Jump to content

session vars in a mysql query

imperium2335

By imperium2335
in PHP Coding Help

 Share

Recommended Posts

imperium2335 Advanced Member

imperium2335

Posted
Posted

Hi, how do I get session vars into a mysql query?

 

$word = $_GET['word'];

$type = $_GET['type'] ;

$flavor = $_GET['flavor'] ;

$tiers = $_GET['tiers'] ;

$serves = $_GET['serves'] ;

$price = $_GET['price'] ; 

 

session_register("word") ;

session_register("type") ;

session_register("flavor") ;

session_register("tiers") ;

session_register("serves") ;

session_register("price") ;

 

$HTTP_SESSION_VARS["word"] = $word ;

$HTTP_SESSION_VARS["type"] = $type ;

$HTTP_SESSION_VARS["flavor"] = $flavor ;

$HTTP_SESSION_VARS["tiers"] = $tiers ;

$HTTP_SESSION_VARS["serves"] = $serves ;

$HTTP_SESSION_VARS["price"] = $price ;

 

$sql = "SELECT COUNT(*) FROM image_bank WHERE price LIKE $_SESSION[price]";

 

Ive tried a few ways, this is the latest one :(

Link to comment
https://forums.phpfreaks.com/topic/150263-session-vars-in-a-mysql-query/
Share on other sites
corbin Regular Member

corbin

Posted
Posted

Whoa!  You're using way deprecated stuff for sessions.

 

 

session_start() and $_SESSION are what you should be using unless you're using a super old PHP version.

 

 

 

Aside from that, your SQL syntax is wrong.  LIKE takes a string, so it should be LIKE '{$SESSION['price']}'

 

 

(Note that price is in quotes by the way.  When a string is not in quotes in PHP, it is checked as a constant, and if the constant does not exist, it is then used as a literal string.  In other words, you cause an extra step and a warning when you do that.)

redarrow Advanced Member

redarrow

Posted
Posted 

<?php session_start();

$word = $_GET['word'];
$type = $_GET['type'] ;
$flavor = $_GET['flavor'] ;
$tiers = $_GET['tiers'] ;
$serves = $_GET['serves'] ;
$price = $_GET['price'] ; 

$_SESSION['word'] = $word ;
$_SESSION['type'] = $type ;
$_SESSION['flavor'] = $flavor ;
$_SESSION['tiers'] = $tiers ;
$_SESSION['serves'] = $serves ;
$_SESSION['price'] = $price ;

$sql = "SELECT COUNT(*) FROM image_bank WHERE price LIKE '{$_SESSION['price']}'";

?>

redarrow Advanced Member

redarrow

Posted
Posted

geek way.

<?php session_start();

$_SESSION['word'] = $_GET['word'] ;
$_SESSION['type'] = $_GET['type'];
$_SESSION['flavor'] = $_GET['flavor'];
$_SESSION['tiers'] = $_GET['tiers'];
$_SESSION['serves'] = $_GET['serves'] ;
$_SESSION['price'] = $_GET['price'];

if(isset($_SESSION['price'])){

$sql = "SELECT COUNT(*) FROM image_bank WHERE price LIKE '%".mysql_real_escape_string($_SESSION['price'])."%'";

}
?>

imperium2335 Advanced Member

imperium2335

Posted
  • Author
Posted

hehe i've tried about 50 tutorials including that, i can never get it to work properly :(

 

My search has multiple fields so it is more complex than theirs i think, this is it so far:

 

<?PHP

 

session_start() ;

 

echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<title>Cake Photos Decorators Suppliers</title>

<meta name="keywords" content="" />

<meta name="description" content="" />

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

 

<link href="../cakes-css.css" rel="stylesheet" type="text/css" />

</head>

 

<body>

<div id="page">' ;

include "../includes/headnav.html" ;

echo '<div id="head"></div>

 

<div id="search">' ;

include "../includes/header-search.html" ;

echo '</div>

<div id="sidebar">' ;

include "../includes/sidenav.html" ;

echo'</div>

<div id="main">' ;

 

if (!file_exists("dbconnect.php"))

{

die("Database settings not found, administrator intervention required.") ;

}

else

{

require("dbconnect.php") ; //Must connect to the database.

}

 

$word = $_GET['word'];

$type = $_GET['type'] ;

$flavor = $_GET['flavor'] ;

$tiers = $_GET['tiers'] ;

$serves = $_GET['serves'] ;

$price = $_GET['price'] ; 

 

$_SESSION['word'] = $word ;

$_SESSION['type'] = $type ;

$_SESSION['flavor'] = $flavor ;

$_SESSION['tiers'] = $tiers ;

$_SESSION['serves'] = $serves ;

$_SESSION['price'] = $price ;

 

 

//THIS IS THE VARIABLE THAT HAS THE POUND AND $ SYMBOLS IN.

 

//Strip symbols and malicious attempts.

 

$word = strip_tags($word) ;

 

//HTML default outputs the symbols even though they are coded in the drop down boxes, the below converts them back into their codes so they match with the codes in the database.

$symbol[0] = '£' ;

$symbol[1] = '&#x24;' ;

 

$replace[0] = '£' ;

$replace[1] = '$' ;

 

$price = str_replace($replace,$symbol,$price) ;

 

$def = "Dont Specify" ; //Default value for drop down boxes

 

if(!isset($word) || $word == "Enter Search Term" || $word == "") //If the word field has nothing in or has default text then...

{

unset($word) ; //Force clear.

}

if($_SESSION['type'] == $def)

{

unset($_SESSION['type']) ;

}

if($flavor == $def)

{

unset($flavor) ;

}

if($tiers == $def)

{

unset($tiers) ;

}

if($serves == $def)

{

unset($serves) ;

}

if($price == $def)

{

unset($price) ;

}

 

if(!isset($word) && !isset($type) && !isset($flavor) && !isset($tiers) && !isset($serves) && !isset($price)) //If nothing has been set...

{

echo '<h1>Cake Photos - Nothing Searched For</h1>

<p>You did not specify anything to search for.</p>

<p>Either enter a word into the word field, or make a selection from at least one drop down box.</p>' ; //Message.

echo '</div><div id="rightzone">' ;

//include 'random.php' ;

echo '</div>

<div id="footer">' ;

include "../includes/footer.html" ;

 

echo '</div>

</div>

 

</body>

</html>' ;

die ; include("dbdisconnect.php") ;//End script and disconnect from database.

}

 

if(isset($word))

{

include ('eliminator.php') ; //Include the word cleaner, deletes symbols etc.

include ('stemmer.php') ; //Include the Stemmer Algorythm, "tests" = "test" etc.

 

$stemmer = new PorterStemmer ; //Call class in the stemmer.php file.

$stemmed_string = $stemmer->stem(strtolower($word)); //force words to lower case.

 

$cleanup = new Cleaner ; //Call word cleaner class in the eliminator.php file.

$stemmed_string = $cleanup->parseString($stemmed_string) ;

 

$sanction = split(" ",$stemmed_string) ; //Spaces constiture a new word?

 

foreach ($sanction as $array => $V)

{

$x_string .= ''.$V.' ' ;

}

$x_string = substr($x_string,0,(strlen($x_string)-1)) ;

 

$split_stemmed = split(" ",$x_string) ;

 

while(list($key,$V)=each($split_stemmed))

{

if($V<>" " AND strlen($V) > 0){

$wordx .=  "(tags LIKE '%$V%' OR title LIKE '%$V%' OR Description LIKE '%$V%' OR decorator LIKE '%$V%') OR" ;

}

}

$wordx = substr($wordx,0,(strlen($wordx)-3)) ;

echo "<h2>You Searched for $word</h2>" ;

 

}

 

if(isset($type) && $type != $def)

{

if(isset($word))

{

$typex = "&& type LIKE '{$_SESSION['type']}'" ;

}

else

$typex = "type LIKE '{$_SESSION['type']}'" ;

}

 

if(isset($flavor) && $flavor != $def)

{

if(isset($word) || isset($type))

{

$flavorx = "&& flavor LIKE '{$_SESSION['flavor']}'" ;

}

else

$flavorx = "flavor LIKE '{$_SESSION['flavor']}'" ;

}

 

if(isset($tiers) && $tiers != $def)

{

if(isset($word) || isset($type) || isset($flavor))

{

$tiersx = "&& tiers LIKE '{$_SESSION['tiers']}'" ;

}

else

$tiersx = "tiers LIKE '{$_SESSION['tiers']}'" ;

}

 

if(isset($serves) && $serves != $def)

{

if(isset($word) || isset($type) || isset($flavor) || isset($tiers))

{

$servesx = "&& serves LIKE '{$_SESSION['serves']}'" ;

}

else

$servesx = "serves LIKE '{$_SESSION['serves']}'" ;

}

 

if(isset($price) && $price != $def)

{

 

if(isset($word) || isset($type) || isset($flavor) || isset($tiers) || isset($serves))

{

$pricex = "&& price LIKE '{$_SESSION['price']}'" ;

}

else

$pricex = "price LIKE '{$_SESSION['price']}'" ;

}

 

//Paging system.

 

// find out how many rows are in the table

$sql = "SELECT COUNT(*) FROM image_bank WHERE $wordx $typex $flavorx $tiersx $servesx $pricex";

$result = mysql_query($sql) or trigger_error("SQL", E_USER_ERROR);

$r = mysql_fetch_row($result);

$numrows = $r[0];

 

// number of rows to show per page

$rowsperpage = 10;

// find out total pages

$totalpages = ceil($numrows / $rowsperpage);

 

// get the current page or set a default

if (isset($_GET['currentpage']) && is_numeric($_GET['currentpage'])) {

  // cast var as int

  $currentpage = (int) $_GET['currentpage'];

} else {

  // default page num

  $currentpage = 1;

} // end if

 

// if current page is greater than total pages...

if ($currentpage > $totalpages) {

  // set current page to last page

  $currentpage = $totalpages;

} // end if

// if current page is less than first page...

if ($currentpage < 1) {

  // set current page to first page

  $currentpage = 1;

} // end if

 

// the offset of the list, based on current page

$offset = ($currentpage - 1) * $rowsperpage;

 

$sql = "SELECT * FROM image_bank WHERE $wordx $typex $flavorx $tiersx $servesx $pricex LIMIT $offset, $rowsperpage";

$resultx = mysql_query($sql) or trigger_error("SQL", E_USER_ERROR);

//$query = "SELECT * FROM image_bank WHERE $wordx $typex $flavorx $tiersx $servesx $pricex" ;

 

//$result = mysql_query($query) ;

 

//$rowamnt = mysql_num_rows($result) ; //Count how many results there are.

 

//if ($rowamnt > 0) //If there are more than 0 results...

//{

if($result == 1)

{

$s = "" ;

$w = "was" ;

}

else

{

$s = "s" ;

$w = "were" ;

}

echo "<p><strong>$numrows</strong> result$s $w found</p>" ;

while($row = mysql_fetch_assoc($resultx))

{

$dbtitle = $row['title'] ;

$dbdescr = $row['description'] ;

$dbtags = $row['tags'] ;

$dbdec = $row['decorator'] ;

$dbtiers = $row['tiers'] ;

$dbtype = $row['type'] ;

$dbflavor = $row['flavor'] ;

$dbserves = $row['serves'] ;

$dbprice = $row['price'] ;

$imgurl = $row['url'];

$thumburl = $row['thumb_url'] ;

$rating = $row['rating'] ;

 

echo "$dbtags" . "<br />" ;

echo "$dbtitle" . "<br />" ;

echo "Decorated by : $dbdec" . "<br />" ;

echo "Description : $dbdescr" . "<br />" ;

echo "$dbtiers tier cake" . "<br />" ;

echo "Type : $dbtype cake" . "<br />" ;

echo "Flavor : $dbflavor" . "<br />" ;

echo "Serves : $dbserves" . "<br />" ;

echo "Costs : $dbprice" . "<br />" ;

echo 'Information Page : <a href="' . "$imgurl" . '">' . "$imgurl" . "</a>" . "<br />" ;

echo '<img src="' . "$thumburl" . '" height="100" width="50" />' ;

echo "$rating" ;

}

/******  build the pagination links ******/

// range of num links to show

$range = 3;

 

// if not on page 1, don't show back links

if ($currentpage > 1) {

  // show << link to go back to page 1

  echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=1'><<</a> ";

  // get previous page num

  $prevpage = $currentpage - 1;

  // show < link to go back to 1 page

  echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=$prevpage'><</a> ";

} // end if

 

// loop to show links to range of pages around current page

for ($x = ($currentpage - $range); $x < (($currentpage + $range) + 1); $x++) {

  // if it's a valid page number...

  if (($x > 0) && ($x <= $totalpages)) {

      // if we're on current page...

      if ($x == $currentpage) {

        // 'highlight' it but don't make a link

        echo " [<b>$x</b>] ";

      // if not current page...

      } else {

        // make it a link

echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=$x'>$x</a> ";

      } // end else

  } // end if

} // end for

 

// if not on last page, show forward and last page links

if ($currentpage != $totalpages) {

  // get next page

  $nextpage = $currentpage + 1;

    // echo forward link for next page

  echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=$nextpage'>></a> ";

  // echo forward link for lastpage

  echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=$totalpages'>>></a> ";

} // end if

 

if($rowamnt < 1)

{

 

echo '<h1>Cake Photos - Nothing Found</h1>

<p>No cakes were found that match what you searched for.</p>

<p>Make sure your have entered a keyword OR have selected an item from atleast one drop down menu.</p>' ;

}

 

echo '</div><div id="rightzone">' ;

//include 'random.php' ;

echo '</div>

<div id="footer">' ;

include "../includes/footer.html" ;

 

echo '</div>

</div>

 

</body>

</html>' ;

 

include("dbdisconnect.php") ;

 

?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.