Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

my if() statement is not working any ideas?

Status
Not open for further replies.

normeus

Programmer
Oct 23, 2005
11
US
Code:
//I call this page either with an "index.php?a=calc&orderid=$1&raid=$2
//or index.php?a=calc&pack=$1
// it is simple if there is no 'pack' in the call get $packId from the database
// for some reason the line //1 this line
// gets run even if $raid is not set
// does parent::getHTTPVars create a special variable that cant be set?
//I call this page with a 'pack=7' which makes the if
// not valid but it displays pack=11 which is not getting from the database
// but if I get rid of //1 this line then it displays pack=7

$packId = parent::getHTTPVars('pack', 'GET');
$raid = parent::getHTTPVars('raid', 'GET');
$orderid = parent::getHTTPVars('orderid', 'GET');
    
if (isset($raid)) {
        $reorder = $mysql->assoc("SELECT * FROM `orders` WHERE id='".$orderid."' AND size='".$raid."'");      
        $packId=$reorder[$orderid]["type"]; //1 this line does not work
print_r($raid);
       };
 print_r($packId);
 
Hi

Without knowing what the getHTTPVars() does, it is hard to say.

By the way, your SQL handling looks pretty vulnerable to SQL injection attacks. Use an escaping function on the values before including them in an SQL statement.

Feherke.
 
the reason for the problem is that you are using isset(). because you are setting $raid to the result of the call to parent::getHTTPVars(), it will ALWAYS have a value. sometimes the value might be false.

i would, instead, check explicitly for false or, if you must, use !empty() (for the latter you must be sure that the value cannot be 0 or an empty string and still legitimate).
 
Hi

jpadie said:
because you are setting $raid to the result of the call to parent::getHTTPVars(), it will ALWAYS have a value.
If I would wrote that getHTTPVars() function, then it would return [tt]null[/tt] if the parameter is missing. In that case [tt]isset()[/tt] would return [tt]false[/tt] so the [tt]if[/tt] will work as expected.

As getHTTPVars() apparently not works like that, I would do a favor to myself by dumping it. By the way, I see no reason to use functions like getHTTPVars().

Feherke.
 
i agree. i can see no reason either to use an inherited method to obtain superglobal values.

i also see that my statement was incorrect in its generality. mea culpa.
 
I thank you for your quick response. I am the 3rd guy to work on this website so there is some code that I have no clue how is working. I do admit that setting the variable then checking if it is set... not too smart but this program has had so many changes ( like the first guy used "smarty" AND the 2nd guy didn't know how to use it so he worked around it.) that I wouldn't be surprised if I found some goto's burried in the code.

I don't blame the previous developers because the person who owns the site changes the way he wants things 4 times a day.
Well it's a living.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top