Jump to content

Archived

This topic is now archived and is closed to further replies.

greg

Redirect to same page

Recommended Posts

Hello,
In this form, how can I go to the same page number when the results are more than one page?
Thanks
Greg
[CODE]
<form name="eachrow" action="visitors.php?listing=id-desc&page=" method="POST">
          <input type="hidden" value="<?=$visitors['browser_id']?>" name="DeleteOneRow">
<td class="VisitorTableContent" align="center" valign="top">
<input type="submit" value="delete">
          </form>
[/CODE]

Share this post


Link to post
Share on other sites
Couldn't you simply spit out the page number in the form's action?

Like so:

[code]

<?php $page = $_GET['page']; /* Or $_SESSION['page']? Whatever you are using... */ ?>

<form name="eachrow" action="visitors.php?listing=id-desc&page=<?php echo $page; ?>" method="POST">
  <input type="hidden" value="<?php echo $visitors['browser_id']; ?>" name="DeleteOneRow">
  <td class="VisitorTableContent" align="center" valign="top">
  <input type="submit" value="delete">
</form>

[/code]

Share this post


Link to post
Share on other sites
Not to be the security police but i think its important that when giving out advice we take the habbit to include the nessesary security precautions one must take while doing this: in this case we need to use htmlspecialchars() to make sure we protect ourselves against XSS attacks. (of course if your browser id comes from a user input you'd need to do the same)

[code]
<?php $page = $_GET['page']; /* Or $_SESSION['page']? Whatever you are using... */ ?>
[color=red]$page = htmlspecialchars($page);[/color]
<form name="eachrow" action="visitors.php?listing=id-desc&page=<?php echo $page; ?>" method="POST">
  <input type="hidden" value="<?php echo $visitors['browser_id']; ?>" name="DeleteOneRow">
  <td class="VisitorTableContent" align="center" valign="top">
  <input type="submit" value="delete">
</form>[/code]

Share this post


Link to post
Share on other sites
[quote author=daiwa link=topic=110882.msg448960#msg448960 date=1160333441]
Not to be the security police but i think its important that when giving out advice we take the habbit to include the nessesary security precautions one must take while doing this: in this case we need to use htmlspecialchars() to make sure we protect ourselves against XSS attacks. (of course if your browser id comes from a user input you'd need to do the same)

[code]
<?php $page = $_GET['page']; /* Or $_SESSION['page']? Whatever you are using... */ ?>
[color=red]$page = htmlspecialchars($page);[/color]
<form name="eachrow" action="visitors.php?listing=id-desc&page=<?php echo $page; ?>" method="POST">
  <input type="hidden" value="<?php echo $visitors['browser_id']; ?>" name="DeleteOneRow">
  <td class="VisitorTableContent" align="center" valign="top">
  <input type="submit" value="delete">
</form>[/code]
[/quote]

You're absolutely right. :) My bad on that!

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.