View Single Post
  #1  
Old 08-06-2006, 04:07 AM
aggiefan aggiefan is offline
 
Join Date: Apr 2005
Posts: 169
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Input Cleaner Question (do i need it)?

I'm working on porting my product over to 3.6 and I know that there are now input cleaners for $_get and other commands.

Basically, what I'm trying to do is use the url the person is on to capture a value. So, if they're on the following real url, I want to grab the contest and week values.

http://www.aggiefans.com/forums/vbco...t=TESTA&week=1
(if you visit, ignore the mysql errors. It's because I haven't finished coding the % of votes for the other 14 games).

Then when they submit, I want to record the contest name (TESTA) and the week # (1) to the database (these values are in the url address bar only).

I found that using $contestname = $_GET['contest']; and $week = $_GET['week']; pull the information from the url correctly as I can use it to query. I've pulled out the array using the following ($contestkey is simply "$contestname$week"):

Code:
$contestnameresult = $db->query_first("SELECT contestname from " . TABLE_PREFIX . "vbcontest_matchups WHERE contest_key='$contestkey'");
$contestname1 = $contestnameresult[contestname];
$weekresult = $db->query_first("SELECT weekid from " . TABLE_PREFIX . "vbcontest_matchups where contest_key='$contestkey'");
$week1 = $weekresult[weekid];
If I do a print "$contestname1" it prints TESTA at the top of my page (you can see it on the link above). However, when I put write to db for $contestname1, it comes across blank. Help would be appreciated.

And to clarify, this is my values being written to the database. Every value is being recorded (17 others, except the first two).

Code:
$db->query_write ("INSERT INTO " . TABLE_PREFIX . "vbcontest_picks (contestname, weekid, username, userid, game1, game2, game3, game4, game5, game6, game7, game8, game9, game10, game11, game12, game13, game14, game15)

         VALUES ('$contestname1', '$week1', '$yourname', '$yourid', '$radioanswer1', '$radioanswer2', '$radioanswer3', '$radioanswer4', '$radioanswer5', '$radioanswer6', '$radioanswer7', '$radioanswer8', '$radioanswer9', '$radioanswer10', '$radioanswer11', '$radioanswer12', '$radioanswer13', '$radioanswer14', '$radioanswer15')");
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01848 seconds
  • Memory Usage 1,768KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_code
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 

Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete