Jump to content

GET and Mysql for a game engine help

corrupshun

By corrupshun
in PHP Coding Help

 Share

Recommended Posts

corrupshun Member

corrupshun

Posted
Posted

Hello

I need help with a game php engine script i've been working on.

This is what it does:

Selects the inputted GET and corresponds to the gameid that it is.

such as if you go to game.php?gameid=2 it will go to game 2 and implement the path and title

I already created code that will fix if they put nothing or if they put gameid=(nothing)

My problem is, what if someone decides to go to game.php?gameid=blue ?

it results in an error code.

I want to make an if else statement that does not allow someone to type characters and will erase anything typed in other than an interger

maybe like:

 if($_GET['gameid'] == *non-int*) {
echo "Please try another game";
}
else {
//other stuffs
}

Heres my code:

<?php
include("inc/template.php");
echo "$headers";
$nothing = "";
if(!isset($_GET['gameid'])) {
include("inc/defaultgame.php");
}
elseif($_GET['gameid'] == $nothing){
include("inc/defaultgame.php");
}
else {
$con = mysql_connect("localhost","root","");
mysql_select_db("Corrupshun", $con);
$query = mysql_query("SELECT Title, Path FROM Games WHERE id = $_GET[gameid]");
while($row = mysql_fetch_assoc($query)) {
$gamepath = $row['Path'];
$gametitle = $row['Title'];
}
}//end else
?>
<title><?php echo "$title[game] $gametitle"; ?></title>
</head>
<body>
<?php echo "$banner"; ?>
<?php echo "$pagediv"; ?>
<?php echo "$nav"; ?>
<?php echo "$bodydiv"; ?>
<div class="h"><?php echo "$gametitle"; ?></div>
<?php echo "$paramstart"; ?>
<?php echo "$gamepath"; ?>
<?php echo "$paramend"; ?>
<?php echo "$divend"; ?><!--body-->
<?php echo "$news"; ?><!--news-->
<?php echo "$divend"; ?><!--page-->
<?php echo "$copyright"; ?>
</body>
</html>

The warning:

Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in B:\wamp\www\corrupshun\game.php on line 15

-Thanks!

-Austin

Link to comment
Share on other sites
Andy-H Advanced Member

Andy-H

Posted
Posted

You could check the gameid is an integer using ctype_digit, is_int or various other functions.

 

The general way of implementing this is to create a "whitelist" of allowed values and check the input against the list using in_array

 

ie.

 


$list = range(1,3);

if ( in_array($_GET['gameid'], $list) === false )
   die('Invalid game ID');

//rest of code...

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.