php Get going crazy

pogogal · July 21st, 2008, 10:55 AM

Ok,I learned a little bit about php $Get and opendir recently.tested it and it worked like a charm and everything was happy.
I tooka break for like a week and came back online and saw the page was full of errors,don't know what happened.

The function works on some lines and not on others,don't know why but its making me yank my hair out

here is the link to it:http://www.dollnation.org/dollmakers...elf-doll-maker

and here is the code of it:

Quote:

Welcome <?php echo $_GET["id"]; ?>.<br />
<?php echo"<img border='0' src='./$id/maker.gif'>";?>

<?php
$dir_path = "./$id/body";
$id = $_GET['id'];
$dir_list = array();
if ($handle = opendir($dir_path)) {
while ($files = readdir($handle)) {
if (preg_match("/^\./",$files)==0) $dir_list[] = $files;
}
closedir($handle);
asort($dir_list);
foreach ($dir_list as $value) {
echo"<img border='0' src='$dir_path/$value'>";
echo" ";
}

}

?>

<?php
$dir_path = "./$id/body";
$id = $_GET['id'];
$dir_list = array();
if ($handle = opendir($dir_path)) {
while ($files = readdir($handle)) {
if (preg_match("/^\./",$files)==0) $dir_list[] = $files;
}
closedir($handle);
asort($dir_list);
foreach ($dir_list as $value) {
echo"<img border='0' src='$dir_path/$value'>";
echo" ";
}

}

?>
<?php
$dir_path = "./$id/body";
$id = $_GET['id'];
$dir_list = array();
if ($handle = opendir($dir_path)) {
while ($files = readdir($handle)) {
if (preg_match("/^\./",$files)==0) $dir_list[] = $files;
}
closedir($handle);
asort($dir_list);
foreach ($dir_list as $value) {
echo"<img border='0' src='$dir_path/$value'>";
echo" ";
}

}

?>
<?php echo"<img border='0' src='./$id/maker.gif'>";?>

Please help me and I will love you forever?

CoasterBGW · July 21st, 2008, 11:21 AM

First issue I see is you never set $id before using it. Reverse lines 5 and 6 so it is:

$id = $_GET['id'];
$dir_path = "./$id/body";

instead of:

$dir_path = "./$id/body";
$id = $_GET['id'];

**Mark** · July 21st, 2008, 12:06 PM

You need to sanitize $id also. If it is going to be a number, the easiest way of doing it is:

$id = (int)$_GET['id'];

pogogal · July 21st, 2008, 12:16 PM

OMG I love you guys,My problem is Solved

July 21st, 2008, 11:21 AM	#2 (permalink)
CoasterBGW Registered User Seasoned Poster Joined in Aug 2004 Lives in Endwell, New York Hosted on Dedicated 68 posts Gave thanks: 9 Thanked 6 times	First issue I see is you never set $id before using it. Reverse lines 5 and 6 so it is: $id = $_GET['id']; $dir_path = "./$id/body"; instead of: $dir_path = "./$id/body"; $id = $_GET['id']; __________________ Matt Rydzik http://coaster-net.com "Your Guide to the World of Extreme Thrills!" COASTER-net Dedicated: Last edited by CoasterBGW; July 21st, 2008 at 11:26 AM..

July 21st, 2008, 12:06 PM	#3 (permalink)
Mark Surpass Developer Excelling Contributor Joined in Jan 2004 Lives in Florida Hosted on decc.surpasshosting.com 511 posts Gave thanks: 20 Thanked 78 times	You need to sanitize $id also. If it is going to be a number, the easiest way of doing it is: $id = (int)$_GET['id']; __________________ Mark Surpass Hosting Developer sɹnoʎ uɐɥʇ ɹǝʇʇǝq sı bıs ʎɯ

July 21st, 2008, 12:16 PM	#4 (permalink)
pogogal Registered User Fresh Surpasser Joined in Dec 2005 15 posts Gave thanks: 5 Thanked 0 times	OMG I love you guys,My problem is Solved __________________ Server: Sh83

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread:

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)