I have this code.
$message = "";
if($_REQUEST['msg'] == "new"){
$message = "New User has been added successfully";
}else if($_REQUEST['msg'] == 'edit'){
$message = "User has been saved successfully";
}else if($_REQUEST['msg'] == 'update'){
$message = "User(s) has been Updated successfully";
}
can any one please tell me here what is ['msg'] and please explain the functioning of $_REQUEST?
$_REQUEST is a super global array. Just like $_GET, $_POST, $_COOKIE, $_SESSION etc. That means it can store a list information numerically or associatively.
For example:
Associative:
$array = array(key->value, key->value);
Numeric:
$array = array([0]->value, [1]->value);
In the case of $_REQUEST or $_POST or $_GET these arrays will store encoded data sent to the PHP header.
for example:
$_REQUEST['key'] = value;
or
you have a navigation item:
<a href='?key=value'>value</a> //for $_GET
PHP will encode that key->value into the url and save it to the super global array that you are using. To access it call:
echo $_REQUEST['key']; //returns 'value'
In your case msg is, so far, not encoded to the browser. It needs to be passed by different means(forms, href's etc.). So,
$_REQUEST['msg'] = 'new';
if(isset($_REQUEST['msg'])){ //use isset() to avoid an error
if($_REQUEST['msg'] == "new"){
$message = "New User has been added successfully";
}else if($_REQUEST['msg'] == 'edit'){
$message = "User has been saved successfully";
}else if($_REQUEST['msg'] == 'update'){
$message = "User(s) has been Updated successfully";
}
} //returns $message = "New user..."
$_REQUEST is not suggested because it makes it hard to control what information is processed. $_GET requests show the key->value pairs in the url. Information that you don't want as visible probably shouldn't be shown there. With $_REQUEST a user can send that key->value pair over the url to see what information needs to be passed and exploit that in other ways (google cross-site request forgeries).
TL;DR : $_REQUEST['msg'] -- 'msg' is a key in a key->value pair ('new'| 'edit' | 'update' being the value)
$_REQUEST is a superglobal array that saves values that can be used by the user in any scope in other parts of the website.
$_REQUEST contains values passed by post,get and/or cookies. As get is easy to hack so safer mechanism would be to use post when send data from one html/php file to another. Then you need to use $_POST to get the data. More detail you can find from this link.
So in your case previous html page has used either of the techniques to use a variable/parameter/cookie named msg to pass data.
The $_REQUEST['msg'] is a key from the superglobal array.
Basically $_REQUEST will access it even if the variable was sent through $_POST or $_GET :
$_POST :
$_GET : page.php?msg=testMsg
Related
hi i know how to store post value into session but how can i store session value into post.
post into session
$_SESSION['name'] = $_POST['name'];
$_SESSION['email'] = $_POST['email'];
$_SESSION['mno'] = $_POST['mno'];
$_SESSION['age'] = $_POST['age'];
I have an array stored in session and i want to store it into post.
Can i do this? If yes then how?
I want to store all array value in post from session
The opposite should work without any problems.
$_POST['name'] = $_SESSION['name'];
$_POST['email'] = $_SESSION['email'];
$_POST['mno'] = $_SESSION['mno'];
$_POST['age'] = $_SESSION['age'];
If you want to hold an array you can do it like this:
$datapost = array ( 'name' => $_SESSION['name'], 'email' => $_SESSION['email']);
$_POST['info'] = $datapost;
$_POST is not a persistent store where you can put things. The point of $_POST is that it is populated at the start of the request, with the data that was passed to the server from the client (usually, web browser).
You can write into that array, but it won't have any special effect. It's just an array variable that's globally available in all scopes of your code. Normally, you'd just want to create a new array, and assign whatever you want in there:
$data = [];
$data['stored_foo'] = $_SESSION['foo'];
$data['submitted_foo'] = $_POST['foo'];
See also Why are Global Variables Evil?
If you want to send data back to the browser, you can:
put it in the output (using echo etc)
put it in an HTTP header (using the header() function)
put it in a cookie (which will be sent as an HTTP header, crafted for you by the setcookie() function)
I'm designing a semi-basic tool in php, I have more experience server side, and not in php.
My tool contains 10-15 pages, and I am doing the navigation between them with the $_GET parameter.
I would like to check if the query string is empty (to know if I'm in the home page). Is there any php function for this ? Of course I can do it manually, but still?
EDIT: My question is if there is a function that replaces
if(! isset("param1") && .....&& ! isset("paramN")){
...
}
Try below
if(isset($_GET['YOUR_VARIABLE_NAME']) && !empty($_GET['YOUR_VARIABLE_NAME'])) {
}
isset() is used to check whether there is any such variable or not
empty() to check whether the variable is not empty or not
As per your comment, assume your URL as below
http://192.168.100.68/stack/php/get.php?id=&name=&action=delete&type=category
And your PHP script as below
<?php
$qs = $_GET;
$result = '';
foreach($qs as $key=>$val){
if(empty($val)){
$result .= 'Query String \''.$key.'\' is empty. <br />';
}
}
echo '<pre>'; print_r($result);
?>
In my above URL I passed id and name as empty.
Hence, Result will be like below
id is empty.
name is empty.
but I dont think its standard way.
If you want to process something only if all parameters are having some values, they you can move those process inside a if as below
if(empty($result)) {
// YOUR PROCESS CODE GOES HERE
} else {
echo 'Some Required Parameters are missing. Check again';
}
I have a problem with $_GET array. On my page a value comes from URL like this.
http://localhost/search.php?subject=Mathematics
I check this $_GET value something like this..
// Check for a valid keyword from search input:
if ( (isset($_GET['subject'])) && (is_string ($_GET['subject'])) ) { // From SESSION
foreach ( $_GET AS $key => $subject) {
$searchKey = $key;
$searchKeyword = '%'.$subject.'%';
}
} else { // No valid keyword, kill the script.
echo 'This page has been accessed in error.';
include ('includes/footer.html');
exit();
}
Now its working for me. But my problem is I am using another two variables to pass through URL on same page to filter my database values.
echo '<li>Tutor</li>
<li>Institute</li>';
This two links I used to filter my database values (clicking on this link).
$tutor = isset($_GET['institute']) ? '0' : '1';
$institute = isset($_GET['tutor']) ? '0' : '1';
My problem is when I am trying filter database result clicking on the above link its always going this code instead of displaying filtered result.
} else { // No valid keyword, kill the script.
echo 'This page has been accessed in error.';
include ('includes/footer.html');
exit();
}
Can anybody tell me how I use this 3 $_GET values.
Why not just add a clause in the else:
elseif(!isset($_GET['institute']) && !isset($_GET['tutor']))
{
echo 'This page has been accessed in error.';
include ('includes/footer.html');
exit();
}
You need to make sure the url looks like this:
http://localhost/search.php?subject=Mathematics&tutor=tutorName&institute=instituteName
A ? denotes the beginning of the URL parameters, an & marks the separation between url parameters
Your problem doesn't seem to be, that you're running into the else loop (or better said: not the only problem). It looks like your first parameter gets lost with the second link. I think, the second link should react like some kind of extended search filter, that shoud be applied to the recently displayed content, or am I totally wrong at understanding you?
Perhaps this could solve your problem for creating the follow-up URLs.
$params = array();
foreach($_GET as $key => $value) {
$params[] = '&'.$key.'='.$value;
}
$url1 = '?tutor=link'.implode('', $params);
$url2 = '?institute=link'.implode('', $params);
And when you output the links:
echo '<li>Tutor</li>
<li>Institute</li>';
Your problem is that you are only checking the $_GET['subject'] variable, which is no being passed in. You could do this in a few ways, all resulting in changing:
if ( (isset($_GET['subject'])) && (is_string ($_GET['subject'])) ) { // From SESSION
1) include all variables in the conditional string:
if ( ((isset($_GET['subject'])) && (is_string ($_GET['subject']))) || ((isset($_GET['institute'])) && (is_string ($_GET['institute']))) || ((isset($_GET['tutor'])) && (is_string ($_GET['tutor']))) ) {
2) Pass in searchKey=1 or something in all your links and use:
if ( isset($_GET['searchKey']) ) { // From SESSION
Revised links:
echo '<li>Tutor</li>
<li>Institute</li>';
If you are looking to pass in more than one variable at once, you will need to put the search keys into an array.
I have the following code in my file.php file:
if (isset($_POST["activate"])){
$confirmed = true;
$result = execute_query("UPDATE tributes SET t_confirm = 1 WHERE t_id=".$_POST["tid"]." AND t_activation='".$_POST["activate"]."'");
if($result){
}
}else{
print "NO";
}
I call this file throught he following url:
http://localhost/ccmta/tribute.php?tid=55&activate=QiScE8W76whfQD0Twd15enG31yDEf1iVGLL0SHEB9doqI16bd8kskOPXu6bGZE65o7XPp9EXUBCJS7IbcjNZ98hA8vR11b0Ve0Qm
but the isset function won't recognize the activate variable that's in parameter in the URL and falls into the else bracket. I've also called print_r to see what is in the $_POST variable and it's an empty array. Any idea why?
Yes - $_POST is the array of POST, not GET (query string/URL) data. If you want both, use $_REQUEST, otherwise, use $_GET.
So I'm new to PHP and am trying to create a form. I accept a bunch of parameters and want to process them in the same page. I'm not sure how to do this without a giant if-else containing the entire page as if($_POST). This doesn't seem ideal.
In addition, I'm finding that I do the following a lot. Is there any way to shorten this? The names all remain the same.
$name = $_REQUEST["name"];
$gender = $_REQUEST["gender"];
$age = $_REQUEST["age"];
And I have a lot of lines which are just doing that, and it seems terribly inefficient
You can use the extract() function to do that. But it has a security downside: existing variables can be overwritten if someone would add variables to the POST header.
Edit: hsz's solution is better
What process you are doing with if..else..if you have to post the code so that we can let you know how that can be shorten.
you can avoid the assignment for each variable using extract function.
extract($_POST);
But be aware that can overwrite your existing variable if the are named same as your input controls.
Stop using $_REQUEST, because it is a combination of $_COOKIE , $_POST and $_GET.
It becomes a security risk.
Instead of using $_REQUEST you should use $_POST here.
$keys = array('name', 'gender', 'age');
foreach ( $keys as $key ) {
if ( isset($_POST[$key]) ) {
$$key = $_POST[$key];
}
// optional:
else {
$$key = ''; // default value
}
}
Magic quotes? http://php.net/manual/en/security.magicquotes.php
For the first thing: Turn it around. Don't do
if ($_POST) {
// Your handling code
} else {
echo "No data!";
}
do
if (!$_POST) {
die("No data!");
}
// Your handling code
You can use extract(), however, this means that you're bringing in a lot of variables that you (might not know about) int your current scope.
My suggestion would be to loop through your array and do something with the variables in there (e.g. - validation)
foreach ($_POST as $key => $valu) {
//do something with the variables
}
Also, don't use $_REQUEST unless you really want to check $_GET, $_POST and $_COOKIE. Use the proper array when accessing variables or people can send data you don't expect.