Is it possible once I have retrieved a userid from a MySql database, for example, $userID, to then use that as a parameter in a HTML link, for example;
<href="http://www.site.com/?110938">
Thanks.
In PHP, anything you echo is sent to the browser. So you can simply echo that variable.
echo $userID;
Or to put it in the link:
<href="http://www.site.com/?<?php echo $userID ?>">
Of course that means you're trusting that $userID will contain valid data (and not some malformed HTML attempting to break your site and ruin your user's lives).
If it should always be a number, you can keep out potential bad data by forcing it to be an integer:
<href="http://www.site.com/?<?php echo (int) $userID ?>">
I believe what you are looking to do is use the GET method of retrieving data.
The GET method (as opposed to post) pulls all of the parameters out of the URL. For example, lets take a google maps search url:
http://maps.google.com/maps?q=Empire+State+Building,+NY&hl=en
Let us break down this URL:
http://maps.google.com/ - this is the location of the script
maps? - Maps is the name of the file that contains the script (if
they are using PHP); notice, there is a ? in the URL, indicating
that the GET method is being used. All information after the ?
pertains to the GET data.
q=Empire+State+Building,+NY& - this portion is the first GET
variable. They have decided to use the letter q as the name of
their GET variable, and the value is Empire+State+Building,+NY. The
& indicates that another variable will be specified.
hl=en - this is the second variable in their query.
If they were to use PHP to read these parameters, they would use the following code:
$var1 = $_GET['q']; //Has value Empire+State+Building,+NY as string
$vars = $_GET['hl']; //Has value en as string
If you wanted to have your user's ID be in the URL, and use that to interact with the database, the easiest way would be to use GET, such that your URL would look like this:
www.example.com/example.php?id=45828
Then in your script, you would use the following code to access that data and query the database with it:
$userid = $_GET['id'];
$query = "SELECT * FROM users WHERE userid=$userid;";
$query = mysql_escape_string( $query );
mysql_query( $query );
just pass the variable like <href="http://www.site.com/?var_name=<?php echo $userID;?>">
Related
I know there must already has this question been asked but I didn't find the answer cause I don't know how to search exactly what I want.
So, I wanna make such a link http://example.com/index.php?cat=about where I should insert some about info. But I don't know how to make a page with this URL containing ? symbol and other stuff, or how to edit that page then, where to edit and etc.
About Us
I've also made cat.php file but what next?
In your index.php file you can use the following:
if(isset($_GET['cat']) { // means if the user use the url with ?cat=something
echo "<1>About {$_GET['cat']}</h1>"; //print the about of the cat as html
}
OK, Suppose you've two PHP files. page_a.php & page_b.php.
page_a.php
<?php
echo "<a href='page_b.php?cat=about'>Click Me</a>";
page_b.php
<?php
print_r($_GET); // Show all GET contents
echo $_GET['cat']; // Show what content exist in 'cat' part of url
Hope, this will clear your doubt of how to send data in url from one page to another using GET mehtod.
To store variable data in the url, you can use the query string. This is the portion of the url that immediately follows the protocol, domain name and file path
The query string begins with ? and may contain one or more parameter parameter value pairs. The parameter and parameter value are separated by =. Each pair is separated by &.
Let's suppose you do development for a tourism company called Gi Tours which provides content in 3 different languages. Because site visitors will want to be able to select their preferred language, you can provide flag images that will indicate a certain language and wrap those flags with the appropriate hyperlinks. Rather than writing out the full language name, you can simply assign id numbers to represent each like this:
<?php
echo "<img src=\"img/ge.png\">";
echo "<img src=\"img/en.png\">";
echo "<img src=\"img/ru.png\">";
?>
If a visitor clicks the second flag which loads this url: https://www.gitours.ge/index.php?lang=2, your index.php code can be written to extract the value assigned to lang by using $_GET["lang"].
If you write in your index.php file:
<?php
echo $_GET["lang"];
?>
Your code will display:
2
Or on your index.php file, you can easily generate dynamic page content using $_GET array data.
<?php
if(isset($_GET["lang"])){ // this checks if lang exists as a parameter in the url
$lang=$_GET["lang"]){ // $lang will equal the value that follows lang=
}else{
$lang=1; // if there was no lang parameter, this sets the default value to 1
}
if($lang==2){
// show English content
}elseif($lang==3){
// show Russian content
}else{
// show Georgian content
}
?>
This is, of course, a simplified demonstration; other techniques can be used to interact with the $lang value.
#Lasha Palelashvili let suppose below example:
above you are sending only one input parameter cat through url to the index.php file at server side so when you send this data from url it will send by get method by default, if you want to get this url info(input parameter) at the php side so $_GET will help you to fetch that info $_GET is actually an array which stores your input parameter as key and input parameter's value as value for your case("index.php?cat=about") $_GET array will contain value like below:
$_GET = array("cat" => "about")
now at the server side you can easily get the value like:
//index.php
<?php
$cat = $_GET["cat"];
echo $cat;
?>
I have coded so that i get the following url upon clicking a certain link.
.../project/auction/auction.php?user=ernie6?auc=1
I just wondered what is best way to "get" the following details "ernie6" (as the username) and "1" this being the first auction. Moreover what is the "general rule" to extract data of the form "y=z?a=b?c=d?..."?
Thanks a lot.
It should be & instead of the second/third/etc ?
user=ernie6&auc=1
and then you can refer to your $_GET global array
To see its full content you can do a var_dump($_GET) or get the specific values by:
$user = $_GET['user'];
$auc = $_GET['auc'];
Your URL is not correct, if you want to provide arguments you need to start with a ? and then separate each arguments by a &
Then on your PHP script auction.php you retrieve each arguments like this:
$user = $_GET['user'];
The $_GET variable is a global array containing every parameters provided on the URL. More info on the query string here : http://en.wikipedia.org/wiki/Query_string
EDIT: If you try to retrieve an argument that does not exist you will have PHP warnings or errors. To avoid these it is better to ensure the index exists in the array before retrieving. Something like this would be better:
if(isset($_GET) && isset($_GET['user'])) {
$user = $_GET['user'];
}
For that url, $_GET['user'] and $_GET['auc'] would be defined in the scope of your script if you properly formatted the link (begin get data with ?, separate variables with &).
Assumimg that you are using GET or POST, you can simply get the values like so:
$user = $_POST['user'];
$auc = $_POST['auc'];
or
$user = $_GET['user'];
$auc = $_GET['auc'];
You might find the following documentation useful:
http://php.net/manual/en/reserved.variables.get.php
http://php.net/manual/en/reserved.variables.post.php
I know that CakePHP params easily extracts values from an URL like this one:
http://www.example.com/tester/retrieve_test/good/1/accepted/active
I need to extract values from an URL like this:
http://www.example.com/tester/retrieve_test?status=200&id=1yOhjvRQBgY
I only need the value from this id:
id=1yOhjvRQBgY
I know that in normal PHP $_GET will retrieve this easally, bhut I cant get it to insert the value into my DB, i used this code:
$html->input('Listing/vt_tour', array('value'=>$_GET["id"], 'type'=>'hidden'))
Any ideas guys?
Use this way
echo $this->params['url']['id'];
it's here on cakephp manual http://book.cakephp.org/1.3/en/The-Manual/Developing-with-CakePHP/Controllers.html#the-parameters-attribute-params
You didn't specify the cake version you are using. please always do so. not mentioning it will get you lots of false answers because lots of things change during versions.
if you are using the latest 2.3.0 for example you can use the newly added query method:
$id = $this->request->query('id'); // clean access using getter method
in your controller.
http://book.cakephp.org/2.0/en/controllers/request-response.html#CakeRequest::query
but the old ways also work:
$id = $this->request->params->url['id']; // property access
$id = $this->request->params[url]['id']; // array access
you cannot use named since
$id = $this->request->params['named']['id'] // WRONG
would require your url to be www.example.com/tester/retrieve_test/good/id:012345.
so the answer of havelock is incorrect
then pass your id on to the form defaults - or in your case directly to the save statement after the form submitted (no need to use a hidden field here).
$this->request->data['Listing']['vt_tour'] = $id;
//save
if you really need/want to pass it on to the form, use the else block of $this->request->is(post):
if ($this->request->is(post)) {
//validate and save here
} else {
$this->request->data['Listing']['vt_tour'] = $id;
}
Alternatively you could also use the so called named parameters
$id = $this->params['named']['id'];
I am new to PHP.
I need a help regarding the methods of extracting DB name and table name from the given URL name.
For example, let's say, I have an URL like the one below:
/test.php?db=...&table=.../
How to extract the DB name and table name from this URL using PHP and use the result for other query purposes.
If you mean how to parse an existing URL for it's parameters:
parse_url() and parse_str() will help you strip the components of the url. You will primarily be looking at the following
$elements = parse_url($url);
$kvps = $elements->query;
$db = parse_str($kvps['db']);
$table = parse_str($kvps['table']);
But, if you mean how to GET variables from the current page before render:
<?php
$dbname = $_GET['db'];
$tablename = $_GET['table'];
?>
And yea, there are major security risks involved in opening up 'direct' access to your database this way. Best to obfuscate / encapsulate / wrap your functions in tasks like index.php&addUser=tim instead of index.php&insert=tim&db=boofar&table=users&dbuser=root&dbpassword=secure.
If you're just learning, what you're doing is fine, as long as you realize why it's wrong. If you're coding for production, you really need an alternate solution.
There are two ways to pass variables or data to another page.
GET (via the URL)
and
POST (usually a form submission)
You can alway get via
$_GET
http://php.net/manual/en/reserved.variables.get.php
or
$_POST
http://nl.php.net/manual/en/reserved.variables.post.php
I need something simple; I have page where a user clicks an author to see the books associated with that author. On my page displaying the list of books for the author, I want a simple HTML title saying: 'The books for: AUTHORNAME'
I can get the page to display author ID but not the name. When the user clicks the link in the previous page of the author, it looks likes this:
<?php echo $row['authorname']?>
And then on the 'viewauthorbooks.php?author_id=23' I have declared this at the start:
$author_id = $_GET['author_id'];
$authorname = $_GET['authorname'];
And finally, 'The books for: AUTHORNAME, where it says AUTHORNAME, I have this:
echo $authorname
(With PHP tags, buts its not letting me put them in!) And this doesnt show anything, however if I change it to author_id, it displays the correct author ID that has been clicked, but its not exactly user friendly!! Can anyone help me out!
You could pull the author_id from the query string as you did using $_GET but beware you will need to validate what is coming through by the query. I hope you can see that without validation how bad of a security hole this is.
I am at work at the moment, but this is a quick example that should give you what you need without sanitizing your query.
$id = intval($_GET['author_id']);
// of course, perform more validation checks
// just don't assume its safe.
$sql = "SELECT authorname FROM authors_tb WHERE author_id=" . $id;
$result = mysql_query($sql);
while($row = mysql_fetch_array($result)) {
echo "The books for: " . $row['authorname'];
}
The reason why your approach wasn't working was because you utilize the $_GET URL parameter passing for author_name where you weren't supplying the parameters in the URL, just the author_id.
You don't send it in the query string, thus you can't get it from the $_GET array.
Just request it from the database using id.
An important note: Always use htmlspacialchars() when you display the data, coming from the client side.
This is because you do not define the author name in your get.
You should make the following your url:
<?php echo $row['authorname']?>
Or rather select the data from the database again, on the new page, using the ID you retrieved from the URI.
Author name won't be in $_GET. As your code stands, you only use it as the link title. It is no where in the address. Try this instead:
<?php echo $row['authorname']?>
It would be better to re-request it from the database using the author_id though.
EDIT:
To explain the problem in more detail. You have two pages, the new.php page and the viewauthorbooks.php page. You're sending users from the new page to the view page using the link you posted, right?
The problem with that is, your link assigns one variable in get. Here's the query string it would generate:
viewauthorbooks.php?author_id=13
What that will do is send the user to viewauthorbooks and place the value '13' in the $_GET variable: $_GET['author_id']. That is why the author_id is there and displays on viewauthorbooks. However, authorname is never passed to viewauthorbooks, it isn't in $_GET['authorname'] because you never set $_GET['authorname']. If you want it to be in $_GET, then you need your query string to look like this:
viewauthorbooks.php?author_id=13&authorname=bob
You can accomplish that using the new HTML code for the link I posted above. Look at it closely, there's a key difference from the one you have now.
However, it is generally discouraged to pass data through GET, because the query string is displayed to the user and it leaves you open to injection attacks. A better way to do this would be to use the author_id you are already passing to viewauthorbooks.php to retrieve the authorname from the database again. You can use the same code you used on the new.php page.