Is there a better way to write this if statement?

Option1:

if (isset($_GET['item']) || isset($_POST['item'])){
   $path = 'uploads/file/'.$filename;
}else{ 
   $path = 'uploads/'.$filename;
}

Option2:

if ('item' != $_GET['news'] || 'item' !=  $_GET['events'] || 'item' != $_GET['download']){ 
   $path = 'uploads/file/'.$filename;
}else{ 
   $path = 'uploads/'.$filename;
}

I'm not sure in what context you're using either of these statements. It looks to me like each option you gave is doing something different. The first one could be written like this if you wanted to make it a little smaller.

if ($_REQUEST['item'] != ''){
   $path = 'uploads/file/'.$filename;
}else{ 
   $path = 'uploads/'.$filename;
}

The second if statement will always come out as true, no matter what. I'm just going to assume you were trying to do this.

if ($_GET['news'] != 'item' && $_GET['events'] != 'item' && $_GET['download'] != 'item'){ 
   $path = 'uploads/file/'.$filename;
}else{ 
   $path = 'uploads/'.$filename;
}

But you're going to have to give me more to look at before I can give you a definite answer.

your second one posted wont work if the URL is
page.php?item=news OR
page.php?item=events

[edit]
It also needs to stay || as the user could use any one of the three options in the URL.
Why not;

if (isset($_REQUEST['item'])){

[/edit]

Using the isset() function on a $_GET variable or a $_REQUEST variable sometimes returns as being set, even if the value is null or the variable isn't actually set. It's more fool proof to check if the variable has a value, rather than using isset. Essentially, it's the same, though.

I see what you're trying to do with the second one now. Your code was kind of messed up. This is probably what you meant to post.

if ($_GET['item'] != 'news' || $_GET['item'] != 'events || $_GET['item'] != 'download'){ 
   $path = 'uploads/file/'.$filename;
}else{ 
   $path = 'uploads/'.$filename;
}

However, that still will not work. You can't use OR with NOT EQUAL like that, because it will always be true, no matter what.

if ($_GET['item'] != 'news' || $_GET['item'] != 'events || $_GET['item'] != 'download')

This translates to "IF item IS NOT EQUAL TO news OR NOT EQUAL TO events OR NOT EQUAL TO download" The problem there is that item can only be equal to one thing, so this statement will always be true. When you're using NOT EQUALS, you need to use AND rather than OR.

if ($_GET['item'] != 'news' && $_GET['item'] != 'events && $_GET['item'] != 'download')

This translates to "IF item IS NOT EQUAL TO news AND NOT EQUAL TO events AND NOT EQUAL TO download" Which says that if item is not news, events, or downloads, then it will be false.

I hope this all makes sense.

commented: woke me up on the last bit of code posted... +1

Ok yes, you've made a good point!
Now I need to recode my if then else or use a switch statement to find the correct file...

<?php 
// block any attempt to the filesystem
if (isset($_GET['file']) && basename($_GET['file']) == $_GET['file']) {
$filename = $_GET['file'];
} else {
$filename = NULL;
} 
// define error message
$err = '<p style="color:#990000">Sorry, the file you are requesting is unavailable.</p>'; 
if (!$filename) {
// if variable $filename is NULL or false display the message
echo $err;
} else {
	
// define the path to your download folder plus assign the file name

// just changed these few lines now...
if ( isset($_REQUEST['item']))  {

if ('item' == $_REQUEST['news']) 
   $path = 'uploads/news/'.$filename;
elseif ('item' == $_REQUEST['events'])
   $path = 'uploads/events/'.$filename;
elseif ('item' == $_REQUEST['download'])
   $path = 'uploads/download/'.$filename;
elseif ('item' == '')
   $path = 'uploads/file/'.$filename;
else
  $path = 'uploads/'.$filename;

}else{
  $path = 'uploads/'.$filename;
}

// check that file exists and is readable
if (file_exists($path) && is_readable($path)) {
// get the file size and send the http headers
$size = filesize($path);
header('Content-Type: application/octet-stream');
header('Content-Length: '.$size);
header('Content-Disposition: attachment; filename='.$filename);
header('Content-Transfer-Encoding: binary');
// open the file in binary read-only mode
// display the error messages if the file can´t be opened
$file = @ fopen($path, 'rb');
if ($file) {
// stream the file and exit the script when complete
fpassthru($file);
exit;
} else {
echo $err;
}
} else {
echo $err;
}
}
?>

This works with this;

<a href="download.php?file=image.jpg&amp;item=news">News image</a> <br /><br />
<a href="download.php?file=image.jpg&amp;item=events">Events image</a> <br /><br />
<a href="download.php?file=image.jpg&amp;item=download">Download image</a> <br /><br />
<a href="download.php?file=image.jpg">Download image</a> <br /><br />

Updated;

// just changed these few lines now...
if ( isset($_REQUEST['item']))  {

if ($_REQUEST['item'] == 'news') 
    $path = 'uploads/file/'.$filename;
elseif ($_REQUEST['item'] == 'events')
   $path = 'uploads/image/'.$filename;
elseif ($_REQUEST['item'] == 'download')
   $path = 'uploads/thm/'.$filename;
elseif ($_REQUEST['item'] == '')
   $path = 'uploads/'.$filename;
/* ... not needed ...
else 
   $path = 'uploads/'.$filename;
*/

}else{
  $path = 'uploads/'.$filename;
}

Could mark as Solved, but not 100% sure yet.

Member Avatar for rajarajan2017

$_REQUEST is a code should not have for practice, you know the variable sending is a method=post or get becoz you are the coder. then why dont you go for the specific one $_POST or $_GET.

$_REQUEST covers both $_POST and $_GET - or has this changed?

I build custom CMS's for each site I'm involved in,
What if the user adds a form with $_POST instead of $_GET?

Yes I am the coder and have to code for all probabilities.

[EDIT]
Yes I see what you mean,
just got up and still a:zzz:

** In most cases it would be $_GET being received.
[/EDIT]

Member Avatar for rajarajan2017

$_REQUEST covers both $_POST and $_GET - or has this changed?

Yes thats right! But not have for pratice becoz some scenarios need to know whether the data come by post or get.

Use POST most and GET if you want to display it in url.

Use POST most and GET if you want to display it in url.

How to $_POST these?

<a href="download.php?file=image.jpg&amp;item=news">News image</a> <br /><br />
<a href="download.php?file=image.jpg&amp;item=events">Events image</a> <br /><br />
<a href="download.php?file=image.jpg&amp;item=download">Download image</a> <br /><br />
<a href="download.php?file=image.jpg">Download image</a> <br /><br />

Pretty much your only option would be to make each link a submit button within a form.

<form action="download.php" method="post">
 <input type="hidden" name="file" value="image.jpg" />
 <input type="hidden" name="item" value="news" />
 <input type="submit" value="News Image" />
</form>

<form action="download.php" method="post">
 <input type="hidden" name="file" value="image.jpg" />
 <input type="hidden" name="item" value="events" />
 <input type="submit" value="Events Image" />
</form>

<form action="download.php" method="post">
 <input type="hidden" name="file" value="image.jpg" />
 <input type="hidden" name="item" value="download" />
 <input type="submit" value="Download Image" />
</form>

<form action="download.php" method="post">
 <input type="hidden" name="file" value="image.jpg" />
 <input type="submit" value="Download Image" />
</form>

That's exactly what I was afraid of; forms, forms and more forms.
$_GET will have to stay as the working option.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.