Defining a default page for wrongly passed enquiries

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
kdidymus
Forum Contributor
Posts: 196
Joined: Tue May 13, 2008 3:37 am

Defining a default page for wrongly passed enquiries

Post by kdidymus »

Folks.

I'm nearly there. My site is up and running and now I just have to add all of the entries to the database. Thank you for all of your help.

HOWEVER!

Quick query you may be able to help with.

Take a look at my site at http://www.didymus.org.uk/tree.php

If you enter an invalid URL in to the QIK-JUMP box (i.e. 999 or 000) you'll see that the iframe on the right simply becomes blank.

What I WANT to do is tell PHP that if there is no data in the MySQL database using the key entered, to display a default page (i.e. "Sorry, the page you requested doesn't exist).

Any idea how to do this?

Here is the code for my display.php page which is the one I would need to change:

Code: Select all

<?php
/* Program: display.php
 * Desc:    Displays all details of selected individual.
 */
?>
<html>
<head><title>Individual Biographical Information</title></head>
<body topmargin="0" leftmargin="0" rightmargin="0" bottommargin="0" style="border-style: solid; border-width: 1px">
<?php
include_once("*******.inc.php");
  $cxn = mysql_connect($host,$user,$password)
         or die ("couldn't connect to server");
  mysql_select_db($database);
  $urn=$_GET['urn'];  //urn passed by hyperlink
  $urn = strtoupper($urn);
  $query = "SELECT * FROM tree WHERE urn='$urn'";
  $result = mysql_query($query)
            or die ("Couldn't execute query.");
  $link = "http://www.didymus.org.uk/display.php?urn=";
  $rowht = "valign='top'";
  $rowcl = "bgcolor='#CCFFCC' valign='top'";
  $text = "font face='Arial' size='1'";
  $hltext = "font face='Arial' size='1' color='#000000'";
  $nw = "nowrap";
 
  /* Display results in a table */
  $urn = ucfirst($urn);
  while($row = mysql_fetch_assoc($result))
  {
     extract($row);
  echo "<p align='center'><font face='Arial' size='3'><b>$surname, $forename $middlenames ($yearofbirth)</font></b><br><font face='Arial' size='1'>- B I O G R A P H I C A L&nbsp;&nbsp;&nbsp;D E T A I L S -</p>";
  echo "<table cellspacing='0' width='450'  align='center'>";
  echo "<tr><td colspan='3'><hr /></td></tr>";
  echo "<tr><td colspan='3' align='center'><a href='census.php?urn=$urn'><img border='0' src='$census'></a><a href='certs.php?urn=$urn'><img border='0' src='$certificates'></a><img border='0' src='tree/graphics/bio_off.gif'><a href='photos.php?urn=$urn'><img border='0' src='$photographs'></a><a href='stories.php?urn=$urn'><img border='0' src='$scrapbook'></a></td></tr>";
  echo "<tr><td colspan='3'><hr /></td></tr>";
     echo " <tr>\n
            <td $rowht  $nw><$text><b>URN:</font></b></td><td><$text>$urn</font></td>\n
        <tr $rowcl><td $nw><$text><b>SURNAME:</font></b></td><td><$text>$surname</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>FORENAME(S):</font></b></td><td><$text>$forename $middlenames</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>DATE OF BIRTH:</font></b></td><td><$text>$dateofbirth</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>PLACE OF BIRTH:</font></b></td><td><$text>$placeofbirth</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>MOTHER:</font></b></td><td><a href='$link$motherurn'><$hltext>$mother</a>
</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>FATHER:</font></b></td><td><a href='$link$fatherurn'><$hltext>$father</a></font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>SIBLINGS:</font></b></td><td><a href='$link$sibling1urn'><$hltext>$sibling1</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling2urn'><$hltext>$sibling2</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling3urn'><$hltext>$sibling3</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling4urn'><$hltext>$sibling4</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling5urn'><$hltext>$sibling5</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling6urn'><$hltext>$sibling6</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling7urn'><$hltext>$sibling7</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling8urn'><$hltext>$sibling8</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling9urn'><$hltext>$sibling9</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling10urn'><$hltext>$sibling10</a></font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>CHRISTENING DATE:</font></b></td><td><$text>$christeningdate</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CHRISTENING PLACE:</font></b></td><td><$text>$christeningplace</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>SPOUSE 1:</font></b></td><td><a href='$link$spouse1urn'><$hltext>$spouse1</a></font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>MARRIAGE DATE:</font></b></td><td><$text>$spouse1marriagedate</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>MARRIAGE PLACE:</font></b></td><td><$text>$spouse1marriageplace</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CHILDREN:</font></b></td><td><a href='$link$spouse1child1urn'><$hltext>$spouse1child1</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child2urn'><$hltext>$spouse1child2</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child3urn'><$hltext>$spouse1child3</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child4urn'><$hltext>$spouse1child4</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child5urn'><$hltext>$spouse1child5</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child6urn'><$hltext>$spouse1child6</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child7urn'><$hltext>$spouse1child7</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child8urn'><$hltext>$spouse1child8</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child9urn'><$hltext>$spouse1child9</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child10urn'><$hltext>$spouse1child10</a></font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>SPOUSE 2:</font></b></td><td><a href='$link$spouse2urn'><$hltext>$spouse2</a></font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>MARRIAGE DATE:</font></b></td><td><$text>$spouse2marriagedate</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>MARRIAGE PLACE:</font></b></td><td><$text>$spouse2marriageplace</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CHILDREN:</font></b></td><td><a href='$link$spouse2child1urn'><$hltext>$spouse2child1</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child2urn'><$hltext>$spouse2child2</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child3urn'><$hltext>$spouse2child3</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child4urn'><$hltext>$spouse2child4</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child5urn'><$hltext>$spouse2child5</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child6urn'><$hltext>$spouse2child6</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child7urn'><$hltext>$spouse2child7</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child8urn'><$hltext>$spouse2child8</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child9urn'><$hltext>$spouse2child9</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child10urn'><$hltext>$spouse2child10</a></font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>OCCUPATION:</font></b></td><td><$text>$occupation</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>DATE OF DEATH:</font></b></td><td><$text>$dateofdeath</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>PLACE OF DEATH:</font></b></td><td><$text>$placeofdeath</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CAUSE OF DEATH:</font></b></td><td><$text>$causeofdeath</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>NOTES:</font></b></td><td><$text>$notes</font></td>\n</tr>
        </tr>\n";
     echo "<tr><td colspan='3'></td></tr>\n";
  }
  echo "</table>\n";
?>
</body></html>
 
Thanks in advance.

Kris.
User avatar
califdon
Jack of Zircons
Posts: 4484
Joined: Thu Nov 09, 2006 8:30 pm
Location: California, USA

Re: Defining a default page for wrongly passed enquiries

Post by califdon »

What you need to do is to test whether your query returned any rows of data, then continue on with the logic you now have if it did, or create a different branch if it did not. Something like this:

Code: Select all

...
$query = "SELECT * FROM tree WHERE urn='$urn'";
$result = mysql_query($query) or die ("Couldn't execute query.");
if($mysql_num_rows($result)==0) {  // no results found:
    echo "<html><body>Sorry, no results found for that URN, please click on your browser's back button.</body></html>";
} else {  //at least one row found:
    $link = "http://www.didymus.org.uk/display.php?urn=";
    ...
Of course, you could make the error message much nicer, or even, with a fair amount of work, just have it place such an error message in the space where you normally display the data. But if you wanted to do that more smoothly, you would probably need to consider a different page structure, where you create the skeleton of your page first, so there would be a place to put the data or error message, but that would require an entirely different approach and is probably not what you now want to undertake. It's a thought, though, for future designs. It's always good to anticipate all your possible needs before settling on a programming approach. :wink:
kdidymus
Forum Contributor
Posts: 196
Joined: Tue May 13, 2008 3:37 am

Re: Defining a default page for wrongly passed enquiries

Post by kdidymus »

Califdon.

Stuck with this. I understand HOW your additional code would work but I can't get the thing to work once I've added it.

The problem seems to be where I put the closing }

I've tried everywhere and it just returns an error.

Aaaarghhh!

Kris.
User avatar
califdon
Jack of Zircons
Posts: 4484
Joined: Thu Nov 09, 2006 8:30 pm
Location: California, USA

Re: Defining a default page for wrongly passed enquiries

Post by califdon »

kdidymus wrote:Califdon.

Stuck with this. I understand HOW your additional code would work but I can't get the thing to work once I've added it.

The problem seems to be where I put the closing }

I've tried everywhere and it just returns an error.

Aaaarghhh!

Kris.
What you need to do is analyze the structure of your code so that you can see exactly where to end the code block. I discourage people from "trying everywhere". Take a blank sheet of paper and outline your script structure, showing only what each block of code is doing, not the code itself. Even a very complex script may be outlined on one page if you do it correctly. Then pick out which part of the code you want to execute when there is at least one row returned, and which part of the code you want to execute when no rows are returned. Then you should be able to see where to begin and end your code blocks.

Keep trying. One of my old programming teachers told me there are two basic rules of programming:
  1. Everything matters.
  2. Never give up.
That has served me well for over 30 years.
kdidymus
Forum Contributor
Posts: 196
Joined: Tue May 13, 2008 3:37 am

Re: Defining a default page for wrongly passed enquiries

Post by kdidymus »

Don.

I like a challenge. I'm printing off the code and will make an annotated version on paper as you suggest.

The main problem I'm encountering is that there is a large block (the section that echos the results in a formatted table) which is already enclosed in { } because it's part of a while loop.

I shall keep going with this. I'm nothing if not determined!!

KD.
User avatar
califdon
Jack of Zircons
Posts: 4484
Joined: Thu Nov 09, 2006 8:30 pm
Location: California, USA

Re: Defining a default page for wrongly passed enquiries

Post by califdon »

kdidymus wrote:Don.

I like a challenge. I'm printing off the code and will make an annotated version on paper as you suggest.

The main problem I'm encountering is that there is a large block (the section that echos the results in a formatted table) which is already enclosed in { } because it's part of a while loop.

I shall keep going with this. I'm nothing if not determined!!

KD.
Good attitude. Rather than an annotated full script, you will do better to just write one-line statements that indicate what might require a half a page of code. The point is to strip away all the confusing mass of code so that you can focus on the logic flow through the script. Something closer to this:

Code: Select all

Submit query.
    if at least 1 row is returned:
        generate HTML to display the requested data
    if not:
        generate HTML to notify user that URN is incorrect and to use Back button
    |
...  etc.
Once you have a simple, easy to read outline, then go back to your code and identify what lines of code do each of those things.
kdidymus
Forum Contributor
Posts: 196
Joined: Tue May 13, 2008 3:37 am

Re: Defining a default page for wrongly passed enquiries

Post by kdidymus »

I've done as you suggested. I made a simple list and figured out which parts of code do what. And then I uploaded my new code and excitedly refreshed my page. This is what happened:
Fatal error: Call to undefined function: () in /home/kdidymus/public_html/display.php on line 19
Here's my code:

Code: Select all

<?php
 // SETUP VARIABLES FOR DISPLAY
 $link = "http://www.didymus.org.uk/display.php?urn=";
 $rowht = "valign='top'";
 $rowcl = "bgcolor='#CCFFCC' valign='top'";
 $text = "font face='Arial' size='1'";
 $hltext = "font face='Arial' size='1' color='#000000'";
 $nw = "nowrap";
 // CONNECT TO MYSQL DB AND DOWNLOAD ALL FROM SELECTED ROW
 include_once("*******.inc.php");
 $cxn = mysql_connect($host,$user,$password)
 or die ("couldn't connect to server");
 mysql_select_db($database);
 $urn=$_GET['urn'];  //urn passed by hyperlink
 $query = "SELECT * FROM tree WHERE urn='$urn'";
 $result = mysql_query($query)
 or die ("Couldn't execute query.");
 // CHECK FOR PRESENCE OF SELECTED ROW
 if($mysql_num_rows($result)==0) {
 // NO SUCH ROW - DISPLAY ERROR PAGE
 header("Location: urn404.php");
 exit;
 }
 else {
 echo "<html><head><title>Individual Biographical Information</title>\n</head><body topmargin='0' leftmargin='0' rightmargin='0' \n bottommargin='0'>";}
$urn = ucfirst($urn);
  while($row = mysql_fetch_assoc($result))
  {
     extract($row);
  echo "<p align='center'><font face='Arial' size='3'><b>$surname, $forename $middlenames ($yearofbirth)</font></b>&nbsp;<img src='tree/graphics/$relative.gif'><br><img src='tree/graphics/bio_tit.gif'>";
  echo "<table cellspacing='0' width='450'  align='center'>";
  echo "<tr><td colspan='3'><hr /></td></tr>";
  echo "<tr><td colspan='3' align='center'><a href='census.php?urn=$urn'><img border='0' src='$census'></a><a href='certs.php?urn=$urn'><img border='0' src='$certificates'></a><img border='0' src='tree/graphics/bio_off.gif'><a href='photos.php?urn=$urn'><img border='0' src='$photographs'></a><a href='stories.php?urn=$urn'><img border='0' src='$scrapbook'></a></td></tr>";echo "<tr><td colspan='3'><hr /></td></tr>";
     echo " <tr>\n
            <td $rowht  $nw><$text><b>URN:</font></b></td><td><$text>$urn</font></td>\n
        <tr $rowcl><td $nw><$text><b>SURNAME:</font></b></td><td><$text>$surname</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>FORENAME(S):</font></b></td><td><$text>$forename $middlenames</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>DATE OF BIRTH:</font></b></td><td><$text>$dateofbirth</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>PLACE OF BIRTH:</font></b></td><td><$text>$placeofbirth</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>MOTHER:</font></b></td><td><a href='$link$motherurn'><$hltext>$mother</a>
</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>FATHER:</font></b></td><td><a href='$link$fatherurn'><$hltext>$father</a></font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>SIBLINGS:</font></b></td><td><a href='$link$sibling1urn'><$hltext>$sibling1</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling2urn'><$hltext>$sibling2</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling3urn'><$hltext>$sibling3</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling4urn'><$hltext>$sibling4</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling5urn'><$hltext>$sibling5</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling6urn'><$hltext>$sibling6</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling7urn'><$hltext>$sibling7</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling8urn'><$hltext>$sibling8</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling9urn'><$hltext>$sibling9</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling10urn'><$hltext>$sibling10</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling11urn'><$hltext>$sibling11</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling12urn'><$hltext>$sibling12</a></font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>CHRISTENING DATE:</font></b></td><td><$text>$christeningdate</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CHRISTENING PLACE:</font></b></td><td><$text>$christeningplace</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>SPOUSE 1:</font></b></td><td><a href='$link$spouse1urn'><$hltext>$spouse1</a></font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>MARRIAGE DATE:</font></b></td><td><$text>$spouse1marriagedate</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>MARRIAGE PLACE:</font></b></td><td><$text>$spouse1marriageplace</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CHILDREN:</font></b></td><td><a href='$link$spouse1child1urn'><$hltext>$spouse1child1</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child2urn'><$hltext>$spouse1child2</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child3urn'><$hltext>$spouse1child3</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child4urn'><$hltext>$spouse1child4</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child5urn'><$hltext>$spouse1child5</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child6urn'><$hltext>$spouse1child6</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child7urn'><$hltext>$spouse1child7</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child8urn'><$hltext>$spouse1child8</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child9urn'><$hltext>$spouse1child9</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child10urn'><$hltext>$spouse1child10</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child11urn'><$hltext>$spouse1child11</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child12urn'><$hltext>$spouse1child12</a></font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>SPOUSE 2:</font></b></td><td><a href='$link$spouse2urn'><$hltext>$spouse2</a></font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>MARRIAGE DATE:</font></b></td><td><$text>$spouse2marriagedate</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>MARRIAGE PLACE:</font></b></td><td><$text>$spouse2marriageplace</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CHILDREN:</font></b></td><td><a href='$link$spouse2child1urn'><$hltext>$spouse2child1</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child2urn'><$hltext>$spouse2child2</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child3urn'><$hltext>$spouse2child3</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child4urn'><$hltext>$spouse2child4</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child5urn'><$hltext>$spouse2child5</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child6urn'><$hltext>$spouse2child6</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child7urn'><$hltext>$spouse2child7</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child8urn'><$hltext>$spouse2child8</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child9urn'><$hltext>$spouse2child9</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child10urn'><$hltext>$spouse2child10</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child11urn'><$hltext>$spouse2child11</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child12urn'><$hltext>$spouse2child12</a></font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>OCCUPATION:</font></b></td><td><$text>$occupation</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>DATE OF DEATH:</font></b></td><td><$text>$dateofdeath</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>PLACE OF DEATH:</font></b></td><td><$text>$placeofdeath</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CAUSE OF DEATH:</font></b></td><td><$text>$causeofdeath</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>NOTES:</font></b></td><td><$text>$notes</font></td>\n</tr>
        </tr>\n";
  }
  echo "</table>\n";
?>
</body></html>
Still not sure what I'm doing wrong. I'm sure it's all about the placement of the }

Kris.
kdidymus
Forum Contributor
Posts: 196
Joined: Tue May 13, 2008 3:37 am

Re: Defining a default page for wrongly passed enquiries

Post by kdidymus »

I tried again from scratch. I've figured out that it's ALWAYS the following line that the code errors on:
if($mysql_num_rows($result)==0) {header("Location: urn404.php");
It doesn't matter what I put within the curly brackets. I've tried echoing an error AND loading an error page using the header command (which should work as nothing has been echoed prior to that statement).

This time I get the error:
Fatal error: Call to undefined function: () in /home/kdidymus/public_html/display2.php on line 21
And guess what Line 21 is?! Yep...
if($mysql_num_rows($result)==0) {header("Location: urn404.php");
This is the full code, revised and annotated as I now understand what each line of code does but, sadly, not why this one line continually errors.

Code: Select all

<?php
/* Program: display3.php
 * Desc:    Displays all details of selected individual.
 */
  // SET VARIABLES FOR DISPLAY
  $link = "http://www.didymus.org.uk/display.php?urn=";
  $rowht = "valign='top'";
  $rowcl = "bgcolor='#CCFFCC' valign='top'";
  $text = "font face='Arial' size='1'";
  $hltext = "font face='Arial' size='1' color='#000000'";
  $nw = "nowrap";
  // CONNECT TO MYSQL AND CHECK FOR ROW
  include_once("*******.inc.php");
  $cxn = mysql_connect($host,$user,$password)
         or die ("couldn't connect to server");
  mysql_select_db($database);
  $urn=$_GET['urn'];  //urn passed by hyperlink
  $query = "SELECT * FROM tree WHERE urn='$urn'";
  $result = mysql_query($query)
            or die ("Couldn't execute query.");
  // IF THE SPECIFIED ROW DOESN'T EXIST LOAD ERROR PAGE
  if($mysql_num_rows($result)==0) {header("Location: urn404.php");
  exit;
  }
  //IF THE ROW SPECIFIED EXISTS THEN
  else {
  //GO AHEAD AND DISPLAY RESULTS IN A TABLE
  echo "<html>
  <head><title>Individual Biographical Information</title></head>
  <body topmargin='0' leftmargin='0' rightmargin='0' bottommargin='0'>";
  $urn = ucfirst($urn);
  while($row = mysql_fetch_assoc($result))
  {
     extract($row);
  echo "<p align='center'><font face='Arial' size='3'><b>$surname, $forename $middlenames ($yearofbirth)</font></b>&nbsp;<img src='tree/graphics/$relative.gif'><br><img src='tree/graphics/bio_tit.gif'>";
  echo "<table cellspacing='0' width='450'  align='center'>";
  echo "<tr><td colspan='3'><hr /></td></tr>";
  echo "<tr><td colspan='3' align='center'><a href='census.php?urn=$urn'><img border='0' src='$census'></a><a href='certs.php?urn=$urn'><img border='0' src='$certificates'></a><img border='0' src='tree/graphics/bio_off.gif'><a href='photos.php?urn=$urn'><img border='0' src='$photographs'></a><a href='stories.php?urn=$urn'><img border='0' src='$scrapbook'></a></td></tr>";echo "<tr><td colspan='3'><hr /></td></tr>";
     echo " <tr>\n
            <td $rowht  $nw><$text><b>URN:</font></b></td><td><$text>$urn</font></td>\n
        <tr $rowcl><td $nw><$text><b>SURNAME:</font></b></td><td><$text>$surname</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>FORENAME(S):</font></b></td><td><$text>$forename $middlenames</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>DATE OF BIRTH:</font></b></td><td><$text>$dateofbirth</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>PLACE OF BIRTH:</font></b></td><td><$text>$placeofbirth</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>MOTHER:</font></b></td><td><a href='$link$motherurn'><$hltext>$mother</a>
</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>FATHER:</font></b></td><td><a href='$link$fatherurn'><$hltext>$father</a></font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>SIBLINGS:</font></b></td><td><a href='$link$sibling1urn'><$hltext>$sibling1</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling2urn'><$hltext>$sibling2</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling3urn'><$hltext>$sibling3</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling4urn'><$hltext>$sibling4</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling5urn'><$hltext>$sibling5</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling6urn'><$hltext>$sibling6</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling7urn'><$hltext>$sibling7</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling8urn'><$hltext>$sibling8</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling9urn'><$hltext>$sibling9</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling10urn'><$hltext>$sibling10</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling11urn'><$hltext>$sibling11</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$sibling12urn'><$hltext>$sibling12</a></font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>CHRISTENING DATE:</font></b></td><td><$text>$christeningdate</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CHRISTENING PLACE:</font></b></td><td><$text>$christeningplace</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>SPOUSE 1:</font></b></td><td><a href='$link$spouse1urn'><$hltext>$spouse1</a></font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>MARRIAGE DATE:</font></b></td><td><$text>$spouse1marriagedate</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>MARRIAGE PLACE:</font></b></td><td><$text>$spouse1marriageplace</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CHILDREN:</font></b></td><td><a href='$link$spouse1child1urn'><$hltext>$spouse1child1</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child2urn'><$hltext>$spouse1child2</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child3urn'><$hltext>$spouse1child3</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child4urn'><$hltext>$spouse1child4</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child5urn'><$hltext>$spouse1child5</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child6urn'><$hltext>$spouse1child6</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child7urn'><$hltext>$spouse1child7</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child8urn'><$hltext>$spouse1child8</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child9urn'><$hltext>$spouse1child9</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child10urn'><$hltext>$spouse1child10</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child11urn'><$hltext>$spouse1child11</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse1child12urn'><$hltext>$spouse1child12</a></font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>SPOUSE 2:</font></b></td><td><a href='$link$spouse2urn'><$hltext>$spouse2</a></font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>MARRIAGE DATE:</font></b></td><td><$text>$spouse2marriagedate</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>MARRIAGE PLACE:</font></b></td><td><$text>$spouse2marriageplace</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CHILDREN:</font></b></td><td><a href='$link$spouse2child1urn'><$hltext>$spouse2child1</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child2urn'><$hltext>$spouse2child2</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child3urn'><$hltext>$spouse2child3</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child4urn'><$hltext>$spouse2child4</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child5urn'><$hltext>$spouse2child5</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child6urn'><$hltext>$spouse2child6</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child7urn'><$hltext>$spouse2child7</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child8urn'><$hltext>$spouse2child8</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child9urn'><$hltext>$spouse2child9</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child10urn'><$hltext>$spouse2child10</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child11urn'><$hltext>$spouse2child11</a></font></td>\n</tr>
        <tr $rowcl><td></td><td><a href='$link$spouse2child12urn'><$hltext>$spouse2child12</a></font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>OCCUPATION:</font></b></td><td><$text>$occupation</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>DATE OF DEATH:</font></b></td><td><$text>$dateofdeath</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>PLACE OF DEATH:</font></b></td><td><$text>$placeofdeath</font></td>\n</tr>
        <tr $rowcl><td $nw><$text><b>CAUSE OF DEATH:</font></b></td><td><$text>$causeofdeath</font></td>\n</tr>
        <tr $rowht><td $nw><$text><b>NOTES:</font></b></td><td><$text>$notes</font></td>\n</tr>
        </tr>\n";
  }
  echo "</table>\n";
echo "</body></html>";}
?>
Kris.
nowaydown1
Forum Contributor
Posts: 169
Joined: Sun Apr 27, 2008 1:22 am

Re: Defining a default page for wrongly passed enquiries

Post by nowaydown1 »

Kris,

Code: Select all

 
if($mysql_num_rows($result)==0) {
 
Would be my guess for why you're getting the parse error. Notice the dollar sign ($) in front of mysql_num_rows. PHP thinks you're trying to use a variable in place of the function call. The $mysql_num_rows variable equals "" in this case, which would explain the call to undefined function: (nothing) bit that you're seeing:

Code: Select all

 
if(mysql_num_rows($result)==0) {
 
I believe is what you really want. Also, a few things I noticed in passing while looking at your script.

Code: Select all

 
$urn=$_GET['urn'];  //urn passed by hyperlink
$query = "SELECT * FROM tree WHERE urn='$urn'";
$result = mysql_query($query) or die ("Couldn't execute query.");
 
That's really open to SQL injection. You can read up on SQL injection (and possible solutions) here:
http://phpsec.org/projects/guide/3.html

Would hate to see your get your code up and running just to have somebody truncate your table. :) Additionally, it looks like you're using an include to get the values for your mysql_connect call. You might consider just moving all your database connection code into that same include.
kdidymus
Forum Contributor
Posts: 196
Joined: Tue May 13, 2008 3:37 am

Re: Defining a default page for wrongly passed enquiries

Post by kdidymus »

nowaydown1 - you...are...a...star!!!!

That was it. How on Earth did I miss something that simple?

Going to take myself outside and have words!!!

Thank you. Going to sort out the security issues now.

Thanks again.

KD.
kdidymus
Forum Contributor
Posts: 196
Joined: Tue May 13, 2008 3:37 am

Re: Defining a default page for wrongly passed enquiries

Post by kdidymus »

Califdon.

Thank you for your help as well. I actually learned quite a lot whilst I was disassembling my page.

It's working fine now. Go to http://www.didymus.org.uk/tree.php

If you type 11164 in the Qik Jump box and hit enter, my details appear. Use 999 or 000 instead and a nice error page is displayed instead.

Thanks to everyone involved in getting this project off the ground!

Kris.
User avatar
califdon
Jack of Zircons
Posts: 4484
Joined: Thu Nov 09, 2006 8:30 pm
Location: California, USA

Re: Defining a default page for wrongly passed enquiries

Post by califdon »

Congratulations on a very good looking and operating page! nowaydown1 offered you good advice on the vulnerability to "SQL injection", as well as spotting your $ error. The vulnerability occurs when you accept user input (via $_GET or $_POST) and introduce it into your SQL statements without "cleansing" it, usually by using the mysql_real_escape() function. Do read up on that, he's right, I'd hate to see some malicious hacker trash your database because of the lack of such protection. In any case, set up a database backup process so that you don't lose your valuable data for any reason at all.

See how prophetic my old teacher was? His two rules apply directly to your efforts:
  1. Everything matters! (even a simple dollar sign!)
  2. Never give up!
:)
kdidymus
Forum Contributor
Posts: 196
Joined: Tue May 13, 2008 3:37 am

Re: Defining a default page for wrongly passed enquiries

Post by kdidymus »

Califdon.

I've closed the loopholes that leave my database vulnerable to SQL Injection. Strange thing is I had originally done this but the escape strings obviously got lost during much tinkering! Thank you for your kind comments about my page. I've put alot of effort in to it but it wouldn't be there at all without your help and the help of many DevNetwork regulars.

There will be more questions as I'm fine-tuning some elements of the site. Please bear with me if some of them are a little basic and niaive!

Kris.
User avatar
califdon
Jack of Zircons
Posts: 4484
Joined: Thu Nov 09, 2006 8:30 pm
Location: California, USA

Re: Defining a default page for wrongly passed enquiries

Post by califdon »

kdidymus wrote:Califdon.

I've closed the loopholes that leave my database vulnerable to SQL Injection. Strange thing is I had originally done this but the escape strings obviously got lost during much tinkering! Thank you for your kind comments about my page. I've put alot of effort in to it but it wouldn't be there at all without your help and the help of many DevNetwork regulars.

There will be more questions as I'm fine-tuning some elements of the site. Please bear with me if some of them are a little basic and niaive!

Kris.
Don't worry. We don't charge any more for answers to basic questions than we do for answers to sophisticated questions! :)
Post Reply