PText,URL From gedichten WHERE category = 'test' ORDER BY PName DESC");
$result = mysql_query($query);
while($urlgedicht = mysql_fetch_array($result)) {
print "<ul><li><a href=testgedicht.php?{$urlgedicht['URL']}>{$urlgedicht['PName']} | {$urlgedicht['UName']}</a></li></ul>";
}
?>
<p>
<p><a href="ADD.php">Add a new poem.</a>
                    </center></td>
                </tr>
            </tbody>
        </table>
    </body>
</html>

 

The page where you can add a new poem to the test category: named ADD.php

<html>
<head><title>Gedichten</title>
        <link href='../../standard.css' type='text/css' rel='stylesheet' />
<link href='natuur.css' type='text/css' rel="stylesheet" />
</head>
<body>
<table class='look' height='100%' width='100%' border='1'>
            <tbody>
                <tr>
                    <td width='10%' height='100%'><iframe class='frames' src='../../functieknoppen/functieknoppennatuur.htm' frameborder='0' width='100%' height='100%' scrolling='no'></iframe>
                    </td>
                    <td><center>
                    <?php
// database settings

$query = sprintf("SELECT COUNT(DISTINCT URL) FROM gedichten WHERE category='TEST'");
$result = mysql_query($query);
list($url) = mysql_fetch_row($result);
$url = $url + 1;
print "<form action='' method='POST'>
		Jou Naam: <input type='text' maxlength='35' Name='UName'><br>
		Gedicht Naam: <input type='text' maxlength='35' Name='PName'><br>
		Auteur Naam: <input type='text' maxlength='35' Name='Auteur'><br>
		bundel: <input type='text' maxlength='35' Name='bundel'><br>
		Jaartal: <input type='text' maxlength='35' Name='jaartal'><br>
		Poem Text: <textarea COLS='60' ROWS='5' Name='PText'></textarea>
		<input type='hidden' name='URL' Value='{$url}'><br>
		<input type='submit' Value='Add!' name='submit'> <input type='reset'>
	</form>";
$query = sprintf("SELECT COUNT(DISTINCT id) FROM gedichten");
$result = mysql_query($query);
list($id) = mysql_fetch_row($result);
$id = $id + 1;
$pname = $_POST['PName'];
$uname = $_POST['UName'];
$ptext = $_POST['PText'];
$auteur = $_POST['Auteur'];
$bundel = $_POST['bundel'];
$jaartal = $_POST['jaartal'];
$ip = $_SERVER['REMOTE_ADDR'];
$added = date("d/m/y : H:i:s", time()) ;
$str = "test=";
$url = "{$str}" . "{$_POST['URL']}";

if($_POST['submit']) {
	if(empty($_POST['PName'])) {
		print "<script type='text/javascript'>alert('Je hebt geen gedichten naam geschreven!');</script>";
	} elseif(empty($_POST['UName'])) {
		print "<script type='text/javascript'>alert('Je hebt je naam niet geschreven!');</script>";	
	} elseif(empty($_POST['PText'])) {
		print "<script type='text/javascript'>alert('je hebt geen gedicht geschreven!');</script>";
	} elseif(empty($_POST['Auteur'])) {
		print "<script type='text/javascript'>alert('Je hebt geen Auteur ingevuld, als je het niet weet, schrijf dan Onbekend of UnKnown!');</script>";
	} else {
		$query = sprintf("INSERT INTO gedichten(id,PName,UName,PText,URL,category,Auteur,bundel,jaartal,ip,added) VALUES ('$id','$pname','$uname','$ptext','$url','test','$auteur','$bundel','$jaartal','ip','added')");
		$result = mysql_query($query);
		print "<script type='text/javascript'>alert('Je gedicht is toegevoegd aan de 'Natuur' categorie);</script><a href='test.php'>Zie alle gedichten</a>";
}
}
?>
                    </center></td>
                </tr>
            </tbody>
        </table>
</body>
</html>

 

The page wich should show the poem you've clicked on in the test.php page. named: testgedicht.php

<?php
//database settings

if (isset($_GET['test'])) {
   $test = (int)$_GET['test'];
}else {
   $test = 0;
}

if(isset($test)) {
if($test = 0) {
	$PText = "THIS PAGE DOESN'T EXIST OR IS UNDER CONSTRUCTION";
	$PName = "ERROR";
} else {
	$str = "test=";
	$test = "{$str}" . "{$test}";
	$query = sprintf("SELECT PText from gedichten WHERE (category = 'test') AND (URL = '{$test}')",
		mysql_real_escape_string($_GET['test']));
	$result = mysql_query($query);
	list($PText) = mysql_fetch_row($result);

	$query = sprintf("SELECT PName from gedichten WHERE (category = 'test') AND (URL = '{$test}')",
		mysql_real_escape_string($_GET['test']));
	$result = mysql_query($query);
	list($PName) = mysql_fetch_row($result);
}
}
?>
<html>
<head>
<title><?php echo $PName; ?></title>
</head>
<body>
<?php
echo $PText;
?>
</body>
</html>

[Daniel0]

I will try it with the PK, but I don't know why it shouldn't work with the number in the link?

 

It's bad database and application design.

[RichardRotterdam]

And as a side-note, it's generally considered good practice to make name all variables, functions, classes, methods, properties, database tables, table fields, etc. in English regardless of what the output language is going to be like.

I partly agree on that. I also write everything in English but it is a matter of cosistency. If you write one thing in Dutch the other functions tables ect should also be Dutch. It's too confusing using multiple language so stick with one instead.

 

@DEVILofDARKNESS could you show what the tables look like and what datatypes are in there? I think you're using too many queries and you could prob just use one

[DEVILofDARKNESS]

In my previous tread I showed all the pages:

and this are my database types:

id tinyint(250)  auto_increment             

  UName text                                      UName = User Name, the person who added the page

  PName text                                      PName = Poem Name

  PText longtext                                  PText = the poem text

  bundel text                                      bundel = the name of the book where the poem was in.

  auteur text                                      auteur = Author

  jaartal year(4)                                  jaartal = year

  ip text                                            ip = ip-address

  URL text                                          URL = for example 4 if it is the fourth poem in the category.

added date               

  category text                                  category= one of the 7 category"s