In PHP5 register_globals defaults to "off". You can either switch it back on through your php.ini and restart your webserver, or change all PHP_SELF references to $_SERVER['PHP_SELF']. See if that fixes your problem.
I hope you understood the SQL injection problem I pointed out. Anybody can drop your database, so do fix it! On 8/31/08, Gav <[EMAIL PROTECTED]> wrote: > On Sun, Aug 31, 2008 at 9:27 PM, Evert Lammerts > <[EMAIL PROTECTED]>wrote: > >> You don't need to print the query anymore - I already did that. You >> need to change your code because right now it is open for SQL >> injection attacks: I added some SQL to the url and generated an SQL >> error (http://www.iwdp.co.uk/list.php?region=1&start=30,2). When you >> retrieve start, e.g. $_GET['start'], do a check to make sure the value >> is an integer. >> >> The good news is that the query looks fine: >> SELECT d.id AS id FROM designers d, designer_regions dr WHERE >> dr.region_id=1 AND dr.designer_id=d.id AND d.view=1 ORDER BY d.id ASC >> LIMIT 0, 30; >> >> Can you run this query directly on the database and see what the result >> is? > > > *SQL query:* SELECT d.id AS id FROM designers d, designer_regions dr WHERE > dr.region_id=1 AND dr.designer_id=d.id AND d.view=1 ORDER BY d.id ASC LIMIT > 0, 30; > *Rows:* 30 id 2 4 5 11 43 63 86 99 117 119 158 165 233 272 > 290 305 328 335 363 396 414 425 430 436 459 489 490 518 536 > 554 > >> >> >> Also check if you get an error after setting error_reporting to E_ALL. > > > Yup, I left it up there at http://www.iwdp.co.uk/list.php > > The PHP_SELF being referred to as undefined is in the included file > generic.php :- > > class DropNav > { > var $items =array(); > var $head; > var $body; > > // CONSTRUCTOR > function DropNav() > { > } > > // PUBLIC > function renderHead() > { > $this->buildHTML(); > print $this->head; > } > > // PUBLIC > function renderBody() > { > $this->buildHTML(); > print $this->body; > } > > // PUBLIC > function addItem( $url, $desc ) > { > $this->items[] = array( "url" => $url, "desc"=>$desc ); > } > > // PRIVATE > function buildHTML() > { > global $PHP_SELF; > $this->body = "<form action=\"$PHP_SELF\">\n"; > $this->body .= "\t<p><select name=\"newLocation\" > onchange=\"jumpPage(this.form.newLocation)\">\n"; > foreach ( $this->items as $item ) > { > $this->body .="\t\t<option value=\"".$item[url]."\">"; > $this->body .= $item[desc]; > $this->body .="</option>\n"; > } > > $this->body .= "\t</select></p>\n</form>\n"; > > $this->head = "<script type=\"text/javascript\">\n"; > $this->head .= "<!-- > function jumpPage( newLoc ) > { > newPage = newLoc.options[newLoc.selectedIndex].value; > if ( newPage != \"\" ) > { > window.location.href=newPage; > } > } // -->\n"; > $this->head .= "</script>\n\n"; > } > } > > Thanks > > Gav... > > >> >> On Sun, Aug 31, 2008 at 1:16 PM, Evert Lammerts >> <[EMAIL PROTECTED]> wrote: >> > The code you've sent seems to be fine, and if I check your website it >> > does everything it should do in terms of filtering - if I select >> > Tayside as a region I get a development company with the region set to >> > Tayside. It seems to me that this means the problem is not in one of >> > the subclasses of ProfileList, so not a compatibility issue on that >> > level ($this->query works fine). >> > >> >> while( $row = $db->getrow() ) >> > seems to stop after one loop. This is either because there are no more >> > results - the query is limited to 1, so $count=1 - or because >> > $db->getRow generates an error. >> > >> >> COUNT and $count look like they have different roles to me, COUNT is >> >> the >> amount of >> >> designers to be listed per page, $count is the number of designers to >> >> be >> listed altogether, >> >> so 150 designers would give me 5 pages of 30 designers. >> > >> > In ProfileList::render the query is appended with "LIMIT $start, >> > $count", and the results of the query all seem to be rendered. This >> > probably means that $count and COUNT should have the same value - 30 - >> > and that the render function is initially called with the global >> > variable COUNT as parameter. >> > >> > To check what goes wrong you first need to set error_reporting to >> > E_ALL in php.ini and restart your webserver, or add the line >> > error_reporting(E_ALL); at the beginning of you code. After that you >> > need to print the query from ProfileList::render. Can you adjust the >> > function and add var_dump($q); after the line $q = $q." LIMIT $start, >> > $count ";? >> > >> > Evert >> > >> > > > > -- > Gav... > > [LinkedIn : http://www.linkedin.com/in/ipv6guru] > > www.16degrees.com.au | www.iwdp.co.uk | www.minitutorials.com > > (Sponsorship slots available on above three sites!) > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
