Reputation: 18649
Numeric Get request parameter shows up as zero for some reason
I have a test page I am playing around with and maybe it is just too early in the morning, but I seem to be running into something strange:
I have this url: http://www.comehike.com/outdoors/trip_story.php?hike_id=108
to log in login: [email protected] password: password
I do this to get the hike_id parameter:
$hike_id = mysql_real_escape_string($_GET['hike_id']);
$errors = array();
if ( isset ( $hike_id ) && !empty ($hike_id) )
{
$errors[] = 'Hike id was empty. Could not get the hike information';
}
But the hike id is 0 as is shown later on the page when I output things to the screen. So since the hike_id is 0, it passes that validation test which is a bug. Any idea why that would happen since the hike_id that is passed is 108?
Upvotes: 0
Views: 799
Answers (1)
Reputation: 91983
You have a flaw on your logic. what your if statement really asks is this:
"if $hike_id as set, and is not empty, throw an error"
0 is empty and so your statement wont throw an error. Try with another value, for example 1, and see what happens.
In addition, why do you use mysql_real_escape_string there? Wait with escaping until you use the value in a SQL query. Note that mysql_real_escape_string requires an active connection to the database, otherwise it will return false (which is interpreted as zero in numeric context; maybe that's why 108 is converted to 0?)
Upvotes: 3
Related Questions
- Passing numbers as parameters in URL in request: PHP
- PHP get method strangely working I don't know how solves
- PHP $_Request gets value but $_GET does not
- Attempting to send a parameter through GET only sends part
- $_REQUEST showing garbage values
- php GET request is not working as expected
- Why GET parameter appears on URL but not in php script
- PHP value of GET variable is 0?
- Why is this get parameter not equal to a string?
- Why would $_REQUEST return different values in different cases when getting the same parameter?