only certain values in string

[dadamssg]

how do i check to see whether a string only has certain variables. I'm getting the category variable through GET. The only categories there are are sports, performance, organization, random, and surrounding. so i want to check to see if the words match. something like below

 

<?php

$category = urldecode($_GET['category']);

//check to see if it ONLY consists of the categories above

[Mark Baker]

$validCategories = array('sports', 'performance', 'organization', 'random', 'surrounding');
$category = urldecode($_GET['category']);
if (in_array($category,$validCategories)) {
   ...
} else {
   ...
}

[dadamssg]

thats what i had, but it's not working...

 

<?php
//set category
$accepted_values = array('organization', 'sports', 'performance', 'random', 'surrounding');
$cate= urldecode($category);
if(in_array($cate, $accepted_values))
    {
     $cat = " AND event IN $cat_sql ";
    }else 
    { 
     $cat = "";
    }

 

my $cat variable is empty when i do something like this

 

mysite.com/api.php?category=sports+performance

 

it works when i just use one category in the url though

[JonnoTheDev]

Category is in the GET array. It is not global!

<?php
if(in_array(urldecode($_GET['category']), array('sports', 'performance', 'organization', 'random', 'surrounding'))) {
print "valid";
}
else {
print "invalid";
}
?>

mysite.com/api.php?category=sports+performance would return 'sports performance'. This is not a category! You should not pass category names through the url in this fashion especially as strings! Use their database ids

 

[dadamssg]

thats a negative on that one too...same thing, works with one category but not with two

[Mark Baker]

thats a negative on that one too...same thing, works with one category but not with two

What do you mean "with two". Is $_GET['category'] a list of category values rather than a single value?

 

Where does $cat_sql come from? what value does it contain?

$cat = " AND event IN $cat_sql ";

 

[JonnoTheDev]

thats a negative on that one too...same thing, works with one category but not with two

Because you would need to explode the values in the url as an array. If you use strings you have no delimeter. However ids could be comma separated

i.e. mysite.com/api.php?category=1,2,75

<?php
$categories = explode(",",$_GET['category']);
$validUrlCategories = array();
foreach($categories as $category) {
if(in_array($category, array(1,2,3,4,75))) {	
	$validUrlCategories[] = $category;
}
}
if(count($validUrlCategories)) {
print "the url contains the following valid categories: ".implode(",", $validUrlCategories);
}
else {
print "no valid categories in url";
}
?>

[dadamssg]

yeah thats my whole goal, to have multiple values for $_GET['category']. So

 

mysite.com/api.php?category=performance

mysite.com/api.phP?category=performance+sports

mysite.com/api.phP?category=performance+sports+random

 

should all  be acceptable

 

mysite.com/api.phP?category=performance+sports+23dsgkl

 

should not be accepted

 

$cat_sql is formatting the words found in $_GET['category'] with apostrophes and commas to be right for the query. It works fine.

[JonnoTheDev]

Read my above post. The code is there for you to manipulate. However passing strings in this fashion through the URL is poor but hey it's your project.

[dadamssg]

alright thanks...this isn't really the same topic but how would i use preg_replace to replace commas with spaces?