[Resolved] don't understand code

zbee

Would anyone explain this code that's generated by Dreamweaver?

$colname_Recordset1 = "1";
if (isset($HTTP_GET_VARS['id'])) {
  $colname_Recordset1 = (get_magic_quotes_gpc()) ? $HTTP_GET_VARS['id'] : addslashes($HTTP_GET_VARS['id']);
}
mysql_select_db($database_conn1, $conn1);
$query_Recordset1 = sprintf("SELECT * FROM nuke_users WHERE user_puesto = '%s'", $colname_Recordset1);
$Recordset1 = mysql_query($query_Recordset1, $conn1) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);

There are a few things I don't quite understand why it's put in the code. The get_magic_quotes_gpc(), the addslashes, and the way it calls the variable, '%s'.
Anyone?

bubblocity

get_magic_quotes_gpc() is a function that checks a PHP configuration setting MAGIC QUOTES.

If magic quotes is set to ON in the configuration, then the server automatically helps you escape your text fields by adding slashes to your GET/POST variables, so you can put it right in your database.

i.e. This would break, quotes don't match up.

$POST[compname] = "Joe's Crab Shack";
$query = "SELECT * FROM mytable where company = '$POST[compname]'"

because it gets parsed to
$query = "SELECT * FROM mytable where company = 'Joe's Crab Shack'"

When MAGIC QUOTES is on,

the system automatically addslashes for you so that

$_POST[compname] = "Joe\'s Crab Shack"

If MAGIC QUOTES is off, you have to do it yourself by applying the addslashes() function.

As for the sprintf() function

'%s' is a placeholder.

The sprintf function saids, put the value of $colname_Recordset1
where %s is. (Or replace %s with the value of $colname_Recordset1)

I hope this helps a little, here's the supporting documentation:

http://us3.php.net/manual/en/function.get-magic-quotes-gpc.php
http://us3.php.net/manual/en/function.sprintf.php

zbee

Thanx a lot, dude. I did try to figure it out but I guess I needed someone who understood the code to explain. Thanx again.

bubblocity

Hey, by the way,

thanks for posting, I didn't know that Dreamweaver generates PHP code until I saw your post.

🙂

zbee

Yeah, it really helps when you are trying to make connections with a mysql database. It saves you a lot of time, but sometimes I don't like using it because I dodn't understand the code. Take a look at this page:
http://swanilda.com/unix.html

bubblocity

Hey, that's way cool!

Thanks for sharing🙂