Page 1 of 1

Question about using global varibles in functions

Posted: Fri Jan 09, 2004 8:30 pm
by toni
I'm learning about using PHP and MySQL in order to put together a website that displays content according to permissions that have been set based on their subscription. Currently, I have set it up to retrieve their permissions and then use the eregi() function to see if they have a specific permission. This is what part of it looks like:

PHP:

Code: Select all

<?php
global $ROW_GLOBAL;

$sessionID = $_COOKIE[SessionID];
$MySQL = mysql_connect ('localhost', 'dbname', 'dbpassword') or die ('I cannot connect to the database because: ' . mysql_error());


$permissionscheck = "SELECT permissions FROM sessions WHERE sessionID = '$sessionID'";
$result=mysql_db_query('dbtable', $permissionscheck, $MySQL);
$ROW_GLOBAL=mysql_fetch_array($result);

function writeContent(){
if (eregi("Q1",$ROW_GLOBAL[0])){
print("Permission specific content written here");
}else{
print("No matching permissions");
}
}
mysql_close ($MySQL);
?php>
<?php writeContent() ?>




I don't see any errors when I run this code but instead of printing the content it prints the 'else' string. I think have narrowed it down to the variable. The If statement works just fine outside of the function. For example, if I comment out the function details like this:

PHP:

Code: Select all

<?php
//function writeContent(){
if (eregi("Q1",$ROW_GLOBAL[0])){
print("Permission specific content written here");
}else{
print("No matching permissions");
}
//}
?php>


This works just fine. I'm trying to put it into a function to eliminate some of the If statements.
Do any you happen to know what I might be doing wrong? The $ROW_GLOBAL variable contains none of the information from the variable outside the function. I've included my PHP info below.

Any help is appreciated.
Thank you!

PHP Version: 4.3.2
Display Errors: On
Error Level: Not E_ALL
Register Globals: On

Posted: Fri Jan 09, 2004 8:41 pm
by Fataqui
Hi


What does 'permissions', look like in your database? Does it just contain 'Q1', I ask this because I am trying to understand why you use eregi() in your function! Also you would better to pass the 'permissions' value to your function writeContent(); as there is no need to create a global when you really do not need it!


If you want me to write an example of how I would do this just tell me!


F!

Posted: Fri Jan 09, 2004 8:55 pm
by toni
The permissions field contains Q1, Q2, etc. more or less depending on the user. I'm using eregi() so that I can see if the permissions contain "Q1" for content specific to that permission. Does that make sense? (Sometimes it's hard to explain things exactly)

If you don't mind explaining to me what you mean, I would be grateful.

Thanks

Posted: Fri Jan 09, 2004 9:24 pm
by Fataqui
Hi


try this and tell me how it goes!

Code: Select all

<?php


	$sessionID = $_COOKIE['SessionID'];

	mysql_connect('localhost', 'db_user', 'dbpassword') or die ('Connection Error: ' . mysql_error());

	mysql_select('db_name') or die('Select Database Error: ' . mysql_error());
     
	$sql = "SELECT permissions FROM sessions WHERE sessionID = '" . $sessionID . "'";

	$result = mysql_query($sql) or die('Query Error: ' . mysql_error());

	if (mysql_num_rows($result) == 0)
	{

	die('Query returned *0* results');

	}
	else
	{

	$row = mysql_fetch_assoc($result);

	echo writeContent($row['permissions']);

	}


	function writeContent($this)
	{

		if (preg_match("!Q1!is", $this))

		{ 

			return("Permission specific content written here");

		}
		else
		{

			return("No matching permissions");

		}
	}

?>

F!

Thanks

Posted: Mon Jan 12, 2004 9:22 am
by toni
Thank you for posting that code. I tried it out and it seems to work.
Iif you don't mind, would you explain what you did and how the preg_match works, I would be grateful. I found out what the preg_match does, but it would be helpful if you could explain the code. I find that if I understand something, it makes it easier to fix when I come across a problem.

Thanks again!

Posted: Mon Jan 12, 2004 9:56 am
by McGruff
Some ideas.

Most scripts are going to repeat the chunk of db connection code. It's better to wrap this up in a function: the code is written just once and so, if you need to change it, you have just one edit to make rather than possibly hundreds of files to edit.

Also, take a look at the mysql privileges system: you might want two or three flavours of dbConnect(), eg a user conn with minimal privieleges, an admin conn with greater privileges etc.

Code: Select all

<?php

function dbConnect()
{
    $MySQL = mysql_connect ('localhost', 'dbname', 'dbpassword') or die ('I cannot connect to the database because: ' . mysql_error());
}

?>
It's very important to make user input safe before using in a db query. If it should be an integer, intval() will strip out any nastiness or use mysql_escape_string() if a string is expected.

Code: Select all

<?php

$sessionID = mysql_escape_string($_COOKIE[SessionID]);

?>
Storing several values in one db column breaks database normalisation rules: http://www.oreilly.de/catalog/javadtabp ... r/ch02.pdf

Unless you really need the power of regex, use a string function. substr_count() might be a good option.

Posted: Mon Jan 12, 2004 10:02 am
by krash_control
Hi McGruff, I noticed your post that you deleted the original post. So I hope this helps, I still had it in my history. Feel free to delete it if it's irrelevant.

BTW Nice forum
toni's original post wrote: I'm learning about using PHP and MySQL in order to put together a website that displays content according to permissions that have been set based on their subscription. Currently, I have set it up to retrieve their permissions and then use the eregi() function to see if they have a specific permission. This is what part of it looks like:

PHP:


<?php
global $ROW_GLOBAL;

$sessionID = $_COOKIE[SessionID];
$MySQL = mysql_connect ('localhost', 'dbname', 'dbpassword') or die ('I cannot connect to the database because: ' . mysql_error());


$permissionscheck = "SELECT permissions FROM sessions WHERE sessionID = '$sessionID'";
$result=mysql_db_query('dbtable', $permissionscheck, $MySQL);
$ROW_GLOBAL=mysql_fetch_array($result);

function writeContent(){
if (eregi("Q1",$ROW_GLOBAL[0])){
print("Permission specific content written here");
}else{
print("No matching permissions");
}
}
mysql_close ($MySQL);
?>

<?php writeContent() ?>




I don't see any errors when I run this code but instead of printing the content it prints the 'else' string. I think have narrowed it down to the variable. The If statement works just fine outside of the function. For example, if I comment out the function details like this:

PHP:

<?php
//function writeContent(){
if (eregi("Q1",$ROW_GLOBAL[0])){
print("Permission specific content written here");
}else{
print("No matching permissions");
}
//}
?>



This works just fine. I'm trying to put it into a function to eliminate some of the If statements.
Do any you happen to know what I might be doing wrong? The $ROW_GLOBAL variable contains none of the information from the variable outside the function. I've included my PHP info below.

Any help is appreciated.
Thank you!

PHP Version: 4.3.2
Display Errors: On
Error Level: Not E_ALL
Register Globals: On

Re: Question about using global varibles in functions

Posted: Mon Jan 12, 2004 10:07 am
by qads
McGruff wrote:I can't believe I did that.
LOL...been drinking agian McGruff? :twisted: lol..how many times did u say the "F" word after doing it? :P

Posted: Mon Jan 12, 2004 10:10 am
by McGruff
Fixed now. Thanks krash!

Posted: Tue Jan 13, 2004 10:30 am
by toni
McGruff,

Thank you for your ideas. I'm implementing the database function as recommended. I'm also continuing to learn more about databases as I go, so I should be able to make the database a bit more conventional in the future. Thank you for pointing out that normalization detail.

Thanks.