Page 1 of 1

a little confusion with looping inside a function

Posted: Tue Oct 10, 2006 4:02 am
by pgolovko

Code: Select all

function list_cats($parent,$categories,$lev,$num) {
	//print $lev."<br>";

	$space = "";
	for ($x = 0; $x < $lev; $x++) {
		$space .= "&nbsp;&nbsp;&nbsp;·&nbsp;";
		}
	$query = "SELECT * FROM categories WHERE parent=$parent ORDER BY `title` ASC LIMIT 0 , 1000000";
	$result = mysql_query($query);
	echo mysql_error();
	if (mysql_num_rows($result) <> ''){
		while ($row = mysql_fetch_array($result)) {
			$id = $row['id'];
			$title = $row['title'];
			$categories .= "<option value=\"$id\">$space$title</option>\n";
			$num++;
			$again = list_cats($id,$categories,$lev+1,$num);
			}
		}
	if($num <> mysql_num_rows($result)){
		return $again;
		}
	else{
		return $categories;
		}
	}

$smarty->assign('categories', list_cats(0,"",0,0));
It only returns categories of $lev = 0, while it should return categories of all levels. The whole level loop thing is correct, because it prints correct $lev if you uncomment it at the top. It should return categories of all levels, but it doesnt. What am I missing here?

Posted: Tue Oct 10, 2006 8:48 am
by Mordred

Code: Select all

if (mysql_num_rows($result) != 0){ 
                while ($row = mysql_fetch_array($result)) { 
                        $id = intval($row['id']); 
                        $title = htmlentities($row['title'], ENT_QUOTES); 
                        $categories .= "<option value=\"$id\">$space$title</option>\n"; 
                        $num++; 
                        $again = list_cats($id,$categories,$lev+1,$num); 
                        } 
    return $again;
}  else {
    return $categories;
}
Oh, and

Code: Select all

$query = "SELECT * FROM `categories` WHERE `parent`='$parent' ORDER BY `title` ASC";

Posted: Wed Oct 11, 2006 1:32 am
by pgolovko
Hmm, this doesnt seems to work either:

Code: Select all

function list_cats($parent,$categories,$lev) {

	print $lev.",";

	$space = "";
	for ($x = 0; $x < $lev; $x++) {
		$space .= "&nbsp;&nbsp;&nbsp;·&nbsp;";
		}
	$query = "SELECT * FROM `categories` WHERE `parent`='$parent' ORDER BY `title` ASC";
	$result = mysql_query($query);
	echo mysql_error();
	if (mysql_num_rows($result) != 0){ 
		while ($row = mysql_fetch_array($result)) { 
			$id = intval($row['id']); 
			$title = $row['title'];
			$categories .= "<option value=\"$id\">$lev$space$title</option>\n"; 
			$again = list_cats($id,$categories,$lev+1); 
			} 
		return $again; 
		}
	else{
		return $categories;
		}
	}

$smarty->assign('categories', list_cats(0,"",0));
This line:

Code: Select all

print $lev.",";
prints:

Code: Select all

0,1,1,1,1,1,1,1,1,1,1,2,3,2,2,2,1,2,
$categories only outputs:

Code: Select all

<option value="6">0Advertising</option>
<option value="10">0Audio</option>
<option value="9">0Content</option>
<option value="11">0Merc</option>
<option value="8">0Our office</option>
<option value="12">0Our pages</option>
<option value="4">0Programs</option>
<option value="7">0Public</option>
<option value="23">0Russian</option>
<option value="5">0Services</option>
<option value="13">0Staff</option>
<option value="15">1&nbsp;&nbsp;&nbsp;·&nbsp;test</option>
the categories display correctly when I print them instead of assigning value to $categories:

Code: Select all

//$categories .= "<option value=\"$id\">$lev$space$title</option>\n"; 
print "<option value=\"$id\">$lev$space$title</option>\n";
Here's what it prints and should have assigned to $categories:

Code: Select all

<option value="6">0Advertising</option>
<option value="10">0Audio</option>
<option value="9">0Content</option>
<option value="11">0Merc</option>
<option value="8">0Our office</option>
<option value="12">0Our pages</option>
<option value="4">0Programs</option>
<option value="7">0Public</option>
<option value="23">0Russian</option>
<option value="5">0Services</option>
<option value="14">1&nbsp;&nbsp;&nbsp;·&nbsp;test2</option>
<option value="19">2&nbsp;&nbsp;&nbsp;·&nbsp;&nbsp;&nbsp;&nbsp;·&nbsp;test6</option>
<option value="16">1&nbsp;&nbsp;&nbsp;·&nbsp;test3</option>
<option value="18">1&nbsp;&nbsp;&nbsp;·&nbsp;test5</option>
<option value="20">1&nbsp;&nbsp;&nbsp;·&nbsp;test7</option>
<option value="13">0Staff</option>
<option value="15">1&nbsp;&nbsp;&nbsp;·&nbsp;test</option>
I'm a bit confused here :?

Posted: Wed Oct 11, 2006 2:55 am
by Mordred
Ah, yes. Try this:

Code: Select all

while ($row = mysql_fetch_array($result)) { 
                        $id = intval($row['id']); 
                        $title = $row['title']; 
                        $categories .= "<option value=\"$id\">$lev$space$title</option>\n"; 
                        $categories .= list_cats($id,"",$lev+1); 
           } 
return $categories;

And also:

Code: Select all

SELECT `id`,`title` FROM
And use this:

Code: Select all

$title = htmlentities($row['title'], ENT_QUOTES);
not this:

Code: Select all

$title = $row['title'];

Posted: Wed Oct 11, 2006 3:30 am
by pgolovko
Thanks Mordred, it works now:

Code: Select all

function list_cats($parent,$categories,$lev) {
	$space = "";
	for ($x = 0; $x < $lev; $x++) {
		$space .= "&nbsp;&nbsp;&nbsp;·&nbsp;";
		}
	$query = "SELECT `id`,`title` FROM `categories` WHERE `parent`='$parent' ORDER BY `title` ASC";
	$result = mysql_query($query);
	echo mysql_error();
	if (mysql_num_rows($result) != 0){ 
		while ($row = mysql_fetch_array($result)) { 
                        $id = intval($row['id']); 
                        $title = $row['title']; 
                        $categories .= "<option value=\"$id\">$space$title</option>\n"; 
                        $categories .= list_cats($id,"",$lev+1); 
           		} 
		return $categories;
		}
	}

$smarty->assign('categories', list_cats(0,"",0));
The reason why I dont want to use htmlentities() is because some category titles have Russian characters, and that gives me odd looking output.

Posted: Wed Oct 11, 2006 3:42 am
by Mordred
strip_tags() at least then, otherwise you're open for XSS, unless you have 100% control over titles.