Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
T
T
theroker2018-02-27 20:59:09
PHP
theroker, 2018-02-27 20:59:09

How to change the filtering code?

In general, there is such a code that filters the result, they say, for example, there is a result with the "Member" tag, then by the link "index.php
? =Member-Example-Stump-Navigation", etc., then the result with these tags is displayed.
The code itself:

$filter = NULL;
if(isset($_GET['filter'])){
$_GET['filter'] = sanitize($_GET['filter']);
if(preg_match('#[0-9]#',$_GET['filter'])) $filter = "AND `banner` = '" . $_GET['filter'] . "'";
elseif(strlen($_GET['filter']) == 2) $filter = "AND `country` = '" . $_GET['filter'] . "'";
else {
$category_id = mysql_result(mysql_query("SELECT `category_id` FROM `categories` WHERE `name` = '{$_GET['filter']}'"),0);
$filter = "AND `category_id` = '$category_id'";
}
}

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Alexey, 2018-02-27
@theroker

1. You provide a piece of code, although the question concerns only one line
The rest of the code has nothing to do with the question as to whether it contains errors. For example, if filter=2 comes, then the first if will work and the check
elseif(strlen($_GET['filter']) == 2)will not even come to the point, although logically, this particular branch of the condition should be processed with a value of 2.
In addition, if you have already checked that $_GET['filter'] ) == 2, why write
Write immediately
Hmm, also moved away from the topic of the question :)
2. On the topic of the question.
Parse your filter
For example,
you will get an array of words
And then do with this array what you already need.
For example,

$names = explode("' , '", $arr);
mysql_query("SELECT `category_id` FROM `categories` WHERE `name` IN ('$names')")

3. Use mysql_query, mysql_result is already considered bad form.
These are very outdated approaches and no longer work in modern versions of PHP.
Use modern programming approaches instead of fixing code that was written 15 years ago.

Report
V
Viktor Yanyshev, 2018-02-27
@villiwalla

https://www.w3schools.com/sql/sql_in.asp

Similar questions
S
StayAtHome2015-04-01 12:24:02
How to distinguish a web request from a regular page from a request from the extension itself from a Chrome/Opera extension? 4Reply
A
Anton2021-03-27 12:39:53
Getting the selected radio item and passing it to the email body, how to display the selected item? 2Reply
M
Matvey Bubenets2017-04-20 04:38:37
How to disable Remote Desktop Licensing? 6Reply
N
nethole7412019-10-02 20:40:14
Sending to modx revo via ajaxform not working? 2Reply
A
Alexey Segodin2021-04-14 14:18:26
How to make an SSL certificate for a server that does not yet use a domain? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question