Get parameter, passed via the link in PHP - php

I get variable from http://localhost/match?id=1 via code:
<?
if (isset($_POST['id'])) {
$id = $_POST['id'];
$id = secure($id);
} else {
echo "error";
die();
}
And I get the error from my else statement. How to get the parameter, passed via the link?


Try this code:
<?
if (isset($_GET['id'])) {
$id = $_GET['id'];
$id = secure($id);
} else {
echo "error";
die();
}
Params, passed throught the link, are accessable trough the $_GET superglobal.
Info about $_GET on php.net.
Some explanations about $_GET vs $_POST on w3schools.com.


use POST if you get data from form. and GET if you get data by link. in your case it is link
if (isset($_POST['id'])) { ** this POST should be GET because you have http://localhost/match?id=1

Related

PHP variable declared global doesn't work within function

I am using a HTTP query string to pass an id. The variable I assign it to works perfectly for the queries immediately following. However, it doesn't work within any of the functions which I define in the same file, although I declared the variable as global.
$circleID = $_GET['id'];
$circleID works well for this query:
// Retrieve circle data
$circleDataResult = mysqli_query($connection," SELECT name, description
FROM circle
WHERE circleID = '$circleID' ");
$circleData = mysqli_fetch_array($circleDataResult);
$circleName = $circleData['name'];
$circleDesc = $circleData['description'];
It doesn't work within the following function though. $circleID seems to be empty in this context:
if(isset($_POST['action']) && !empty($_POST['action'])) {
$action = $_POST['action'];
switch($action) {
case 'removeUser' : removeUser(); break;
case 'makeAdmin' : makeAdmin(); break;
case 'revokeAdmin' : revokeAdmin(); break;
case 'makeOwner' : makeOwner(); break;
}
}
function removeUser(){
global $connection;
global $circleID;
$thisUserID = $_POST['id'];
$removeUserFromCircle = " DELETE
FROM circle_participants
WHERE circleID = '$circleID' AND userID = '$thisUserID' ";
if (mysqli_query($connection, $removeUserFromCircle)) {
echo "You removed " . getName($thisUserID) . " from this circle";
} else {
echo "Error deleting record: " . mysqli_error($connection);
}
}
Apologies if this is a trivial question. I am new to php and spent a considerable amount of time trying to solve this, but I'm stuck.

In order to sum up the answer for anyone else encountering the problem:
It seems like the id value I wanted to retrieve via GET from the HTTP query string value was overwritten/set to null by the POST request, as user3411846 pointed out. Thus, when the code was executed via AJAX, circleID was set to null.
Using session variables in conjunction with if(isset){} solved the problem!
This is the bit of code I changed:
if(isset($_GET['id'])){
$_SESSION['circleid'] = $_GET['id'];
}
instead of:
$circleID = $_GET['id'];
And within the function:
function removeUser(){
...
$circleID = $_SESSION['circleid'];
...
}
instead of:
function removeUser(){
...
global $circleID;
...
}

See why this will not work
Suppose that you have sent an get request to a page
$a = $_GET['variable'];
echo $a ; // this will echo the variable
exit;
Now you are making once again the post request to this page
$a=$_POST['variable'];
echo $a; // will print data if there exist data in the given variable
exit;
Now since you want to access the previous get data in the post data you have to save the get data in the session since on the next request all the data from the previous request will be lost
so in starting of the page
session_start()
$circleid = $_GET['id'];
$_SESSION['cirlceid'] = $circleid;
and in the remove function
function removeUser(){
global $connection;
$circleID = $_SESSION['circleid']
$thisUserID = $_POST['id'];
$removeUserFromCircle = " DELETE
FROM circle_participants
WHERE circleID = '$circleID' AND userID = '$thisUserID' ";
if (mysqli_query($connection, $removeUserFromCircle)) {
echo "You removed " . getName($thisUserID) . " from this circle";
} else {
echo "Error deleting record: " . mysqli_error($connection);
}
}

How to check if a $_GET variable exists in database

How to check if a $_GET variable exists in Database if it does not print an error.
I am using this code:
$connection = mysqli_connect("localhost" , "root" , "" , "test");
$query = "SELECT site_title FROM websites";
$select_all_sites = mysqli_query($connection,$query);
$row_count = mysqli_num_rows($select_all_sites);
for ($i=0; $i < $row_count; $i++){
$row = mysqli_fetch_assoc($select_all_sites);
if($_GET['website'] == $row['site_title']){
echo 'Success';
}else{
echo 'error';
}
}
It prints too much errors or (the else condition remains always true.) Help me out.

It is not safe to directly throw any of php array variables into your query. You need to clean it. Consider using the mysqli_real_escape_string. Although i would suggest to make a switch to PDO.
Back to your question, why can't you use a while loop instead of the for loop. you need to check if the variable website actually exists or not. php's isset function will help. Try this:
<?php
if(isset($_GET['website'])){
if($_GET['website'] == $row['site_title']){
#awesome! it matches
} else{
#it does not match
}
} else{
#website $_GET variable does not exist. Handle error
}
?>

Please try below code and inform me if you will face any error.
<?php
$connection = mysqli_connect("localhost" , "root" , "" , "test");
$query = "SELECT site_title FROM websites";
$select_all_sites = mysqli_query($connection,$query);
while($row = mysqli_fetch_assoc($select_all_sites))
{
if($_GET['website'] == $row['site_title'])
{
echo 'Success';
}
else
{
echo 'error';
}
}
?>

You will first have to do a check for is the get variable actually exists. You can do this with the PHP isset function http://php.net/manual/en/function.isset.php if it exists you can proceed to see if it is matching you site title like you do now.

Using Sessions or Cookies with a Get Value

I get a field value using GET from a URL.
www.test.com?id=12345
I create a session using assigning the id to a variable.
$id= $_GET['id'];
session_start();
$_SESSION['mainid'] = $id;
if(isset($_SESSION['mainid'])) {
echo "Your session is running " . $_SESSION['mainid']; }
I then use echo session on other pages
if(isset($_SESSION['mainid'])) {
echo "Your session is running " . $_SESSION['mainid']; }
The problem is when i go back to the home page, it tries to look for the get value $id, and it is blank now as the URL doesn't contain the Feild value id=12345. How do i get around this ?

if(!isset($_SESSION)){
session_start();
}
if(!isset($_SESSION['mainid'])){
$id= $_GET['id'];
$_SESSION['mainid'] = $id;
} elseif(isset($_GET['id']) && isset($_SESSION['mainid'])) {
if($_GET['id'] != $_SESSION['mainid'] )
{
$_SESSION['mainid'] = $_GET['id'];
}
}

Well, you should rewrite your code for sure to check if the variable exists first and then start the session.
Something like this should do.
$id = isset($_GET['id']) ? $_GET['id'] : false;
if ($id) {
session_start();
$_SESSION['mainid'] = $id;
}

Just put your below code
$id= $_GET['id'];
session_start();
$_SESSION['mainid'] = $id;
inside isset
Your code should look something like below code:
if(isset($_GET['id'])){
$id= $_GET['id'];
session_start();
$_SESSION['mainid'] = $id;
}

Not able to access variable in function after submitting form

I have a variable which I get it from jquery $.post as a data.
$list_id = $_POST['lists'];
if(isset($_POST['email'])!=''){
$member_id = '58';
$this->member_lib->add_subscriber($member_id,$list_id);
}
Where as email is an input field in a form. When I submit the form, I will access the function add_subscriber with member id and list id. Member ID is working fine, where as $list_id is not passing into the function.
Any solution please.

<?php
$_POST['email'] = 'asdsa';
$list_id = '123';
if(isset($_POST['email'])){
echo $list_id;
}
This is ok. However if it is not set like this
$list_id = '123';
if(isset($_POST['email'])){
echo $list_id;
}else{
echo "email is to set";
}
It will not echo your id which is what i am thinking is happening to you
Tested it here

isset() is use to check the variable is set or not. It is not use for comparision
$list_id = $_POST['lists'];
if(isset($_POST['email'])&& $_POST['email']!=""){// check your condition
$member_id = '58';
$this->member_lib->add_subscriber($member_id,$list_id);
}

Try this
$list_id = $_POST['lists'];
if(isset($_POST['email'])){
$member_id = '58';
$this->member_lib->add_subscriber($member_id,$list_id);
}

To check the value for blank, its better to use empty() instead of isset. Because isset would return true, even if the value is set to NULL.
You can use ternary operator to check for values like:
$list_id = (!empty($_POST['list'])) ? $_POST['list'] : "";
So the code would be like this:
if(!empty($_POST['email'])) {
// all you functionality
}

How to pass a variable from the url thru to a submit?

I am passing a variable fprs thru the URL and i can't seem to get it past the submit event. My Variable $userID which is from the URL becomes out of scope when I hit my submit button. How can I pass this variable to my query successfully?
As you can see, i am getting the fprs from the URL, transfering it to the $userID, then when I submit, the $userID becomes empty.
$userID ="";
$usID="";
if(isset($_GET['fprs'])){
$usID = substr($_GET['fprs'], 8);
}
$userID = intval($usID);
if(isset($_POST['btnChange'])){
if($Validate == true){
$link = mysqli_connect($servername,$username,$password,$database);
var_dump($userID);
$updatePassStr= "Update User set Pass='$hashPass' WHERE UserID='$userID'";
if($update = mysqli_query($link, $updatePassStr)){
echo "good";
}
else{
$Error = "Some error occured with the database, please wait a little and try again.";
}
}

Create a hidden field userIDin your form and store $userID there. After submit, retrieve the value with $userID=$_POST['userID'].

Categories