On Jul 10, 3:00*pm, JT <tornet...@gmail.comwrote:That'd be the correct way of doing it.><SNIP>
What I want is to do the URL validation like I just describe, but I
also want it to compare whether the input matches an actual database
entry, and if not return a 404 error. *Right now, for some reason if
you type inhttp://www.myblog.com/blog/viewentry.php?id=500, and I
only have 3 rows in my database, it doesnt return an error, it
displays the viewentry page thats blank with my post footer displaying
a bogus date.
<SNIP>
Thanks
JT
Why don't you just validate the information you get back from the
database. Or do a mysql_num_rows and if it returns 0 then there are no
rows matching your query. if mysql_num_rows == 0 go back to main page.
Maybe?
You could even direct to the 404 page if the query result is empty.
Condiser changing:
if(is_numeric($_GET['id']) == FALSE) {
$error = 1;
}
if($error == 1) {
header("Location: " . $config_basedir);
}
else {
$validentry = $_GET['id'];
}
to:
if(is_numeric($_GET['id']) == FALSE) {
header("Location: " . $config_basedir);
}
else {
$validentry = $_GET['id'];
}
--
../Sven