GET function

[onthespot]

So say the get function called on

news=13

 

or

 

user=ben

 

What happens if it calls on something that doesn't exsist.

Say the news only goes up to 13, and they call 14.

Or a user "james" doesn't exist.

How do I place an error message on these types of problems?

[KevinM1]

So say the get function called on

news=13

 

or

 

user=ben

 

What happens if it calls on something that doesn't exsist.

Say the news only goes up to 13, and they call 14.

Or a user "james" doesn't exist.

How do I place an error message on these types of problems?

 

Well, first, to get a technicality (and pet peeve of mine) out of the way, $_GET is not a function.  It's a superglobal array filled with values passed into a script via query string.  Big difference.

 

Anyhoo, to get to your problem, you should know what incoming $_GET values are legit.  In other words, you should know that, like you say, news only has 13 items.  Knowing that, you simply need to test if the incoming value is good (in this case, less than or equal to 13).  If so, they proceed normally.  If not, write the error message and/or redirect back to the homepage.

 

In pseudo-code, something like:

if($_GET['news'] <= 13)
{
   /* proceed to the news item */
}
else
{
   /* echo error, and give link to redirect back to home */

   echo "The page you're looking for doesn't exist.  Please go back to <a href=\"index.php\">home</a> and try again.  If the problem persists, contact our webmaster.";
}

[onthespot]

Thats a great response, but the 13 is only how many ID's there are so far, what if it continues to grow. Is there a better way to do this? Say if the Id entered isn't correct an error page displays, as that page doesnt exist for that id. This could also work for usernames in the url.

[p2grace]

Query the db using that id, then use mysql_num_rows() to determine if there were any results.  If there was display the output, if there isn't produce an error.

[onthespot]

So I can do this with (user=ben) too, check if there are any rows that have that user? Thats an awesome idea, cheers mate

[onthespot]

$news=mysql_real_escape_string($_GET['news']);

if(!is_numeric($news)){

echo 'This piece of news does not exist. Back to <a href="news.php">News</a>';
exit();
}else{

$res=mysql_query("SELECT * FROM ".TBL_NEWS." WHERE newsid=$news");
while($news2=mysql_num_rows($res)){
if $news == 0;
echo 'error';
exit();
}else{
}
while($row=mysql_fetch_assoc($res)){

$posted=$row['posted'];
$date=$row['date'];
$comment=$row['comment'];
$subject=$row['subject'];

 

This is the code I came up with, but it's not working correctly, could you give me an further guidance, have tried but think there are small parts that are wrong. Thanks

[onthespot]

include("include/session.php");
$news=mysql_real_escape_string($_GET['news']);

if(!is_numeric($news)){

echo 'This piece of news does not exist. Back to <a href="news.php">News</a>';
exit();
}else{

$res=mysql_query("SELECT * FROM ".TBL_NEWS." WHERE newsid=$news");
while($row=mysql_fetch_assoc($res)){

$posted=$row['posted'];
$date=$row['date'];
$comment=$row['comment'];
$subject=$row['subject'];

$result = mysql_query("SELECT * FROM ".TBL_NEWS." WHERE newsid=$news");
$num_rows = mysql_num_rows($result);
if(($num_rows) == 0){
echo "invalid\n";
exit();
}else{
echo "oi";

 

Got this code with

 

}}

at the very bottom of the script.

This doesn't appear to be working either, can anyone help?

[onthespot]

Can anyone help with me this?

[aschk]

What is TBL_NEWS ?

 

Also, if you want to know the number of records in a table you want to change your SQL query really.

 

SELECT COUNT(*) as 'num' FROM <table name here> WHERE newsid = '{$newsid}'

 

Make sure to fill in the missing parts from above.

 

Also echo mysql_error(); to see if you get an error from your SQL query.