I have been working on an old app mostly dealing with upgrading from mysql to mysqli and removing depreciated functions. While debugging the mess I would occasionally have an error with in line hyperlink to edit or delete products. Examples
php?act=del&cat_id=5&bc=654321&ds=&src=app
php?act=del&cat_id=5&bc=&ds=ds12345&src=app
php?act=del&cat_id=5&bc=654321&ds=ds12345&src=app
Some had one part some had two But then discovered that items in a category could have 2 different identifiers ‘ds’ or ‘bc’ or both and the links to edit or delete these items could have one or the other or both neither. Or could have different errors! This Code is what they pointed to.
// Original code
if ($_GET['act'] == 'del') {
$cat_id = $_GET['cat_id'];
$ds = $_GET['ds'];
$bc = $_GET['bc'];
if($cat_id == '' && $ds == '' || $bc == '') {
echo 'Error Cannot identify item for action!';
}
else {
//$db = mysqli_connect($db_host, $db_login, $db_pwd, $db_name);
// Do some SQL Stuff in cat_id that match ds or bc
}
I tried dozens of variations of the original
if($cat_id == '' && $ds == '' || $bc == '')
using || && equal to or not equal to and one way or another could never get one to be correct in all cases. Including the one suggested by trincot
if ($cat_id == '' && ($ds == '' || $bc == '' ))
Which works for most cases but allows db connect with ds=’’ and bc =’’
The code below I wrote works as needed for all cases of bad query strings But what I was hoping is someone might have a better way to do it.
// From GET -- Just to fix if($cat_id == '' && $ds == '' || $bc == '') {
$cat_id = 3;
$ds = 'bbb';
$bc = '';
// define some vars
$c = 'NO'; $d = 0; $b = 0; $t = 0; $s = 0;
if (is_numeric($cat_id)) {
$c = 'OK'; }
if ($ds != '') {
$d = 1;
}
if ($bc != '') {
$b = 1;
}
$t = $d + $b;
if ( $s == $t || $c != 'OK') {
echo 'Error Cannot identify item for action! ';
}
else {
echo ' OK two out three aint bad as long as one is cat ';
//$db = mysqli_connect($db_host, $db_login, $db_pwd, $db_name);
// Do some SQL Stuff in cat_id that match ds or bc
}
This is a working sample of what I came up with Thanks for looking any help would be greatly appreciated.
http://sandbox.onlinephpfunctions.com/code/fd32ad87ff42836660a59f826b8f08fa0f8d16f0
Here are the different examples I want to test against. And desired result I know I need to update other parts of the original code but for now I am just looking for an easier way to trigger My Error! before db connect!
example 1:
$cat_id = 3;
$ds = '';
$bc = '';
Result: Error Cannot identify item for action! \\ No Part number either ds or bc
example 2:
$cat_id = 'a';
$ds = 'ds-195062';
$bc = '654321';
Result : Error Cannot identify item for action! \\ wrong cat_id
example 3:
$cat_id = '';
$ds = 'ds-195062';
$bc = '654321';
Result : Error Cannot identify item for action! \
o cat id
example 4:
$cat_id = '5';
$ds = '';
$bc = '654321';
Result : OK two out three aint bad as long as one is cat
\\ have a bc part number and a catagory
example 5:
$cat_id = '5';
$ds = 'ds-195062';
$bc = '654321';
Result : OK two out three aint bad as long as one is cat
\\ have a bc and ds part number and a catagory
example 6:
$cat_id = '5';
$ds = 'ds-195062';
$bc = '';
Result : OK two out three aint bad as long as one is cat
\\ have a ds part number and a catagory
This is an edit to the original question hoping it is more clear now
Thank You for looking
Ended up with this Thanks @trincot for explaining this to me
if ($_GET['act'] == 'del') {
$cat_id = ( isset( $_GET['cat_id'] ) && is_numeric( $_GET['cat_id'] ) ) ? intval( $_GET['cat_id'] ) : 0;
$ds = isset($_GET['ds']) ? $_GET['ds'] : '';
$bc = isset($_GET['bc']) ? $_GET['bc'] : '';
if ( $ds == '' ) { $ds = 'n'; }
if ( $bc == '' ) { $bc = 'n'; }
if($cat_id == 0 || ($ds == 'n' && $bc == 'n')) {
echo 'Error! ';
echo 'Result: value of ds ' . $ds .' value of bc '. $bc .' cat id is '. $cat_id;
}
else {
echo 'Good To Go ';
echo 'Result: value of ds ' . $ds .' value of bc '. $bc .' cat id is '. $cat_id;
}
}
