We always retrieve the value in a $_GET['var'], but is it possible to assign a value as well? I have a php page where at one point, through ajax, I want to stay on the same page but change the query string or do an assignment like this:
$_GET['myvar'] = 'newvalue';
Is this possible?
Yes you can override the $_GET. however that is only for that request.
with ajax you do a new request and in the ajax call you can just use diffrent values for the data.
Yes, you can assign to the $_GET array, but it won't change the query string in the URL.
It's probably not the wisest thing to do though, as it will be overwritten in the next request
$_GET is just like a regular array. The only difference is that the keys of this array will be automatically populated with values that come with the request using HTTP GET. They are called superglobals because they are automatically and globally available anywhere in your script, other wise they behave just like regular arrays.
So if you have a request like mypage.php?key=value, PHP automatically does something equal to this for you:
$_GET['key'] = 'value';
And just like any regular array, you can overwrite it with a different value. However I really do not see a use case for that unless you are doing some testing or some really weird thingy..
Related
I have a pagination-instance where I want to append all query parameter from the request to the next_page_url attribute.
I have query parameter with a value like &name=chris but I also have single parameter without a value like &xyz.
However, when I append all query parameters to the pagination instance, like so:
$query->simplePaginate(50)->appends($request->all());
only parameters with a value are getting appended.
How can I append all parameters to the next_page_url?
Update
I want to append query parameters to get the next chunk of requested data.
If I don't, it always gives back "next_page_url":"http://vue.dev/contacts?page=2". What I want is "next_page_url":"http://vue.dev/contacts?name&page=2"
Take URL http://vue.dev/contacts?page=2&name for example. Although perfectly valid, it's still quite ambiguous. Do we mean to include name? Do we mean to exclude name?
So I'd suggest you to use this URL instead http://vue.dev/contacts?page=2&select=name. If you decide to select more stuff you can just do http://vue.dev/contacts?page=2&select=name,age,gender.
Later in your code just use explode to use the value as an array:
$attributes = explode(',', $request->select);
Useful reading: http://www.vinaysahni.com/best-practices-for-a-pragmatic-restful-api
Even though Fahmis solution is possible as well, I end up using the approach from this so-question. This has the advantage that php reads the parameter as an array automatically. My url end up looking like this:
http://vue.dev/contacts?page=2&select[]=xyz&select[]=abc
I am having following url,
www.example.com/index.php?r=recommend/create&id=184?
title=Ruins%20of%20Mahabalipuram
&url=http://localhost/index.php/mediadetail/index/184
I need to get title and url which are query string parameters.
Has anyone worked on getting values in query string in Yii?
There is also the getParam() method in CHttpRequest.
Yii::app()->request->getParam('title')
I've found it a valuable shortcut, since it checks both $_POST and $_GET and gives priority to $_GET, so you can use it to override post variables in the address URL. It also performs null checks and you can provide a default value in the second parameter.
The drawbacks are that you can't use it for arrays and maybe it's a little bit verbose (compared to $_GET['title']).
Look the function parse_str, it would worked and if not, look parse_url but it's not necessary for what you want to do.
They'll automatically be available in your action as $_GET variables. Yii handles parsing them for you as part of the CHttpRequest object
I have two URL's which contain the parameter "tour_date" which I am trying to read out in PHP. Running $_REQUEST["tour_date"] for the first URL:
.php?tour_id=336&tour_date=11/06/2010
returns the value of: 11/06/2010
While the second URL:
.php?tour_id=336&tour_date=11/06/2010
returns nothing. I've run the empty() method to test, and it indeed is not finding it. Any ideas on why this would happen? Thanks for your help!
$_REQUEST is a superglobal that combines $_GET, $_POST and $_COOKIE (in this order by default)
if your POST or COOKIE also set tour_date to an empty string, then the REQUEST values get overwritten
You could try putting var_dump($_REQUEST); in your code to see if that points you in the right direction.
Also, make sure you don't have a comparison with only a single "=".
As in if($_REQUEST["tour_date"] = ""){. This will return true and also set tour_date to empty.
It may sound strange, but in my PHP application I need to check if the same variable name has been declared more than once in the query string or POST variables, and return an error value if this is the case. If my application doesn't return an error in this case, it fails a compliance check.
When accessing vars using $_GET, $_POST, etc, PHP only returns the last value given for each variable name. I can't find a way to tell if any variable appeared more than once.
I simply need to find out if the query string or the variables in the POST body contained the same variable name more than once, whatever the values.
Example
My application is supposed to return an error for this query string:
verb=ListIdentifiers&metadataPrefix=oai_dc&metadataPrefix=oai_dc
Note that "metadataPrefix" is defined twice.
My application should not return an error for this query string:
verb=ListIdentifiers&metadataPrefix=oai_dc
POST Requests
$input = file_get_contents('php://input');
(Or $HTTP_RAW_POST_DATA (docs))
GET Requests
$input = $_SERVER['QUERY_STRING'];
Processing
explode('&', $input) and maintain an array - $foundKeys - of keys (the part of each item from explode() before the = character). If you hit a key already defined in $foundKeys, throw the error.
For GET data, check out $_SERVER['QUERY_STRING']. But for POST data, you'll need to read the raw POST data from the php://input stream.
So something like this:
// GET data:
$raw = $_SERVER['QUERY_STRING'];
// Or for POST data:
$raw = file_get_contents("php://input");
if (substr_count('&'.$raw, '&metadataPrefix=') > 1)
die('Error');
print_r($raw); //post vars
PHP $_POST will always set only one value per variable unless the request variable name ends with [].
If you have no control over the variables that are sent, you may try using $_SERVER['RAW_HTTP_POST_DATA'] to get the original POST request data before parsed, then you can use the parse_str() function to parse that string.
Just be careful that PHP configuration may have disabled setting the RAW_HTTP_POST_DATA value. In that case, you cannot do anything to solve your problem.
Not completely foolproof but this might work
$occurrences = substr_count($_SERVER['QUERY_STRING'], 'metadataPrefix=');
If you expect multiple values named the variable with square brackets in the end. This way you get an array for that variable. If multiple values are set, the array will have multiple entries.
<input type="checkbox" name="my_var[]" value="a">
<input type="checkbox" name="my_var[]" value="b">
$_POST['my_var'] will be an array with either 'a' or 'b', both, or none depending on the checkboxes used.
I am looking to have a list of arguments passed across in an a URL.
$url['key1']=1;
$url['key2']=2;
$url['key3']=3;
$url['key4']=4;
$url['key5']=5;
$url['key6']=6;
$url['key7']=7;
Please Note I am trying to pass this in the URL in 1 GET variable. I know this would be better done by ?key1=1&key2=2&key3=3...etc but for reasons that are too complicated to try and explain they can't be in this format.
Any suggestions how I can convert this array into something that can be passed as 1 get var in a URL string?
Thanks in advance.
You can use json_encode() or serialize()
$myUrl = 'http://www.example.com/?myKey=' . urlencode(json_encode($url));
or
$myUrl = 'http://www.example.com/?myKey=' . urlencode(serialize($url));
Using json_encode will usually give you a shorter string, but very old PHP version might not have the json_decode function available to decode it again.
The final way would be to create your own custom encoding... it could be as simple a pipe-separated values: key1|1|key2|2|key3|3
This would give you the best option for a short URL, but is the most work.
Try http_build_query:
$url['key1']=1;
$url['key2']=2;
$url['key3']=3;
$url['key4']=4;
$url['key5']=5;
$url['key6']=6;
$url['key7']=7;
echo http_build_query($url);
//echos key1=1&key2=2&key3=3&key...
What it does is converting an array into a query string using the keys and automatically takes care of url-encoding.
EDIT:
Just read your additional requirement that it should be just one variable. So nevermind this answer.
If your problem was the proper encoding though you might want to give this another try.
Hope that helps.
The recommendation to use serialize() is fine. If space is an issue, then use a combination of bzcompress() and serialize().
However, there's a security considering that hasn't been brought up, and that's that the end user (who can see and edit this url) could manipulate the data within it. You may think it's difficult, but most of the PHP-attacking worms in the wild do this to some degree or another.
If letting the user directly manipulate any of the keys or values (or replacing it with an integer, or an object, or anything else), then you should protect your script (and your users) from this attack.
A simple solution is to simply use a shared secret. It can be anything; just so long as it's unique and truly secret (perhaps you should randomly generate it at install-time). Let's say you have in your config file something like this:
define('SECRET', 'unoqetbioqtnioqrntbioqt');
Then, you can digitally sign the serialized data created with: $s=serialize($m) using $k=sha1($s.SECRET) and make the url value $k.$s
Then, before you unserialize() do this:
$v=substr($input,0,40);
$s=substr($input,40);
if ($v != sha1($s.SECRET)) { die("invalid input"); }
$m=unserialize($s);
This way, you know that $m is the same as the original value that you serialized.
If you like, you can use the following drop-in replacements:
define('SECRET','buh9tnb1094tib014'); // make sure you pick something else
function secureserialize($o) {
$s=serialize($o);
return sha1($s.SECRET).$s;
}
function secureunserialize($i) {
$v=substr($i,0,40);$s=substr($i,40);
if ($v!=sha1($s.SECRET)){die("invalid input");}
return unserialize($s);
}
You could serialize them as key-value pairs when constructing the URL, putting the resultant serialized value in a single $_GET variable (e.g. data=sfsdfasdf98sdfasdf), then unserialize the $_GET["data"] variable. You'll need to use urlencode to make sure the resultant serialized values are URL-safe. Make sure you watch out for maximum URL lengths - 2083 characters in IE.
However, unless you really can't use key-value pairs in URLs (per your question), key1=foo&key2=bar... is definitely the way to go.
If you don't mind dropping the key names, you can use
http://example.com?url[]=1&url[]=2&url[]=3
EDIT Keeping the key names:
http://example.com?values[]=1&values[]=2&values[]=3&keys[]=1&keys[]=2&keys[]=3
Then in your PHP script:
$url = array_combine($_GET['keys'], $_GET['values']);
Could you solve your problem by saving the data as a HTML cookie? That way you don't have to modify the URL at all.
If you know the values in advance, you can set them from the server side when you send the user the page with your target link on it.
If you won't know the values until the user fills out a form it can still be done using JavascriptL When the user clicks the form submit you can set multiple cookies by making multiple javascript calls like:
document.cookie = 'key1=test; expires=Mon, 7 Sept 2009 23:47:11 UTC; path=/'
The security model might give you some trouble if you are trying to pass this data from one domain to another though.