Tell me, there is such a condition

if (isset($_GET['id'])) { $id = $_GET['id']; } else { exit("1 !"); } if (!preg_match("|^[\d]+$|", $id)) { exit("<p>bad URL</p>"); }

It works with the url of the profile? Id = 1, but does not work with the url of the id1 type, although there is a census in .htaccess, tell me what needs to be corrected so that the expression becomes correct for such an url of the id1 type.

Full script

 <?php session_start(); include("bd.php"); if (isset($_GET['id'])) { $id = $_GET['id']; } else { exit("1 !"); } if (!preg_match("|^[\d]+$|", $id)) { exit("<p>bad url</p>"); } if (!empty($_SESSION['email']) and !empty($_SESSION['password'])) { $email = $_SESSION['email']; $password = $_SESSION['password']; $result2 = mysql_query("SELECT id FROM users WHERE email='$email' AND password='$password'", $db); $myrow2 = mysql_fetch_array($result2); if (empty($myrow2['id'])) { exit("bad id!"); } } else { exit("3!"); } $result = mysql_query("SELECT * FROM users WHERE id='$id'", $db); $myrow = mysql_fetch_array($result); if (empty($myrow['email'])) { exit("5"); } ?>
  • one
    show the "census", and the result print_r ($ _ GET) - FLK
  • one
    RewriteEngine On RewriteRule ^ id ([0-9] +) $ profile? Id = $ 1 but the page code is full, when the page id the script receives information about the user who owns the page (added to the question) - OverLoader
  • Throw courses Popova! - johniek_comp
  • and the file is probably called index.php and is in the profile folder? - FLK
  • Please tell me! What is the error? - OverLoader

2 answers 2

As I understand it, $_GET['id'] should contain an integer.

!preg_match("|^[\d]+$|", $id) why do the data start / end characters stand between the conditional characters? Why is \ d in character class?

It is impossible to write instead of this awkward regulars:

 if(gettype($id) !== 'integer')

or

 !preg_match("(\d{1,<тут макс. знач. id>)$", $id)
  • The max id value is not. It is auto_increment in mysql. $ _ GET ['id'] will contain the number, that is, the user ID. Is everything normally determined when profile? id = 1, but when id1 gives a bad url error. Here is what is written in the file .htaccess RewriteEngine On RewriteRule ^ id ([0-9] +) $ profile? Id = $ 1, tell me what is the error? - OverLoader
  • You can make a selection by id, for this use a query of the following type: SELECT COUNT ( id ) FROM users . In .htaccess try to write profile? Id $ 1 instead of profile? Id = $ 1 - evlanoff
  • hashcode.ru/questions/122514/… - Arseniy

^ id ([0-9] +) $ profile? id = $ 1

those. Do you expect GET parameters right after the domain name (such as www.domain.com ? id1)? Maybe there is some kind of page, then is it the case?

PS Indeed, instead of a regular expression, it would be more appropriate to use some built-in function that will work faster and the code will be more readable, such as

 if (is_numeric($id)) { ... }
  • It turns out the profile type parameter? Id = after id is the user ID for which the information is received for the page, but for some reason it only works with the profile? Id = but it does not work with another, even after a rewrite, tell me a little more in detail how this can be done by different? - OverLoader
  • What should make this clear is my comment was about the initial url string before the change. Your regular expression starts with ^ - i.e. from the notation of the beginning of the line, therefore it is assumed that 'id ....' this will be the beginning of the URI of the line and nothing will precede it except the domain name or what you specified in .htaccess in RewriteBase. Obviously, rewrite does not work, so it does not fall under the condition. Perhaps I initially misunderstood my idea, but after this clarification, try re-reading my answer once again, perhaps it became clearer. - zippp