FabianN Posted May 24, 2009 Share Posted May 24, 2009 Ok, I'm taking over a company website after the original web master quit. I haven't done any PHP in about a year, so I'm somewhat rusty and if someone could just clarify some of these things, that would be great. I'm sure I'll come across it later in my reviews and reading of code books, but it would be easier for me to get working on this site if I knew what it did now, instead of later. First, I believe he put this in for security, but I'm not sure what this snippet of code is doing. It is located after each page that has a MySQL connect script and right before MySQL database query (unfortunately, he decided to put the connect on each individual page instead of one file thats included :-\). Mostly, I want to be ensured that I could take this and just add it to the included MySQL connection file that I built, though it would be nice if I knew what it did. <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } This is the same on every page he made that has a MySQL connection script in it, and in the same relative location. The other thing he did that I'm not completely sure about the use of <?php do { ?> in this next snippet of code (line two) <tr class="inventory_table_descriptor"><td>Description</td><td align="right">Price</td></tr> <?php do { ?> <?php $class = ($class == 'odd') ? 'even' : 'odd'; ?> <tr class="<?php echo $class ?>"> <td><?php echo $row_WindowsXP['description']; ?></td> <td align="right">$<?php echo $row_WindowsXP['price']; ?></td> </tr> This is placed in the page after the start of the HTML, right before the script starts to place the data that was retrieved from the database into a table. Mostly, does the script need to be opened and closed like that just for the "do {" function? Isn't that kinda redundant? Quote Link to comment Share on other sites More sharing options...
hitman6003 Posted May 24, 2009 Share Posted May 24, 2009 There should be a closing " } while ..." statement for the do loop which will show exactly what it's looping through. It looks to be going through what are probably query results. The function simply escapes data and ensures it is of the correct type before using it in a SQL query. It is a sanitization routine. Quote Link to comment Share on other sites More sharing options...
FabianN Posted May 24, 2009 Author Share Posted May 24, 2009 There should be a closing " } while ..." statement for the do loop which will show exactly what it's looping through. It looks to be going through what are probably query results. The function simply escapes data and ensures it is of the correct type before using it in a SQL query. It is a sanitization routine. Yea, I got that, my question on that snippit is that, couldn't I just take <?php do { ?> <?php $class = ($class == 'odd') ? 'even' : 'odd'; ?> And turn it into <?php do { $class = ($class == 'odd') ? 'even' : 'odd'; ?> A bit further down there is the closing "} while" statement. I just want to make sure it is I who is not crazy in that the open and close of php in that snippet there was completely pointless and redundant in functional use. The first code group is really my biggest concern. I just really noticed this and thought that it seemed kinda pointless, to open and close the php script just for "do {", and wanted to be completely sure that I'm not crazy here. (as I delve deeper into this code, I have to keep facepalming at some of the pointless stuff done. All functional, just messy) Quote Link to comment Share on other sites More sharing options...
hitman6003 Posted May 24, 2009 Share Posted May 24, 2009 Yes, you can remove the close/open php tag pair without it affecting anything. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.