Page 1 of 2

Passing variable to other php link.

Posted: Wed Nov 10, 2004 4:54 am
by Cryptkeeper
This is my first post so hello to you all.

I'm a beginner at php and I have a question. I'm using phpmyadmin for managing my database.
Here is a part of my code.

Code: Select all

<?php
if (isset($_POST['submit']))  // if form has been submitted
{
$name=$_POST['uname'];
$query = @mysql_query("SELECT * FROM admin WHERE username='$name'");
if (!$query) {
    die('Could not execute query. Error: '.mysql_error());
}

$data = @mysql_fetch_assoc($query);
if (!$data) {
    die('Could not fetch row, the username was not found. '.mysql_error());
}
header("Location: http://*****/edit.php"); 


}
?>

?>
So, when I click on OK, I go to edit.php. The problem is that I want to use the $data variable in edit.php.
I want to be able to for example type
echo "Username: {$data['username']}";
in edit.php. But ofcourse the $data variable is not known in edit.php.
How can I bring that variable over to edit.php?

thanks in advance

Posted: Wed Nov 10, 2004 5:07 am
by hairyjim
You need to pass the data var via your URL.

Write your link to the edit.php like this:

Code: Select all

header("Location: http://*****/edit.php?username=".$data&#1111;'username']."");
Then on your edit.php access this var that is passed via the URL like so:

Code: Select all

// check if $username is set 
if (!isset($_GET&#1111;'username'])) 
&#123; 
// You could default the username var to something if it is not set or do whatever you wish.
  header("Location: http://somepagelocation"); 
&#125;else&#123; 
// GETS the username data passed via the URL string
  $user = $_GET&#1111;'username']; 
&#125;

echo $user;

Posted: Wed Nov 10, 2004 5:48 am
by josh
Or use a session if you do not want the user to be able to edit that data.

Posted: Wed Nov 10, 2004 6:06 am
by Cryptkeeper
Thanks, you really helped me out.

Just two more quick questions.
1) Can you pass an array through the same way as a variable?

2) What's the difference between $_GET and $_POST?

Posted: Wed Nov 10, 2004 6:17 am
by CoderGoblin
$_GET is used when passing parameters through as part of the url (a link for example) or when the method="GET" on a HTML form. There are limits regarding length.

$_POST is used when passing variables from an HTML form with method="POST". You cannot use this when using a link, although it has advantages such as no limit to length, at least not one you are likely to come across :wink:

A disadvantage to $_POST is when refreshing you often get a browser popup asking if you really want to refresh.

$_REQUEST can catch both.

If you are trying to pass complex data such as arrays you need to look up sessions as already mentioned as this is a much better solution.

Posted: Wed Nov 10, 2004 7:06 am
by Cryptkeeper
Thanks!

Using the example posted by hairyjim I try to update a record in my database with a new password.

Here is a part of my code.

Code: Select all

<?php
$password=$_POST['pass'];

$query = @mysql_query("UPDATE admin SET password ='$password'  WHERE username = '$user'");
if (!$query) {
    die('Could not execute query, MySQL returned the error: '.mysql_error());
}

?>
So this comes after the exapmple posted by hairyjim in edit.php.
There's also some htlm with buttons and such.

Now when I execute this code the password from the user is gone but isn't updated with the new one.
He (the query) can locate the use because he deletes the old password. The variable $password contains the new password because I printed the variable on screen and it was the new password.

Does anybody have some ideas?

*EDIT*
Hmmm, after some debuggin it seems that the username is not filled in. That's strange cause the old password was deleted.
I've echo'd the query and this was the result.
UPDATE admin SET password = 'test' WHERE username = ''

Is there something special I should do to use variabels passed through an url?

greets

Posted: Wed Nov 10, 2004 7:26 am
by CoderGoblin
Check if $_POST['pass'] cointains a value...

If not ensure the form is set to method="POST".
also ensure that you have
<input name="pass" value="$password">

Posted: Wed Nov 10, 2004 7:27 am
by Cryptkeeper
My previous post has been edited CoderGoblin.

Posted: Wed Nov 10, 2004 7:33 am
by CoderGoblin
Where are you getting the $user value from.
Should this also be passed in (through the form). You could potentially use a <input type="hidden"> field.

Posted: Wed Nov 10, 2004 7:36 am
by Cryptkeeper
Im getting $user form the example hairyjim posted.

Code: Select all

header("Location: http://*****/edit.php?username=".$data&#1111;'username']."");

Code: Select all

// check if $username is set 
if (!isset($_GET&#1111;'username'])) 
&#123; 
// You could default the username var to something if it is not set or do whatever you wish. 
  header("Location: http://somepagelocation"); 
&#125;else&#123; 
// GETS the username data passed via the URL string 
  $user = $_GET&#1111;'username']; 
&#125;

Posted: Wed Nov 10, 2004 7:42 am
by Cryptkeeper
It seems the $user is gone when I check if the 'OK' button has been pressed.

This code comes before the query.
if (isset($_POST['submit'])) // if form has been submitted
{

// check passwords match

if ($_POST['pass'] != $_POST['pass2']) {
die('Passwords did not match.');
}


//Put password in database

$password=$_POST['pass'];

Posted: Wed Nov 10, 2004 7:46 am
by CoderGoblin
Does the page move if you have no $_GET['username'];

Code: Select all

header("Location: http://somepagelocation");
or does it drop through.

It may be better to look at the whole code...

Try adding the following lines to the top of your code to show all error messages...

Code: Select all

error_reporting(E_ALL);
ini_set('display_errors', TRUE);

Posted: Wed Nov 10, 2004 7:58 am
by Cryptkeeper
Yes, it jumps to that page.
I added the show error code and this is what I get.

Notice: Undefined variable: user in C:\apachefriends\xampp\phpmyadmin\edit.php on line 45 and the same for line 65


Here is my whole code for edit.php

Code: Select all

<?php
require('db_connect.php');	// database connect script.
?>


<?php
error_reporting(E_ALL);
ini_set('display_errors', TRUE);


// check if $username is set 
if (!isset($_GET&#1111;'username'])) 
&#123; 
// You could default the username var to something if it is not set or do whatever you wish. 
header("Location: http://******/voorbeeld.php"); 

&#125;else&#123; 
// GETS the username data passed via the URL string 
$user = $_GET&#1111;'username']; 
&#125; 

if (isset($_POST&#1111;'submit']))  // if form has been submitted
&#123;


// check passwords match

	if ($_POST&#1111;'pass'] != $_POST&#1111;'pass2']) &#123;
		die('Passwords did not match.');
	&#125;


//Put password in database

$password=$_POST&#1111;'pass'];


/*$query = @mysql_query("UPDATE admin SET password = '$password'  WHERE username = '$user'");
if (!$query) &#123;
    die('Could not execute query, MySQL returned the error: '.mysql_error());
&#125;*/

$query = "UPDATE admin SET password = '$password'  WHERE username = '$user'";
mysql_query($query);

echo $query;


&#125;

?>

<html>
<body>
<table align="center" border="1" cellspacing="0" cellpadding="3">
<form action="<?php echo $_SERVER&#1111;'PHP_SELF']?>" method="post">

<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Ok">
</td></tr>

<tr><td>Username</td><td>
<?php echo $user; ?>
</td></tr>


<tr><td>Password</td><td>
<input type="password" name="pass" maxlength="20">
</td></tr>

<tr><td>Retype password</td><td>
<input type="password" name="pass2" maxlength="20">
</td></tr>


</table>
</body>
</html>

Posted: Wed Nov 10, 2004 9:02 am
by CoderGoblin
You have no ; at the end of

Code: Select all

<?php echo $_SERVER&#1111;'PHP_SELF']?>
try changing it to

Code: Select all

<?php echo $_SERVER&#1111;'PHP_SELF'];?>
For my programming style I would change this to (Should not be necessary)

Code: Select all

<?php echo (basename($PHP_SELF); ?>
;
and

Code: Select all

<tr><td>Username</td><td>
<?php echo $user; ?>
</td></tr
to

Code: Select all

<tr><td>Username</td><td>
<input name="username" value="<?php echo($user); ?>" type="hidden"><?php echo($user); ?>
</td></tr
and all $_GET to $_REQUEST.

Posted: Wed Nov 10, 2004 9:14 am
by Cryptkeeper
Adding the ; had nog effect :(
The variable $user seems to get lost whenever I press the OK button, so I think it has something to do with the form code.
As long as I don't press the OK butten the variable $user remains.