function ferpa_waiver_detail($people_id) { $people_id = arg(2); print_r($people_id); // We don't have to explicitly pass $people_id to this function, since Drupal // does that for us when it sees an extra path segment after what you // defined in hook_menu(). if (user_access('view FERPA info')) { // Since, in theory, a malicious user could enter the URL manually, we should sanitize the people_id value. // This is called type-casting. We are forcing $pid to equal the integer interpretation of $people_id, which is a string. // So, the string "000032174" would be stored as the integer 32174 in $pid. $pid = (int)$people_id; // This has the nice side effect of allowing the $people_id argument to be either the 9-digit ID, or the // shortened version, since we convert to integer then back again later. if (!$pid) { // If $people_id was not a valid integer or was 0, we'll get here. drupal_set_message('Invalid student ID', 'error'); // Give some feedback. drupal_not_found(); // Outputs 404 page, but does NOT exit. exit; // Make sure nothing else happens in this page run. } // $pid looks good, so we should transform it back into the 9-digit PowerCampus ID string. // sprintf is handy for formatting strings and numbers. $pid = sprintf('%09d', $pid); // pad $pid with zeroes in the front until its 9 characters long. $dbConnect = mssql_connect_estab($conn); $sql = "select a.address_line_3 as contact_person, a.address_line_1 as address_line_1, a.address_line_2 as address_line_2, a.city as city, a.state as state, a.zip_code as zipcode, a.email_address as email_address, a.evening_phone as evening_phone, a.day_phone as day_phone, a.main_fax as main_fax from addressschedule a where a.people_org_code_id= 'P{$pid}' and a.address_type LIKE 'FRP%' and a.status='A'"; $result = mssql_query($sql); if(!mssql_num_rows($result)) { drupal_set_message(t('ERROR: No FERPA File on File for you.'), 'error'); } else { $content .= theme('ferpa_waiver_detail', $result); } print_r($people_id); return $content; } }