177 posts
  • Referred between 1 and 9 users
  • Exclusive Author
  • Sold between 1 000 and 5 000 dollars
  • Has been a member for 1-2 years
  • Bought between 1 and 9 items
ArashFarivar says
But if the ‘catgid’ is not number, then it’s an error and we should stop…
If we for example convert “q” into an int, it will be 0 and then we check for 0 value? or put it into the sql query?
I think this code will fix this problem simply: if(!is_numeric($_GET[‘catgid’])) die();
14 posts
  • Bought between 50 and 99 items
  • Has been a member for 1-2 years
iphoneameer says

 $id = (int)$_GET['catgid'];
or

$id = intval($_GET['catgid']);
will turn the catgid into an integer if possible

“hallo” -> 0
“2’ and true” -> 2
” 123bla” -> 123
2 -> 2
b2 -> 0
2.5 -> 2

hmm where do i add the line exactally ? after the query or before the sql query ?

14 posts
  • Bought between 50 and 99 items
  • Has been a member for 1-2 years
iphoneameer says

But if the ‘catgid’ is not number, then it’s an error and we should stop…
If we for example convert “q” into an int, it will be 0 and then we check for 0 value? or put it into the sql query?
I think this code will fix this problem simply: if(!is_numeric($_GET[‘catgid’])) die();

that actually made the page blank nothing at all appeard when enter number or letter or anuthing on url.

177 posts
  • Referred between 1 and 9 users
  • Exclusive Author
  • Sold between 1 000 and 5 000 dollars
  • Has been a member for 1-2 years
  • Bought between 1 and 9 items
ArashFarivar says


But if the ‘catgid’ is not number, then it’s an error and we should stop…
If we for example convert “q” into an int, it will be 0 and then we check for 0 value? or put it into the sql query?
I think this code will fix this problem simply: if(!is_numeric($_GET[‘catgid’])) die();
that actually made the page blank nothing at all appeard when enter number or letter or anuthing on url.

Well, I thought this page always gets the ‘catgid’ and shows this category’s data. But if you want to show the page when there is no ‘catgid’ set, yes this will show it blank. I don’t know how the page is :)

14 posts
  • Bought between 50 and 99 items
  • Has been a member for 1-2 years
iphoneameer says



But if the ‘catgid’ is not number, then it’s an error and we should stop…
If we for example convert “q” into an int, it will be 0 and then we check for 0 value? or put it into the sql query?
I think this code will fix this problem simply: if(!is_numeric($_GET[‘catgid’])) die();
that actually made the page blank nothing at all appeard when enter number or letter or anuthing on url.
Well, I thought this page always gets the ‘catgid’ and shows this category’s data. But if you want to show the page when there is no ‘catgid’ set, yes this will show it blank. I don’t know how the page is :)

you dont undrestand me :)

there is catagories displayed and then when user clicks the catagory the catgId comes into places

so catg.php will show all available catagories then catg.php?catgId=1 will show all groups inside catagory 1

this how it works .

btw : what is $id in this ? $id = intval($_GET[‘catgid’]);

$id is not read at all in the process what is it ?

238 posts
  • Exclusive Author
  • Has been a member for 0-1 years
  • Sold between 100 and 1 000 dollars
BizLogic says


$id = (int)$_GET['catgid'];
im really not good at php can you explain this :) ?

If the supplied argument is not an integer it will be converted to zero.
Problem solved.

14 posts
  • Bought between 50 and 99 items
  • Has been a member for 1-2 years
iphoneameer says



$id = (int)$_GET['catgid'];
im really not good at php can you explain this :) ?
If the supplied argument is not an integer it will be converted to zero.
Problem solved.

what is $id ? I mean I added this under the SQL query and nothing changed

238 posts
  • Exclusive Author
  • Has been a member for 0-1 years
  • Sold between 100 and 1 000 dollars
BizLogic says

Post the code from your file

14 posts
  • Bought between 50 and 99 items
  • Has been a member for 1-2 years
iphoneameer says

Post the code from your file

i emailed you the whole page :)

238 posts
  • Exclusive Author
  • Has been a member for 0-1 years
  • Sold between 100 and 1 000 dollars
BizLogic says

That’s almost the worst code I’ve ever seen.

Change this:
if(isset($catgId)){ global $mysqli; $var=array_filter(preg_split("/\D+/", $catgId)); $cI=reset($var); $sql="select * from groups where catgId =".mysql_real_escape_string($cI)." order by size desc";

To this:
if(isset($catgId)){ global $mysqli; $cI = (int)$catgId; $sql="select * from groups where catgId =".mysql_real_escape_string($cI)." order by size desc";

by
by
by
by
by
by