0

Hello,

I created a method to show the products by category but the condition I placed is not working if condition is working properly but else if condition not working properly

if(isset($_GET["catid"])) {
    $statement = "posts WHERE cat_name='$cat' ORDER BY pid ASC"; 
    $results = mysqli_query($connection,"SELECT * FROM {$statement} LIMIT {$startpoint} , {$per_page}");
} elseif(isset($_GET["cat"])) {
    $catname    = $_GET["cat"];
    $statement  = "posts WHERE parent='$catname' ORDER BY pid ASC"; 
    $results    = mysqli_query($connection,"SELECT * FROM {$statement} LIMIT {$startpoint} , {$per_page}");
} else {
    $statement = "posts ORDER BY pid ASC"; 
    $results = mysqli_query($connection,"SELECT * FROM {$statement} LIMIT {$startpoint} , {$per_page}");
}
3
Contributors
8
Replies
22
Views
2 Years
Discussion Span
Last Post by Taywin
0

My game page has the following link

gamepage.php?catid=Games&cat=Arcade

and for normal if condition the llink becomes as

gamepage.php?catid=Games

catid and cat is dynamic

0

Hi,

it does not work it means one of these statements does not run? Which specifically? And by the way: $cat should be $_GET["catid"]?

if(isset($_GET["catid"])) {
    $statement = "posts WHERE cat_name='$cat' ORDER BY pid ASC";

If yes, then simply assign the value to the $cat variable and it should work.

Edited by cereal

0

$cat is already assigned in the head setcion as $cat = $_GET["catid"];

okay so as mentioned in my statment above and mentioning again

first if statement works properply but when i click on button as arcade which is parent category so it does not filter it's still showing all the results

so the statement would be like this

if(isset($_GET["catid"])) { //This condition works properly when clicked on the main the link is as http://localhost/comicsapp/gamepage.php?catid=(main category)
    $cat = $_GET["catid"];
    $statement = "posts WHERE cat_name='$cat' ORDER BY pid ASC"; 
    $results = mysqli_query($connection,"SELECT * FROM {$statement} LIMIT {$startpoint} , {$per_page}");
} elseif(isset($_GET["cat"])) {//Now when clicked on parent this should run as when clicked on parent category the link becomes as http://localhost/comicsapp/gamepage.php?catid=(main category)&cat=(parent category) 
    $catname    = $_GET["cat"];
    $statement  = "posts WHERE parent='$catname' ORDER BY pid ASC"; 
    $results    = mysqli_query($connection,"SELECT * FROM {$statement} LIMIT {$startpoint} , {$per_page}");
} else {
    $statement = "posts ORDER BY pid ASC"; 
    $results = mysqli_query($connection,"SELECT * FROM {$statement} LIMIT {$startpoint} , {$per_page}");
}

Does this make sense ??

Please advise me about this concirn

0

Does this make sense ??

Uh, ok, it does not work because catid is set in both cases, so it will satisfy always the first condition and stops there. Reverse the rules and it should work:

if(isset($_GET['cat'])) {}

elseif(isset($_GET['catid'])) {}

else {}

Edited by cereal

0

Ohh wow it worked thank you so much :)

So i have a question for you how is the catid is set in both cases by viewing i set the case as $_GET["catid"] and in elseif case I set the cat id as $_GET["cat"] so the case isn't diferent

0

Please be careful with your current script because your page is vulnerable to SQL injection. Your script is using the input value from client ($_GET[...]) directly which means someone could simply inject SQL statement and cause a big mess in your database...

Regarding to your latter question, please take a look at your reply gamepage.php?catid=Games&cat=Arcade. The parameters sent from client side contains both $catid and $cat. The if-else statement processes parameters in order. If you send both parameters to the server at the same time, only the if statement is executed and the $cat parameter will be ignored. In other word, your if-else statement gives precedence to $catid parameter over $cat parameter.

Edited by Taywin

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.