mattm1712 Posted September 21, 2010 Share Posted September 21, 2010 hi i am trying to count the number of clicks to an external link this is what i have come up with but it doesnt redirect but the if statment doesnt work properly because every time i click a link it always echos hello saying $add is not numeric when it is???? please help <html> <a href="index.php?add=1">Gamerforums</a><br> <a href="index.php?add=2">Google</a><br> <a href="index.php?add=3">Ebay</a><br> <a href="index.php?add=4">Paypal</a><br> <?php $add = $_GET['add']; include 'connect.inc'; if (is_numeric($add)) { mysql_query("UPDATE count SET clicks=clicks+1 WHERE id='$add'"); $result = mysql_query("SELECT * FROM count WHERE id='$add'"); $row = mysql_fetch_assoc($result); $url= $row; header ("Location: $url"); } else { echo "hello"; } ?> </html> Quote Link to comment Share on other sites More sharing options...
mattm1712 Posted September 21, 2010 Author Share Posted September 21, 2010 sorry sorted now was a database problem Quote Link to comment Share on other sites More sharing options...
chintansshah Posted September 21, 2010 Share Posted September 21, 2010 Please write exit(); after header ("Location: $url"); Quote Link to comment Share on other sites More sharing options...
rwwd Posted September 21, 2010 Share Posted September 21, 2010 And PLEASE sanitise your incoming data, you could have your database wiped with a couple of keystrokes if you leave it like that; ALWAYS sanitise $_GET and $_POST data, if you don't your hard work can be at risk! And I wouldn't use is_numeric() as this is a very loose function as it lets hex chars through, personally I would switch to preg_match() that way you can just make the pattern accept EXPLICITLY digits only, and (not sure about this, but I am always coding safer than sorry) I would type cast the incoming $_GET because I think (though I may well be wrong) like $_POST; $_GET's are technically strings... Using type casting makes the 'forces' the digit to be whole, so it wouldn't let floats through.. I used this method when I did my pagination class a few years back, still works, still solid... And yes, exit; after the header; call, kills the script as there is nothing else to execute after the header, else there wouldn't be a header call! Rw Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.