Pass Variable into Wordpress - php

Can someone tell me how to pass a variable into Wordpress from an incoming URL? For example, I have a visitor following this link:
http://mywebsite.com?variable=white
When they arrive at my wordpress site, I want to pull that "white" variable and store it for future use in my MailChimp list and departing links like this:
store mailchimp color
http://mySecondWebsite.com?favoriteColor=white
I want this to be temporary and specific to this user only. I understand the concept and use of session_start(), but I have no idea how to use this in conjunction with Wordpress. Any help is appreciated.

You can use the GET variables to fetch information from a URL. You can read out the $_GET array in PHP to get to your variable.
The part thats tricky, is that inside your wordpress application, you should check out if the user is logged in, and then update the users' information based on the current session. This is basically what you're looking for.
If the user is not logged in already, you can ofcourse not update his account by just that URL. You'd then need to add more info - something like a hash in the URL thats unique for this user and allows you to update a preference without logging in.

Related

Set conditional on template based on a refering page

I am trying to create a conditional template in wordpres where the condition should only be passed if the referring page is the search page:
I am aware that url_to_postid(wp_get_referer()) would get me the page id of the refering page but in my case this does not work as the search page does not have an id. Is there any other way I can do this?
EDIT: the wordpress url for the search would be http:/mywebsite.com/?s=aaa where is the search term
Depending what your using this for and how reliable it needs to be you could use $_SERVER['HTTP_REFERER']
Taken from PHP Manual
The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted.
You might be better off either using post/get to send a parameter to the next page, or using a session if you need more reliability and or control.

How to retrieve an action out of a url in php

I'm making a site where you can book a cabin. One of the requirements was to make a reaction system where an admin gets an e-mail with a link. If he clicks this link, the reaction will be posted on the site. I'm almost done with this, I only have one question:
http://student.waerdenborch.nl/~groep45/site/index.php?reactie=f0357a3f154bc2ffe2bff55055457068
In this link, how can i retrieve the part behind ?reactie=?
I could only find how to retrieve more of the url, but I only want the md5.
Just retrieve it by using $_GET
$_GET['reactie']
Also read this: http://php.net/manual/en/reserved.variables.get.php

Avoiding or alternative to use $_GET

I am currently using to process results via $_GET variable from querystring (URL) http://example.com?id=c02df and to update etc, as you know user can see what id being sent to the next page via url (from above example id is c02df) and can change the id from the URL himself. Kindly let me know is there any alternative way to exchange the ids between pages to process the functionality accordingly which user can't see or mess with?
The best solution would be to use $_SESSION, if you don't want to allow users to tamper with the request.
If you provide more info on your code, I can provide more info on the solution.
EDIT: Here's a "workaround" for using both $_SESSION and $_GET (still without seeing your code at all):
You set $_SESSION['allowed_gets'][] = 'c02df';
Then, when the user is making the request, you check whether they are allowed to do that request:
if (!in_array($_GET['id'], $_SESSION['allowed_gets'])){ die(); }
If you have content users shouldn't be able to see, you should have a login system.
If you just want unguessable URLs, avoid sequential IDs for the $_GET parameter. You could, for example, generate a salted MD5/SHA1 hash of the ID, store it in the database alongside the ID, and use that in the URL.

user profile page generation

I am developing a dynamic website using PHP. When a user of the website creates an account, a profile page should be created for that user. Say, a user called 'dev23' creates an account on my website, his profile should be accessible through the link www.mysite.com/dev23
How do I create such a thing? Should I create a standard page like userprofile.php which is populated with data specific to the username provided? Or should I create a permanent webpage for every user?
Please let me know the right approach to this porblem.
Is the www.mysite.com/dev23 meant to be public or only visible to the logged in user?
If it is only visible to the logged in user, you can create a myprofile.php file which retrieves the logged in user from the session and retrieves data accordingly.
If it is meant to be a URL that other users can hit, you probably want some sort of userprofile.php page with data passed along to identify the user to be viewed. For example, the url might be www.mysite.com/userprofile.php?user=dev23. If you are using Apache for your web server, you can look at using mod_rewrite to make the URL prettier. Thus, you could have the URL www.mysite.com/user/dev23 routed to userprofile.php?user=dev23 and your PHP processes the same. It is just a means of making URLs be more user friendly than a naked query string. This is common amongst many PHP-based CMS systems such as WordPress, Joomla, etc.
Ideally you should be creating a single file that handles all users.
Certain frameworks like SkyPHP allow this by defining the attributes after a valid page as "queryfolders" which can be used much like GET/POST variables.
If you are not using a framework, I might suggest you look into using one to simplify your tasks.
SkyPHP also has a functionality where a single field in a table can be used to pull this data simply by defining the page as _table.field_name_
It will check to see if there is a matching table and field to pull the data from and will automatically pull the id of the record whose field's value matches that of the url and assign it to a variable.
Example... If we have a table called category and a field named slug, one would create a page named _category.slug_.php
Then the url... http://mydomain.com/watches would look for "watches" in category.slug and pull back the identifier of the record as $category_id with $category_slug available also.
It would solve your issue if you are willing to give it a shot.
Again refer to the documentation here... http://switchbreak.com/skyphp

PHP Guest Access to Website

I have a PHP project is essentially an order processing website for a company. Each user in the company has access to this website and is given certain credentials to the application that control access to pages and functionality throughout.
Now I have a request to allow a guest access to a single page. The complexity of this request is that the guest will be different each time as well as the page will be different. Basically it is a portal to allow customers, who don't have accounts within the system as there is no live ordering on this site, to be able to access and verify the order and shipping information.
My thought to accomplish this is to have a database table setup as a guest relationship table that will be used to store UIDs, MD5 Hash Keys and the destination page that the record is referring to. Also included would be a visit counter and expiration date. When the user receives an email they would have a link provided in the email to somewhere like http://website.com/verify/?HASH-KEY.
When this link is clicked I expect that the verify index.php page takes in the HASH, verifies it in the database and displays the page reference in the database within this location instead of redirecting into the application. This would allow guest access to the single page without the need to expose the structure of the website or a rework of the user authorization already setup.
Am I approaching this solution in the proper manner?
How do I grab the contents of one page and display it in another?
1. Am I approaching this solution in the proper manner?
Yep, more or less.
Some pointers:
Make sure you seed hash generation randomly. For example, DON'T simply MD5 a customer ID or some other small/sequential number, as that would make it easy for a malicious use to hunt down other pages.
Expire the hashed links after a set time out.
2. How do I grab the contents of one page and display it in another?
If you want people to "access and verify the order and shipping information" you should probably create a page specifically for it, instead of trying to pass through normally secure pages to insecure guests. Ie, a 'shipping confirmation page' that populates details according the data keyed by the supplied hash.
I'm trying to a follow this as well as I can.
It seems to be you should use your hash method, and just have a stand alone page that will generate the content you want, totally separate from the rest of the system. Just put enough data in your hash URL to determine what is needed.
Something else to do is use a timestamp in your hash string URL and have that timestamp part of the random bits that you generate your hash on. This will allow you to make a URL essentially "expire" after a certain point.
Example: url.com/in/123456789865/hash-here
You can compare "123456789865" in this example to the current server time and determine if its expired. Of course you need to make "123456789865" part of your hash encryption to still validate
If I understand you correctly (and I think I do), than I think you're approaching this correctly.
To include another page's contents, you usually use include.
include "/path/to/page.php";

Categories