not sure about this echo statement

[futrose]

I am having a problem echoing a line of code.  I am doing this on my local machine.  Anyway, here are the to files involved...

 

home.php

<?php
include $_SERVER['DOCUMENT_ROOT'] . '/includes/helpers.inc.php';

include $_SERVER['DOCUMENT_ROOT'] . '/includes/doctype.inc.php';

include $_SERVER['DOCUMENT_ROOT'] . '/includes/head.inc.php';
?>

</head>
<body>
<div id="wrapper">
<!-- start horizontal navigation -->
<?php
include $_SERVER['DOCUMENT_ROOT'] . '/includes/topnav.inc.php';
?>
<!-- end horizontal navigation -->
<div id="content">
<h1><?php echo htmlout($cattitle); ?></h1>
<span class="desc"><?php echo ($catdesc); ?></span>

<?php
include $_SERVER['DOCUMENT_ROOT'] . '/info.php';
?>



</div>

<!-- start footer -->
<?php
include $_SERVER['DOCUMENT_ROOT'] . '/includes/footer.inc.php';
?>
<!-- end footer -->
</div>
</body>
</html>

 

and

 

info.php

<?php

$result = mysqli_query($link, 'SELECT * From includes where catid  ='.$_GET['id']);
if (!$result)
{
$error = 'Error getting categories: ' . mysqli_error($link);
include 'error.php';
exit();
}

while ($row = mysqli_fetch_array($result))
{
$inc[] = array('id' => $row['id'], 'include' => $row['include'], 'inc_orderby' => $row['inc_orderby'], 'inc_avail' => $row['inc_avail']);
}

foreach ($inc as $include):
{
echo "include $_SERVER['DOCUMENT_ROOT'] . '/includes/' . $row['include'];";
}
endforeach;
  
?>

 

I can't get the echo statement at the bottom of info.php

echo "include $_SERVER['DOCUMENT_ROOT'] . '/includes/' . $row['include'];";

to show up correctly on the home.php page in this spot.

include $_SERVER['DOCUMENT_ROOT'] . '/info.php';

 

what i am attempting to do is loop through some additional information relevant to the page a user selects on the site and display it. (I still have to set up some qualifying statements but this was just the first step to see if anything would show up)

 

This is the parse error I get. Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\info.php on line 18

 

I've tried messing with the quotes in the echo statement cause I'm sure they aren't right but I never came up with a quote combination that worked.  I'm assuming that is the problem.  Anyway thanks for taking a look.

[Pikachu2000]

Although I truly can't think of a reason why you'd have the script structured as you do, there's no need to use echo if what you're trying to do is include the files returned by the db query.

 

echo $seasonview;
foreach ($inc as $include) {
include "{$_SERVER['DOCUMENT_ROOT']}/includes/$include";
}

[futrose]

Hi Pikachu2000 - Thanks for replying.  I'm don't understand why you have the

echo $seasonview;

line in there. 

 

Although I truly can't think of a reason why you'd have the script structured as you do

I'm new to php (obviously) and don't have a clue what the best way is to do things.  Basically just doing what I know if it seems to make sense.  Any other insight on how to better structure the code would be greatly appreciated.

[Pikachu2000]

Oh, sorry, didn't notice that. It's from another script I was editing. You can ignore that line . . .

[futrose]

Ha, Ok I guess it is a little encouraging to know that i can recognize when something doesn't quite look like it fits.

 

When I put change the code to the way you have it I get a new parse error that says.

 

Parse error: syntax error, unexpected T_ENDFOREACH in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\info.php on line 23

 

don't you always have to end a foreach with an endforeach statement?

[Pikachu2000]

No. That's an alternate syntax, and shouldn't be mixed with the curly braces. You'll probably find it easier to organize/read your code using the curlies . . .

[Anti-Moronic]

Also, pay close attention to this:

 

mysqli_query($link, 'SELECT * From includes where catid  ='.$_GET['id']);

 

Huge security problem. NEVER use unvalidated, unfiltered variables like this. This mainly means $_GET and $_POST. Anybody can change this $_GET variable using the address bar.

 

Instead, you first validate:

 

$_GET['id'] = (int) $_GET['id'];

 

..this will convert the $_GET['id'] into an integer which ensures your script is working with a number and not a malicious piece of code.

[futrose]

Thanks to both of you.  I added the line to validate the ID. 

 

$_GET['id'] = (int) $_GET['id'];
$result = mysqli_query($link, 'SELECT * From includes where catid  ='.$_GET['id']);

 

I think I may have been a little vague on what I am trying to do with my "include".

 

I want this line of code in home.php

<?php
include $_SERVER['DOCUMENT_ROOT'] . '/info.php';
?>

 

to only "include" the values in the 'include' => $row['include'] part of this line in info.php

$inc[] = array('id' => $row['id'], 'include' => $row['include'], 'inc_orderby' => $row['inc_orderby'], 'inc_avail' => $row['inc_avail']);

 

the rest of the stuff in that array I want to use to be able to change the order the include files are displayed in if there are more than 1, only show if inc_avail = Y... etc.

 

I have/will have a few different templates set up in my /includes directory that depending on which link is clicked will show the appropriate template. 

 

I changed the code to look like this

foreach ($inc as $incl) 
{
include "{$_SERVER['DOCUMENT_ROOT']}/includes/{$incl['include']}";
}

 

and it now shows the information from the includes/ file I wanted.

 

Am I going about this the hard way logically?