PHP/HTML Question

N

netsider

Limp Gawd
Joined
Oct 12, 2004
Messages
466
I'm currently having PHP print out a series of tables using a WHILE loop, which generates the HTML table data and row cells. However, in another part of the page, I want it to print out the names of the tables as link text, and I can't figure out how to do this, because it's in another area of the page. Would I have to create a whole new WHILE loop just to do these, also? I'm just trying to keep the amount of loops down.. even though I know it probably doesn't matter that much. Really, I just wanted to know if it's possible to do it in the same loop... or if I should just give up on that.

Just curious.. thanks. ;)
 
You could save the specific outputs you want into an array within the while loop, then call back the array which would contain just what you need.
 
netsider said:
However, in another part of the page, I want it to print out the names of the tables as link text, and I can't figure out how to do this, because it's in another area of the page.
Click to expand...

A word of warning...I personally wouldn't recommend doing such a thing on a publically facing web page. It's inadvisable to reveal internal information such as table names that a site visitor doesn't need to know. The more information you give about the internals of your web application, the less work a potential wrong doer may have to do.

Of course, if this is only as an academic exercise...

netsider said:
Would I have to create a whole new WHILE loop just to do these, also? I'm just trying to keep the amount of loops down.. even though I know it probably doesn't matter that much. Really, I just wanted to know if it's possible to do it in the same loop... or if I should just give up on that.
Click to expand...

How are you running the queries to get the data out of the tables? I would assume you're doing an ad hoc query somewhere. How are you telling the query which table to select from? Is your while loop there to print out each row of data?

I would imagine, if you're running a while loop to print each row of data, you would not want to print the table name in the same loop. If you put the table name in the same loop, as this would print the name of the table once for each row in that table.


As far as keeping the number of loops down, it isn't necessarily something to worry about....or at least sheer number isn't. If you're looping when you don't need to, that is certainly wasteful, but creating a loop to do one task, then creating another loop afterwards to perform a second task is only marginally slower (there is some overhead from the conditional branching needed to implement the loop, but this should be very small) than performing both tasks in the same loop, assuming the number of steps would be the same and assuming the order of execution of these statements does not matter. Nested loops, on the other hand, can be problematic for performance, as they can increase the number of steps required to run the code non-linearly. A loop that loops n times inside of another loop which loops n times inside of another loop which loops n times grows cubically with n, so, if n becomes very large your program will have a lot of steps which need to be done and this could result in poor performance. Sometimes it's unavoidable though. Things like matrix multiplication are going to take nested loops. If you have to do nested loops, that's fine, but if you can avoid it by all means you should...which is why it's good to be able to determine when you can and when you can't get away without nesting loops. So it is good that you're interested in minimizing looping, but it would also be good if you sought out an understanding of where this is bad and where this isn't.
 
Dogs said:
How are you running the queries to get the data out of the tables?

How are you telling the query which table to select from?

Is your while loop there to print out each row of data?
Click to expand...

Thanks for trying to help.. here's the PHP code here, without all the HTML. It shows the HTML in question (for the table that the data goes in). Sorry I didn't differentiate between HTML tables and PHP tables earlier, also.

I'm selecting all the tables with "show tables" and a query (Line 4 and 5). (The if statement excludes one table, but I'm sure you saw)

I'm getting the data out with a query, fetch_array, and a WHILE loop to go through each record. (Line 9, and 16).

Yes, I have one WHILE loop inside of another. One while loop to print each table, and another to print the data. I'm sure you can tell all this by looking at my code, though. I'm not very advanced, but I do learn quickly. There's not as many resources as I thought there would be for PHP.. but there's enough, I guess.

I'm just really picky about my code, and I don't like a lot of loops.. but yea.. I guess I should relax a little bit instead of trying to be super-conservative sometimes.

I know PHP is vulnerable to MySQL injection.. but I thought it only mattered when your taking user input... or no? I thought you just had to escape the inputs (as long as magic quotes is off, and not, when it's on).

Take care.. thanks again.
 
netsider said:
Thanks for trying to help.. here's the PHP code here, without all the HTML. It shows the HTML in question (for the table that the data goes in). Sorry I didn't differentiate between HTML tables and PHP tables earlier, also.

I'm selecting all the tables with "show tables" and a query (Line 4 and 5). (The if statement excludes one table, but I'm sure you saw)

I'm getting the data out with a query, fetch_array, and a WHILE loop to go through each record. (Line 9, and 16).

Yes, I have one WHILE loop inside of another. One while loop to print each table, and another to print the data. I'm sure you can tell all this by looking at my code, though. I'm not very advanced, but I do learn quickly. There's not as many resources as I thought there would be for PHP.. but there's enough, I guess.
Click to expand...

For your purposes, though, a loop inside of another loop is appropriate. You're iterating over all of the tables, and then for each table you're iterating over each row of data. There really isn't a good way to do that without nesting your loops, so I wouldn't worry about it.

As for printing off the table name stuff, it depends on your goal. If you want to print out the name of the table, and then the rows inside that table, then move on to the next table, such as:

table A
row A1
row A2
row A3

table B
row B1
row B2
row B3

...or something similar to that (I.E. table names matched to their corresponding data), then somewhere inside of the outerloop, but outside the inner loop is probably where you'll want to echo the HTML with the table name. This is just a stub, of course, but think like this:

Code: 
while () {
    print your $table[0] HTML
    while () {
    }
}

On the other hand, if you just want to print out all of the data, then print out the names of all of the tables, such as this:

row A1
row A2
row A3
row B1
row B2
row B3

--------

table A
table B

....then you're going to need separate loops. One set of loops will handle printing out the rows, and the next loop will handle printing off the table names. Think like this:

Code: 
while() {
    while() {
    }
}
while() {
    print your $table[0] HTML
}

In other words, in the first case you're iterating through each table and printing out it's name and its contents. In the second case you're iterating through each table and printing out its contents and then you're iterating through each table again and printing out its name. The distinction is that for the first one you're doing both at the same time, while for the second one you're separating the two tasks, which you would probably do if you wanted these two parts to go in separate places.

netsider said:
I know PHP is vulnerable to MySQL injection.. but I thought it only mattered when your taking user input... or no? I thought you just had to escape the inputs (as long as magic quotes is off, and not, when it's on).
Click to expand...

Printing out the names of your table itself isn't a vulnerability. You're right, it isn't an SQL injection vulnerability. But you're revealing what the inside of your program looks like, and that's just never a good practice. Table names might be harmless for your code, but in general it's a good idea to keep the code details of your website hidden from those accessing your website, because these details can often be used as clues about how to find a vulnerability.
 
You must log in or register to reply here.
Back
Top