Page 1 of 1
Really simply image problem
Posted: Wed Oct 28, 2009 9:38 am
by MrRSMan
What I need to do is display an image on the page, but part of the URL of that image comes from a PHP variable.
Example- I want to display this image:
http://website.com/images/$name/file.gif
This is the code I have so far:
Code: Select all
<?php
$name = $_POST[name];
?>
<img scr = "http://website.com/images/$name/file.gif">
But it doesn't work. I know the problem is with the image insertion as the $name = $_POST[name]; works fine.
Thanks in advance for your help.
Re: Really simply image problem
Posted: Wed Oct 28, 2009 12:36 pm
by daktau
Try the $_POST with quotes.
eg. $_POST['name']
You could also try doing a
print_r($_POST);
as that would tell you exactly what th server is receiving from the post.
cheers,
George
Re: Really simply image problem
Posted: Wed Oct 28, 2009 12:44 pm
by superdezign
MrRSMan wrote:Code: Select all
<?php
$name = $_POST[name];
?>
<img scr = "http://website.com/images/$name/file.gif">
You see the error with highlighting? $name, in your code, is just text. PHP only parses code inside of <?php ?> tags. Try:
Code: Select all
<?php
$name = $_POST['name'];
?>
<img scr = "http://website.com/images/<?php echo $name; ?>/file.gif">
Or:
Code: Select all
<?php
$name = $_POST['name'];
echo '<img scr = "http://website.com/images/' . $name . '/file.gif">';
?>
Also, use quotation marks around associative array indices (as I have done), as PHP has to first determine if "name" is a constant, before declaring it an incorrectly formatted string, and assuming you meant it to be a string. Also, you should validate user input. Allowing anything that the user posts to put into the URL, especially, is bad. Google
XSS Injection.