CODEWITHSUNDEEP
phpmysqlhyperlink
user2406993
user2406993

Reputation: 257

recordset linking in MySQL/PHP

I have a PHP page (ship_info.php) showing information on a particular ship from a database. Each ship is sorted by it's unique ship_id.

I need to get links on the page to go to the previous or next ship alphabetically. It's been suggested I use a separate php file (called gotoship.php). So at the moment I have this link on the previous link:

  <!--go to previous ship-->
  <div class="arrow_shipinfo_left">
  <a href="gotoship.php?action=previous&amp;current_ship_id=<?php echo $row_ship_image_info['ship_id']; ?>">
<img src="images/arrow_left.png" width="51" height="57" alt="back" border="none"/>
  </a>
  </div>

So I end up with a link looking like 'gotoship.php?action=previous&current_ship_id=7'. I can't quite get the gotoship.php to work, can anyone shed light on where I am going wrong. At the moment I'm getting an array to string conversion error. I need to link to a page like this (shipinfo.php?ship_id=7)

My gotoship.php looks like this:

<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_ships, $ships);
$query_ships = "SELECT TOP 1        ships.ship_id FROM   ship_information  INNER   JOIN (         SELECT ship_name FROM ship_information WHERE ship_id = $_GET'current_ship_id'        ) As current_ship     ON ships.ship_name < current_ship.ship_name ORDER BY ships.ship_name ASC";
$ships = mysql_query($query_ships, $ships) or die(mysql_error());
$row_ships = mysql_fetch_assoc($ships);
$totalRows_ships = mysql_num_rows($ships);
echo $current_ship_id;
 echo "<br><br>";
?>

Upvotes: 1

Views: 286

Answers (1)

OptimusCrime
OptimusCrime

Reputation: 14863

This is open to sql-injections. You should read what that means and you should consider switching to pdo or at least mysqli. This query (as long as the query itself is correct) will select a ship based on the id supplied in GET (?ship_id=[the id that goes here]).

mysql_select_db($database_ships, $ships);
$query_ships = "
SELECT ships.ship_id
FROM ship_information
INNER JOIN (
    SELECT ship_name 
    FROM ship_information 
    WHERE ship_id = '$_GET[ship_id]')
    AS current_ship
    ON ships.ship_name < current_ship.ship_name 
ORDER BY ships.ship_name ASC";
$ships = mysql_query($query_ships, $ships) or die(mysql_error());
$row_ships = mysql_fetch_assoc($ships);
$totalRows_ships = mysql_num_rows($ships);
echo $current_ship_id;
echo "<br><br>";

Upvotes: 1

Related Questions