FUDforum: comp.lang.php » take two - fetch items from a row.

Home » Imported messages » comp.lang.php » take two - fetch items from a row.

Show: Today's Messages :: Polls :: Message Navigator

Re: take two - fetch items from a row. [message #181306 is a reply to message #181295]

Sat, 04 May 2013 11:00

SwissCheese
Messages: 17
Registered: December 2012

Karma:

Junior Member

On 05/03/2013 07:02 PM, richard wrote:
> This code may reside on a page in a line.
> < a href="http:www.code.com/gettable.php?number=1">
>
>
> Where I show id=$number, is that the way I want to show it or is there a
> beter way?
> I want to retrieve the row corresponding to the id number given in the
> link.
>
> <?php
>
>
> $number=$_GET["number"];
> if (empty($number)) {$number=1;}
> $number=(int)$number;
>
> // connections code left out intentionally //
>
>
> $result = mysql_query("SELECT id,email FROM people WHERE id = $number");
> if (!$result) {
> echo 'Could not run query: ' . mysql_error();
> exit;
> }
> $row = mysql_fetch_row($result);
>
> echo $row[0]; // 42
> echo $row[1]; // the email value
> ?>
>

<?php
$number = isset($_GET["number"]) ? $_GET["number"] : 0;
$number = (is_numeric($number) && ctype_digit($number)) ? $number : 0;

if ($number == 0) {
/* bad input - do something here
since 1 is more than likely a valid record you may not want to give
out that data based on bad input.
*/

exit;
}

// ... connection code ...

$result = mysql_query("SELECT id.email FROM people WHERE id = $number");
if (!$result) {
echo 'Could not run query: ' . mysql_error();
exit;
}
$row = mysql_fetch_row($result);

echo $row[0]; // 42
echo $row[1]; // the email value
?>

There are many different ways to go about sanitising your input, some
of which you can download.

....and here's a good source (found on bobby-tables.com):

http://download.oracle.com/oll/tutorials/SQLInjection/index.htm

--
Norman
Registered Linux user #461062
-Have you been to www.php.net yet?-

Report message to a moderator

[Message index]

		take two - fetch items from a row. By: richard on Fri, 03 May 2013 23:02
		Re: take two - fetch items from a row. By: richard on Fri, 03 May 2013 23:13
		Re: take two - fetch items from a row. By: Denis McMahon on Sat, 04 May 2013 00:59
		Re: take two - fetch items from a row. By: Richard Yates on Fri, 03 May 2013 23:32
		Re: take two - fetch items from a row. By: richard on Fri, 03 May 2013 23:54
		Re: take two - fetch items from a row. By: Richard Yates on Sat, 04 May 2013 02:20
		Re: take two - fetch items from a row. By: Beauregard T. Shagnas on Sat, 04 May 2013 03:37
		Re: take two - fetch items from a row. By: SwissCheese on Sat, 04 May 2013 11:00

Previous Topic:	SoapServer constructor parameters: what is actor uri?
Next Topic:	replacing spaces with newline

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Fri Sep 20 09:47:37 GMT 2024

Total time taken to generate the page: 0.05328 seconds