I have an array used in a foreach() loop that I am able to pass from one page to another using a link in the sender page:
$annoncenumber = $book[7];
<a href="index.php?annoncenumber=' . $annoncenumber . '&option=com_aicontactsafe&view=message&layout=message&pf=4&redirect_on_success=">
and in the receiver page:
$annoncenumber = $_GET['annoncenumber'];
This works fine but because of the $annoncenumber in the link I can't use the joomla menu linking system to add modules to the receiver page (menus, footer). I tried to use $_SESSION instead:
$annoncenumber = $book[7];
$_SESSION['lginumero'] = $annoncenumber;
But with this method and using a SEO optimized link:
The session result is incorrect when the person clicks on the link. It only retrieves the last value of the array. So my question is either how to get the joomla modules to show with a link that uses variables OR how to use $_SESSION to correctly pass the array variable to my receiver page when the user clicks the link. Thanks.
You should use the joomla class JSession instead of native PHP $_SESSION, since Joomla sometimes clears the $_SESSION variable.
http://docs.joomla.org/JSession/11.1
You should never use unsanitized $_GET to retrieve the variable, since this is a great security risk. Use the Joomla JRequest::getInt('announcenumber'); instead to properly sanitize the variable.
http://docs.joomla.org/JRequest/11.1
If the PHP file you're using to catch the request is an external file outside Joomla, then you cannot use the core Joomla classes. In that case i suggest that you rewrite your extension to comply with MVC standards.
Related
I am building an TYPO3 extension with Extbase and want to store data which I get via HTTP GET.
Now I struggle with possibility to use a browser to access the action controller.
The plugin is implemented into page 102
The extension key is xyzlist
the Plugin Name is xyzlistdb
The controller name is PlaylistController
The action is getAction
The domain name is sub.domain.de
In the PlaylistController.php is under getAction only
error_log("GetAction",0);
to figure out, if the browser url goes to the getAction.
Here the URL I am using
http://sub.domain.de/index.php?id=102&tx_xyzlist_xyzlistdb[controller]=playlist&tx_xyzlist_xyzlisdb[action]=get
In the browser I am using '&' instead of only '&'
But if I only use '&', it also not access the Get action
But I don't get any message in the log file!
What I am doing wrong?
Here you have multiple possibilities...
First, you can disable [FE][pageNotFoundOnCHashError] (Install-Tool), so you dont get an 404 on invalid cHash. This is globaly for you site for all plugins. Its not the secure way.
Second, you can set plugin.tx_xyzlist_xyzlistdb.features.requireCHashArgumentForActionArguments = 0 in your typoscript to disable the pageNotFoundOnCHashError for you plugin.
Last, you can add your variables to [FE][cHashExcludedParameters] (Install-Tool), so that your variables are not included in the cHash calculation.
To get the correct link, you will have to use typolink. Probably the easiest way to generate a link to a plugin action is to use f:uri.action in a template like this:
<f:uri.action pageUid="102" extensionName="xyzlist" pluginName="xyzlistdb" action="get" />
https://docs.typo3.org/other/typo3/view-helper-reference/9.5/en-us/typo3/fluid/latest/Link/Action.html
Write first letter of your controller name capitalized.
http://sub.domain.de/index.php?id=102&tx_xyzlist_xyzlistdb[controller]=Playlist&tx_xyzlist_xyzlisdb[action]=get
Also do not turn off cHash without a good reason. That problem is not a reason at all.
Jonas mentioned to generate a link to your action with:
<f:uri.action pageUid="102" extensionName="xyzlist" pluginName="xyzlistdb" action="get" />
It is indeed a good and time saving practice.
I am working on a site and the builders have used a mix of php and html for links. For example:
<li>Variable Speed Drives</li>
<li>Corrosion Resistant Baseplates</li>
and
<li>MP Repair</li>
<li>MTA Repair</li>
The php is referenced in another file in this way:
<?php
$pdf_link = "../pdf/";
$external_pdf_link = "../../pdf/";
$video_link = "../video/";
$external_video_link = "../../video/";
?>
My concern is not knowing the function of the php, other than it being a placeholder, and given that the links work both ways, I don't want to break something because I am clueless to its purpose.
In doing my due diligence researching, I ran across this post, which is close, but still no cigar, Add php variable inside echo statement as href link address?. All of the research seems to be about how rather than why. This is the site, and they only used it for the "Downloads" links: http://magnatexpumps.com/
Thank you...
B
There is no right way. They are just different.
Let's forget the PHP for a while. If you have this link in a page:
<a href='about.html'/>About</a>
What will happen? The browser will change the URL of the document. If you are at the root of the site like: "www.example.com", will redirect to "www.example.com/about.html". If you are in a URL like "www.example.com/news/index.html" will redirect you to "www.example.com/new/about". That's why sometimes it is useful to have a variable before, to force a full path URL.
Another case of URL variable interpolation is when you have different systems running in the same url. In this case, you will have to append the system name in order to get to where you want. If you don't know where your application will run if it will run on the doc root, or in a subfolder, use a variable to indicate the base path.
I have a menu that is in an iframe. The user selects an option from the menu to log in and after the credentials are verified (using mySQL) (via a call to href='login.php') - I need to access several variables (such as the object handle to the mySQL connection ($dbconnection), user id ($userid) value. I have declared these variables as globals and they appear= to be inaccessible from the launch of href="other.php" menu option. I have tried to put these as $GLOBALS and the same results - they are inaccessible from the launch of href="other.php" menu option.
Passing these variables in the href call via the use of ? and & is not a good solution (and besides you cannot pass an object such as a Data Base handle. I need these variables in other files I open from the menu via the href.
What is the best way to have this functionality?
Jack
I found a solution to the problem. In order to pass variables to called PHP files via the HREF I had to put these variables in the SESSION global. I then did a $enc=session_encode() which encodes into a string all the user defined session variables and then I passed the string value to the called file via the use of the ? after the file being called. In the file that I called, I pulled the passed encoded SESSION string via a $GET and then used the value from the $GET to call session_decode (). That seemed to work. I am also thinking of hashing and salting this encoded string so that it is not easy to hijack it.
I want to be able to test a website I am building using PHP that gets all its content from a database that uses point in time. I have a series of pages that I use to maintain the content and assign effective dates.
The live website will not have access to a session.
I simply want to hack the URL with a parameter like so:
mywebsite.com/current.php?asof=2016-01-01
But I want this parameter to appear on all subsequent pages.
I could use cookies I guess but I want the visual cue.
Finally, some of the pages I navigate to will have additional parameters.
Can this be done? If so, how?
EDIT:
Is there a way to edit the response by injecting URL parameters for any arbitrary response.
If navigation is done only via links and forms, and you have no session, you could try injecting the params into all links and forms before rendering the html.
// set the asof value once upon starting navigation
$_GET['asof'] = '2016-01-01';
// then on all pages onward
// grab all links and inject all $_GET params
$html = preg_replace('/(href="[^"]+)"/', '$1?'.http_build_query($_GET).'"', $html);
// the same for forms
$html = preg_replace('/(action="[^"]+)"/', '$1?'.http_build_query($_GET).'"', $html);
echo $html;
This gets all the data passed in the query string ($_GET) and injects it into all links and forms. So every click on a link will propagate the $_GET params. Keep in mind that this is a rough implementation. This doesn't take into account links that already have query strings or pasting the url.
Set your cookie and then for every link you can do something like the following:
<?php
$asof = (isset($_COOKIE['asof']) ? 'asof=' . $_COOKIE['asof'] : '');
?>
link
I have a form in a template which is posted to a PHP script. This script sets some variables in the $_SESSION array, then redirects back to the same page using the standard:
header("Location: index.php?page=enquiry-form");
The problem is that whenever the page loads after refirection, the session only contains the following three variables:
cmsuserkey
cms_admin_user_id
cms_admin_username
...all of mine have disappeared.
I'm calling session_start(); in my php script
I've set the config option: $config['use_smarty_php_tags'] = true;
The user doesn't need to be logged in to use the form (in fact the site doesn't use logins at all).
Can anyone suggest anything I'm not doing/doing wrong?
Thanks,
Rich
I had the same problem once and fixed it by addin exit() after the redirection to save the session:
header("Location: index.php?page=enquiry-form");
exit();
I've had a similar problem (though I wanted to use data from the CMS Made Simple session in another php-file). For me the cause was the following (as stated in my comment on the question):
CMS Made Simple (CMS from now on) does makes its own session name. This means that when you run session_start() in a separate php-file, it will not have the same session name. Therefore, the php-file won't be able to access CMS's session data, and CMS won't be able to access the php-file's session data.
The solution logically follows from the cause, you need them both to use the same session name.
CMS sets its session name in include.php which should be in the app's root folder.
$dirname = dirname(__FILE__);
...
$session_key = substr(md5($dirname), 0, 8);
#Setup session with different id and start it
#session_name('CMSSESSID' . $session_key);
So, in your php file you will need to do the following (before calling session_start();):
//Substitute the string $dirname for the result of __FILE__ in **include.php**!!!
$dirname = '/data/web/somefolder/someotherfolder/'
$session_key = substr(md5($dirname), 0, 8);
#session_name('CMSSESSID' . $session_key);
//Now you can call session_start();
Doing this lets your php-file access CMS's Session. If you use any plugins that put essential data in the session, you'll want to be careful not to erase any of that data.
NOTE: I use CMS version 1.8.2, this solution may not work if you use a different version.