Really simply image problem

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
MrRSMan
Forum Newbie
Posts: 20
Joined: Sun Feb 03, 2008 8:11 am

Really simply image problem

Post by MrRSMan »

What I need to do is display an image on the page, but part of the URL of that image comes from a PHP variable.

Example- I want to display this image:

http://website.com/images/$name/file.gif

This is the code I have so far:

Code: Select all

<?php
$name = $_POST[name];
?>
<img scr = "http://website.com/images/$name/file.gif">
But it doesn't work. I know the problem is with the image insertion as the $name = $_POST[name]; works fine.

Thanks in advance for your help.
daktau
Forum Newbie
Posts: 3
Joined: Wed Oct 28, 2009 7:07 am

Re: Really simply image problem

Post by daktau »

Try the $_POST with quotes.
eg. $_POST['name']

You could also try doing a
print_r($_POST);

as that would tell you exactly what th server is receiving from the post.

cheers,
George
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Re: Really simply image problem

Post by superdezign »

MrRSMan wrote:

Code: Select all

<?php
$name = $_POST[name];
?>
<img scr = "http://website.com/images/$name/file.gif">
You see the error with highlighting? $name, in your code, is just text. PHP only parses code inside of <?php ?> tags. Try:

Code: Select all

<?php
$name = $_POST['name'];
?>
<img scr = "http://website.com/images/<?php echo $name; ?>/file.gif">
Or:

Code: Select all

<?php
$name = $_POST['name'];
echo '<img scr = "http://website.com/images/' . $name . '/file.gif">';
?>
Also, use quotation marks around associative array indices (as I have done), as PHP has to first determine if "name" is a constant, before declaring it an incorrectly formatted string, and assuming you meant it to be a string. Also, you should validate user input. Allowing anything that the user posts to put into the URL, especially, is bad. Google XSS Injection.
Post Reply