[SOLVED] _GET from URL Variable

[kyleldi]

Hi,

 

For some reason my code will not pull the information from the URL Variable (.php?dept=*).  Instead of displaying the results only pertaining to the called department it's displaying all departments... Any ideas?  I think my _GET statement is correct, but I guess that's where I'm most likely incorrect.

 

<?php require_once('../Connections/staff.php'); ?>
<?php
if (isset($_GET['dept'])) { //Page first accessed
	$dept =  $_GET['Department_Title']; 
}
if (isset($_POST['dept'])) {  //form has been submit
	$dept =  $_POST['Department_Title'];
}
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_staff, $staff);
$query_rs_name = "SELECT id, Name FROM staffdirectory ORDER BY Name ASC";
$rs_name = mysql_query($query_rs_name, $staff) or die(mysql_error());
$row_rs_name = mysql_fetch_assoc($rs_name);
$totalRows_rs_name = mysql_num_rows($rs_name);
?>

 

The code in the page calling in the table is (incase it helps)

<?php do { ?>
                        <tr>
                          <td><?php echo "<a href=\"viewstaff.php?id=".$row_rs_name['id']."\">".$row_rs_name['Name']."</a>"; ?></td>
                        </tr>
                        <?php } while ($row_rs_name = mysql_fetch_assoc($rs_name)); ?>

 

This part seems to be functional, for it's supposed to make a URL linking to individual ID, which it does.  So i'm lost...

[lemmin]

if (isset($_GET['dept'])) { //Page first accessed
	$dept =  $_GET['Department_Title']; 

Is there a GET value of Department_Title in your url? Like: .php?dept=*&Department_Title=* ?

If not, change that line to:

if (isset($_GET['dept'])) { //Page first accessed
	$dept =  $_GET['dept']; 

 

Same thing goes for the post.

[kyleldi]

I'm calling for the URL by department.php?dept=Engineering to access the department's employees.  I tried your code and it still doesn't seem to filter my results (shows me all employees).

 

if (isset($_GET['dept'])) { //Page first accessed
	$dept =  $_GET['dept']; 
}
if (isset($_POST['dept'])) {  //form has been submit
	$dept =  $_POST['Department_Title'];
}

 

The name of the field i'm pulling from is called Department_Title and i'm trying to use dept to call it (to make it shorter, of course)

[lemmin]

Where is this Department_Title field? Is it in a database? The $_GET and $_POST arrays only hold values that were passed by forms, using either the GET or POST method, respectively. To use the variable, $_GET['Department_Title'], you need to have an input element with the name="Department_Title" and you have to submit the form to that php page. Although, if you didn't you would get an error, so I will assume you do and that the problem is in your database query. You aren't giving it any criteria, you are simply selecting all the id's from the table. You probably need a WHERE id = '$dept'.

[kyleldi]

Now i actually get an error... Unknown column 'Engineering' in 'where clause'

 

I added where id = $dept

 

The column in my database is called Department_Title (which is what im trying to pull from).  This is how i'm attempting to get it now.

 

if (isset($_GET['dept'])) { //Page first accessed
	$dept =  $_GET['dept']; 
}
if (isset($_POST['dept'])) {  //form has been submit
	$dept =  $_POST['dept'];
}

 

I guess I don't understand what it is I'm not doing right.. sorry to sound so illiterate. 

[kyleldi]

After much tinkering, i'm getting a different error now.  You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1.  I am 99% certain that it's my query and/or get statement.  The column Department_Title is what I want 'dept=' to match up with.

 

My code:

 

<?php require_once('../Connections/staff.php'); ?>
<?php
if (isset($_GET['dept'])) { //Page first accessed
	$dept =  $_GET['Department_Title']; 
}
if (isset($_POST['dept'])) {  //form has been submit
	$dept =  $_POST['Department_Title'];
}
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_staff, $staff);
$query_rs_name = "SELECT id, Name FROM staffdirectory WHERE Department_Title = $dept";
$rs_name = mysql_query($query_rs_name, $staff) or die(mysql_error());
$row_rs_name = mysql_fetch_assoc($rs_name);
$totalRows_rs_name = mysql_num_rows($rs_name);
?>

[lemmin]

change this:

$query_rs_name = "SELECT id, Name FROM staffdirectory WHERE Department_Title = $dept";

 

to:

$query_rs_name = "SELECT id, Name FROM staffdirectory WHERE Department_Title =" . $dept;

[kyleldi]

Still getting the error w/ your change- is it possible the get script is incorrectly causing the error?

[lemmin]

Sorry, Try changing it one more time:

$query_rs_name = "SELECT id, Name FROM staffdirectory WHERE Department_Title ='" . $dept . "'";

 

Does the error say it is on line 1? If so, it might not be in this file because your query is definately not on line 1.

[kyleldi]

That did take care of the error, however it's not displaying any results.  It doesn't seem to matter if I use a URL variable or not.  Any ideas?

[lemmin]

Make sure the $dept variable contains EXACTLY what you are looking for in the Department_Title field. My suggestion is to print out $dept right befor you make your query and manually check in your table to see if that value exists.

[kyleldi]

Got it, there was an extra character.  Thank you so much