anm8ed Posted August 9, 2006 Share Posted August 9, 2006 First off, Hello... and thanks for any help!I am working on a piece of reporting that I want to show the label as a name, but for security purposes it shows as a number in the url. Each number is tied to a label. A form shows the label and that is what a user chooses from. A site traffic report pulls information on what is searched based on the URL of the web page. So it's something like this..http://test.mysite.com/std_alp.php?prod_lvl1=7&prod_lvl2=361&prod_lvl3=363&search_text=&new_search=1Just an example, but it's something like that... so the prod_lvl1=7, so the tracking reports a 7 as the product. But what I want it to do is show the label of 7 and not the number. The label is in the source of the page, I just am not sure how to get that to show instead since it pulls from the URL. Can anyone help me with this? By the way there are a hundreds of variables at work on this page.Thanks for anything you can do to help me with this. I am pretty new to PHP and this seems to be out of my grasp. Quote Link to comment Share on other sites More sharing options...
bltesar Posted August 9, 2006 Share Posted August 9, 2006 these values, ?prod_lvl1=7, etc. are called a query string. These are created by submitting a form using the GET method. So on your page, you'll see something like this to start your form:[code]<form name="myform" action="thispage.php" method="get">[/code]dropdown boxes and radio buttons have values, the info that is acually sent, and text, the info that is seen on screen. So for example, a radio button might look like [code]<input type="radio" name="radiogroup" value="5">the fifth choice<br>[/code]you could change the values to be the same as text, but spaces are not allowed when using the GET method. Also, your page is set up to receive the numbers, not the text, and everything would have to be rewritten changing all the code that checks for numbers to check for text.You could change the method to POST, and there won't be any ?'s after the URL. You'd then need to change all the $_GET's to $_POST's on the receiving end. Finally, since your form must contain all the possible options for these submitted fields, the user has access to all this information, and whether it is a code or a label shouldn't really affect the security of the site. Unless of course, someone has already found a way to get into your database and manipulate data. If that's the case, well you've already got another problem. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.