Thread

Greetings,

Thanks to some helpful users on the forums, i’ve been able to get some custom advanced search/filtering working on my site. The problem is that while the search works with using the method of POST on my form html element, when I try to change it to GET (to show the search string in the URL so users can save it), the search no longer works. Here are some examples:

working, with POST: http://www.daybreakutah.com/homes/
not working, with GET: http://www.daybreakutah.com/test/homes/

The items that are different on the GET version are the method=“GET” on the form element, and i’ve changed the way I retrieve the variables when building my SQL query. Example:

<?php

$buildsql = "SELECT * FROM `exp_weblog_data` WHERE `weblog_id` = '1'";

// builder
$b = @$_GET['builder'];
$bsql = NULL;
if ($b == 0) { $bsql = "`field_id_9` IS NOT NULL"; }
if ($b == 1) { $bsql = "`field_id_9`='Bangerter Homes'"; }
if ($b == 2) { $bsql = "`field_id_9`='Destination Homes'"; }
if ($b == 3) { $bsql = "`field_id_9`='Garbett Homes'"; }
if ($b == 4) { $bsql = "`field_id_9`='Gold Medallion Homes'"; }
if ($b == 5) { $bsql = "`field_id_9`='Hamlet Homes'"; }
if ($b == 6) { $bsql = "`field_id_9`='Holmes Homes'"; }
if ($b == 7) { $bsql = "`field_id_9`='Ivory Homes'"; }
if ($b == 8) { $bsql = "`field_id_9`='Liberty Homes'"; }
if ($b == 9) { $bsql = "`field_id_9`='Rainey Homes'"; }
if ($b == 10) { $bsql = "`field_id_9`='Richmond American Homes'"; }
$buildsql = $buildsql." AND $bsql ";

As you can see on the second link above, none of the selections from the form are being carried over to the search results page (i am printing out the SQL query on that page for testing). Any hints as to why POST would work, but GET wouldn’t?

Thanks for your help!

Pat

$_GET can be a security issue if things are improperly escaped.  Try the input class, specifically:

<?php
global $IN;

$foo = $IN->GBL('foo', 'GET'));

-greg

thanks Greg, i’ll give the input class a go.

cheers

Greg, I can get the input class working if i set everything to POST, but trying to access the data via GET brings in an empty set. Any thoughts or a direction to send me in?

Thanks again.

Pat

Pat,

Do you have your templates PHP set on input or output?

hi john, i have two templates in use:

- the actual html search form, which has PHP set to output
- the search results page, which also includes the PHP code to create the SQL query and run it, which has PHP set to input

i have yet to update this EE install to 1.6.8 yet, could that have something to do here?

thanks

You could certainly try to upgrade to the latest version and build. It’s a recommended update and would help us to rule out file corruption as well.

ok, install updated to 1.6.8, still not able to get the GET method working. any other thoughts out there?

ok, i created a local install to test the code, and it appears to be an extension/plugin/module conflict, as I can get method=“get” working locally. here is a list of what I have installed on the non-working server version. any thoughts as to where the conflict could be?

Extensions
JQuery for Control Panel
LG Add Sitename
LG TinyMCE
LG .htaccess
LG Better Meta
File (Mark Huot)
User
Checkbox
Favorites Extension
FieldFrame

Plugins
Character Limiter
Magpie RSS Parser
Randomizer
Word Limiter
XML Encode
LG Better Meta
Image Sizer
Custom Drop Down

Modules
Favorites
Mailling List
Member
Pages
Query
Referrer
RSS
Search
Statistics
Trackback
User
Section

I would start by disabling all of your extensions, globally (settings are kept that way). See if that resolves the issue, if it does you’ll need to test them one by one to see which one triggers the problem.

disabling the extensions did not solve the problem. should i also look into disabling plugins and modules?

Yes, you can try to remove the plugins from your templates / site, via the plugin manager. Basically, what’s the difference between your live site and the setup at home? Any of these differences could be to blame.

i went through and disabled all extensions/modules/plugins to match the bare-bones install on my local machine. i still am unable to retrieve the string produced by the GET form. any other thoughts as to why this is occurring?

i’m going to look to replicate the functionality i need another way, although i’m almost certain that if method=“GET” would work, that’d be exactly what I need.

thanks for your help

Pat, what about differences in PHP versions?

Hi Sue. I ruled out PHP version differences by writing a simple form method=“GET” routine, and uploading it to the same server (outside of my EE install though). it works fine, so I isolated the issue to only occurring within the EE “walls”. i’ve worked out another solution for this particular problem, although it’s still puzzling why GET isn’t working here…

cheers
pat