[SOLVED] passing a variable in the URL

[coolphpdude]

Im having a problem passing a variable between pages through the URL.

 

Ok, new problem, im guessing its caused by the same issue though!!

 

If i was allow the user to select a link and send an id accross it by doing the following...

 

printf("<tr><td><a href=\"postselection.php?id=%s\">%s</a></td>", $post_row["post_id"], $post_row["post_id"]);

 

...it would work on my previous webpage but not on my new hosting.

 

to test to see if the variable is being passed accross i used...

 

echo "$id";

 

.... and nothing was output so im guessing its not holding the variable when moving to the next page. any idea's??

[r-it]

why don't you first encode the url?

[coolphpdude]

wot do you mean?

[coolphpdude]

theres bot really any need to encode the URL anyway as the user will see this $id and this is what we want to pass via the URL

[lordfrikk]

First off - use urlencode() function. Second - your server has probably register_globals off, which means you have to use superglobals. In this case, $_GET['id'].

 

And last point, use double quotes sparingly.

[cyrixware]

simple passing variable in the url:

 

<a href="exmple.php?ID=<?php row->ID;?>&NAME=<?php row->name;?>">click here</a>

 

[cyrixware]

this one:

 

<a href="example.php?ID=<? Echo $row->SuID;?>&Course=<? Echo $row->SuCourse; ?>" target="_blank" class="style5">Generate </a>

 

or

 

<a href="example.php?ID=<?=ID;?>&Course=<?=Course; ?>" target="_blank" class="style5">Generate </a>

[coolphpdude]

hey right, doubles quotes changed and the GET bit added to the selected post page. ITs kind of like a forumn page, the first page is an overview of all the posts with a post_id, the user clicks the post_id which is a URL link to postselect.php and i do a search query on that page for all posts where post_id is equal to $id.

 

posts.php...

printf("<tr><td><strong><font face='arial'><font color='#648CC8'><a href='postselect.php?[color=red]id=%s[/color]'>%s</a></font></strong></td>\n",  $post_row["post_id"], $post_row["post_id"]);

 

 

postselect.php...

 

search query...

$selected_post = mysql_query("SELECT * FROM posts WHERE post_id='$id'", $db);

 

$id = $_GET['id']

 

for example if the post_id was 1 the url of the postselect page would be postselect.php?id=1

 

it's still not working so i hope this explanation is this a bit clearer?

[trq]

Where do you define $post_row?

[coolphpdude]

top of both pages...

 

// post SELECTED Quesry

$selected_post_result = mysql_query("SELECT * FROM posts WHERE post_id='$id'", $db); 

// Check that something was found 

$post_rows=@mysql_num_rows($selected_post_result);

// takes each cell of an array into a variable

$post_row = mysql_fetch_array($selected_post_result);

[trq]

In that last snippet of code, where do you define $id. Also, you really ought check for a queries success and see if it returned any rows before using any result it produces. Your code is a terrible example of how to execute a select query.

 

<?php

$sql = "SELECT * FROM posts WHERE post_id='$id' LIMIT 1";
if ($result = mysql_query($sql)) { 
  if (mysql_num_rows($result)) {
    $row = mysql_fetch_array($result);
  }
}

?>

[coolphpdude]

in the previous page (the posts.php page).

 

printf("<tr><td><a href='postselect.php?id=%s'>%s</a></td>\n",  $post_row["post_id"], $post_row["post_id"]);

 

...the above bit of code is in a page that displays an overview of posts, the user clicks the post_id which is held in the URL. This worked previously on my uni page which ive been told must have register_globals off.

 

Yeah i know it should be better written, i'll work on that.

[trq]

Use $_POST['id'] in your query, after validation of course.

[coolphpdude]

this is still not working. I have pasted my selected code page (without my database connections on it).

is this what you mean??

 

<?php
session_start();

// Take the sessions into variables
$user_session_id = $_SESSION['user_session_id'];
$user_session_password = $_SESSION['user_session_password'];
$id = $_POST['id'];


// post SELECTED Query

$selected_post_result = mysql_query("SELECT * FROM posts WHERE post_id='$id'", $db); 

// Check that something was found 

$selected_post_rows=@mysql_num_rows($selected_post_result);

// takes each cell of an array into a variable

$selected_post_row = mysql_fetch_array($selected_post_result);

echo "$user_session_id";
echo "$id";


?>

[coolphpdude]

would it just be easier to turn register_globals on??

 

I only really want to allow a user to select an id on 1 page and view more information about that id on the following page. only way i can think of doing it is by passing that ID over the URL. Worked before but not now.

[trq]

Sorry, Im getting a bit lost here. Theres two pages, one that displays the links, and the other that displays more information. Can wee see them both.

 

And no, register_globals is a bad idea. It has numerous security floors and IMO should never have existed.

[coolphpdude]

ahh right give me a couple of minutes and i'll copy everything in

[coolphpdude]

Post Overview Page...

 

<?php
session_start();

// Take the sessions into variables
$user_session_id =  $_SESSION['user_session_id'];
$user_session_password =  $_SESSION['user_session_password'];


// Run user query (checks if the login credentials are correct)
$user_query = "SELECT * FROM user WHERE user_id='$user_session_id' and user_password='$user_session_password'";
if ($user_result = mysql_query($user_query)) { 
  if ($user_rows = mysql_num_rows($user_result)) {
    $my_user_row = mysql_fetch_array($user_result);
  }
}



// posts Quesry

$post_result = mysql_query("SELECT * FROM posts WHERE user_id='$user_session_id'", $db); 

// Check that something was found 

$post_rows=@mysql_num_rows($post_result);


	if(!$user_rows) 
	{ 
			do_error("No results found"); 
	} 

	else 
	{
	echo "<table border='2' cellspacing='1' cellpadding='1' align=center bordercolor='#648CC8' style='border-collapse: collapse'>\n";       
        echo "<caption><h2><font color=blue></font></h2></caption>\n"; 
        echo "<tr><th>post ID</th><th>Subject</th><th>Sender</th><th>Date & Time</th></tr>\n"; 
        while ($my_post_row = mysql_fetch_array($post_result)) 
        { 
  				printf("<tr><td><a href=\"mypostselect.php?id=%s\">%s</a></td>\n", 
                $my_post_row["post_id"], $my_post_row["post_id"]);

			printf("<td>%s</td>\n", 
                $my_post_row["post_subject"]);

			printf("<td>%s</td>\n", 
                $my_post_row["post_sender"]);

			printf("<td>%s %s</td>\n", 
                $my_post_row["post_date"],$my_post_row["post_time"]);
			}


         } 
         echo "</table>\n"; 

	}



// *********************** No Results **************************

function  do_error($error) 
{
echo "USer not found";
}


echo "</html>";
?>

 

 

 

 

Selected Post Page...

<?php
session_start();

// Take the sessions into variables
$user_session_id = $_SESSION['user_session_id'];
$user_session_password = $_SESSION['user_session_password'];
$id = $_POST['id'];


// post SELECTED Query
$selected_post_result = mysql_query("SELECT * FROM posts WHERE post_id='$id'", $db); 

// Check that something was found 
$selected_post_rows=@mysql_num_rows($selected_post_result);

// takes each cell of an array into a variable
$selected_post_row = mysql_fetch_array($selected_post_result);

echo "$user_session_id";
echo "$id";


?>

 

I think thats all the userless crap removed from them two pages

[trq]

The problem is in mypostselect.php your are using $_POST['id'], yet your passing the id through the url. try $_GET['id'].

[coolphpdude]

that works!! its really wierd because i tried $_GET before $_POST without it working!  ??? never mind, it works now, thats great! thanks ALOT for your help!!!