Go Back   vb.org Archive > vBulletin Article Depository > Read An Article > vBulletin 4 Articles
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
[HOW TO - vB4] Paginating Results
cellarius's Avatar
cellarius
Join Date: Aug 2005
Posts: 1,987

 

Show Printable Version Email this Page Subscription
cellarius cellarius is offline 08-23-2009, 10:00 PM

Introduction

Not very much has changed regarding how pagination works since vB 3.8, but quite enough to warrant an update of Revan's great tutorial, dating from 2006. Kudos to Revan.

As Revan I assume you know your way around php and can understand at least roughfly what each bit of the code does. There'll be explanations, of course, but this is for coders and mod developers.

The main work for pagination has to be done in the PHP-code, still no surprise there.

Cleaning URL parameters

We start off by cleaning the URL parameters that will tell our paginator how many entries to show per page and on which page of the resultset we're actually on

PHP Code:
 $vbulletin->input->clean_array_gpc('r', array(
    
'perpage'    => TYPE_UINT,
    
'pagenumber' => TYPE_UINT,
)); 
.
Counting results

The next step is to count the number of resuts that our actual database query will return (this query we will meet later on - it's an example that will throw all users with no posts).

PHP Code:
$cel_users $db->query_first("
    SELECT COUNT('userid') AS users_count
    FROM " 
TABLE_PREFIX "user AS user
    WHERE user.posts = '0'
"
); 
.
Settings & sanitizing

Next we're off to do some settings: The first argument is our counting result. The last two arguments are the maximum number of results per page (100) and the default number of results per page (20). Note how the first argument is the result of the count query above. You can replace those with settings from the AdminCP by inserting the corresponding variables obviously.

PHP Code:
sanitize_pageresults($cel_users['users_count'], $pagenumber$perpage10020); 
.
Orientation - where are we?

Now some stuff to determine on which page we're on and which results to show. Note how you have to provide the results of our initial count query:

PHP Code:
if ($vbulletin->GPC['pagenumber'] < 1)
{
    
$vbulletin->GPC['pagenumber'] = 1;
}
else if (
$vbulletin->GPC['pagenumber'] > ceil(($cel_users['users_count'] + 1) / $perpage))
{
    
$vbulletin->GPC['pagenumber'] = ceil(($cel_users['users_count'] + 1) / $perpage);
}
$limitlower = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
$limitupper = ($vbulletin->GPC['pagenumber']) * $perpage
.
The main query

Now the query that throws all users with no posts - just an example, obviously. Note the LIMIT - this has to be added to the original query to delimit the resultset for the actual page

PHP Code:
$result $db->query_read("
    SELECT user.username, user.userid
    FROM " 
TABLE_PREFIX "user as user
    WHERE user.posts = '0'
    ORDER BY username DESC
    LIMIT 
$limitlower$perpage
"
); 
.
Constructing pagenav

The last (but one) thing to do in the PHP code is to finally call the function to construct the actual page-nav and saving it's output to a variable for passing to the template.
  • Some explanation for the arguments that must/can be passed to this function are in the code.
  • Of course, the name of the file (yourfile.php) needs to be adapted to the file name your using the pagination on.
  • Only the first four arguments are mandatory. You can leave the rest away if not needed, I added them for documentation.
  • The ? that starts the parameters after myfile.php needs to be there, since atm the page parameter always is prefixed with an &. If there are no other parameters present as is the case in this example, the links will look like "yourfile.php?&page=2". This is, of course, wrong, but works; without the ? the link would be "yourfile.php&page=2", which is even more wrong, since it does not work. In vB 3 pagination handled this correctly. I filed this as a bug in vB4 beta 3. Maybe I'm missing something, or this will be resolved - I'll keep you posted.
PHP Code:
$pagenav construct_page_nav(
    
$vbulletin->GPC['pagenumber'],
    
$perpage,
    
$cel_users['users_count'],
    
'yourfile.php?' $vbulletin->session->vars['sessionurl'], // the pagenav-link
    
''// to pass a second portion or the pagenav-link, gets directly appended to above
    
''// to pass an anchor
    
''// SEO-Link for thread, forum, member... pages - make the pagenav-links seo'ed if you use the paginator on one of those
    
''// Array to pass linkinfo for SEO-Link-Method
    
''  // Array to pass additional Info for SEO-Link-Method
); 
.
Registering pagenav for templates

As with all variables in vB4, the newly created $pagenav has to be registered to be used inside the template:

PHP Code:
$templater vB_Template::create('cel_test_pagination');
    
$templater->register_page_templates();
    
$templater->register('navbar'$navbar);
// Need to add for pagenav
    
$templater->register('pagenav'$pagenav);
    
$templater->register('pagenumber'$pagenumber);
    
$templater->register('perpage'$perpage);
    
$templater->register('output'$output);
print_output($templater->render()); 
.
Template code

Now you just have to put the pagenav-code into your template, and we're done. Note that the id of the surrounding div should be changed to "pagination_bottom" or "pagination_top" accordingly.

Code:
<vb:if condition="$pagenav">
     <div id="pagination_top">
          {vb:raw pagenav}
     </div>
</vb:if>
Have fun!


-c
As of now (beta 3), there are still some issues that need to be resolved regarding pagination. They are minor and there should not be substantial changes, but be aware of that. For example, the setting of results shown per page does not work yet - 20 is hardcoded into the sanitizing function.
Reply With Quote
  #2  
Old 12-28-2009, 07:54 AM
BBR-APBT's Avatar
BBR-APBT BBR-APBT is offline
 
Join Date: Feb 2009
Location: Maryland
Posts: 946
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

How to get this to work with $_POST.

Every time I click a link in the pagination it resets the post variables.

When I use $_GET it shows either the security token or the session hash.

Thanks for any help.
Reply With Quote
  #3  
Old 12-28-2009, 09:41 AM
cellarius's Avatar
cellarius cellarius is offline
 
Join Date: Aug 2005
Posts: 1,987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The pagination system, as far as I know, is designed to work with URL parameters only. If you want to preserve data entered via a form in post mode, you need to pass the data entered to the pagination class by adding parameters to the pagenav link, then you need to query it accordingly when the page gets reloaded upon page change. Anyway, wihtout seeing your code it's hard to say where you are going wrong.
Reply With Quote
  #4  
Old 12-28-2009, 02:23 PM
BBR-APBT's Avatar
BBR-APBT BBR-APBT is offline
 
Join Date: Feb 2009
Location: Maryland
Posts: 946
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

here ya go http://pastebin.com/m5dd777d5

If I use $_get how do I remove the sessionhash or the securitytoken out of the url?

It loads the first page but each page after that has no variables.
Reply With Quote
  #5  
Old 12-28-2009, 05:47 PM
cellarius's Avatar
cellarius cellarius is offline
 
Join Date: Aug 2005
Posts: 1,987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

First, whenever you use get or post variables, you should always use the vbulletin input cleaner to make them safe. If you don't know how, there's an article somewhere here.

Second, why would you want to get rid of the sessionhash? It's only showing if you have cookies disabled, and if you remove it, it will break login for people w/o cookies.

Third, as I said, when you change pages, you basically reload them. Post variables won't survive that. You need to save the get parameters into variables, pass those variables as parameters to the pagination URL, and then read them from the URL parameters upon reload.

Basically (forgoing input cleaner here, for simplicity:

PHP Code:
// use if isset constructions below to decide 
// whether $_POST or $_GET should take precedence

$var1 $_POST['var1']; // coming from your post form - would be easier to use get-method there, too
$var2 $_GET['var1'];  // coming from the URL parameter


// your code


// then, when initiating pagination add your variable as parameter

$pagenav construct_page_nav(
    
$vbulletin->GPC['pagenumber'],    $perpage,
    
$cel_ped['ped_count'],    $vbulletin->options['bbr_peds_url'] . '/results.php?' $vbulletin->session->vars['sessionurl'] . 'var1=' $var1
Reply With Quote
  #6  
Old 12-28-2009, 06:18 PM
BBR-APBT's Avatar
BBR-APBT BBR-APBT is offline
 
Join Date: Feb 2009
Location: Maryland
Posts: 946
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I don't want to get rid of the session hash or security token I just want to hide it from the URL with $_GET for the simple fact is I don't want my users passing their sessionhash or security token around to each other.

On this search page only would it be safe to turn off CSRF_PROTECTION as long as I clean what can be inputed?
Reply With Quote
  #7  
Old 12-28-2009, 06:35 PM
cellarius's Avatar
cellarius cellarius is offline
 
Join Date: Aug 2005
Posts: 1,987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Visibility of the security token is not a problem securitywise. It is visible in the source code anyway. The sessionhash is passed along via URL by vB if cookies are disabled, that's the way it is. And no, disabling CSRF protection is not a good idea, it's there for a reason.
Reply With Quote
  #8  
Old 12-28-2009, 06:38 PM
BBR-APBT's Avatar
BBR-APBT BBR-APBT is offline
 
Join Date: Feb 2009
Location: Maryland
Posts: 946
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks so much for all your help man.

Last question do I need to add the following to $_GET forms?
Code:
<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />
<input type="hidden" name="s" value="$session[sessionhash]" />
Reply With Quote
  #9  
Old 12-28-2009, 06:45 PM
cellarius's Avatar
cellarius cellarius is offline
 
Join Date: Aug 2005
Posts: 1,987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If you're using GET, you don't need the security token, but you do need the session (as I said, leaving that out will break log in for everyone with cookies disabled).

On CSRF protection, you may want to read https://vborg.vbsupport.ru/showthread.php?t=177013
Reply With Quote
  #10  
Old 12-28-2009, 10:07 PM
BBR-APBT's Avatar
BBR-APBT BBR-APBT is offline
 
Join Date: Feb 2009
Location: Maryland
Posts: 946
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Again Thanks for all the help Great Article.

Most of my problem boiled down to the sql statment.

I had
Code:
SELECT DISTINCT COUNT(blah
When I should have had.
Code:
SELECT COUNT(DISTINCT blah
So even with _GET it wasn't working correctly.

I used this same tutorial on several other pages of mine and it went flawlessly.

Thanks again for the fast answers and the great help.


P.S. I secure my code after its working just to narrow down problems.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:35 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08090 seconds
  • Memory Usage 2,344KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (4)bbcode_code
  • (8)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_article
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (3)post_thanks_box_bit
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete