If (var) contains (var)

He has: 578 posts

Joined: Jun 2004

I'm working on a CMS, and the info that is displayed is determined by what page id is in the url (ie: test.com/index?page=4). I want to pull all the id's out of the pages table (MySQL), save them in a variable, and then check if the page in the url is within that list. I also am still trying to figure out how to get all the id numbers from the table, which is set up like:

ID Name
1 Home
2 Products
3 Services

something like:

<?php
$pageids
= (list of all the page ids)

$page = $_GET['page']

if(
$pageids (contains) $page){
$page = $_GET['page']
}else{
$page = \"1\"
}
?>

Busy's picture

He has: 6,151 posts

Joined: May 2001

Wouldn't it be better to just check the url variable against what you have.
Your database could be megs big, putting all the info into an array (is how you'd do it) would suck up a lot of unnecessary resources.

She has: 31 posts

Joined: Jan 2006

Like Busy says, this seems like the long way round to me. Why not use a single mysql_query? It'd look something like:

$getPage=mysql_query("SELECT * FROM table WHERE id = {$_GET['id'} LIMIT 1");

if(mysql_num_rows($getPage)>0){
$page=$_GET['page'];
}else{
$page=1;
}

He has: 578 posts

Joined: Jun 2004

Could you break this down a bit? I think it does what I want, but I'm not positive.

The first line tells it to get information where the page id is whatever page the url says.
I think the second line is where it doesn't work. Doesn't this just check to make sure the page id number is greater than 0? I need it to be a number that exists in the list of pages.

Please correct me if I'm wrong, I'm really new at this, and I just have to say thanks for your help!

Greg K's picture

He has: 2,145 posts

Joined: Nov 2003

If you did just a copy and paste of his code then the problem is most likely just a missing ] after 'id' in the first line

<?php
{$_GET['id']}
?>

$getPage is not an actual value (number, text), but a reference to the sql call.

The second line is checking that reference to see how many rows were returned. If the page number someone requested is in your database, then 1 record will return, resulting in 1, if not match was found, it will return 0. Not atually checking the page number, but how many times found in the database.

-Greg

He has: 578 posts

Joined: Jun 2004

Ok, so it is checking the variable $getPage against the number of rows. I assume it's making sure that $getPage is somewhere in the number of rows, right?

Could you just rephrase this last sentence?

Not atually checking the page number, but how many times found in the database.

Busy's picture

He has: 6,151 posts

Joined: May 2001

$getPage=mysql_query("SELECT * FROM table WHERE id = {$_GET['id']} LIMIT 1");
$getPage contains the result of the database query (table is the database tables name), Limit 1 just gets one result as there should only be one.
The $_GET['id'] is the value passed in the URL: webpage.com?id=1234, this is checked for in the mysql_query

if(mysql_num_rows($getPage)>0){
if the results is true - found a match
$page=$_GET['page'];
display whatever is related or whatever you do
}else{
$page=1;
}

no result was found so show default of something

He has: 578 posts

Joined: Jun 2004

I'll just play with the code to see, but my exact question is:

mysql_num_rows($getPage)>0

Is this checking if the number of rows in the table is greater than zero? If not, what is it checking?

He has: 578 posts

Joined: Jun 2004

Update! I think I've got it. I think that I understand what the code in my above post does, but I think I finally figured out how to check this thing!

<?php
   
// Define \"page\" Variable
   
$page = $_GET['page'];
   
$getrownums = mysql_query(\"SELECT * FROM pages\", $database);
   
    // Check \"page\" for Malicious Code
    if( (isset(
$page)) && (is_numeric($page)) && (mysql_num_rows($getrownums)==$page) ){
       
$page = $_GET['page'];
        }else{
       
$page = \"1\";
        }
?>

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.