当页面=-1时,PHP分页SQL语法错误
当我检查此url进行页面分页时,分页工作正常,并在page和page=+1中显示页面结果:当页面=-1时,PHP分页SQL语法错误,php,mysql,pagination,Php,Mysql,Pagination,当我检查此url进行页面分页时,分页工作正常,并在page和page=+1中显示页面结果: mydomain/search.php?page=1 mydomain/search.php?page=2 但当我检查此url时: mydomain/search.php?page=-1 mydomain/search.php?page=-2 我看到这个错误: You have an error in your SQL syntax; check the manual that correspon
mydomain/search.php?page=1
mydomain/search.php?page=2
但当我检查此url时:
mydomain/search.php?page=-1
mydomain/search.php?page=-2
我看到这个错误:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-20, 10' at line 1
我使用此分页代码打印结果:
// If number of results is bigger than the maximum number
// of search results set in config we start the pagination
if ( $results > $conf['search_results'] )
{
// Calculate the first number of page to show
// This makes the list of pages numbers smaller
if ((($page*$conf['search_results'])-($conf['search_results']*5)) >= 0)
$first=($page*$conf['search_results'])-($conf['search_results']*5);
else
$first=0;
// Calculate the last element of the pagination list
if ((($page*$conf['search_results'])+($conf['search_results']*6)) <= $results)
$last =($page*$conf['search_results'])+($conf['search_results']*6);
else
$last = $results;
@ $i=$first/$conf['search_results'];
// Previous link
if ($page > 0)
{
$pagenum = $page - 1;
echo ' <a style="float:left;" href="' . URL . '/search.php?page=' . $pagenum . '&' . $session->fetch('listingsearchvariablespage') . '">PRE</a> | ';
}
// Middle pagination
for ( $step = $first; $step < $last; $step=$step+$conf['search_results'] )
{
if ( $i == $page )
{
$pagenum = $i+1;
echo ' <span class="warning">' . $pagenum . '</span> | ';
$i++;
}
else
{
$pagenum = $i+1;
echo ' <a href="' . URL . '/search.php?page=' . $i . '&' . $session->fetch('listingsearchvariablespage') . '">' . $pagenum . '</a> | ';
$i++;
}
}
// Next link
if ($page - (($results / $conf['search_results']) - 1) < 0)
{
$pagenum = $page+1;
echo ' <a style="float:right;" href="' . URL . '/search.php?page=' . $pagenum . '&' . $session->fetch('listingsearchvariablespage') . '">NEXT</a>';
}
}
//如果结果数大于最大值
//对于配置中设置的搜索结果,我们开始分页
如果($results>$conf['search_results']))
{
//计算要显示的第一个页数
//这使得页码列表更小
如果(($page*$conf['search_results'])-($conf['search_results']*5))>=0)
$first=($page*$conf['search_results'])-($conf['search_results']*5);
其他的
$first=0;
//计算分页列表的最后一个元素
如果(($page*$conf['search_results'])+($conf['search_results']*6))0)
{
$pagenum=$page-1;
回音“|”;
}
//中间分页
对于($step=$first;$step<$last;$step=$step+$conf['search_results']))
{
如果($i==$page)
{
$pagenum=$i+1;
回显“.$pagenum.”;
$i++;
}
其他的
{
$pagenum=$i+1;
回音“|”;
$i++;
}
}
//下一环节
如果($page-($results/$conf['search_results'])-1)<0)
{
$pagenum=$page+1;
回声';
}
}
现在,如何修复负数的错误并防止任何攻击?限制-20,10是无效语法-不能有负偏移量。您应该将该值钳制在页面的有效范围内。我推荐一些简单的方法,如:
if($page < 1)
$page = 1;
if($page<1)
$page=1;
我知道!我需要防止任何攻击。我想是负数。同意。我还将添加$page=(int)$\u GET['page'];防止在url@andrew是的,我有点认为是他干的,但我想你永远不会知道。