php problem

[FearlessGoD]

so i created a script that only allow you view the page IF the url is correct than i included mysql database with the script that see if i added a new url extension like example: ./shop?Coin and the url extension is build on $_GET method so Coin is the word in my table stored in my database, soooo now my script is this:

$ShopTabs = mysql_query('SELECT * FROM `shop_tabs`');[/COLOR][/COLOR][/COLOR][/COLOR]
[COLOR=#660000][COLOR=#000000][COLOR=#660000][COLOR=#000000]while($Shop = mysql_fetch_array($ShopTabs))
            {
                $count = $Shop['id'];
                $ChkUrl[$count] = '/'.$_SESSION['username'].'/shop?'.$Shop['tabLabel'];
            }
if($ChkUrl[$count] == $_SERVER['REQUEST_URI'])
           {
        /* template here */
            }
        else
            {
                header('Location: /index');
            }

this code would not work it will redirect me to index so the database has 3 results in the table, wouldnt work how i want to i want it this ill explain
$count variable counts up each results on table so theres 3
$ChkUrl[1] = '/'.$_SESSION['username'].'/shop?'.$Shop['tabLabel'];
$ChkUrl[2] = '/'.$_SESSION['username'].'/shop?'.$Shop['tabLabel'];
$ChkUrl[3] = '/'.$_SESSION['username'].'/shop?'.$Shop['tabLabel'];
than you know what the rest does, help me lol urgently..
[/COLOR]
disregard

[/COLOR]
[COLOR=#000000]

its not in my script

 

[Ecko]

1. Stop using mysql_
2. Use fetch_assoc:

You must be registered for see links

3. Why are you using /.$_SESSION ?

 

[FearlessGoD]

$_SESSION['username'] is a temporary its used to find the user folder.
Still doesnt help me out

 

[Ecko]

Understandable, but why are you using /. ? Global variables are easily susceptible to tampering and since no code was provided regarding filtering it makes me wonder how secure the script is. Since you're using mysql(), all the results in that array are stored in $Shop['whatever']

Either way, you're going to need to better explain what you are trying to achieve.

 

[FearlessGoD]

Understandable, but why are you using /. ? Global variables are easily susceptible to tampering and since no code was provided regarding filtering it makes me wonder how secure the script is. Since you're using mysql(), all the results in that array are stored in $Shop['whatever']

Either way, you're going to need to better explain what you are trying to achieve.

make a script that does the following:
$ChkUrl[1] = '/'.$_SESSION['username'].'/shop?Coin';
$ChkUrl[2] = '/'.$_SESSION['username'].'/shop?Diamonds';
$ChkUrl[3] = '/'.$_SESSION['username'].'/shop?VIP';

The Coin, Diamonds, and VIP is stored in the database table.

I want the script to do is each ID is on the table so its 3 will execute it and make it work on if($ChkUrl[1] == $_SERVER['REQUEST_URI'] OR $ChkUrl[2] == $_SERVER['REQUEST_URI'] OR $ChkUrl[3] == $_SERVER['REQUEST_URI']);
{
// template
}
and everything is temporary I am used to using mysql ill update it to mysqli soon.