granGripau Posted October 20, 2009 Share Posted October 20, 2009 I'm trying to create snippets of my articles in the cms I'm creating, and then have them redirect to to a single page entry of the article. Right now my snippets and "read more" links are dynamic and working fine, when I click on the "read more" link it redirects to the 'single page entry' page, but it always pulls up the article with id=1, even if the link is from id=23, and the adressbar reads articles.php?id=23. How do I successfully pull up the corresponding id'd article? any tips would be greatly appreciated! Snippets: <?php require("sources/connection.php"); $sql = "SELECT title, snippet, body_text, id FROM articles ORDER BY id DESC LIMIT 5" ; $result = $conn->query($sql) or die(mysqli_error()); if($result){ while ($row = $result->fetch_object()){ echo "<h4>" . $row->title . "</h4>"; echo $row->snippet; echo "</br>"; echo "<a href='/jquery/articles.php?id=" . "$row->id'"; echo ">< Read more ></a>"; } } ?> Articles: <?php require("sources/connection.php"); $sql = "SELECT title, body_text, id FROM articles LIMIT 1" ; $result = $conn->query($sql) or die(mysqli_error()); if($result){ $row = $result->fetch_object(); echo "<h4>" . $row->title . "</h4>"; echo $row->body_text; } ?> SQL: CREATE TABLE IF NOT EXISTS `articles` ( `id` int(20) NOT NULL AUTO_INCREMENT, `rel_id` int(20) NOT NULL, `title` varchar(255) NOT NULL, `snippet` longtext NOT NULL, `body_text` longtext NOT NULL, `who_id` varchar(50) NOT NULL, `timestamp` int(20) NOT NULL, `url` varchar(20) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=4 ; Thanks in advance! Link to comment https://forums.phpfreaks.com/topic/178340-help-pulling-in-id-with-read-more-link/ Share on other sites More sharing options...
Bricktop Posted October 20, 2009 Share Posted October 20, 2009 Hi granGripau, In the MySQL statement on your articles.php page you need to have a WHERE clause. For example: $sql = "SELECT title, body_text, id FROM articles WHERE id = '".$_GET['id']."' LIMIT 1" ; The above code will work but will not protect against possible MySQL injection attacks so add some sort of validation/sanitisation. Using the below make_safe() function I've been using for a while should suffice: <?php function make_safe($unsafe) { require("sources/connection.php"); $safe = mysql_real_escape_string(strip_tags(trim($unsafe))); return $safe; } require("sources/connection.php"); $sql = "SELECT title, body_text, id FROM articles WHERE id = '".make_safe($_GET['id'])."' LIMIT 1" ; $result = $conn->query($sql) or die(mysqli_error()); if($result){ $row = $result->fetch_object(); echo "<h4>" . $row->title . "</h4>"; echo $row->body_text; } ?> Hope this helps. Link to comment https://forums.phpfreaks.com/topic/178340-help-pulling-in-id-with-read-more-link/#findComment-940374 Share on other sites More sharing options...
granGripau Posted October 20, 2009 Author Share Posted October 20, 2009 Bricktop, you are awesome! That worked like a charm. Thanks for the heads up on the security too, when I tried to integrate the makesafe function I got a bunch of errors, I'll play with it for a while to see what I can do. Thanks again! Link to comment https://forums.phpfreaks.com/topic/178340-help-pulling-in-id-with-read-more-link/#findComment-940409 Share on other sites More sharing options...
Bricktop Posted October 20, 2009 Share Posted October 20, 2009 No problem granGripau, I'm glad you got it working. I've just noticed you're using mysqli, so have a look at mysqli_real_escape_string(). Hope this helps. Link to comment https://forums.phpfreaks.com/topic/178340-help-pulling-in-id-with-read-more-link/#findComment-940415 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.