I want to redirect my browser to a PHP page such that when the page loads, it will display to the user a substring of the current URL.
For example, let's say I have a page called substring.php.
My browser forwards me to:
http://www.example.com/substring.php?oauth_token=123456
Is it possible to write some PHP code that will then display to the user, "123456"?
If so, can anyone help me on how to do this?
Thanks!
All the query parameters in the URL will be inside the superglobal $_GET array, so you could simply do this:
echo $_GET['oauth_token'];
BE forewarned that if you're going to output anything that comes in from a URL (ie. user input), you should make sure to sanitize it properly for output. In this case, htmlspecialchars() would be prudent:
echo htmlspecialchars($_GET['oauth_token']);
<?php
echo $_GET['oauth_token'];
?>
Can't you just use the $_GET superglobal? It stores the contents of the query string part of the URI as an associative array:
echo $_GET['oauth_token'];
You can retrieve the value of oauth_token via the $_GET superglobal array:
echo $_GET['oauth_token'];
Of course you should use caution when outputting data you get as input from a user, but that's how it works in short.
Related
So basically what I'm trying to do is if the url contents looks something like this:
www.some.com/dir/?variable=VAR&variable2=VAR2.
then the server would pick this up and I could add it to a variable like:
$var = [variable];
echo '<tag>'.$var.'</tag>';
and that would produce;
<tag>VAR</tag>
Sorry for the lack of code I just don't know how to do this with PHP and my searches are turning up blank.
What you want to do is iterate through your $_GET variables and print them out.
$key is variable and $value is VAR . to print key value combo use this. to print just value remove the '$key is ' part.
<?php
foreach($_GET as $key=>$value)
{
echo "<tag>$key is $value</tag>";
}
These variables are called query parameters and in PHP they can be accessed using the $_GET superglobal.
To use your example, the URL www.some.com/dir/?variable=VAR&variable2=VAR2 will populate $_GET['variable'] with 'VAR' and $_GET['variable2'] with 'VAR2'.
You can access $_GET just like any other array from anywhere in your code so it should be straightforward to put its contents in your HTML code:
<tag><?php echo $_GET['variable'] ?></tag>
<tag><?php echo $_GET['variable2'] ?></tag>
Do keep in mind this presents an HTML injection vulnerability. For example, the user could access the URL www.some.com/dir/?variable=<script>doUnfortunateThings()</script> and your script would dutifully render
<tag><script>doUnfortunateThings()</script></tag>
Which would be executed by the browser when the page loads. This might be fine since only the user messing with the URL will see it, but depending on the rest of your page it could pose a security risk, and could even be made permanent by other scripts running on the page or on the server. It could also bypass any content security policy settings your site is running under, depending on how that is configured if at all.
It is good practice to use the built-in PHP function htmlspecialchars on any user input before displaying it on the page to prevent any html tags from actually being rendered by the browser.
<tag><?php echo htmlspecialchars($_GET['variable']) ?></tag>
<tag><?php echo htmlspecialchars($_GET['variable2']) ?></tag>
If you already know variable name from url then you can use it as array index:
$variable = $_GET["var_name"];
In your case:
$variable = $_GET["variable"];
$variable2 = $_GET["variable2"];
I was thinking if it's possible if - let's say - I have a link when clicked will go to the said page but it will actually send a value to the target page. Let's say the value is pageno.
Could i do it like
<a href="displaypage.html?pageno=1">
would that kind of thing work? I mean I want the php which would be something like this
<?php $pageno=$_POST['pageno']; ?>
and then some other process stuff. Going back, I want the php file to get the pageno that was set in the link. Is that possible?
It would be $_GET['var'], and yes, it is possible.
Click here
mypage.php:
<?php
$var=$_GET['var'];
// ... process $var
// go to wherever
echo $var; // show the var
?>
Use $_POST superglobal variable when you send something through POST method, usually forms. If you want to get parameters in URL, use $_GET superglobal array.
You can use $_REQUEST superglobal array either for POST or GET values.
Yes, it's possible to get this.
It sounds like you're talking about a GET request where the parameters are passed into the $_GET array as opposed to the $_POST array.
$pageno=$_GET['pageno'];
<?php
echo 'Link';
?>
How can I hide ?ref string from users but pass it to php code so it will grab it?
For example, visitor visits this page:
http://mysite.com/?ref=ref+string
In browser URL I want to hide it, so user will see"
http://mysite.com/
But I want to grab content of ref string via this:
$ref = $_GET['ref'];
Is it possible?
No, if you want to use GET variables, they will always be in the url.
However, you can use an alternative, like $_SESSION or $_POST variables.
You could try something like this at the top of your PHP script:
session_start();
if (isset($_GET['ref'])) {
$_SESSION['ref'] = $_GET['ref'];
header('Location: /');
exit();
}
You would have to use $_SESSION['ref'] to access the value from then on, however.
This is not how the http protocol works with query strings. If you have information that needs to be in the query string that you want to hide or obfuscate from the user, I would recommend a simple encryption to change it. If you're attempting to get rid of this information for aesthetic reasons, you will need to pursue a different method of generating the header or storing the information (session/cookies/etc).
I have data being passed via HTTP post to another page. Essentially passing data from one server to another. On the target page, I cannot get the URL variable to be seen by php. Am I doning something wrong? Is there a better way to do this?
URL string:
form_listener.php?
contactId=101460&inf_custom_ddState=IN&inf_custom_txtZipCode=46268&inf_custom_ddClientDegreeId=729&inf_custom_txtCity=indianapolis&inf_custom_txtLastName=Anderson&inf_form_xid=f28acf3ff321cb273cb4696e996008e0&inf_custom_ddStartSemesterYear=Fall2012&inf_custom_ddMilitaryAffiliation=Yes&infusionsoft_version=1.23.11.30&inf_custom_txtFirstName=someone&inf_custom_txtAddress2=&inf_custom_txtAddress1=4707+East+72nd+Street&inf_custom_ddHSGradYearCustomLiberty=2011&inf_form_name=LibertyOnline&inf_option_Signmeupforthenewsletter=432&inf_custom_txtEmailAddress=killing.fields%40gmail.com&inf_custom_affiliateid=D80576&inf_custom_ddEducationLevel=CLGJ&captcha.typed=jydqb
PHP Code:
$ddState= $_GET['inf_custom_ddState'];
echo $_GET['ddState'];
?>
You don't have ddState in the URI. You want: echo $ddState; (because that is the variable where you copied the data to) or rather (to avoid opening up an XSS security hole) you actually want:
echo htmlspecialchars($ddState);
When you use $_GET you are telling php that the variable is from the URL.
By doing this:
$ddState = $_GET['inf_custom_ddState'];
you are "creating" a local variable ($ddState) with the content of $_GET['inf_custom_ddState'], so you don't have to use $_GET variable anymore.
So your echo can be in 2 ways:
echo $_GET['inf_custom_ddState'];
echo $ddState;
$ddState= $_GET['inf_custom_ddState'];
echo $ddState;
// or
echo $_GET['inf_custom_ddState'];
you can use either this way
echo $_GET['inf_custom_ddState'];
Or
$ddstate=$_GET['inf_custom_ddState'];
echo $ddstate;
Your echo should just be echo $ddState;
You are assigning the value of the URL variable to a local variable. Once that's done, you are dealing with something that is locally scoped.
As the $_GET and $_POST are global array, you can use the following code to see the values:
echo "<pre>Get data</pre>";
print_r($_GET);
echo "<pre>Post data</pre>";
print_r($_POST);
Check whether these variables are set in the request. If not, try to use the post method, as it can hold more data than get method.
First of all, make sure that your page is getting request parameters. Try $_REQUEST['inf_custom_ddState'] or print all variables using print_r($_REQUEST).
$_REQUEST is an associative array that by default contains the contents of $_GET, $_POST and $_COOKIE. If anyting is passing to page then it should get printed.
e.g. i have page with url http://mysite.com?page=3&var=10 also there is form on page.
When form submitted there some actions in php but i need to remove this ?page=3&var=10 after form was submitted somehow is there way compatible with all browsers trough PHP without mod_rewrite?
This is an old topic, but just in case anyone else is searching for this in the future, you can use the javascript replaceState to change the history and browser bar label. A simple php function to do this:
function set_url( $url )
{
echo("<script>history.replaceState({},'','$url');</script>");
}
Then would simply call this function with the desired url (presumably dropping the post variables):
set_url("http://example.com");
A page reload or a back after calling another page will now have the new url location in the history.
I think that using POST may be a more elegant solution, but if you must use GET this is a work around.
If you're using action=index.php, then all values will be posted to index php, ?page=3&var=10 will be automatically removed.
If you want to post to the same page you can either use 'action=index.php?page=3&var=10' or action=<?php echo $_SERVER['PHP_SELF'] ?>
You can check at the beginning of the page if something submitted and then redirect to whatever you want with header('Location: http://www.example.com/'); More about header function http://php.net/manual/en/function.header.php
Yeah, the solution is quite simple (even if not really SEO friendly):
<?php
header("Location: http://mysite.com")
?>
just for information...why do you need it?
use parse_str to get the query string as an associative array that is easy to modify. Then use http_build_query to convert the associative array into a query string.
$queryString = $s['QUERY_STRING'];
$params = array();
parse_str($queryString, $params);
//change $params as needed
$queryString = http_build_query($params);
if ($queryString) {
$queryString = '?'.$queryString;
}
return preg_replace("/\\?.*/s","",$s['REQUEST_URI']).$queryString;
preg_replace("/\\?.*/s","",$s['REQUEST_URI']) removes the original query string allowing you to replace it.
Does this work for you?
header('Location:/');
mod_rewrite cannot affect what's displayed in the user's browser address bar, UNLESS the rewrite does an externally visible redirect. Otherwise it only rewriting things within the webserver, and that's invisible to the user.
If you want to affect the user's address bar, you'll have to do a redirect via header('Location: ...') after the form's finished processing.