<?php
include "includes/connection.php";
//$id=$_REQUEST['category'];
//$catid=mysql_escape_string($id);
$catid = isset($_GET['category']) ? (int)$_GET['category'] : 0;
$recordsPerPage =4;
# 0
// //default startup page
$pageNum = 1;
if(isset($_GET['p']))
{
$pageNum = $_GET['p'];
settype($pageNum, 'integer');
}
$offset = ($pageNum - 1) * $recordsPerPage;
//set the number of columns
$columns = 1;
//set the number of columns
$columns = 1;
$query = "SELECT temp_id, temp_img, temp_header, temp_resize, temp_small, temp_name, temp_type, cat_id, col_id, artist_id FROM `templates` where cat_id = '{$catid}' ORDER BY `temp_id` DESC LIMIT $offset, $recordsPerPage";
$result = mysql_query($query);
//we add this line because we need to know the number of rows
$num_rows = mysql_num_rows($result);
echo "<div>";
//changed this to a for loop so we can use the number of rows
for($i = 0; $i < $num_rows; $i++) {
while($row = mysql_fetch_array($result)){
if($i % $columns == 0) {
//if there is no remainder, we want to start a new row
echo "<div class='template'>";
}
echo ...........my data(s).
if(($i % $columns) == ($columns - 1) || ($i + 1) == $num_rows) {
echo "</div>";
}
}
}
echo "</div>";
//}
?>
<div class="pagination">
<?
$query = "SELECT COUNT( temp_id ) AS `temp_date` FROM `templates` where cat_id ='{$catid}'";
$result = mysql_query($query) or die('Mysql Err. 2');
$row = mysql_fetch_assoc($result);
$numrows = $row['temp_date'];
//$numrows = mysql_num_rows($result);
$self = $_SERVER['PHP_SELF'];
$maxPage = ceil($numrows/$recordsPerPage);
$nav = '';
for($page = 1; $page <= $maxPage; $page++)
{ if ($page == $pageNum)
{
$nav .= "<span class=\"pegination-selected\">$page</span>";
}
else
{
$nav .= "<aa class=\"pegination\" hreeef=\"javascript:htmlData('$self','p=$page')\">$page</a>";
}
}
if ($pageNum > 1)
{
$page = $pageNum - 1;
$prev = "<aa class=\"pagination\" hreeef=\"javascript:htmlData('$self','p=$page')\"><strong><imgee src=\"images/previous.gif\" alt=\"previous\" width=\"5\" height=\"10\" border=\"0\"/></strong></a>";
$first = "<aa class=\"pagination\" hreeef=\"javascript:htmlData('$self','p=1')\"><strong><imgee src=\"images/previous1.gif\" alt=\"first\" width=\"7\" height=\"10\" border=\"0\" /></strong></a>";
}
else
{
$prev = '<strong> </strong>';
$first = '<strong> </strong>';
}
if ($pageNum < $maxPage)
{
$page = $pageNum + 1;
$next = "<aa hreeef=\"javascript:htmlData('$self','p=$page')\"> <strong> <imgee src=\"images/next.gif\" alt=\"next\ width=\"5\" height=\"10\" border=\"0\" /></strong></a>";
$last = "<a class=\"pagination\" hreeef=\"javascript:htmlData('$self','p=$maxPage')\"> <strong> <imgee src=\"images/next1.gif\" alt=\"next\" border=\"0\" width=\"7\" height=\"10\" /></strong></a>";
}
else
{
$next = '<strong> </strong>';
$last = '<strong> </strong>';
}
echo "<div class=\"pagination\"> $first $prev <span class=\"pagination-selected\">$nav </span> $next $last </div>";
?>
Here my ajax code:
function GetXmlHttpObject(handler)
{
var objXMLHttp=null
if (window.XMLHttpRequest)
{
objXMLHttp=new XMLHttpRequest()
}
else if (window.ActiveXObject)
{
objXMLHttp=new ActiveXObject("Microsoft.XMLHTTP")
}
return objXMLHttp
}
function stateChanged()
{
if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete")
{
document.getElementById("txtResult").innerHTML=xmlHttp.responseText
}
else
{
//alert(xmlHttp.status);
}
}
function htmlData(url, qStr)
{
if (url.length==0)
{
document.getElementById("txtResult").innerHTML="";
return;
}
xmlHttp=GetXmlHttpObject()
if (xmlHttp==null)
{
alert ("Browser does not support HTTP Request");
return;
}
url=url+"?"+qStr;
url=url+"&sid="+Math.random();
xmlHttp.onreadystatechange=stateChanged;
xmlHttp.open("GET",url,true) ;
xmlHttp.send(null);
}
如何在分页的第一页之后获取所选的类别ID?
答案 0 :(得分:0)
你在请求中通过了category吗?您还没有向我们提供这些信息(javascript中qstr的价值是多少?),但我猜不是。
你也将它直接传递给SQL查询,让你开始注射
您应该使用mysql_escape_string()来解决此问题。
答案 1 :(得分:0)
答案 2 :(得分:0)
您似乎意识到$_GET['p']获取了查询字符串中传递的'p'参数的值。那么$_REQUEST['category']正在做同样的事情。 (技术上$_REQUEST检查了$_POST,$_GET和$_COOKIE中的所有内容。
因此,如果您未在查询字符串中设置“类别”,则代码中不会包含任何内容。
答案 3 :(得分:0)
$category = isset($_GET['category']) ? (int)$_GET['category'] : 0;