View Full Version : $_SERVER['PHP_SELF'] variable and Select FORM

04-20-2009, 06:21 AM
Hi. I'm using a select form to fetch data from a db:
Essential parts of code is :

echo("<form action='".$_SERVER['PHP_SELF']."' method='POST' >");
echo("<select name='category'>");
echo("<option value='1'>&gt;MAIN CATEGORY</option>");

/* ........ (subcategories)...more code....*/

/* After that, a query for the database is created , depending on form option: */

/*some code to handle pagination.....*/

$page = $_GET["page"];
$myoffset = 20;
if (!$page) {
$start_index = 0; /* start index for db*/
$page = 1;
else {
$start_index = ($page - 1) * $myoffset;


if( isset($_POST['category'])

$theoption = intval($_POST['category']);

$zquery = "select users.skills from users Where users.parent=".$theoption.") LIMIT $start_index ,$offset ";

$result = mysql_query($zquery);


while($row = mysql_fetch_array($result))

{ .....show data......);}



Im trying to put 20 records per page and the "NEXT" link is

/* a line from pagination code*/

echo " <a href='".$_SERVER['PHP_SELF']."?page=".($page+1)."'>Next ></a>"

After clicking that link I got the first 20 records but the next page is displayed without data :( and I'd like to get the next set of data displayed on same page.
Id apreciate your help
Thank you!!

04-20-2009, 08:36 AM
First, don't ever use PHP_SELF. Its XSS exploitable, and contains more information than you need (I'm about 85% certain it includes the querystring). Instead, opt for the $_SERVER['SCRIPT_NAME'] OR __FILE__ depending on if you're including this into other files or not (generally with a form, you'd use SCRIPT_NAME).

I can't be 100% certain, but this doesn't sound like a problem with you're form. It sounds like a problem with you're pagination code. You'll need to post that instead.

04-20-2009, 03:48 PM
Hi! Thanks for ur answer. Heres the code for pagination:


$offset = 20;

$zquery = "select users.skills from users Where users.parent=".$theoption." ";
$total_reg = mysql_num_rows($zquery);

$zquery = "select users.skills from users Where users.parent=".$theoption.") LIMIT $start_index ,$offset ";
$result = mysql_query($zquery);

$total_page = ceil($total_reg / $offset);

if($total_registros) {

while($row=mysql_fetch_array($result)) {

echo "<b>".$row["name"]."<br>";
echo (" ".$row["skills"].")<br>";


} else {
echo "<font color='darkgray'>Not Found</font>";


if($total_reg) {

echo "<center>";

if(($page - 1) > 0) {
echo "<a href='".$_SERVER['PHP_SELF']."?page=".($page-1)."'>< Previous</a> ";

for ($i=1; $i<=$total_page; $i++){
if ($page == $i) {
echo "<b>".$page."</b> ";
} else {
echo "<a href='".$_SERVER['PHP_SELF']."?page=$i'>$i</a> ";

if(($page + 1)<=$total_page) {
echo " <a href='".$_SERVER['PHP_SELF']."?page=".($page+1)."'>Next ></a>";

echo "</center>";


I just wanted to display the next data set. But those page links are like a "reset" and nothing happens actually. Maybe 'cause the filter for de DB : the LIMIT option .:confused:
Id appreciate any comment!

04-20-2009, 04:07 PM
$zquery = "select users.skills from users Where users.parent=".$theoption.") LIMIT $start_index ,$offset ";
You need to assign dynamic values for your variable $start_index, depending upon the value of $_GET['page']. Something like


04-20-2009, 07:33 PM
Oic! I missed $_GET['page'] part
Ill check!!!

Thank you!!