Page 1 of 1

reconstruct url using $_SERVER['QUERY_STRING']

Posted: Tue Sep 11, 2007 3:28 pm
by lafflin
Hello Good people, I am trying to reconstruct a long set of $_GET values to be used again within the same form. The reason I am doing this is for pagination links and many sortable links.
I'm not going to post my code because it is too long for anyone to want to read, and because I know that many of you more experienced developers will know exactly what I am talking about.

On my page when the "next page" link is clicked or when I click on any of the "sort" links my my query runs again and sorts the rersults accordingly, but without the previous query parameters specified. It simply leaves all values blank and sorts the results.

I fully understand why this is happeneing, but I don't know how to make it do what I want, which as you can guess would be to save the search criteria and run the query again with the appropriate sort or order condition.

I am still new to PHP, MySQL, and any type of developement in general. I have been researching for about a day now and I just haven't found my answer.
I know that I can use the $_SERVER['QUERY_STRING'] function, but what happens is that after doing so more than once my UTRL starts to repeat whichever data I append to the URL.
For instance prior to using $_SERVER['QUERY_STRING'] my URL looks like this:
http://localhost/Studio_manager/view_us ... bmit&subd=

then using this code to make my links:

Code: Select all

$my_url = '?' . $_SERVER['QUERY_STRING'];
    

    

  //-------------------------------------------------------var_dump ($num_pages);

// Make the links to other pages, if necessary.
if ($num_pages > 1) {
	
	echo '<br /><p>';
	// Determine what page the script is on.	
	$current_page = ($start/$display) + 1;
	
	// If it's not the first page, make a Previous button.
	if ($current_page != 1) {
		echo '<a href="/Studio_manager/view_users.php'  ;
		echo $my_url ;
		echo '&s='. ($start - $display) . '&np=' . $num_pages . '&sort=' . $sort .'">Previous</a> ';
	}
	
	// Make all the numbered pages.
	for ($i = 1; $i <= $num_pages; $i++) {
		if ($i != $current_page) {
		echo '<a href="/Studio_manager/view_users.php'  ;
		echo $my_url ;
		echo (($display * ($i - 1))) . '&np=' . $num_pages . '&sort=' . $sort .'">' . $i . '</a> ';
		} else {
			echo $i . ' ';
		}
	}
	
	// If it's not the last page, make a Next button.
	if ($current_page != $num_pages) {
		echo '<a href="/Studio_manager/view_users.php'  ;
		echo $my_url ;
		echo '&s='. ($start + $display) . '&np=' . $num_pages . '&sort=' . $sort .'">Next</a>';
	}
I get a functioning next and previous button as well as pagination when appropriate,
after clicking on the "next" button I get a url like this:

http://localhost/Studio_manager/view_us ... first_name

at this point all is good, but then if I click on the "previous" sort link I get the following:

http://localhost/Studio_manager/view_us ... first_name

and it will just continue to grow. each time the link on that page is clicked, how can I get it to replace the query string instaed of appending to it?

Sorry for the long post!.
Thanks for reading all that.

Posted: Tue Sep 11, 2007 4:01 pm
by Christopher
I would recommend a couple of things:

- Use $_GET to access all of the parameters from each request.

- Write a function that builds URL that include all the state values previously passed in $_GET, plus adds the parameters unique to that link.

- Think about saving the state information in the session rather than passing it in every link.

Posted: Tue Sep 11, 2007 4:03 pm
by mrkite
One way to do it is:

Code: Select all

$_GET['s']=$start+$display;
$nextquery=http_build_query($_GET);
echo "<a href='wherever.php?{$nextquery}'>...</a>";
Another way to do it is to do something like:

Code: Select all

$query=$_SERVER['QUERY_STRING'];
$query=preg_replace('{&q=[^&]*}','',$query);

$query.="&s=".urlencode($start+$display);

echo "<a href='wherever.php?{$query}'>...</a>";
Some people would find both approaches objectionable. There's no verification on user-submitted data. The proper way would probably be build out an array with exactly the variables you want, and use http_build_query to build it into a query.

Posted: Tue Sep 11, 2007 4:18 pm
by lafflin
Thanks for the idea's, it'll take me a while to play with them and understand, when I do I will post back to let you know how I used the advice.
Also I should have mentioned, this form and script will not be accessed by the pulic, but only by a select few users as part of an administrative interface, so security isn't a top concern, error free functionality however still is. Perhaps i will end up using seeions, but I am inexperienced and I'd have to research and figure out how to overwrite each session value each time the page is submitted and to erase all the session values when the user exits the page. But I will certainaly consider it.

Posted: Tue Sep 11, 2007 5:16 pm
by Christopher
Slap together some code and post it. It is a common enough problem that you will get good input on it. There are also a couple of pager scripts in in these forums if you search (I even recall doing a long pager thread with timvw here).

As for clearing the session, usually that is done when you enter the pager because that is the only request that has no paging parameters so it is easy to detect.

And remember, security is a habit and defense in depth is the best practice.

Posted: Tue Sep 11, 2007 7:10 pm
by lafflin
Wow Arborint, I cant even follow that code in that thread, I've been studying up on PHP and MySQL for about a month now and I can't follow OOB code assuming that's what I was just reading. I hope to eventually be a proficient PHP developer, but at the moment I'm not even able to understand many of the things that you're telling me. I will however read it again and again to pick up what I can from it. I appreciate the advice very much. I will post the code that I do have, it does work and the pagination links do work using the http_build_query technique that mrkite sugested.

mrkite, that you very much for introducing me to those two fuctions. my code is working however I still need to go through my "sort by" column header links and implement the http_build_query technique that I just learned thanks to you.

I will now post my entire script for anyone who might find something useful in it. It is still in draft form, and as I said I need to change the "sort by" links. feel free to comment on this code, this is my first project and I'm open to any advice anyone has.

Code: Select all

<?php # Script 8.6 - view_users.php 


require_once ('./includes/mysql_connect.php'); // Connect to the db.

$page_title = 'search students';
include ('./includes/header.inc.htm');

// Page header.
//echo '<h1 id="mainhead">Search Students</h1>';

/*+++++++++++++++++++++++++++++++++++++++++++++++++++++make a form+++++++++++++++++++++++++++++++++++++++++++++++++++++++*/

echo '<h1 id="mainhead" align="center">Search Students</h1>';
echo'
<form action="view_users.php" method="GET">
<table align ="center">
<tr align ="right">
     <td>
	 <label> First Name </label><input name="fn" type="text" maxlength="16" /><br/><br/>
	 <label> Class </label><input name="class" type="text"   maxlength="16" />
	 </td>
     <td>
     <label> Last Name </label><input name="ln"  type="text"  maxlength="16" /><br/><br/>
	 <label> phone </label><input name="phone" type="text"   maxlength="16" />
	 </td>
	 <td>
     <label> Parent </label><input name="parent" type="text"   maxlength="16" /><br/><br/>
	 <label> Email </label><input name="email" type="text"   maxlength="16" />
	 </td>

</tr>
<tr align="left">
   <td>
<input name="active" type="radio" name ="active" value="N" /><label for "active"><label for "active"> Inactive</label><br/>
<input name="active" type="radio" name ="active" value="AoN " />    <label for "both"> both</label>
    </td>
</tr>
<tr >
   <td> </td><td> 
<div align="center">
<input type="submit" name="Submit" value="Submit" accesskey="z" id="Submit" />
</div>
 </td><td> </td>
  </tr>
  

<input type="hidden" name="subd" />
';  
if (isset($_GET['active']))   {   
$active = $_GET['active'];  
      if ($active == N) {  $active = "'N'" ;
	                       } 
						     else
							       { $active = "'A' OR s.active = 'N'"  ;
							                   }
						      } else
                                    { $active = "'A'"    ;}
                                 
$query_get_classes = "select name from classes";

$result0 = mysql_query ($query_get_classes) or die($query_get_classes); // Run the query.

if ($result0) { // If it ran OK, display the records.    
	echo '<table align="right"><tr><td>' ;
	// Fetch and print all the records.
	while ($row = mysql_fetch_array($result0, MYSQL_ASSOC)) {
		echo '<input type = "checkbox" name = "classes[]" value = "'.$row['name'].'" id="'.$row['name'].'"/><label for "'.$row['name'].'">'.$row['name'].'</label><br/>' ;
	}
	echo '</tr></td></table></form>' ;
	            }
/*++++++++++++++++++++++++++++++++++++++++++++++++++End of Form++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
$start = 0;
$display = 10;


if(isset($_GET['subd']) or ($_GET['s']) or ($_GET['sort']))  /*---------------------------------------------------------------------------------------*/   {


/*-----------------------------------Format the classes chosen variable for insertion into the query----------------*/
				if (isset($_GET['classes']))  {   $classes_selected = ' AND (c.name = ' ;

$boxes = $_GET['classes'];



foreach ($boxes as $key=>$class)  
              { if ($classes_selected == ' AND (c.name = ') {  $classes_selected .= '\''.$class.'\'' ;}
                                                             else {$classes_selected .= 'OR c.name = \''.$class.'\'' ;}                                
								   }
								     $classes_selected .= ')' ;
                                    } else {$classes_selected = ' ' ;}
									
									
// Number of records to show per page:


// Determine how many pages there are. 
if (isset($_GET['np'])) { // Already been determined.
	$num_pages = $_GET['np'];
} else { // Need to determine.

 	// Count the number of records
	$query9 = "SELECT  COUNT(s.sid) 
	
	
FROM student_info s
LEFT JOIN student_parent sp
USING ( sid ) 
LEFT JOIN parent_info p
USING ( pid ) 
LEFT JOIN classes_students cs
USING ( sid ) 
LEFT JOIN classes c
USING ( cid ) 

	WHERE
	        ( s.first_name LIKE '%".trim($_GET['fn'])."%'
			AND s.last_name LIKE '%".trim($_GET['ln'])."%' 
			AND  p.parent_name LIKE '%".trim($_GET['parent'])."%'
			)
		    AND  
			( p.home_phone LIKE '%".trim($_GET['phone'])."%'
			OR
			p.cell_phone LIKE '%".trim($_GET['phone'])."%'
			OR
			p.other_phone  LIKE '%".trim($_GET['phone'])."%'  )
			
			 AND (s.active = $active)
			 $classes_selected 
		    
			   ";
			   
			   /*	
FROM student_info s
LEFT JOIN student_parent sp
USING ( sid ) 
LEFT JOIN parent_info p
USING ( pid ) 
LEFT JOIN classes_students cs
USING ( SID ) 
LEFT JOIN classes c
USING ( cid ) 

	WHERE
	        s.first_name LIKE '%".trim($_GET['fn'])."%' AND s.last_name LIKE '%".trim($_GET['ln'])."%' and  p.parent_name LIKE '%".trim($_GET['parent'])."%'  $classes_selected ";
			
			*/
		
		
	$result9 = mysql_query ($query9);
	$row9 = mysql_fetch_array ($result9, MYSQL_NUM);
	$num_records = $row9[0];


	// var_dump($result9);
	//var_dump($display);

	// Calculate the number of pages.
	if ($num_records > $display) { // More than 1 page.
		$num_pages = ceil ($num_records/$display);
	} else {
		$num_pages = 1;
	}
	
} // End of np IF.

// Determine where in the database to start returning results.
if (isset($_GET['s'])) {
	$start = $_GET['s'];
} else {
	$start = 0;
}

// Default column links.
$link1 = "{$_SERVER['PHP_SELF']}?sort=sida";
$link2 = "{$_SERVER['PHP_SELF']}?sort=fna";
$link3 = "{$_SERVER['PHP_SELF']}?sort=lna";
$link4 = "{$_SERVER['PHP_SELF']}?sort=cna";
$link5 = "{$_SERVER['PHP_SELF']}?sort=doba";
$link6 = "{$_SERVER['PHP_SELF']}?sort=sexa";
$link7 = "{$_SERVER['PHP_SELF']}?sort=pna";
$link8 = "{$_SERVER['PHP_SELF']}?sort=rda";

// Determine the sorting order.
if (isset($_GET['sort'])) {

	// Use existing sorting order.
	switch ($_GET['sort']) {
		case 'sida':
			$order_by = ' ORDER BY sid ASC';
			$link1 = "{$_SERVER['PHP_SELF']}?sort=sidd";
			break;
		case 'sidd':
			$order_by = ' ORDER BY sid DESC';
			$link1 = "{$_SERVER['PHP_SELF']}?sort=sida";
			break;
		case 'fna':
			$order_by = ' ORDER BY first_name ASC';
			$link2 = "{$_SERVER['PHP_SELF']}?sort=fnd";
			break;
		case 'fnd':
			$order_by = ' ORDER BY first_name DESC';
			$link2 = "{$_SERVER['PHP_SELF']}?sort=fna";
			break;
		case 'lna':
			$order_by = ' ORDER BY last_name ASC';
			$link3 = "{$_SERVER['PHP_SELF']}?sort=lnd";
			break;
		case 'lnd':
			$order_by = ' ORDER BY last_name DESC';
			$link3 = "{$_SERVER['PHP_SELF']}?sort=lna";
			break;
		case 'cna':
			$order_by = ' ORDER BY name ASC';
			$link4 = "{$_SERVER['PHP_SELF']}?sort=cnd";
			break;
		case 'cnd':
			$order_by = ' ORDER BY name DESC';
			$link4 = "{$_SERVER['PHP_SELF']}?sort=cna";
			break;
		case 'doba':
			$order_by = ' ORDER BY dob ASC';
			$link5 = "{$_SERVER['PHP_SELF']}?sort=dobd";
			break;
		case 'dobd':
			$order_by = ' ORDER BY dob DESC';
			$link5 = "{$_SERVER['PHP_SELF']}?sort=doba";
			break;
		case 'sexa':
			$order_by = ' ORDER BY sex ASC';
			$link6 = "{$_SERVER['PHP_SELF']}?sort=sexd";
			break;
		case 'sexd':
			$order_by = ' ORDER BY sex DESC';
			$link6 = "{$_SERVER['PHP_SELF']}?sort=sexa";
			break;
		case 'pna':
			$order_by = ' ORDER BY parent_name ASC';
			$link7 = "{$_SERVER['PHP_SELF']}?sort=pnd";
			break;
		case 'pnd':
			$order_by = ' ORDER BY parent_name DESC';
			$link7 = "{$_SERVER['PHP_SELF']}?sort=pna";
			break;
		case 'rega':
			$order_by = ' ORDER BY reg_date DESC';
			$link8 = "{$_SERVER['PHP_SELF']}?sort=rdd";
			break;
		case 'regd':
			$order_by = ' ORDER BY reg_date DESC';
			$link8 = "{$_SERVER['PHP_SELF']}?sort=rda";
			break;
		default:
			$order_by = 'ORDER BY sid';
			break;
	}
	
	// $sort will be appended to the pagination links.
	$sort = $_GET['sort'];
	
} else { // Use the default sorting order.
	$order_by = ' ORDER BY sid ASC';
	$sort = 'first_name';
}  //------------------end of isset sort--------------	



// Make the query.
$query = "SELECT  s.sid, s.first_name, s.last_name, s.sex, s.dob, s.reg_date, s.active, p.parent_name, p.2nd_parent_name, p.email, p.home_phone, p.cell_phone, p.other_phone, p.emergency_contact_info, p.street_address, p.street_address_line_2, p.city, p.zip, c.name
FROM student_info s
LEFT JOIN student_parent sp
USING ( sid ) 
LEFT JOIN parent_info p
USING ( pid ) 
LEFT JOIN classes_students cs
USING ( sid ) 
LEFT JOIN classes c
USING ( cid ) 

	WHERE
	        ( s.first_name LIKE '%".trim($_GET['fn'])."%'
			AND s.last_name LIKE '%".trim($_GET['ln'])."%' 
			AND  p.parent_name LIKE '%".trim($_GET['parent'])."%'
			)
		    AND  
			( p.home_phone LIKE '%".trim($_GET['phone'])."%'
			OR
			p.cell_phone LIKE '%".trim($_GET['phone'])."%'
			OR
			p.other_phone  LIKE '%".trim($_GET['phone'])."%'  )
			
			 AND (s.active = $active)
			 $classes_selected 
		    $order_by LIMIT $start,
		    $display 
			   "; 
			   
			  
		  
echo '<table align="center" cellspacing="0" cellpadding="5">
<tr bgcolor="#ffffff">
	
	<td align="center"><b><a href="' . $link1 . '">SID</a></b></td><td><font color ="#000000">::</font></td>
	<td align="center"><b><a href="' . $link2 . '">First Name</a></b></td><td><font color ="#000000">::</font></td>
	<td align="center"><b><a href="' . $link3 . '">Last Name</a></b></td><td><font color ="#000000">::</font></td>
	<td align="center"><b><a href="' . $link4 . '">Class</a></b></td><td><font color ="#000000">::</font></td>
	<td align="center"><b><a href="' . $link5 . '">DOB</a></b></td><td><font color ="#000000">::</font></td>
	<td align="center"><b><a href="' . $link6 . '">Sex</a></b></td>
	</tr>
	<tr bgcolor="#ffffff">
	<td align="center"><b><a href="' . $link7 . '">Parent</a></b></td><td><font color ="#000000">::</font></td>
	<td align="center"><b><a href="' . $link8 . '">Registration Date</a></b></td>
	<td align="center"></td>
	<td align="center"></td>
	<td align="center"></td>
	<td align="center"></td>
	<td align="center"></td>
	<td align="center"></td>
	<td align="center"></td>
	<td align="center"></td>
</tr>
';

$result = mysql_query ($query) or die($query); // Run the query.

//die($query);
if ($result) { // If it ran OK, display the records.    


	// Table header.
	echo //'<table align="center" cellspacing="0" cellpadding="5">
	'<tr  height ="4px" bgcolor ="#bbbbbb"><td colspan="11"></td></tr>';
	
	// Fetch and print all the records.
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
  echo '<tr height="2px" bgcolor="#000000"><td colspan ="12"></td></tr>
        <tr bgcolor="#770000">'
	      . '<td align ="center">'.$row['sid'].'</td>
		       <td><font color ="#000000">::</font></td>
			 <td align="center">'.$row['first_name'] . '</td>
			   <td><font color ="#000000">::</font></td>
			 <td align="center">' . $row['last_name'] .'</td>
			   <td><font color ="#000000">::</font></td>
			 <td align="center">'.$row['name']. '</td>
			   <td><font color ="#000000">::</font></td>
			 <td align ="center"> DOB: '.$row['dob'].'</td>
			   <td><font color ="#000000">::</font></td> 
			 <td align ="center">'.$row['sex'].'</td>
			   <td align ="center">'   ;
   echo '<a href="view_edit.php?sid=' . $row['sid'] .'">VIEW</a> </td>';
	echo	' </tr>
		 <tr bgcolor="#700000"> 
		     <td align="center"><P> ' . $row['parent_name'] . '</P></td>
			   <td><font color ="#000000">::</font></td>
			 <td align="center"><p>Registered: ' . $row['reg_date'] . '</p></td>
	     </tr>';
	}

	//echo '</table>';
	
	mysql_free_result ($result); // Free up the resources.	
	

mysql_close(); // Close the database connection.

  ;/*-------------------------------------------------End of IF subd-------------------------------------------------*/ 

  //var_dump ($num_pages);

// Make the links to other pages, if necessary.
if ($num_pages > 1) {
	
	echo '<br /><p>';
	// Determine what page the script is on.	
	$current_page = ($start/$display) + 1;
	
	
	if ($current_page != 1) {    // If it's not the first page, make a Previous button.
	
	
	$_GET['s']=$start-$display; 
$nextquery=http_build_query($_GET); 
echo '<a href="view_users.php?' . $nextquery.'">Previous</a>';
		
	}                     //     END If it's not the first page, make a Previous button.
	
	                              
	for ($i = 1; $i <= $num_pages; $i++) {   // IF needed Make all the numbered pages
		if ($i != $current_page) {
		$_GET['s'] = (($display * ($i - 1))); 
		$nextquery=http_build_query($_GET);
			echo '<a href="view_users.php?' . $nextquery.'">' . $i . '</a> ';
		} else {
			echo $i . ' ';
		}
	}                                         // END  IF needed Make all the numbered pages

	
	// If it's not the last page, make a Next button.
	if ($current_page != $num_pages) {
		$_GET['s']=$start+$display; 
$nextquery=http_build_query($_GET);
		echo '<a href="view_users.php?' . $nextquery.'">Next</a>';
	}
	
	echo '</p>';

} // End of links section.
}
echo '</table>';
}
die  ($query);


include ('./includes/footer.inc.htm'); // Include the HTML footer.
?>