Page 1 of 1

New to php, index.php?func=blahh

Posted: Sat Apr 09, 2005 5:28 pm
by soul814
posting.php?mode=newtopic&f=1&sid=2c0ec ... 75fa3d11c5

^
posting.php?mode=newtopic

how do you do that? like the ?something=function part

Thanks =)

Posted: Sat Apr 09, 2005 5:42 pm
by Chris Corbyn
?

Code: Select all

<a href=&quote;/dir/file.php?mode=something&quote;>link</a>
The ?mode=something means that in the file.php code there will be a variable:

$_GET['mode']

whoch will have a value of "something". It lets you feed data into your scripts.

http://www.php.net/tut -> PHP tutorials

Wohoo! 1000 posts

Posted: Sat Apr 09, 2005 5:48 pm
by soul814
Searching on google about that, but I dont get it, I just started to learn about php can you give me a small sample code?

Posted: Sat Apr 09, 2005 5:55 pm
by Chris Corbyn
soul814 wrote:Searching on google about that, but I dont get it, I just started to learn about php can you give me a small sample code?
The link I posted above. It goes through a whole tutorial on PHP starting from very basic writing "Hello World!" in PHP to using forms to process data and using $_GET (which is the question you asked - even if you don't see it just yet ;-) )

PHP.net will be your biggest source of help for PHP. Next, there's the guys here :lol:

Posted: Sat Apr 09, 2005 6:00 pm
by Chris Corbyn
Example code:

I have a file called script.php....

Code: Select all

&lt;?php

$word = $_GET&#1111;'word']; //Gets the word from the URL
echo $word; //Writes the word to the page
?&gt;
and I go to this URL:

Code: Select all

http://mysite.com/script.php?word=Hello!
and the output is
Hello!
I've put a script up for you (containing that exact code above).
Test it (edit the URL here to be whatever word you like):

http://www.chriscorbyn.co.uk/phpdn/words.php?word=Hello!

Posted: Sat Apr 09, 2005 6:05 pm
by soul814
ohh so if i want to run a function i would do something like

Code: Select all

<?php
$func = $_GET['func'];
if($func == "loadDB")
{
loadDB();
}

function loadDB()
{
// code
}
?>

Posted: Sat Apr 09, 2005 6:12 pm
by Chris Corbyn
That would work yes.
It might not be a good idea to allow too much to be done through the URL since as you see from the script I wrote above, it's easy for people to fiddle and change the behaviour.

Posted: Sat Apr 09, 2005 6:14 pm
by John Cartwright
Never trust anyhing that can be inputted by the user. Every variable, whetever its a $_GET, $_POST, $_COOKIE should be checked for expected values before they put into use.

Posted: Sat Apr 09, 2005 6:22 pm
by soul814
Oh i only wanted to learn that since I'm trying to link mysql w/ flash and I need php to communicate the two. I need php to load and save the information so I just needed to know how to run the function by index.php?func=load =) thanks for your help if I have any problems I'll be sure to ask

Posted: Sat Apr 09, 2005 6:23 pm
by John Cartwright
I would suggest searching the terms "sql injection" if your going to allow the user to modify the query via $_GET. The query can easily be modified if you do not sanitize your variables which can lead to several bad, bad things.

Posted: Sat Apr 09, 2005 6:34 pm
by soul814
http://www.securiteam.com/securityrevie ... 1P76E.html

looks complex but how would they modify my $_GET?

Code: Select all

function sendInfo(){
$firstName = $_POST['fname'];
$lastName = $_POST['lname'];
// db command
}
i was planning to do it something like this

Posted: Sun Apr 10, 2005 5:39 am
by timvw
some hints if you want communication between php and flash :)

http://www.amfphp.org/
http://ghostwire.com/resources/phpobject/