What am I missing?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
fried
Forum Newbie
Posts: 16
Joined: Tue Sep 08, 2009 5:43 am

What am I missing?

Post by fried »

I have a problem with this piece of code. The id in the Href works fine but it doesn't return anything when I use GET. I used the echo $id just to check and there appears to be nothing sent.

Code: Select all

$cmd=$_GET['cmd'];
$id=$_GET['id'];
if (isset($cmd))
{
if ($cmd=="change"){
        echo $id;
        $query = "SELECT category_name FROM gallery_category WHERE category_id= '".$id."'";
        $result = mysql_query($query) or die(mysql_error());
        $row = mysql_fetch_row($result);
 
        $sessiontheme = $row[0];
        echo $sessiontheme;
    }
}
 
$queryc = "SELECT category_id,category_name, valid FROM gallery_category";
$resultc = mysql_query($queryc) or die(mysql_error());
while ($rowc = mysql_fetch_array ($resultc)){
    
    if($rowc['valid']==1) {$sessiontheme = $rowc["category_name"];
    }
    else{   
            echo '<a href="latest.php?cmd=change&id ='.$rowc[0].'" name="'.$rowc[1].'" target="_self" >'.$rowc[1].''.$rowc[0].'</a><br/>';
    }
I'm sure I fundamentally misunderstand how something works. Thanks.
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Re: What am I missing?

Post by John Cartwright »

Try it without the whitespace after id, i.e.,

Code: Select all

echo '<a href="latest.php?cmd=change&id='.$rowc[0].'" name="'.$rowc[1].'" target="_self" >'.$rowc[1].''.$rowc[0].'</a><br/>';
Although, your script is vulnerable to SQL injection. You should consider casting your integer variables with (int) and/or pass all strings into the query through mysql_real_escape_string()
fried
Forum Newbie
Posts: 16
Joined: Tue Sep 08, 2009 5:43 am

Re: What am I missing?

Post by fried »

Thanks guys, rookie error :D
Post Reply