Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

PHP GET value

  • 02-10-2006 2:00pm
    #1
    Registered Users, Registered Users 2 Posts: 1,086 ✭✭✭


    On my website I have a search results page.

    From the search results page I can edit certain results.

    After editing I go back to the search results page via redirect.

    I store the search in the address bar using
    [PHP]<a href="edit.php?search=<? echo urlencode($search_string) ?>"
    [/PHP]

    I return the search in the edit page using
    [PHP]
    $search_string = GET ;
    [/PHP]

    I then insert it in as a hidden value on the form in the edit page
    [PHP]
    <input type="hidden" value="<? echo $search_string?>" name="search">
    [/PHP]


    Then on my save_edit.php (all php, no html) page I have a headers redirect which sends the browser back to the search results page

    [PHP]
    redirect("search_results.php?search=".urlencode($_POST));
    [/PHP]

    For searches which use standard aplhanumeric characters there is no problem. The problem is when searches include '"'(double quotes).

    I think I have to use the htmlspecialchars() function.
    I think my php is automatically running urldecode() on my variables (not sure is this good)

    I would just like the text entered into the search to be exactly the same text inserted into the search the second time after the edit has been performed.

    Any help?


Comments

  • Closed Accounts Posts: 8,866 ✭✭✭Adam


    Why use the URL? Why not just use the POST method to send the data?


  • Registered Users, Registered Users 2 Posts: 9,579 ✭✭✭Webmonkey


    You don't have any name on the hidden field


  • Registered Users, Registered Users 2 Posts: 1,086 ✭✭✭Peter B


    Webmonkey wrote:
    You don't have any name on the hidden field

    Oops, just typed that in quickly. Didn't copy and paste. Sorted it now.

    Why use the URL? Why not just use the POST method to send the data?

    I don't know if I can use POST variables. My save_edit.php page is only php (doesn't create any output) and uses my redirect function.

    [PHP]function redirect( $url ) {
    if ( !headers_sent() ) {
    header("Location: {$url}");
    exit();
    } else {
    // Can't send headers any more, so try using HTML & Javascript redirects instead
    ?>
    <HEAD>
    <META HTTP-EQUIV="Refresh" CONTENT="0; URL="<?=$url?>">
    <script language="JavaScript"><!--
    setTimeout('Redirect()',0);
    function Redirect()
    {
    location.href = '<?=$url?>';
    }
    --></script>
    </HEAD>
    <?php
    exit();
    }
    }[/PHP]


    The save_edit.php page validates the data, if there are some errors it redirects back to the edit page and asks for the information to be fixed.

    All the time it will store the variables in the address bar.

    Is this not a good way of doing it?


  • Closed Accounts Posts: 8,866 ✭✭✭Adam


    You could incorporate that code there (save_edit.php) into the edit page and have the edit page submit onto itself using the post method on the form, and have an if...else... statement to determine whether the form has been submitted or not, that way the post variables dont get lost in script switching.

    In my opinion using GET isn't preferable, but thats me, different strokes for different folks!

    Anybody know if this is doable because I'm not 100% sure tbh! :o


Advertisement