Jump to content


Need help with ideas on how to show a label and not a number on output.

  • Please log in to reply
1 reply to this topic

#1 anm8ed

  • New Members
  • Pip
  • Newbie
  • 1 posts

Posted 09 August 2006 - 06:22 PM

First off,  Hello... and thanks for any help!

I am working on a piece of reporting that I want to show the label as a name, but for security purposes it shows as a number in the url. Each number is tied to a label. A form shows the label and that is what a user chooses from. A site traffic report pulls information on what is searched based on the URL of the web page. So it's something like this..


Just an example, but it's something like that... so the prod_lvl1=7, so the tracking reports a 7 as the product. But what I want it to do is show the label of 7 and not the number. The label is in the source of the page, I just am not sure how to get that to show instead since it pulls from the URL. Can anyone help me with this? By the way there are a hundreds of variables at work on this page.

Thanks for anything you can do to help me with this. I am pretty new to PHP and this seems to be out of my grasp.

#2 bltesar

  • Members
  • PipPipPip
  • Advanced Member
  • 109 posts

Posted 09 August 2006 - 06:43 PM

these values, ?prod_lvl1=7, etc. are called a query string.  These are created by submitting a form using the GET method.  So on your page, you'll see something like this to start your form:
<form name="myform" action="thispage.php" method="get">

dropdown boxes and radio buttons have values, the info that is acually sent, and text, the info that is seen on screen.  So for example, a radio button might look like
<input type="radio" name="radiogroup" value="5">the fifth choice<br>
you could change the values to be the same as text, but spaces are not allowed when using the GET method. 
Also, your page is set up to receive the numbers, not the text, and everything would have to be rewritten changing all the code that checks for numbers to check for text.
You could change the method to POST, and there won't be any ?'s after the URL.  You'd then need to change all the $_GET's to $_POST's on the receiving end. 

Finally, since your form must contain all the possible options for these submitted fields, the user has access to all this information, and whether it is a code or a label shouldn't really affect the security of the site.  Unless of course, someone has already found a way to get into your database and manipulate data.  If that's the case, well you've already got another problem.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users