By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,086 Members | 1,442 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,086 IT Pros & Developers. It's quick & easy.

How to LIMIT results in html php/sql query?

P: n/a
Hi,

I need to limit results in the following query type:

http://www.somewhere.com/php/sql-a.p...l_order=&pos=1

I found a reference that says I should be able to use LIMIT x[,y], but
I don't know where/exactly how to add that to the string. Once I know
what it's supposed to look like, and can write something to generate
it.

If someone could post an example using the above and limiting the
output to 100 records starting at position 1, that would be great.

Aug 11 '05 #1
Share this Question
Share on Google+
4 Replies


P: n/a
em********@hotmail.com wrote:
Hi,

I need to limit results in the following query type:

http://www.somewhere.com/php/sql-a.p...l_order=&pos=1

I found a reference that says I should be able to use LIMIT x[,y], but
I don't know where/exactly how to add that to the string. Once I know
what it's supposed to look like, and can write something to generate
it.

If someone could post an example using the above and limiting the
output to 100 records starting at position 1, that would be great.


It really depends on the database you're using.
In mysql, adding " LIMIT 5" to the end of your sql statement will return
5 rows, adding "LIMIT 10, 20" will return 20 rows starting with row
number 10.

It should also be noted that passing the database query in the URL like
your example shows is a _really_bad_ idea if you expect to allow other
people to use this page, and just a bad idea otherwise.

What would prevent some malicious user from manually changing the url to
try and execute the statement "DELETE+ALL+FROM+super_important_table",
OR WORSE!

Carl.
Aug 11 '05 #2

P: n/a
Carl wrote:
em********@hotmail.com wrote:
Hi,

I need to limit results in the following query type:

http://www.somewhere.com/php/sql-a.p...l_order=&pos=1
I found a reference that says I should be able to use LIMIT x[,y], but
I don't know where/exactly how to add that to the string. Once I know
what it's supposed to look like, and can write something to generate
it.

If someone could post an example using the above and limiting the
output to 100 records starting at position 1, that would be great.


It really depends on the database you're using.
In mysql, adding " LIMIT 5" to the end of your sql statement will return
5 rows, adding "LIMIT 10, 20" will return 20 rows starting with row
number 10.

It should also be noted that passing the database query in the URL like
your example shows is a _really_bad_ idea if you expect to allow other
people to use this page, and just a bad idea otherwise.

What would prevent some malicious user from manually changing the url to
try and execute the statement "DELETE+ALL+FROM+super_important_table",
OR WORSE!

Carl.


The database is read-only, but thanks for the warning.

How exactly do I add "LIMIT 10, 20" to the html string? I tried some
different ways and either got error messages (generic) or it had no
effect.

This is using MySQL, and I know LIMIT is supported.

For example: I tried adding
+LIMIT+1%2C+100
to the end, or before the
+&sql_order=&pos=1
I Also tried adding
&LIMIT+1%2C+100
(no "+")

I think maybe the &sql_order at the end needs rewritten using LIMIT.

I need the specific syntax, "+", "&", "%2C", etc. to add (say) LIMIT
10,20 to this:
http://www.somewhere.com/php/sql-a.p...l_order=&pos=1

Thanks

Aug 11 '05 #3

P: n/a
em********@hotmail.com wrote:
How exactly do I add "LIMIT 10, 20" to the html string? I tried some
different ways and either got error messages (generic) or it had no
effect.
I think maybe the &sql_order at the end needs rewritten using LIMIT.


LIMIT must come after ORDER BY in a SQL query.
See http://dev.mysql.com/doc/mysql/en/select.html

But obviously, the PHP code is concatenating the sql_order after the
sql_query in some manner. We don't know what it's doing. We don't even
know from your example what the legal values for sql_order are. Are
they field names by which to sort? We don't know how it interprets the
blank string, as is being passed here.

For instance, it _might_ be concatenating the values of sql_query and
sql_order like this:

$sql = $sql_query
. "ORDER BY "
. ($sql_order ? $sql_order : "DefaultField")
. " ASCENDING"

So even if you were to pass "DefaultField LIMIT 10,20" for the sql_order
parameter, you'd end up with a syntax error in the resulting SQL,
because "ASCENDING" appears out of place. And this is assuming
sql_order is there to name the field by which to sort. It could have
some totally different meaning within the PHP code.

Regards,
Bill K.
Aug 12 '05 #4

P: n/a
In comp.databases em********@hotmail.com wrote:
I need to limit results in the following query type:

http://www.somewhere.com/php/sql-a.p...l_order=&pos=1


What you seem to be doing here is very dangerous. Suppose someone saw
that URL and rewrote it as follows:

http://www.somewhere.com/php/sql-a.p...E+FROM+mytable

Or even:

http://www.somewhere.com/php/sql-a.p...y=DROP+mytable

This is called an "SQL injection" vulnerability -- where your
application allows the user to enter arbitrary SQL statements. These
can yield all sorts of undesired results:

* public accessibility of private information
* destruction of information (as above)
* crashing of your database server (by writing a query that
takes massive computational resources to compute)
* corruption of information, possibly with substantial financial
consequences

As an example of the last, imagine that your database is serving an
online store application, and includes the price list. If the user can
enter an arbitrary query (and the store application has the access
privileges to do so -- another error, perhaps) then the user could alter
prices and then place orders for really cheap goods. :)

--
Karl A. Krueger <kk******@example.edu> { s/example/whoi/ }
Aug 22 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.