Sending Variables using GET

General discussion on PHP

Sending Variables using GET

Postby jrzayev on Thu Jul 07, 2011 12:39 pm

Hi, i am new in PHP. i have downloaded a video tutorial and begin learning. But i have a trouble in understanding some simple problems :)
So the Code is below:

Code: Select all
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Sending Variables</title>
    </head>
    <body>
        <?php
       
        echo $a;
                     
        ?>
    </body>
</html>


The tutor says that, if you write like this in address bar :
Code: Select all
http://localhost/PhpProject2/test.php?a=77


The output must be "77".

But at in my own the output is:

Image

The question is: "What is going on?" :) Thanks :)

i am using XAMPP Server 1.7.4, Netbeans IDE 7.0, and Firefox 5.0
jrzayev
 
Posts: 5
Joined: Thu Jul 07, 2011 12:11 pm

Re: Sending Variables using GET

Postby jrzayev on Thu Jul 07, 2011 12:45 pm

tedtiger wrote:echo $_GET['a'];


Thorsten


Wow what a quick reply :)
Thank you very much. it really helped !
:)
jrzayev
 
Posts: 5
Joined: Thu Jul 07, 2011 12:11 pm

Re: Sending Variables using GET

Postby crazymerlin on Sun Jul 10, 2011 5:29 pm

Just a quick tip to add here: If you are passing multiple variables via the url, you can parse them into variables quickly by using the parse_url function.

Let's say your URL is:
Code: Select all
http://mydomain.com/index.php?action=new&id=47&user=9


If you then say:
Code: Select all
parse_url($_SERVER['QUERY_STRING']);


You then end up with 3 variables:
Code: Select all
$action, $id and $user


Hope you find that useful.
crazymerlin
 
Posts: 233
Joined: Wed Feb 18, 2009 10:25 pm
Location: In the desert, AZ, USA

Re: Sending Variables using GET

Postby jrzayev on Sun Jul 10, 2011 6:32 pm

Thanks for a helpful comment :) Yeah it is useful :)
jrzayev
 
Posts: 5
Joined: Thu Jul 07, 2011 12:11 pm

Re: Sending Variables using GET

Postby crazymerlin on Mon Jul 25, 2011 6:21 am

tedtiger wrote:THINK OF SECURITY !

Thorsten


Quite! Using $_GET should never be a serious solution if you could expose anything that a hacker could use to gain access to a page they should not be able to gain access to.
Checkout ACL and AUTH if you want to create something that has public user access.
crazymerlin
 
Posts: 233
Joined: Wed Feb 18, 2009 10:25 pm
Location: In the desert, AZ, USA

Re: Sending Variables using GET

Postby sidbray on Wed Feb 01, 2012 9:07 am

I always try to make the data from user input secure by either using htmlspecialchars ( for output on screen ) or mysql_real_escape_string ( for database input ).
It's easy but vital.
[URL=http://www.mspy.com]mobile spy[/URL]
sidbray
 
Posts: 3
Joined: Wed Feb 01, 2012 8:51 am

Re: Sending Variables using GET

Postby mkherlakian_zend on Wed Feb 01, 2012 3:42 pm

I'd also like to add one more thing to the very good points and answers made above. It would seem that the tutorial you are using expects a php directive called 'register_globals' http://php.net/manual/en/security.globals.php to be on, which was the norm for php 4, but started being discouraged for php 5.0-5-2, deprecated in 5.3 and removed in the upcoming 5.4. Point being that you might be using an older tutorial, and might want to look for something newer...
Register globals takes parameters passed in GET, POST and makes them available as php variables in the global scope, so the behaviour you describe would actually work.
User avatar
mkherlakian_zend
 
Posts: 88
Joined: Tue Jan 10, 2012 2:41 pm

Re: Sending Variables using GET

Postby ocb12 on Fri Mar 02, 2012 5:03 am

I agreee. mysql_real_escape_string() should be used whenever something is updated / saved / read in mysql. People usually forget this.
http://www.elev8australia.com/general/serviceceo.html | http://www.clothes4u.com.au
ocb12
 
Posts: 1
Joined: Fri Mar 02, 2012 5:02 am


Return to PHP

Who is online

Users browsing this forum: No registered users and 7 guests