By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,570 Members | 3,132 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,570 IT Pros & Developers. It's quick & easy.

Re: Building a blog from scratch using PHP

P: n/a
On 2008-07-11 15:21:31 +0100, "Peter D." <pe*****@gmail.comsaid:
On Jul 10, 3:00*pm, JT <tornet...@gmail.comwrote:
><SNIP>

What I want is to do the URL validation like I just describe, but I
also want it to compare whether the input matches an actual database
entry, and if not return a 404 error. *Right now, for some reason if
you type inhttp://www.myblog.com/blog/viewentry.php?id=500, and I
only have 3 rows in my database, it doesnt return an error, it
displays the viewentry page thats blank with my post footer displaying
a bogus date.

<SNIP>

Thanks
JT

Why don't you just validate the information you get back from the
database. Or do a mysql_num_rows and if it returns 0 then there are no
rows matching your query. if mysql_num_rows == 0 go back to main page.

Maybe?
That'd be the correct way of doing it.
You could even direct to the 404 page if the query result is empty.

Condiser changing:
if(is_numeric($_GET['id']) == FALSE) {
$error = 1;
}
if($error == 1) {
header("Location: " . $config_basedir);
}
else {
$validentry = $_GET['id'];
}

to:
if(is_numeric($_GET['id']) == FALSE) {
header("Location: " . $config_basedir);
}
else {
$validentry = $_GET['id'];
}
--
../Sven

Jul 12 '08 #1
Share this Question
Share on Google+
2 Replies


P: n/a
JT
On Jul 12, 6:17*am, Sven wrote:
On 2008-07-11 15:21:31 +0100, "Peter D." <pete...@gmail.comsaid:
On Jul 10, 3:00*pm, JT <tornet...@gmail.comwrote:
<SNIP>
What I want is to do the URL validation like I just describe, but I
also want it to compare whether the input matches an actual database
entry, and if not return a 404 error. *Right now, for some reason if
you type inhttp://www.myblog.com/blog/viewentry.php?id=500, and I
only have 3 rows in my database, it doesnt return an error, it
displays the viewentry page thats blank with my post footer displaying
a bogus date.
<SNIP>
Thanks
JT
Why don't you just validate the information you get back from the
database. Or do a mysql_num_rows and if it returns 0 then there are no
rows matching your query. if mysql_num_rows == 0 go back to main page.
Maybe?

That'd be the correct way of doing it.
You could even direct to the 404 page if the query result is empty.

Condiser changing:
* * * * * * * * if(is_numeric($_GET['id']) == FALSE) {
* * * * * * * * * * * * $error = 1;
* * * * * * * * }
* * * * * * * * if($error == 1) {
* * * * * * * * * * * * header("Location: " . $config_basedir);
* * * * * * * * }
* * * * * * * * else {
* * * * * * * * * * * * $validentry = $_GET['id'];
* * * * * * * * }

to:
* * * * * * * * if(is_numeric($_GET['id']) == FALSE) {
* * * * * * * * * * * * header("Location: " . $config_basedir);
* * * * * * * * }
* * * * * * * * else {
* * * * * * * * * * * * $validentry = $_GET['id'];
* * * * * * * * }

--
./Sven
Thanks everyone, I will try your suggestions using mysql_num_rows, and
I will also remove the $error variable. I'll let you know how it
turns out as soon as I get time to update my code.

JT
Jul 12 '08 #2

P: n/a
<Svenposted:
: Consider:
:
: if(is_numeric($_GET['id']) == FALSE) {
: header("Location: " . $config_basedir);
: } else {
: $validentry = $_GET['id'];
: }
:

Just curious, should that code read as:

if(is_numeric($_GET['id']) === FALSE) {
header("Location: " . $config_basedir);
exit();
} else {
$validentry = $_GET['id'];
}

Because what if id = 0. And should one not ALWAYS employ an
exit(); statement after a redirection? Is it now safe to use
redirection without the exit();?

--
JC
Natural Cure For Pink-Eye (Conjunctivitis)
http://www.associatedcontent.com/art...nctivitis.html
Jul 17 '08 #3

This discussion thread is closed

Replies have been disabled for this discussion.