Assigning a value to a sql query

**dlite922** · Mar 12 '10, 04:20 PM

What exactly are you wanting to do? I don't understand what you said.

In order to get list_number's value to the server, the form that the input element is in must be submitted.

is that 20161 value hard-coded and you're trying to pull photos from the DB with it?

**Atli** · Mar 12 '10, 04:30 PM

Hey.

That depends on how the form is submitted. Does the <form> have a method="post"? - If it does, you use the $_POST super-global to read the values it sends you, if not, you use the $_GET super-global. (You can bypass this and just use the $_REQUEST super-global, but it is generally better to be more specific than that.)

The way you use that is; the "name" attribute of the <input> element will become the name of the element inside the $_POST or $_GET arrays.

So to get your variable, you would do something like:
[code=php]$listing_number = $_GET['listing_number '];[/code]
Which you could use in your SQL query.

To make it a bit safer, however, you should add a bit of verification. (See SQL Injection for why this is necessary.)
[code=php]
// Test to see if the element actually exists.
if(isset($_POST['listing_number ']))
{
// By prefixing the $_POST with (int), we tell PHP that we want
// nothing but whole numbers from it. This makes sure that no
// malicious string can be injected into the SQL query.
$listing_number = (int)$_POST['listing_number '];
}
else
{
// Exit the code with an error message.
die("Invalid listing_number! ");
}[/code]

**malc090350** · Mar 12 '10, 05:00 PM

Sorry, Im not submitting a form

I am trying to pull photos from a db

The 20161 number is unique to each property page and its the only thing I can see on the page with the unique number on.

I am trying to get the pictures from the db on the property page template. So if I add this...

$sql = mysql_query("SE LECT photo_id, photo_caption_1 , photo_listing
FROM listing_photo
WHERE photo_listing = 127
ORDER BY `photo_status_m ain` <> 'main'
LIMIT 10");

and the rest of the php code thats working. How do I tell the "WHERE phot_listing =" to look for the listing_number?

Is it as simple as...

$sql = mysql_query("SE LECT photo_id, photo_caption_1 , photo_listing
FROM listing_photo
WHERE photo_listing = 'listing_number '
ORDER BY `photo_status_m ain` <> 'main'
LIMIT 10");

**Atli** · Mar 12 '10, 06:52 PM

Ok. Then I too am having a hard time following what you are trying to do.

Is this unique property number in the database somewhere?

Well, since it is being printed into the HTML, it is fair to assume it is inside the database somewhere. Could you show us the structure of the table that contains the unique property number?

**malc090350** · Mar 12 '10, 07:27 PM

Hi Atli

Sometimes im not sure of the terminology.

Yes, the number is in the database and corresponds with a curtain property details such as prices, pictures, description etc. It is unique for each property. It is constant thruout all the tables.

So when a certain property page is opened, all the relevant details are shown for that property number on the webpage.

So the unique number is what im trying to add to my sql script, so when I put the picture scrip on the page, it automaticly selects to correct property number and shows the correct pictures.

This all works off one script, I just need to figure out what to add after "WHERE phot_listing ="

Regards M

Hope that makes more sence

Assigning a value to a sql query

Assigning a value to a sql query

Comment

Comment

Comment

Comment

Comment