User Name Password Register
DaniWeb IT Discussion Community
Home
Forums
Tutorials
Code Snippets
Blogs
Link Directory
All
What is DaniWeb IT Discussion Community?
You're currently browsing the PHP section within the Web Development category of DaniWeb, a massive community of 402,729 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 2,413 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Join our community!
Please support our PHP advertiser: Lunarpages PHP Web Hosting

Newbie - looping and array [very simple] problem

Join Date: Sep 2005
Posts: 674
Reputation: digital-ether has a spectacular aura about digital-ether has a spectacular aura about 
Rep Power: 5
Solved Threads: 39
Moderator
digital-ether's Avatar
digital-ether digital-ether is offline Offline
Practically a Master Poster

Help Re: Newbie - looping and array [very simple] problem

  #2  
Jun 10th, 2007
The problem is in your SQL query that selects a single article:

Help with Code Tags 
$SQLQuery = "SELECT * FROM content,content_author,content_issue,content_keywords,keywords,content_type WHERE content.author_id=content_author.author_id && content.issue_id=content_issue.issue_id && content_keywords.keyword_id=keywords.keyword_id && content.content_id=content_keywords.content_id && content_type.type_id=content.type_id && content.content_id = ".$HTTP_GET_VARS['content_id'];

You have to use "AND" in place of "&&". That is the equivalent to the PHP version of a logical AND.

Help with Code Tags 
content.author_id=content_author.author_id && content.issue_id=content_issue.issue_id && content_keywords.keyword_id=keywords.keyword_id && content.content_id=content_keywords.content_id && content_type.type_id=content.type_id

is useless and should be removed. It always equates to TRUE since any variable is always equal to itself. However, you're instructing the mySQL server to check each of these for every row in the database table, which is extra load you don't need. (I'm not sure if MySQL is smart enough to ignore it)

Since you're selecting only one row for the database table, always use a row LIMIT. eg:

Help with Code Tags 
$SQLQuery = "SELECT * FROM content,content_author,content_issue,content_keywords,keywords,content_type WHERE  content.content_id = ".$HTTP_GET_VARS['content_id']." LIMIT 1";

You should however, always escape any strings that you pass in a mysql query, and always convert any integers to integers with intval() or you can cast them to int using "type casting".

Help with Code Tags 
$SQLQuery = "SELECT * FROM content,content_author,content_issue,content_keywords,keywords,content_type WHERE  content.content_id = ".intval($HTTP_GET_VARS['content_id'])." LIMIT 1";

or:

Help with Code Tags 
$HTTP_GET_VARS['content_id'] = (int) $HTTP_GET_VARS['content_id']; // cast to integer since php parses all all basic types in HTTP as string.
$SQLQuery = "SELECT * FROM content,content_author,content_issue,content_keywords,keywords,content_type WHERE  content.content_id = ".$HTTP_GET_VARS['content_id']." LIMIT 1";

for strings use: mysql_escape() or mysql_real_escape(). This will make sure all quotes are escaped with quotes - prevent SQL injection.
www.fijiwebdesign.com - web design and development and fun
Cpanel Email - Let users Register email accounts on your website upon registration
Ajax Chat - Fully browser based chat!
Reply With Quote  
Advertising Opportunities on DaniWeb
Contact Us - Newsletter Archive - Sitemap - Privacy Statement
All times are GMT -4. The time now is 7:01 am.
Forum system based on vBulletin Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
©2003 - 2008 DaniWeb® LLC