-1

so I've saved an article slug to my database and usually I would filter my pages with the art_id like so,

$sql_articles = "SELECT * FROM app_articles WHERE art_id=".$_GET['art_id'];
$result_articles = query($sql_articles);

and I pass would pass the art_id through the url with a link like so

<a href="index.php?art_id=<?php echo $article['art_id']; ?>">

And I'm wondering how I can pass the art_slug instead of the art_id so my URL would be like www.site.com/index.php/lorem-ipsum-slug and it would display the article thanks in advance for any help

user2201765
  • 1,017
  • 6
  • 18
  • 21

2 Answers2

2

First of all, it looks like you have an SQL injection possibility. Google it.

Secondly you'll need to create an art_slug column in your database. After it you should be able to do the following:

$sql_articles = "SELECT * FROM app_articles WHERE art_id=".$_GET['art_slug'];
$result_articles = query($sql_articles);

and you'll be able to pass the art_slug through the url with a link like so

<a href="content.php?art_slug=<?php echo $article['art_slug']; ?>">

You've updated the question and things got more clear. You may be interested in rewriting your URL on the server side. The given documentation is for Apache, but this functionality exists in all major webservers.

vaultah
  • 44,105
  • 12
  • 114
  • 143
  • Thanks yeah I already have that set up but my URL is like `content.php?art_slug=lorme-ipsum` but I see a lot of sites like stackoverflow and their URLS are like `content.php/lorem-ipsum` – user2201765 Apr 28 '13 at 20:23
1

The same way you would pass an ID.

$sql_articles = "SELECT * FROM app_articles WHERE art_slug=".$_GET['art_slug'];
$result_articles = query($sql_articles);

and

<a href="content.php?art_slug=<?php echo $article['art_slug']; ?>">

You should sanitize your variables rather than using it from $_GET directly, because it makes you vulnerable to SQL injection attack.

Alexxandar
  • 975
  • 2
  • 11
  • 23