Re: Re: Newbie Variable Question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Jochem and everyone,

Thanks, this solved the problem.

Regarding someone's much appreciated comment:

<snip>[this]...allows any user to simply change the value of "r" to something more to
their liking. given the reset of the code that you included in your
first message, who knows what nice holes they'll find in your code when
they do that. depending on where you go with this, they could end up
with information for/about another user, a nice sql injection on your
database, the ability to hack your system, or something else equally
amusing.</snip>

I agree, and actually had thought of it. I appreciate your reminding me. Because I am new enough that I still find a magical thrill every time I pull *anything* from the database, I have been approaching this from this point of view:

1. Make db
2. Try to get page to connect
3. Try to print what I want by setting the variable $r so I can point to it
4. Fix it so that if someone asks for anything other than an existent ?r=x it kicks back a webpage which just shows links to existing pages.

Which brings me to the next question, which I'll post in a second!

Thanks again everyone!
--Jack


On 9 Mar 2005, at 11:43, Jochem Maas wrote:

Jackson Linux wrote:
On 9 Mar 2005, at 11:15, Jason Barnett wrote: 
Jackson Linux wrote:
...

<php include_once "/path/to/cv.$r.include.php"; ?> asks for
cv.'1'.include.php ... And I need it to ask for cv.1.include.php

How can I make a variable to fetch the literal number from the field
cv.category?


Not 100% certain that it will work, but try casting the variable $r to
an integer:

<?php include_once "/path/to/cv." . (int) $r . ".include.php"; ?>


Hmmmm. If only. . .This returns, regardless of input and the value of $r
cv.0.include.php'
For chuckles, I did check and the column is set in the table as INT. If that matters. 

not really - what matters is that you understand typecasting in php.

a string when cast to an integer will always be zero unless the string
begins with numeric chars, in which case php will take all the numeric chars
it finds until it comes across a char that is not numeric and return those chars
(I don't know exactly how it handles decimal points and minus signs in such as case)

echo (int) "1string";
echo (int) "string1";

...?
Jack




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux