Home/ Questions/Q 6334765
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T18:43:22+00:00

I somewhat have a weird problem. I’m trying to check if a certain value

  • 0

I somewhat have a weird problem. I’m trying to check if a certain value exists in a database via a self created function, like this

function is_in_db($val,$row,$db){
    $query = mysql_query("SELECT ".$row." FROM ".$db." WHERE ".$row." = '".$val."'");

    if(mysql_num_rows($query)){
        return true;
    }else{
        return false;
    }
}

As far as i know this works (i checked it outside the function and echo’d the results. It works fine there. But when i do this, it keps constantly displaying ‘yes’ (where it should display ‘no’)

    if(is_in_db($_aGET,"c_link","fe_content")){
        echo("yes");
    }else{
        echo("no");
    }

All the variables work and are correctly, i checked that!

Does anybody know what i do wrong here?

Edit:
Here is some additional information. My database looks (simplified) like this:

Database: fe_content
+--------+--------+
| c_link | c_page |
+--------+--------+
|  one   | page 1 |
|  two   | page 2 |
| three  | page 3 |
+-----------------+

I have the following url www.domain.com/page/two

In page.php i have the following (relevant only) code:

if(!empty($_SERVER['PATH_INFO'])){
    $_aGET = substr($_SERVER['PATH_INFO'], 1);
    $_aGET = explode('/', $_aGET);
}

function is_in_table ($val, $col, $table) {
    return (mysql_num_rows(mysql_query("SELECT `$col` FROM `$table` WHERE `$col` = '$val' LIMIT 1")) > 0);
}

if(empty($_aGET[0])){
    echo("Were on page.php");
}else{
    if(is_in_table($_aGET,"c_link","fe_content")){
        echo("yes");
    }else{
        echo("no");
    }
}

And this somehow won’t work..

SOLVED!

Aahh!!!

I now see that i used $_aGET in stead of $_aGET[0] Ahh!

Sorry and thanks for helping all!!!!!!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It’s a bit difficult to answer your question without knowing more about your db and your variables, but I’ll give it a go.

    // A made up table called 'users'
+-------+---------+
| id    | name    |
+-------+---------+
| 1     | Bob     |
+-------+---------+
| 2     | John    |
+-------+---------+

// And here's your function
function rowExists($value, $field, $table){
    $sanitized = is_numeric($value) ? $value : "'" . $value . "'";
    $query = mysql_query("SELECT " . $field . " FROM " . $table . " WHERE " . $field . " = " . $sanitized);

    // Credit: @Omeid Herat
    return (boolean) mysql_num_rows($query);
}

// Some usage examples
rowExists('Bob', 'name', 'users'); // true
rowExists('Dave', 'name', 'users'); // false

    This should work, but it is definitely not safe from SQL injections.

    Updated

    $page = explode('/', $_SERVER['REQUEST_URI']);

if(empty($page[1])){
    echo "Were on page.php";
}else{
    if(is_in_table($page[1], "c_link", "fe_content")){
        echo "yes";
    }else{
        echo "no";
    }
}
    • 0