We Keep Coding

How do i use GET correctly in php?

i tried to find a solution for my problem for 2 hours now, but i don't know why my code does not work.
I have a sql output which looks like this:
function output(){
while($row = $this->statement->fetch()) {
$id = $row["id"];
echo '
<tr>
<td>'.$row["comname"].'</td>
<td>'.$row["district"].'</td>
<td>'.$row["industry"].'</td>
<td>"Details"</td>
</tr>
<br>
';
}
If someone click on the link "Details" i want to give out more information about that specific company. Therefore i save the id in the url to identify which company was clicked.
To check if the Details link was clicked, i wrote this:
Edit: just added the "$id = $_GET['details']" after your hints, it looks like this now:
if (isset($_GET['details'])){
$id = $_GET['details'];
echo $id;
}
}
When i click on the link "Details" it changes the URL correctly, but it doesn't print the id. (I don't only want to print the id, i just do this to check the functionality.) Why does my code not work? Is there a second "$GET" i have to use? I really don't know what is going on.
Edit: The php-code ends here, there is nothing i do afterwards.
Edit2: I tried print_r($_GET) and it looks like, the id is not even in the $GET-Array. Also the if (isset($_GET['details'])) statement is not executed.
Thank you!

You should print the $_GET['details']:
if (isset($_GET['details'])){
echo $_GET['details'];
}
Or put it in a variable:
if (isset($_GET['details'])){
$id = $_GET['details'];
echo $id;
}

$_GET[] is just an array of all GET parameters in the URL. You see them for example on https://www.google.com?q=stack+overflow where the parameter q is set to stack+overflow. So if you would echo out $_GET["q"] on that URL you would get stack+overflow. You can store it in a variable like $id and echo it out, but you need to set it first like $id = $_GET["details"];
EDIT: I just realized the code you have now is vulnerable to an attack called XSS or HTML Injection. Since we can specify the $_GET["details"] and so $id that is being echoed, an attacker can put HTML code or the <script> tag in there to execute dangerous JavaScript code on everyone that accesses the URL.
Luckily, there is an easy fix: just put the function htmlspecialchars() around whatever user input you echo. The echo you have here would become echo htmlspecialchars($id);

PHP Session Variable get lost and session id is changing on every request

i found many answers about that problem but nothing solved my problem - so i want to show you my code and hope that someone can find the mistake..
I have a standard HTML formular that gives some data with POST to the next .php file where i get it and save it into session-variables. I use the session variables about 2 reasons:
if someone reloads the page, it should show the same information as before.
I need the variables in upcoming php files.
Here is the code:
session_start();
// Handle Variables on post and reloaded-page
if(isset($_POST["locId"]) && isset($_POST["dateId"]) )
{
$locId = htmlspecialchars($_POST["locId"]);
$dateId = htmlspecialchars($_POST["dateId"]);
$_SESSION["locId"] = $locId;
$_SESSION["dateId"] = $dateId;
echo "Session variables are set: locId = " . $_SESSION["locId"] . " dateId = " . $_SESSION["dateId"];
} elseif(isset($_SESSION["locId"]) && isset($_SESSION["dateId"])) {
echo "get it from session";
$locId = $_SESSION["locId"];
$dateId = $_SESSIOn["dateId"];
} else {
$load_error = 1;
$status = "alert alert-danger";
$message = "shit, no variables here";
}
The frist call works fine - session variables are set and the echo gives the right values. After reloading the page i get the echo "get it from session" but my variables have no values.
i also checked my session_id() on first call and reload.. they are NOT the same.
I testet a simple test.php file where i start a session with a variable and ask for the variable in the next file. It works fine :-/
Its just a problem with my code above. I think my webserver is handling right. But what reasons are there for chaging a session id and losing session-variable values?

Damn! To write correct is everything ...
I found my mistake.
Look at the code in my question. The second session-variable is $_SESSIOn["dateId"].. the n is lowercase! If i write it correctly and complete in UPPERCASE it is working.
Also the session_id is not chaging anymore and i can output the session_id() as much as is want.. but one mistake in $_SESSIOn changes everything. New session_id on every call, ... strange.
Learned something again :-) Thanks to everybody for the answers and your time! I hope i can help you in the future

Well, your mistake is quite easy to find. In fact, your code works perfectly. But look at this part:
echo "get it from session";
$locId = $_SESSION["locId"];
$dateId = $_SESSIOn["dateId"];
Well, you asign the session values to two variables, but in fact, you simply missed to output them anywhere. Thats why you get "get it from session" but then is displays nothing, you need to echo them.
Simply add an echo and it will display your vars perfectly :)
echo "get it from session";
$locId = $_SESSION["locId"];
$dateId = $_SESSIOn["dateId"];
echo $locId;
echo $dateId;

Try this:
session_id();
session_start();

Using $_GET instead of $_SESSION

How do you set a $GET variable?
Hi i have done this before, but my method is a bit hit and miss so i was wondering what is the correct way to do this.
My url is:
Franchise-Details.php?Franchise=Enfield/status=Driver
And i want to set the Franchise name and staff status as a variable as i will be using them continuously throughout my webpage.
This is what i have done:
$admin_status = mysqli_real_escape_string($dbc,$_GET['status']);
$fr_Area = mysqli_real_escape_string($dbc, $_GET['Franchise']);
But it does not work. No error messages, just shows nothing if i try to apply it, for example echo $fr_area;. If i change the get to session it works. But i want to use get.
I have also tried:
if (isset($_GET['status'])){
$admin_status = mysqli_real_escape_string($dbc,$_GET['status']);
}
if (isset($_GET['Franchise'])){
$admin_status = mysqli_real_escape_string($dbc,$_GET['Franchise']);
}
How can i improve this

echo function call 2 variables

Ok so I have the code for a form that is called and works but it needs two varibles grabbed from the string of a url. I have the first and the second is the same for what im doing on any page that I am creating which is alot. Here is the code at the url: collabedit.com/9g99j
Question if Get <?php echo $_GET['id']; ?> is grabbing my id string from the url how do I use this in the echo of my function I just defined at the bottom of the code? Instead of having this: echo DescriptionGet(1256124, 50874); can someone tell me how to put something like this: echo DescriptionGet(1256124, $id);
This would make it so i dont' have to enter that id value for every page I want to create.
Thanks,
Thanks everyone for your replies and I was able to figure it out on my own and actually used exactly what the first reply was.
Now I have a new question about this function. How do I make it grab the image from that same page its grabbing the form code from? I can't figure this part out and its keeping me from doing mass automation for this site.
Anyone help?

Try this:
$id = $_GET['id'];
echo DescriptionGet(1256124, $id);

You can change your function definition from:
function DescriptionGet($c, $id)
to
function DescriptionGet($c, $id=50874)
Each time when you will call DescriptionGet($c) it will behave as you passed $id=50874 but also if you need you can call DescriptionGet($c, 20) and $id in the function will be set to 20.
And in case you want to simple use $_GET['id'] as function parameter you can simple run
echo DescriptionGet(1256124, intval($_GET['id']));
you don't even need to use extra variable.

Getting value from session PHP

I am not sure why the variable username is not being returned in the session. When the user logs in, I start the session:
$username = trim($_POST['username']);
if(!isset($_SESSION)){ session_start(); }
$_SESSION[$this->GetLoginSessionVar()] = $username;
On the user's welcome page, when I run the echo command, I see the proper variable being returned. But I'm not sure why the return statement isn't working. I have the following in my PHP file:
function UserName()
{
return isset($_SESSION['name_of_user']) ? $_SESSION['name_of_user'] : "Unknown User" ;
//echo $_SESSION['name_of_user'];
}
In my html, I have:
Welcome back <?PHP $fgmembersite->UserName(); ?>!
I also checked the session ID, and it's also being generated properly.
Can you please help me understand what I'm doing wrong?

Is fgmembersite an object and have it the function called UserName ?
If yes, you simply miss an echo
<?PHP echo $fgmembersite->UserName(); ?>

You must add echo or print so should look like this;
<?PHP echo $fgmembersite->UserName(); ?>

You need to print out your variable. Use
Echo or print

Possibly you should add output:
<?php print $fgmembersite->UserName(); ?>

If you are using the script I think you are using, you need to look through fg_membersite.php at the line that says:
function CheckLoginInDB($username,$password)
whithin that line you should have a MySQL statement:
$qry = "SELECT etc...
When I tried to add UserAvatar I was able to do that by adding it to that MySQL string.
On a side note, I too am having trouble with adding UserName, and for the life of me I can't figure out why it would work any different than my previous workaround, yet somehow it is, but I am still convinced something in that file will do the trick eventually.
Edited:
Ok i got it, just do this:
echo $fgmembersite->UserName($username);
The username will pop right out. I have no idea why, i don't know enough php to explain it, but i can only assume this will get you going.