$php_mysql$ Posted August 24, 2011 Share Posted August 24, 2011 friends my url is like this Category=Love&ID=1 now in url if i do something like this Category4637=Hate19203&ID=1 the details are still showing, how can i fix this? if someone type Capegory instead of Category and a wrong category name which do not exist with that id in db send them to index.php? Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/ Share on other sites More sharing options...
WebStyles Posted August 24, 2011 Share Posted August 24, 2011 what details are still showing? how are you checking the fields? how are you retrieving them from database? *need to see more code* thanks Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261282 Share on other sites More sharing options...
$php_mysql$ Posted August 24, 2011 Author Share Posted August 24, 2011 ah got the solution L-) $match_link = array("Love","Hate"); if (!in_array($_REQUEST['Category'],$match_link)){ header("location: index.php"); } works great :-) Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261284 Share on other sites More sharing options...
WebStyles Posted August 24, 2011 Share Posted August 24, 2011 what I was asking, specifically, is how are you grabbing the url variables, and how are you querying the database. Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261288 Share on other sites More sharing options...
$php_mysql$ Posted August 24, 2011 Author Share Posted August 24, 2011 oh i was grabbing it like this $cat = clean($_REQUEST['Category']); $ID = clean($_REQUEST['ID']); and for querying the database i made a function and i fetch it by the id which come along with the url over all it looked like this $cat = clean($_REQUEST['Category']); $ID = clean($_REQUEST['ID']); $details = getDetails($ID);// the query in the function is like select from tbl as d where d.id=$ID Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261293 Share on other sites More sharing options...
WebStyles Posted August 24, 2011 Share Posted August 24, 2011 the query in the function is like select from tbl as d where d.id=$ID then the category is not being used ? Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261300 Share on other sites More sharing options...
$php_mysql$ Posted August 24, 2011 Author Share Posted August 24, 2011 oh no its getting details just by the id. do i recommend also getting the category name? Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261308 Share on other sites More sharing options...
WebStyles Posted August 24, 2011 Share Posted August 24, 2011 Your question was: now in url if i do something like this Category4637=Hate19203&ID=1 the details are still showing, how can i fix this? so yes, since you're only using the ID=1 to grab the results, the other variable is not doing anything. Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261310 Share on other sites More sharing options...
$php_mysql$ Posted August 24, 2011 Author Share Posted August 24, 2011 thanks gonna do that :-) Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261327 Share on other sites More sharing options...
$php_mysql$ Posted August 24, 2011 Author Share Posted August 24, 2011 ok help required how am i to check if $cat = clean($_REQUEST['Category']); which is Love as in Category=Love?ID=1 the name Love exist in database with the following id 1? the db structure is like id image title category time $cat = clean($_REQUEST['Category']); $ID = clean($_REQUEST['ID']); Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261388 Share on other sites More sharing options...
WebStyles Posted August 24, 2011 Share Posted August 24, 2011 mysql_query("select `field1`,`field2` from `table` where `id` = '$id' and `category`='$cat'"); Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261391 Share on other sites More sharing options...
$php_mysql$ Posted August 24, 2011 Author Share Posted August 24, 2011 yes that i know but how will i check if $cat exist in $ID if not headers elsewhere? Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261400 Share on other sites More sharing options...
WebStyles Posted August 24, 2011 Share Posted August 24, 2011 your question was: how am i to check if (...) the name Love exist in database with the following id 1? The code I gave you search for rows where id=$id and category=$cat... so, if there's no match, it will return empty. Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261404 Share on other sites More sharing options...
$php_mysql$ Posted August 24, 2011 Author Share Posted August 24, 2011 ah solved solution my function ////////////////////////////////////Check function detailsCheck($id) { $id = ""; $sql =" SELECT category FROM tbl WHERE id='$id'"; $rs = executeSql($sql); $id = mysql_fetch_array($rs); return $id[0]; } and did a check if(detailsCheck($ID) !== $cat){ header("location: index.php"); } :-) cheers, thanks again \m/ Link to comment https://forums.phpfreaks.com/topic/245571-details-display-even-if-category-is-types-wrong-in-url/#findComment-1261407 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.