Hello,

Does anyone know a good tutorial on working with page ID's?

What I want is that my site is :

index.php?pid=1
index.php?pid=2

And that the pageid determines the content.
I saw an example with different file inclusions, but I want the ID's to be linked to different rows in my MySQL database, so instead of file inclusions a connection to my database.

anyone? :)

I don't know if you've already set up the database, but here's an example on how to get the content for a specific page ID.



<?php

$id = intval($_GET['pid']);

$query = "SELECT * FROM pages WHERE pageid = ". $id;
$result = mysql_query($query) OR die( mysql_error() );
$content = mysql_fetch_array($result);

echo $content['body'];

?>

Thanks, i did it like this


$pageid = isset($_GET['pid']) ? $_GET['pid'] : 'page1';
on top of the page

and


$result = mysql_query("SELECT * FROM tblContent WHERE page='$pageid' AND username='$localuser' ")
where I want it to be

Works!

Thanks, i did it like this


$pageid = isset($_GET['pid']) ? $_GET['pid'] : 'page1';
on top of the page

and


$result = mysql_query("SELECT * FROM tblContent WHERE page='$pageid' AND username='$localuser' ")
where I want it to be

Works!

You are not checking the input there and that will lead to a gaping whole in your security for sql injection. The manner in which nico_swd showed you verified the input.

If you are going to have it in the format that you have above, either use mysql_escape_string() function or manually verify input such as the following:

if (ereg("^page[0-9]+$", $_GET['pid']))
$pageid = $_GET['pid'];
else
$pageid = "page1";