Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
  #1  
Old 11-15-2005, 03:32 PM
Parker Clack Parker Clack is offline
 
Join Date: Oct 2001
Posts: 351
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Still need some help

I have a link that I am using to call on a php file with an id in it. For some reason the external file doesn't get the id.

If I use http://www.myplace.com/my.php?do=edit&id=133

and I have in my php file

Code:
if ($_REQUEST['do'] == 'edit') {

  $ba = $db->query("SELECT * FROM " . TABLE_PREFIX ."mytable WHERE id='$id'");
The value of the id doesn't make it to the php file and I get a database error at id=.

Any ideas what has changed in 3.51 that the file doesn't get the id number? It used to work in 2.xx just fine.

Thanks,
Parker
Reply With Quote
  #2  
Old 11-15-2005, 05:47 PM
tnguy3n's Avatar
tnguy3n tnguy3n is offline
 
Join Date: May 2003
Location: U of I, Iowa
Posts: 846
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

and what's the variable $id in your script?
Reply With Quote
  #3  
Old 11-15-2005, 05:54 PM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It should at least be $_REQUEST['id'], but using it like this in a query, will open your script to SQL insertions.

You should really consider sanatizing the input before using it.
Reply With Quote
  #4  
Old 11-15-2005, 06:52 PM
Parker Clack Parker Clack is offline
 
Join Date: Oct 2001
Posts: 351
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

the variable id comes from the link after the do=edit.

Marco:

So something like
Quote:
$ba = $db->query("SELECT * FROM " . TABLE_PREFIX ."mytable WHERE id=$_Request['id']");
Reply With Quote
  #5  
Old 11-15-2005, 09:42 PM
tnguy3n's Avatar
tnguy3n tnguy3n is offline
 
Join Date: May 2003
Location: U of I, Iowa
Posts: 846
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

TRY:

PHP Code:
$vbulletin->input->clean_array_gpc('r', array('id' => TYPE_INT));

$ba $db->query("SELECT * FROM " TABLE_PREFIX ."mytable WHERE id = '" intval($vbulletin->GPC[id]) . "'"); 
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:01 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05724 seconds
  • Memory Usage 2,194KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_code
  • (1)bbcode_php
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (5)post_thanks_box
  • (5)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (5)post_thanks_postbit_info
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete