Jump to content


Photo

URL Variables only work as numbers?


  • Please log in to reply
11 replies to this topic

#1 Mutley

Mutley
  • Members
  • PipPipPip
  • Advanced Member
  • 765 posts

Posted 30 September 2006 - 08:57 PM

I did this:
?user=1
...and it works but if I change my database entry to a word like "test" instead of "1", it doesn't work and just displays this:

Unknown column 'test' in 'where clause'

Any ideas why?
~ Mutley.

#2 extrovertive

extrovertive
  • Members
  • PipPipPip
  • Advanced Member
  • 235 posts

Posted 30 September 2006 - 08:59 PM

Post your query.

#3 Mutley

Mutley
  • Members
  • PipPipPip
  • Advanced Member
  • 765 posts

Posted 30 September 2006 - 09:06 PM

$userid = $_GET['user'];
if($userid) {
	$sql  = "SELECT * ";
	$sql .= "FROM style ";
	$sql .= "WHERE user_id=".$userid." ";

	$result = mysql_query($sql) or die (mysql_error());
	
	if(mysql_num_rows($result) == 1) {
	
		$row = mysql_fetch_array($result);

~ Mutley.

#4 extrovertive

extrovertive
  • Members
  • PipPipPip
  • Advanced Member
  • 235 posts

Posted 30 September 2006 - 09:14 PM

$userid = $_GET['user'];
if($userid) {
	$sql  = "SELECT * ";
	$sql .= "FROM style ";
	$sql .= "WHERE user_id = '$userid' ";

	$result = mysql_query($sql) or die (mysql_error());
	
	if(mysql_num_rows($result) == 1) {
	
		$row = mysql_fetch_array($result);
            }

What happens now?

#5 JasonLewis

JasonLewis
  • Members
  • PipPipPip
  • Advanced Member
  • 3,351 posts
  • LocationVictoria, Australia

Posted 01 October 2006 - 09:05 AM

if i were u i would re-write this as this.
$userid = $_GET['user'];
if($userid) {
$sql  = "SELECT * FROM `style` WHERE `user_id`='".$userid."'"; //Put all this in one line and add the ` and the '

	$result = mysql_query($sql) or die (mysql_error());
	
	if(mysql_num_rows($result) == 1) {
	
		$row = mysql_fetch_array($result);

try it. c if it works
Good luck with your coding.
Jason / ProjectFear / Jaysonic

#6 Daniel0

Daniel0
  • Staff Alumni
  • Advanced Member
  • 11,956 posts

Posted 01 October 2006 - 09:16 AM

Even better:
if(!empty($_GET['user']))
{
	$result = mysql_query("SELECT * FROM style WHERE user_id='{$_GET['user']}'") or die (mysql_error());
	if(mysql_num_rows($result) == 1)
	{
		$row = mysql_fetch_array($result);


#7 JasonLewis

JasonLewis
  • Members
  • PipPipPip
  • Advanced Member
  • 3,351 posts
  • LocationVictoria, Australia

Posted 01 October 2006 - 09:29 AM

yes but some ppl dont like putting the query straight into mysql_query. i used to do it. ur way is just neater, well its my way as well. but i use OOP so mine would be $DB->query
Good luck with your coding.
Jason / ProjectFear / Jaysonic

#8 Daniel0

Daniel0
  • Staff Alumni
  • Advanced Member
  • 11,956 posts

Posted 01 October 2006 - 09:33 AM

I don't see the point in first making a variable with the query and then pass the variable to the query function except if you are going to use the query variable more times (like a debug page or something).

#9 extrovertive

extrovertive
  • Members
  • PipPipPip
  • Advanced Member
  • 235 posts

Posted 01 October 2006 - 09:37 AM

Even better II.
if(preg_match("/^[0-9]+$/", $_GET['user']))
{
$user_id = $_GET['user'];
      
             $sql = "SELECT * FROM style WHERE user_id='{$user_id}'"; 
	$result = mysql_query($sql) or die (mysql_error());
	if(mysql_num_rows($result))
	{
		$row = mysql_fetch_array($result);


#10 Daniel0

Daniel0
  • Staff Alumni
  • Advanced Member
  • 11,956 posts

Posted 01 October 2006 - 09:38 AM

Instead of
if(preg_match("/^[0-9]+$/", $_GET['user']))
you could just use
if(is_numeric($_GET['user']))


#11 extrovertive

extrovertive
  • Members
  • PipPipPip
  • Advanced Member
  • 235 posts

Posted 01 October 2006 - 09:39 AM

Ok, that's even better III.

#12 Mutley

Mutley
  • Members
  • PipPipPip
  • Advanced Member
  • 765 posts

Posted 01 October 2006 - 09:52 AM

Why is it better? I'm not ace at PHP so can't just see how it is better. THanks alot though. :)
~ Mutley.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users