Jump to content

make dynamic link with POST or through $S_Session?

landobee

By landobee
in PHP Coding Help

 Share

Recommended Posts

landobee Newbie

landobee

Posted
Posted

Hi all,

 

If you could help me out with the following, I would very much appreciate it. It's something that shouldn't be too difficult,

but I can't seem to get the question defined enough to find the answer though faqs/google etcetera.

 

I have a website running, with a database for teachers and students. What I am doing, is making a generated list of students that

belong to a certain group (using mysql). This group is also matched to teachers.

 

My first 1.php contains the following, and gives the teachers that logs in an overview of the students that belong to the same

group he or she belongs to. So far so good (that works!). But now, at the end of the table, I want to create a link that goes to 2.php.

 

And in 2.php, that specific student's information should be viewable. I tried this using sessions (but then the sessions gets

overwritten for the last created student), and through $_POST. I feel that the last method should be the way to go, but can't get it to work.

 

 

This is the code for 1.php (display of all the students's first name who are matching the group the logged in teacher belongs to):

<?php 
$userid2 = $_SESSION['mamalou'];
$id2 = $userid2['mentorgroep'];
$studentenresult = mysql_query("SELECT * FROM studenten WHERE mentorgroep='$id2'");
$_SESSION['mijnstudenten'] = mysql_fetch_array($studentenresult);
$mijnstudenten = $_SESSION['mijnstudenten'];
while ($mijnstudenten = mysql_fetch_array($studentenresult)) {


if ($mijnstudenten["voornaam"] != ""){
echo " " . $mijnstudenten["voornaam"]; 
} else {
echo " " . "<strong>niet bekend</strong>";
}
?>    

// trying through use of $S_SESSION
    <?php 
$student = $mijnstudenten['id'];
$_SESSION['student'] = $student;
echo " " . "<a href='student.php'>volg deze link</a>";
echo $student;
echo "<br>";

// trying through use of method of POST
$student2 = $mijnstudenten['id'];
$_SESSION['student2'] = $student2;
echo "<form action='2.php' method='POST'>";
    echo "<input type='hidden' name='$student2'>";
    echo "<input type='submit' id='button' value='klik hier'>";
    echo "</form>";
?>  

<?php } ?>

 

 

And the 2.php should present only the information of the student with has been clicked on the link in 1.php:

<?php 
$student2 = $_SESSION['student'];
$id3 = $student2;
$studentenresult2 = mysql_query("SELECT * FROM studenten WHERE id='$id3'");
$_SESSION['mijnstudent'] = mysql_fetch_array($studentenresult2);
$mijnstudent = $_SESSION['mijnstudent'];
if ($mijnstudent["voornaam"] != ""){
echo " " . $mijnstudent["voornaam"]; 
} else {
echo " " . "<strong>niet bekend</strong>";
}
?> 

 

I also tried 2.php with $_POST:

<?php 
echo $_POST;
$student3 = $_POST['$student2'];
$id3 = $student3;
$studentenresult2 = mysql_query("SELECT * FROM studenten WHERE id='$id3'");
$_SESSION['mijnstudent'] = mysql_fetch_array($studentenresult2);
$mijnstudent = $_SESSION['mijnstudent'];

if ($mijnstudent["voornaam"] != ""){
echo " " . $mijnstudent["voornaam"]; 
} else {
echo " " . "<strong>niet bekend</strong>";
}
?> 

Could someone point me in the right direction for this? I have the feeling the answer is pretty simple,

but have been breaking my mind over this one far too long....

 

Thanks in advance,

landobee

wildteen88 Regular Member

wildteen88

Posted
Posted

You'll want to send the student id through the url as a query string. For example when outputting the link use

echo " " . "<a href='student.php?id=".$mijnstudenten['id']."'>volg deze link</a>";

 

Instead of

    <?php 
   $student = $mijnstudenten['id'];
   $_SESSION['student'] = $student;
   echo " " . "<a href='student.php'>volg deze link</a>";

 

Now in student.php you'd use $_GET['id'] to retrieve the student id. Like so

   <?php 
// get the student id, make sure it is set and that is numeric
if(isset($_GET['id'] && is_numeric($_GET['id']))
{
    $student_id = (int) $_GET['id'];

    $studentenresult2 = mysql_query("SELECT * FROM studenten WHERE id='$student_id'");
    $mijnstudent = mysql_fetch_array($studentenresult2);
     
   if ($mijnstudent["voornaam"] != ""){
   echo " " . $mijnstudent["voornaam"]; 
   } else {
   echo " " . "<strong>niet bekend</strong>";
   }
}
else
    echo 'Invalid student id';

   ?> 

landobee Newbie

landobee

Posted
  • Author
Posted

You'll want to send the student id through the url as a query string. For example when outputting the link use

echo " " . "<a href='student.php?id=".$mijnstudenten['id']."'>volg deze link</a>";

 

Instead of

    <?php 
   $student = $mijnstudenten['id'];
   $_SESSION['student'] = $student;
   echo " " . "<a href='student.php'>volg deze link</a>";

 

Now in student.php you'd use $_GET['id'] to retrieve the student id. Like so

   <?php 
// get the student id, make sure it is set and that is numeric
if(isset($_GET['id'] && is_numeric($_GET['id']))
{
    $student_id = (int) $_GET['id'];

    $studentenresult2 = mysql_query("SELECT * FROM studenten WHERE id='$student_id'");
    $mijnstudent = mysql_fetch_array($studentenresult2);
     
   if ($mijnstudent["voornaam"] != ""){
   echo " " . $mijnstudent["voornaam"]; 
   } else {
   echo " " . "<strong>niet bekend</strong>";
   }
}
else
    echo 'Invalid student id';

   ?> 

 

Thanks for replying wildteen88!

The problem is that I think this method shows the id in the url right? And then it will be less safe to use, because you potentially could put in another ID in the url then to get to another students, which teachers are not allowed.

Or am I mistaken?

wildteen88 Regular Member

wildteen88

Posted
Posted

Then in student.php amend the query so it selects the student id based on the teachers mentor group you have stored in the session

 

    $student_id = (int) $_GET['id'];
    $id2 = $userid2['mentorgroep'];
    $studentenresult2 = mysql_query("SELECT * FROM studenten WHERE id='$student_id' AND mentorgroep='$id2'");

landobee Newbie

landobee

Posted
  • Author
Posted

Then in student.php amend the query so it selects the student id based on the teachers mentor group you have stored in the session

 

    $student_id = (int) $_GET['id'];
    $id2 = $userid2['mentorgroep'];
    $studentenresult2 = mysql_query("SELECT * FROM studenten WHERE id='$student_id' AND mentorgroep='$id2'");

 

True, but then it still show the url based with the id number in the browser, so people could just adjust the url in the browser with another id :(  Do you know if there is an "underwater" method I could use? I appreciate the help :)

wildteen88 Regular Member

wildteen88

Posted
Posted

The other way is using a form button. The teacher clicks the button to view the student they want to see. So if want to go the form route then instead of

 

echo " " . "<a href='student.php?id=".$mijnstudenten['id']."'>volg deze link</a>";

 

do

	$mijnstudenten['id'];
echo "<form action='student.php' method='POST'>";
    echo "<input type='hidden' name='id' value='".$mijnstudenten['id']."'>";
    echo "<input type='submit' id='button' value='klik hier'>";
    echo "</form>";

 

Now in student.php do

<?php 
// get the student id, make sure it is set and that is numeric
if(isset($_POST['id'] && is_numeric($_POST['id']))
{
    $student_id = (int) $_POST['id'];

    $studentenresult2 = mysql_query("SELECT * FROM studenten WHERE id='$student_id'");
    $mijnstudent = mysql_fetch_assoc($studentenresult2);
     
   if ($mijnstudent["voornaam"] != ""){
   echo " " . $mijnstudent["voornaam"]; 
   } else {
   echo " " . "<strong>niet bekend</strong>";
   }
}
else
    echo 'Invalid student id';

   ?> 

landobee Newbie

landobee

Posted
  • Author
Posted

The other way is using a form button. The teacher clicks the button to view the student they want to see. So if want to go the form route then instead of

 

echo " " . "<a href='student.php?id=".$mijnstudenten['id']."'>volg deze link</a>";

 

do

	$mijnstudenten['id'];
echo "<form action='student.php' method='POST'>";
    echo "<input type='hidden' name='id' value='".$mijnstudenten['id']."'>";
    echo "<input type='submit' id='button' value='klik hier'>";
    echo "</form>";

 

Now in student.php do

<?php 
// get the student id, make sure it is set and that is numeric
if(isset($_POST['id'] && is_numeric($_POST['id']))
{
    $student_id = (int) $_POST['id'];

    $studentenresult2 = mysql_query("SELECT * FROM studenten WHERE id='$student_id'");
    $mijnstudent = mysql_fetch_assoc($studentenresult2);
     
   if ($mijnstudent["voornaam"] != ""){
   echo " " . $mijnstudent["voornaam"]; 
   } else {
   echo " " . "<strong>niet bekend</strong>";
   }
}
else
    echo 'Invalid student id';

   ?> 

 

Thanks, will check that out tomorrow!!

landobee Newbie

landobee

Posted
  • Author
Posted

The other way is using a form button. The teacher clicks the button to view the student they want to see. So if want to go the form route then instead of

 

echo " " . "<a href='student.php?id=".$mijnstudenten['id']."'>volg deze link</a>";

 

do

	$mijnstudenten['id'];
echo "<form action='student.php' method='POST'>";
    echo "<input type='hidden' name='id' value='".$mijnstudenten['id']."'>";
    echo "<input type='submit' id='button' value='klik hier'>";
    echo "</form>";

 

Now in student.php do

<?php 
// get the student id, make sure it is set and that is numeric
if(isset($_POST['id'] && is_numeric($_POST['id']))
{
    $student_id = (int) $_POST['id'];

    $studentenresult2 = mysql_query("SELECT * FROM studenten WHERE id='$student_id'");
    $mijnstudent = mysql_fetch_assoc($studentenresult2);
     
   if ($mijnstudent["voornaam"] != ""){
   echo " " . $mijnstudent["voornaam"]; 
   } else {
   echo " " . "<strong>niet bekend</strong>";
   }
}
else
    echo 'Invalid student id';

   ?> 

 

wildteen88, you are my hero :):)

Thanks very much, this was exactly what I was looking for!!!

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.