So basically what I'm trying to do is if the url contents looks something like this:
www.some.com/dir/?variable=VAR&variable2=VAR2.
then the server would pick this up and I could add it to a variable like:
$var = [variable];
echo '<tag>'.$var.'</tag>';
and that would produce;
<tag>VAR</tag>
Sorry for the lack of code I just don't know how to do this with PHP and my searches are turning up blank.
What you want to do is iterate through your $_GET variables and print them out.
$key is variable and $value is VAR . to print key value combo use this. to print just value remove the '$key is ' part.
<?php
foreach($_GET as $key=>$value)
{
echo "<tag>$key is $value</tag>";
}
These variables are called query parameters and in PHP they can be accessed using the $_GET superglobal.
To use your example, the URL www.some.com/dir/?variable=VAR&variable2=VAR2 will populate $_GET['variable'] with 'VAR' and $_GET['variable2'] with 'VAR2'.
You can access $_GET just like any other array from anywhere in your code so it should be straightforward to put its contents in your HTML code:
<tag><?php echo $_GET['variable'] ?></tag>
<tag><?php echo $_GET['variable2'] ?></tag>
Do keep in mind this presents an HTML injection vulnerability. For example, the user could access the URL www.some.com/dir/?variable=<script>doUnfortunateThings()</script> and your script would dutifully render
<tag><script>doUnfortunateThings()</script></tag>
Which would be executed by the browser when the page loads. This might be fine since only the user messing with the URL will see it, but depending on the rest of your page it could pose a security risk, and could even be made permanent by other scripts running on the page or on the server. It could also bypass any content security policy settings your site is running under, depending on how that is configured if at all.
It is good practice to use the built-in PHP function htmlspecialchars on any user input before displaying it on the page to prevent any html tags from actually being rendered by the browser.
<tag><?php echo htmlspecialchars($_GET['variable']) ?></tag>
<tag><?php echo htmlspecialchars($_GET['variable2']) ?></tag>
If you already know variable name from url then you can use it as array index:
$variable = $_GET["var_name"];
In your case:
$variable = $_GET["variable"];
$variable2 = $_GET["variable2"];
Related
So I've search far and wide to try and find an example of this but found nothing. It seems like a simple thing however I continue to get errors.
Essentially what I've got is:
<?php
$articleCount = 3;
include('/newsArticles.php?id=$articleCount');
?>
It seems fairly self explanatory. What I need is an include that I can pass a value on into the file which I can then grab with $_GET['id'].
You can't add a query string (Something like ?x=yyy&vv=www) onto an include like that. Fortunately your includes have access to all the variables before them, so if $_GET['id'] is defined before you call:
include('/newsArticles.php');
Then newsArticles.php will also have access to $_GET['id'];
You don't need to pass a $_GET variable. Just set it, and reference it in your included file.
Your included file will have access to $articleCount without any additional work needed.
Try this:
$_GET['id'] = 3;
include('/newsArticles.php');
Since you are including a script it would seem as though you have access to the script itself. Even if you don't have access to the script you can edit the $_GET variable from within the script you showed above, like this:
<?php
$_GET['id'] = 3; // or $_GET['id'] = $articleCount;
include('/newsArticles.php');
?>
That's because the script newsArticles.php has the same access to the $_GET variable, unless the script was specifically created so that it extracts the variables from the URL.
Try it.
I want to know how to pass a variable from one page to another in PHP without any form.
What I want to achieve is this:
The user clicks on a link
A variable is passed which contains a string.
The variable can be accessed on the other page so that I can run mysql queries using that variable.
use the get method in the url. If you want to pass over a variable called 'phone' as 0001112222:
<a href='whatever.php?phone=0001112222'>click</a>
then on the next page (whatever.php) you can access this var via:
$_GET['phone']
You want sessions if you have data you want to have the data held for longer than one page.
$_GET for just one page.
<a href='page.php?var=data'>Data link</a>
on page.php
<?php
echo $_GET['var'];
?>
will output: data
You can pass via GET. So if you want to pass the value foobar from PageA.php to PageB.php, call it as PageB.php?value=foobar.
In PageB.php, you can access it this way:
$value = $_GET['value'];
check to make sure the variable is set. Then clean it before using it:
isset($_GET['var'])?$var=mysql_escape_string($_GET['var']):$var='SomeDefaualtValue';
Otherwise, assign it a default value ($var='' is fine) to avoid the error you mentioned.
You can use Ajax calls or $_GET["String"]; Method
If you are trying to access the variable from another PHP file directly, you can include that file with include() or include_once(), giving you access to that variable. Note that this will include the entire first file in the second file.
At the moment a chuck of my site is running off using GETs to direct to a profile or a page. But what if you go to someone's profile page (so that's one GET) and you then click a sub tab on their profile which uses another GET, can you do this:
http://example.com/something.php?xyz=4example=6
I have seen facebook do this however I'm not sure where to look.
An alternate to this would be Javascript however I would rather do it with PHP if possible.
That should be
example.com/something.php?xyz=4&example=6
Note the ampersand '&' between the get vars.
To access the vars in php use
$xyz = $_GET['xyz'];
$example = $_GET['example'];
I am not sure ur exact question but in general if you want to pass values to a page through url u should do e.g.
http://example.com/page1.php?var1=val1&var2=val2....
Please note that each new variable after the first one has "&" before it. This tells the server that a new variable is expected, and the first variable has "?" before it, which tells the server to expect variables.
In the php page you can get the values of all the passed variables like
<?php
$_GET['var1']
$_GET['var2']
.
.
.
?>
and further user the values however you like. Note that you can not change a value in $_GET['var1']. If you want to change a value. First assign this value to a variable then further process. e.g
<?php
$var1 = $_GET['var1'];
$var1++;
?>
I have data being passed via HTTP post to another page. Essentially passing data from one server to another. On the target page, I cannot get the URL variable to be seen by php. Am I doning something wrong? Is there a better way to do this?
URL string:
form_listener.php?
contactId=101460&inf_custom_ddState=IN&inf_custom_txtZipCode=46268&inf_custom_ddClientDegreeId=729&inf_custom_txtCity=indianapolis&inf_custom_txtLastName=Anderson&inf_form_xid=f28acf3ff321cb273cb4696e996008e0&inf_custom_ddStartSemesterYear=Fall2012&inf_custom_ddMilitaryAffiliation=Yes&infusionsoft_version=1.23.11.30&inf_custom_txtFirstName=someone&inf_custom_txtAddress2=&inf_custom_txtAddress1=4707+East+72nd+Street&inf_custom_ddHSGradYearCustomLiberty=2011&inf_form_name=LibertyOnline&inf_option_Signmeupforthenewsletter=432&inf_custom_txtEmailAddress=killing.fields%40gmail.com&inf_custom_affiliateid=D80576&inf_custom_ddEducationLevel=CLGJ&captcha.typed=jydqb
PHP Code:
$ddState= $_GET['inf_custom_ddState'];
echo $_GET['ddState'];
?>
You don't have ddState in the URI. You want: echo $ddState; (because that is the variable where you copied the data to) or rather (to avoid opening up an XSS security hole) you actually want:
echo htmlspecialchars($ddState);
When you use $_GET you are telling php that the variable is from the URL.
By doing this:
$ddState = $_GET['inf_custom_ddState'];
you are "creating" a local variable ($ddState) with the content of $_GET['inf_custom_ddState'], so you don't have to use $_GET variable anymore.
So your echo can be in 2 ways:
echo $_GET['inf_custom_ddState'];
echo $ddState;
$ddState= $_GET['inf_custom_ddState'];
echo $ddState;
// or
echo $_GET['inf_custom_ddState'];
you can use either this way
echo $_GET['inf_custom_ddState'];
Or
$ddstate=$_GET['inf_custom_ddState'];
echo $ddstate;
Your echo should just be echo $ddState;
You are assigning the value of the URL variable to a local variable. Once that's done, you are dealing with something that is locally scoped.
As the $_GET and $_POST are global array, you can use the following code to see the values:
echo "<pre>Get data</pre>";
print_r($_GET);
echo "<pre>Post data</pre>";
print_r($_POST);
Check whether these variables are set in the request. If not, try to use the post method, as it can hold more data than get method.
First of all, make sure that your page is getting request parameters. Try $_REQUEST['inf_custom_ddState'] or print all variables using print_r($_REQUEST).
$_REQUEST is an associative array that by default contains the contents of $_GET, $_POST and $_COOKIE. If anyting is passing to page then it should get printed.
I want to redirect my browser to a PHP page such that when the page loads, it will display to the user a substring of the current URL.
For example, let's say I have a page called substring.php.
My browser forwards me to:
http://www.example.com/substring.php?oauth_token=123456
Is it possible to write some PHP code that will then display to the user, "123456"?
If so, can anyone help me on how to do this?
Thanks!
All the query parameters in the URL will be inside the superglobal $_GET array, so you could simply do this:
echo $_GET['oauth_token'];
BE forewarned that if you're going to output anything that comes in from a URL (ie. user input), you should make sure to sanitize it properly for output. In this case, htmlspecialchars() would be prudent:
echo htmlspecialchars($_GET['oauth_token']);
<?php
echo $_GET['oauth_token'];
?>
Can't you just use the $_GET superglobal? It stores the contents of the query string part of the URI as an associative array:
echo $_GET['oauth_token'];
You can retrieve the value of oauth_token via the $_GET superglobal array:
echo $_GET['oauth_token'];
Of course you should use caution when outputting data you get as input from a user, but that's how it works in short.