Jump to content

[SOLVED] Your way

Dane

By Dane
in PHP Coding Help

 Share

Recommended Posts

rajivgonsalves Newbie

rajivgonsalves

Posted
Posted

if you do not have any sort of checking it would execute the script consider a editprofile.php script we pass editprofile.php?id=1 to edit the profile of userid 1 if someone enters editprofile.php?id=2 it will show up with userid 2 but if you check that the user logged in is userid 1 and check it against the input and then terminate the script

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted
would u redirect them to the main url or just exit the script?

 

This generally depends on how you want your application to look. Its usually pretty nasty to simply kill the script, leaving the client with no idea what happend.

 

I would more likely choose to redirect them to a nice message stating what the problem was.

Link to comment
Share on other sites
helraizer Regular Member

helraizer

Posted
Posted

If there's only one ID then you should do something like :

 

<?php
if (!stristr($_SERVER['PHP_SELF'], "?id=1")) {
header ("Location: http://www.mysite.com/error.htm");
}
?>

 

-Or-

 

<?php
if (!stristr($_GET['id'],"1")) {
header ("Location: http://www.mysite.com/error.htm");
}
else {
//Your code for if the id is actually '1'
}
?>

 

That means if the id is anything but 1 it will redirect the user to the error message (as Thorpe suggested).

 

Sam

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted

Nothing says you even need to redirect.

 

<?php

  if (isset($_GET['id'])) {
    $id = mysql_real_escape_string($_GET['id']);
    if ($result = mysql_query("SELECT * FROM foo WHERE id = '$id'")) {
      if (mysql_num_rows($result)) {
        // success page goes here.
      } else {
        // no records found page goes here.
      }
    } else {
      // query failed page goes here.
    }
  } else {
    // default page goes here.
  }

?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.