WAMFT1 Posted September 5, 2013 Share Posted September 5, 2013 I am trying to pull data from SQL where the ID and activation code match the record by using the URL to request the info. The form pulls up the first record but I cannot get it to return the correct id and code. URL example: www.domain.com/activate.php?id=7&ActivateCode=xajkdfjeklhwekjfhergh Not sure how to write this in the php, what I have tried does not seem to pull anything other than the first record in the system. <?php require('edb.php'); $id=$_REQUEST['id']; $ActivateCode=$_REQUEST['ActivateCode']; $result=mysql_query("SELECT * FROM `eusers` WHERE id = '$id' & ActivateCode = '$ActivateCode'"); $test=mysql_fetch_array($result); if (!$result) { die("Error: Data not found.."); } $FirstName=$test['FirstName']; $LastName=$test['LastName']; $State=$test['State']; $Username=$test['Username']; $Password=$test['Password']; $Email=$test['Email']; $Active=$test['Active']; $SecurityCode=$test['SecurityCode']; $AdviserCode=$test['AdviserCode']; $UserType=$test['UserType']; $ActivateCode=$test['ActivateCode']; if(isset($_POST['Submit'])) { $Password_save=sha1($_POST['Password']); $Email_save=$_POST['Email']; $Active_save=$_POST['Active']; $SecurityCode_save=$_POST['SecurityCode']; $ActivateCode_save=$_POST['ActivateCode']; mysql_query("UPDATE `eusers` SET Password ='$Password_save', Email ='$Email_save', Active ='$Active_save', SecurityCode ='$SecurityCode_save', ActivateCode ='$ActivateCode_save' WHERE id ='$id'") or die(mysql_error("Did not Save")); echo "Saved!"; header("Location: index.php"); } ?> Quote Link to comment https://forums.phpfreaks.com/topic/281879-multiple-url-parameters/ Share on other sites More sharing options...
Irate Posted September 5, 2013 Share Posted September 5, 2013 Use something like this... <?php $url = parse_url("www.domain.com/activate.php?id=7&ActivateCode=xajkdfjeklhwekjfhergh"); $query = $url[query]; $pair_match = explode("&",$query); # print_r($pair_match); $queries = array(); foreach($pair_match as $pair) { $queries[] = explode("=",$pair); } print_r($queries); ?> $queries[0] contains the first match, $queries[0][0] contains the first query, $queries[0][1] the value, and so on. Quote Link to comment https://forums.phpfreaks.com/topic/281879-multiple-url-parameters/#findComment-1448282 Share on other sites More sharing options...
mac_gyver Posted September 5, 2013 Share Posted September 5, 2013 (edited) A) moving this thread to the php help forum, as it has nothing to do with Regex B) one & in a query statement is a bitwise AND operator and is likely resulting in a value that matches every true value for an id and since your code assumes there will be only one row, you get the first row out of your table. use the AND logic operator (or use &&) in your query statement. edit: in the following code, a false $result doesn't mean that the data wasn't found, it means that the query failed due to an error. if (!$result) { die("Error: Data not found.."); } Edited September 5, 2013 by mac_gyver Quote Link to comment https://forums.phpfreaks.com/topic/281879-multiple-url-parameters/#findComment-1448293 Share on other sites More sharing options...
PaulRyan Posted September 5, 2013 Share Posted September 5, 2013 Try something like this, it provides some errors if data is missing or the query does not execute etc. <?PHP require('edb.php'); //### Assign and santize data $id = isset($_GET['id']) ? (int)$_GET['id'] : FALSE ; $activateCode = isset($_GET['ActivateCode']) ? mysql_real_escape_string(trim($_GET['ActivateCode'])) : FALSE ; //### Check to make sure both are set if(empty($id)) { echo 'ID is empty.'; } else if(empty($activateCode)) { echo 'Activate Code is empty.'; } else { //### Find the user $findUserQuery = "SELECT * FROM `eusers` WHERE `id` = {$id} AND `ActivateCode` = '{$ActivateCode}'"; $findUser = mysql_query($findUserQuery) or die(mysql_error()); //### Check if a row exists if(!mysql_num_rows($findUser)) { echo 'Error: Data Not Found.'; } else { //### Process the data $user = mysql_fetch_assoc($findUser); //### Display data for usage echo '<pre>'; print_r($user); echo '</pre>'; //### Now do whatever else needs done } } ?> I'd advise you move away from MySQL and move to MySQLi or PDO as soon as possible. MySQL will be removed from one of the upcoming versions of PHP. Quote Link to comment https://forums.phpfreaks.com/topic/281879-multiple-url-parameters/#findComment-1448297 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.