[Fwd: Re: [PHP] Newbie question, Which way is best?]

George J wrote:
> Hi Daniel,
>
>> WHOA! Passing the SQL query via a URL is a Very Bad Idea[tm]!
>
> As a newbie I just have to ask why. I suspect you're going to say it gives
> the table and field names used in my database. I'm not really aware of all
> the possible avenues that this method might open up. It just feels wrong to
> include these details. This is the reason I've asked for help.
>
> The form part of the script works fine so can we ignore that or does it
> impact on the pagination code that I'm having trouble with.
>
> When the form calls the script it passes all the parameters that the script
> uses to construct a SELECT query. This works fine.
>
> When the pagination calls the script it passes a new page number. This works
> fine but is where my limited experience lets me down. I need to pass the
> SELECT query, as is, back to the same script with a way to change just the
> LIMIT part of the query. Changing the LIMIT parameters simple lets me
> display another page of the returned query. I can do this change prior to
> call but what options have I on including the query in my call. Could I
> camouflage the query parameters in an array for example?
>
> George
>
>
>
>
>
>
>

Maybe add your query as a session var. Depends upon how your app works.
Is the pagination a series of links with get vars?

// your script that receives post data
session_start();

if(!empty($_POST)) {
$query = "Build query from post vars";
$_SESSION['query'] = $query;
} else {
$query = $_SESSION['query'];
}
// use your query

Then there's the pagination stuff, but we'd need to see how you do it.

-Shawn

Hi Shawn,

"Shawn McKenzie" <shawn@mckenzies.net> wrote in message
news:47E1943D.6010407@mckenzies.net...
> George J wrote:
>> Hi Daniel,
>>
>>> WHOA! Passing the SQL query via a URL is a Very Bad Idea[tm]!
>>
>> As a newbie I just have to ask why. I suspect you're going to say it
>> gives
>> the table and field names used in my database. I'm not really aware of
>> all
>> the possible avenues that this method might open up. It just feels wrong
>> to
>> include these details. This is the reason I've asked for help.
>>
>> The form part of the script works fine so can we ignore that or does it
>> impact on the pagination code that I'm having trouble with.
>>
>> When the form calls the script it passes all the parameters that the
>> script
>> uses to construct a SELECT query. This works fine.
>>
>> When the pagination calls the script it passes a new page number. This
>> works
>> fine but is where my limited experience lets me down. I need to pass the
>> SELECT query, as is, back to the same script with a way to change just
>> the
>> LIMIT part of the query. Changing the LIMIT parameters simple lets me
>> display another page of the returned query. I can do this change prior to
>> call but what options have I on including the query in my call. Could I
>> camouflage the query parameters in an array for example?
>>
>> George
>>

>
> Maybe add your query as a session var. Depends upon how your app works.
> Is the pagination a series of links with get vars?
>
> // your script that receives post data
> session_start();
>
> if(!empty($_POST)) {
> $query = "Build query from post vars";
> $_SESSION['query'] = $query;
> } else {
> $query = $_SESSION['query'];
> }
> // use your query
>
> Then there's the pagination stuff, but we'd need to see how you do it.
>
> -Shawn

My code checks the POSTed values
-----------
if (isset($_REQUEST['selected_manu'])){
$find_manu=$_POST['selected_manu'];
-----------

Yes, my pagination routine uses a series of links.

I'll underlline that I'm not only learning php but also HTML. I'm trying to
keep things simple as there is so much to learn. I'm starting from scratch
and find the coding fairly straightforward. However, selecting the
appropriate techniques is another matter.

George