.a little help guys..
I have an index.php page which contains tags which when clicked opens up picture.php.
.my picture.php is a page that retrieves images from a certain database depending on what is the idno.
.what i want to do is to add an "idno" attribute on my anchor tag that when the user clicks a certain tag the index.php sends the idno to my picture.php so that the picture.php knows what image to fetch from the database. help pls!
So for your anchor tag, could you do something like this?
<?php
$url = "pictures.php?idno=" . idno;
echo "Click Me";
?>
Now in your pictures.php file, you can read the ID like this:
$idno = $_GET['idno'];
The only thing to watch out for is to make sure you sanitize that input, before you pass it off to a database query so you aren't vulnerable to a SQL injection attack.
You can send the parameter to picture.php via GET
Blah!
You could use GET to pass idno to pictures.php
so your link would look like this:
<a href='/picture.php?idno=12345678'>My Picture Tag</a>
In your picture.php:
$idno = $_GET['idno'];
Make sure you sterilize $idno before using it in a MySQL query. If idno is a number, then you can also check if it's an integer:
$isInt = is_int($idno);
Picture # <?php echo $idno ?>
Figuring out how to set $idno is left as an exercise to the OP.
Related
TL:DR - I need to pass an anchor tag value to another php page and looking for alternatives to SESSION / COOKIES. Going for forms with POST/GET is discouraged as I would like to avoid having to submit.
Detailed description:
I have a php page which lists a mysqli result set in list form as per the following:
ID fname surname
12 John Doe
13 Carl Brown
Now I would like to have the ID field as a link, which I can achieve using an an HTML anchor tag. Once clicked I would like to redirect to another page and pass the clicked ID (e.g. 12 or 13) for further use.
I know this is achievable through cookies or sessions, but I wanted to check if perhaps there's another way of doing this. Also I would like to avoid forms in order to avoid having to 'submit' the actual form. I'd like to keep the experience as a click and redirect.
To give some context here is my php code:
<?php
include 'functions.php';
session_start(); //Fetches session already initialized in other pages.
$page_fund=new page_fundementals; //simply gets menu items
$conn = new consultant_ops; //executes a mysqli query to get the results used further below
$result=$conn->listPatients($_SESSION['user_id']); //passes the $_SESSION['user_id'] to a listPatients method in order to get the mysqli resultset
foreach($result as $row){
$i=0;
${'p_id'.$i}=$row['p_id'];
${'p_fname'.$i}=$row['p_fname'];
${'p_surname'.$i}=$row['p_surname'];
echo ${'p_id'.$i}." ".${'p_fname'.$i}."<br />";
$i++;
}
?>
have an anchor tag like this
<a href="sample.php?id=<?= $user->id ?>">
<?= $user->name ?>
</a>
then maybe in your sample.php
<?php
if(isset($_GET['id']) {
$user_id = $_GET['id'];
/* your code here to get user from database, maybe
SELECT * FROM users WHERE id = $user_id something like that
then format afterwards */
}
?>
maybe something like that
Why not pass variable in a GET request?
echo "<a href='page.php?pid=".$row['p_id']."'>redirect</a>";
which you can access on the target page.php
$pid = $_GET['pid'];
In anchor tag you can specify query params for eg
12
In this case, when a user clicks on 12 he will be redirected to todo.php?id=12.
In todo.php you can fetch $_GET['id'] and work accordingly.
I have read a value from a form as input form the user. the form is POST.
<form action="form_handler.php" method="POST">
Then, in the form_handler.php page I saved this value in a variable. $productID=$_POST['product'];
Then, I want to pass this variable via link to another page as:
echo "<a href='products.php?prodID=".$productID."' title='Products
Page' class='whatEver'>click here for product details</a>";
When I click the link, I see the value in the link. But, inside the page products.php I want to make MySQL query for the product details as:
$sql = "SELECT * FROM products WHERE prodID = '$productID'";
I get 0 results. I also tried to echo the $productID value and it seems empty and not the value that I saw in the URL.
What is my mistake please? How can I make the database query to fetch the product details based on the productID variable I passed in the link?
NOTE: I am trying to make a demo for MySQL injection vulnerability. Please, ignore security issues here.
You can not get like that the productID .. You have to put `$productID = $_GET['prodID']; ' the you can use that variable with sql query .
When you sent variables in a link followed by ?var=value
You need to get it with something like
$variable = $_GET['var'];
In your case your products.php
should have $prodid = $_GET['prodID'];
echo "<a href='products.php?prodID=".$productID."' title='Products
Page' class='whatEver'>click here for product details</a>";
Looks to me like you are passing it into products.php as prodID.
Could you try using:
$sql = "SELECT * FROM products WHERE prodID = '$prodID'";
Instead?
Just like before when you used $productID=$_POST['product'];,
you need to do the same thing to use a variable in products.php, except instead of a post variable, it's a get variable (because it's in the url). Use $productID=$_GET["productID"]
I have been trying for most of the afternoon to do what I thought was a simple task. I am trying to redirect to different Joomla pages using a select list form.
I have created a select table with the suffix values of each item being a url.
From there I am using the statement
<form action="redirect.php<?php echo $_GET['page_url']?>" method="get">
to create a link that looks like this:
http://www.onlinelotto365.com/tools/jump.php?page_url=el-gordo-spain-cold-numbers
My redirect.php file looks like this:
<?php
$suffix = var($_GET['url_suffix']);
header('Location: http://www.onlinelotto365.com/' . $suffix);
?>
All I want to happen is for the page "http://www.onlinelotto365.com/el-gordo-spain-cold-numbers" to appear on the screen. Why am I making this so difficult? Can somebody please help.
please start from deleting depreciated var which is not a function btw
try:
<?php
$suffix = $_GET['page_url'];
header('Location: http://www.onlinelotto365.com/' . $suffix);
?>
var was used in php4 read more here What does PHP keyword 'var' do?
remember to get the parameter you set in URL that is page_url not url_suffix
This might a little noobish but I don't know where to start with my problem. A friendly nudge in the right direction would be greatly appreciated.
I am trying to have a gallery of material, the images of the materials are stored in a database, now i want to make the users click on a specific image of the material that they like, this would lead them to next page that would calculate the price.
So i guess my question is, how do i carry this variable of their choice to the next page from the gallery?
Any help greatly appreciated
btw this is my code for getting the images displayed from the database:
<?php
mysql_connect("localhost","root","");
mysql_select_db ("imagez");
$res=mysql_query("select * from imgz");
while($row=mysql_fetch_array($res))
{
echo "<a href=\"page.php?id={$row['id']}\" />
<img src=\"{$row['img']}\> </a>";
}
?>
you can hand over values to another page by...
(1) QUERYSTRING (URL)
page.php?do=show&id=5
create those by pulling the unique id of a record from your db and create a link:
echo "<a href=\"page.php?id={$row['id']}\" />{$row['name']}</a>";
assuming that your table imgz has the fields id, name.
in page.php, you get those variables with
$_GET['do']; $_GET['id'];
pro: quick & easy
contra: can be easily manipulated by evil users - they change the querystring and get your script to do weird things.
(2) POST
create a <form method="post" action="page.php">with a hidden field named id containing the 'id' you want to pass. Add a <submit>-button to send the data to page.php.
in page.php, you get those values by:
$_POST['id'];
pro: safe, because evil user can't fiddle with POST
contra: overhead
(3) SESSION:
call session_start(); on top of every page, write your data into the session by...
$_SESSION['id'] = $id; $_SESSION['do'] = "show";
these variables will be kept between pages, in page.php you can simply use S_SESSION['id'] and have that value - if you called session_start().
pro: easy and safe, PHP will do the work for you (e.g. handling cookies etc.)
contra: will put load on your webserver if traffic goes up on your site.
You can set URL parameters, so when they click it, you would have a parameter like;
http://example.com/pricecheck.php?photoid=435
Then on the page you would do;
$photo = $_GET['photoid'];
Then you would have the ID of that photo on the page
Instead of passing the variable via URL, you can use cookie to store the variable and doing the calculation to check up.
<?php
$expire=time()+60*60*24*30;
setcookie("price", "$54", $expire);
echo $_COOKIE['price'];
?>
Now that variable $price would be available for each your webpages, and finally don't forget to clear the cookie `setcookie("hp","", $expire);
I have a simple form but I want to dynamically change the form action from insert to update in same page and I want to show the values in the same page. I have written update in href link. Please help me.
<?php
$username="root";
$password="";
$database="test";
include"db.inc.php";
$order = "SELECT * FROM tablename1";
$result = mysql_query($order);
while ($row=mysql_fetch_assoc($result)){
echo ("<tr><td>$row[sno]</td>");
echo ("<td>$row[name]</td>");
echo "<td >Edit</td>";
echo "<td>Delete</td></tr>";
}
?>
i thought you are asking dynamic insert/update/delete in single page.
if it is a case u should use ajax call.after get the response from server, change your form as insert/update/delete dynamically through javascript
if u want to learn ajax start with this
http://www.w3schools.com/ajax/default.ASP
i guess it might helpful to u.........