I'm creating a dynamic website in which a user specifies a bunch of options in a form, and then hit's submit, at that point I have a php script that uses the $_POST variable to access the values the the user had selected. I do a query on the database and pull all the matches, and display a listing of the items on a new page. The user can then navigate through the available options, and should they click one, it takes them to the dynamically created page for that item. I am passing the name of the item through the URL, and then use it to find the specific item with that name in the database. The problem is that items with titles or name that include characters like an apostrophe(or single quote), a + symbol, or the & symbol don't get passed through the url properly, and it results in the information not being extracted from the database. For instance, if I have an item named "Tap & Barrel", if I assign that exact string like so:
<a href="pub_temp.php?name=Tap & Barrel></a>
then when the new page for Tap & Barrel loads, none of it's information has been extracted and the URL of the pub_temp.php is something like:
/pub_temp.php/name=Tap & Barrel
and for some of them, like the ones with single quotes, it's as if everything is ignored after, and it only passes everything in the string that comes before that character.
I ahve tried to use htmlspecialcharacters, in conjuction with ENT_SUBSTITUTE and ENT_IGNORE, but have not been successful, does anyone know a work around for this?
Related
I am a beginner programmer/coder who is currently trying to get to grips with HTML and PHP. I currently have a locally hosted searchable database that (when used) brings up a list of the first twenty entries that correspond to your search terms, with buttons to send you to the next page, last page, etc. (you know... pages...) The search outputs information into the URL ([url]?q=Alphonse&f=Elric etc). I have two problems with this at the moment.
Problem A:
My URL contains information that is unused. If I don't put anything into the search term it simply comes out with "q=&x=&f=..." etc. This makes the URL absurdly long even on the most simple searches.
Can this be cleaned up through just php?
Would this method be different if I end up hosting this online?
Problem B:
The way my paging functions is to send the user to the following link '.$_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING'].'&pn='.$nextPage.'. This outputs the current link but with "pn=1" at the end (Or whatever relevant page they click).
This method itself makes the URL quite messy. If they click through multiple pages, and perhaps go back and forth, the link ends up having "pn=1&pn=2&pn=3&pn=1...." etc at the end. I assume that this will be answered by the first query, but it is slightly different in that this is information that is actually present.
How do I remove this superfluous information, and just keep the (final) relevant one?
I am thinking that I can use parse_str to turn the URL into an array, then delete each entry of the array that are empty, then create a new string out of that array and make that the link the search/next page button goes to.
Does that sound like it would work? If so, how do I delete those specific array entries, and how would that array then be stored? Would the array lose those entries and calling a deleted entry "$array['1']" for example result in an error, or does deleting entries in an array move everything up one to fill the gap?
Apologies if I'm asking too many different things in one post here!
I'm fairly new to php and am working on a script for filtering database entries via the GET method. After submitting the form I get URL results like the following (only query_string):
?mode=compilation&user_filter=Gerhard&user_filter=Harry
For reasons of shortness and for fitting into the existing script I need the URL formatted exactly like this (there's no alternative):
?mode=compilation&user_filter=Gerhard,Harry
"user_filter" is the name of the filtering variable. There are two more named "category_filter" and "tag_filter", so the URL could become very long. In addition the existing php script only filters the last user_filter parameter, whereas in the second example, which contains only one user_filter and separates the values by comma, the results are filtered like I wish and contain all postings from the users "Gerhard" and "Harry". This method works perfectly and also in combination with the other two filter variables exactly like intended, when I enter the URL manually, but I need it parsed/rewritten and sent automatically on submitting the form. Thereby the users would be able to select additional names/categories/tags (which are provided in drop-down lists) and add them one by one to the existing parameters as additional comma-separated values.
I suppose I have to receive the string by $_SERVER['QUERY_STRING'] and manipulate it by utilizing parse_str() or something. But how do I get to automatically unifing each additional identically named user_filter-parameter with the one preexisting user_filter-parameter into a comma-separated array of values and sending it to the page?
Or is there an other apporach?
The user, category and tag filters are provided in three separate select forms, each with it's own drop-down list and own submit button. After submitting the page gets reloaded with the new URL parameter and displays the results in an extra html talbe beneath the select forms. Preexisting selections are passed by input type="hidden" (hidden input fields), which all works fine.
If I had the solution for the user filter (as an example), I think I would be able to implement it also for the other two filter variables.
Regards
Taurec
I am creating a mobile guest list for a party that I'm having in a few months. All of the invites that I am handing out will have a custom QR Code on them, embedding their first and last name. When they get to the party, they check in with me, I scan their QR Code and throw them into a database.
I have the core elements working where the custom QR Code with the embedded query strings for first and last names pre-populate a set of text inputs for the first and last names, you fill in some other information, click submit and BANG, you're in the database.
I would like to add some extra functionality that checks the database that someone has already checked in, to prevent party crashers.
What code would I need to write to allow, onWindowLoad, the first and last name query strings to be checked against the database to see if entries containing those already exist?
Thanks in advance
Ajax call with a select. Make it easy on yourself, use jQuery. Here are some examples:
Ajax Examples with jQuery
i'm building a query on a search page based on user inputs, i then send the query to the original page and use it to query the database.
when the user enters 'deb' into the search field, the query on the results page is showing '�b%' in place of Deb. I don't know why this is happening. I'm using LIKE and UNION two tables, but it works fine with every other value.
is '%de' a reserved character or something?
Sounds like URL encoding is going on, you need to pass %25deb%25. %25 is the code for a percent sign
I have a link in my system as displayed above; 'viewauthorbooks.php?authorid=4' which works fine and generates a page displaying the books only associated with the particular author. However I am implementing another feature where the user can sort the columns (return date, book name etc) and I am using the ORDER BY SQL clause. I have this also working as required for other pages, which do not already have another query in the URI. But for this particular page there is already a paramter returned in the URL, and I am having difficulty in extending it.
When the user clicks on the a table column title I'm getting an error, and the original author ID is being lost!!
This is the URI link I am trying to use:
<th>Return Date</th>
This is so that the data can be sorted in order of Return Date. When I run this; the author ID gets lost for some reason, also I want to know if I am using correct layout to have 2 parameters run in the address? Thanks.
Yes, the layout is correct. Of course it's possible to have even more than 2 parameters in the query string
you have to check resulting query string (just take look into your address bar after click), there must be something like viewauthorbooks.php?authorid=22&orderby=returndate. If number is lost, you have to check it's source - $row['authorid'] variable.
you have to use & and sanitize your output, but apart from that it's correct ;)