Page 1 of 1

I hope this is possible

Posted: Thu Mar 16, 2006 12:42 pm
by xterra
How's everyone doing,
So I have a fully functional site that inputs/outputs to a DB. Say you found something in the DB that you liked and you want to send to a friend, you can't just copy the url because its simply:

domain.com/script.php


Is there someway I can send SQL statements in the URL so the user can send to their friend something like


domain.com/script.php=select * where username = me


something like that, where the user can send to a friend exactly what he/she is looking at.


That way I dont have to create HTML pages for each data entry, like domain.com/entry1.htm

Any advice is appreciated,
Rob.

Posted: Thu Mar 16, 2006 1:16 pm
by ed209
You could send them a URL with a get variable at the end denoting the id of the row in the database.

domain.com/see_that_user.php?user=1

then in your 'see_that_user.php' file

Code: Select all

// get the requested variable

$user_id = $_GET['user'];

// then use that for your query

$sql = "SELECT * FROM my_table WHERE user_id=".$user_id;
Then display the information as you've done in your 'script.php' page. I'm not an expert on security, but I wouldn't send a SQL query in a url

Posted: Thu Mar 16, 2006 3:06 pm
by xterra
Thanks alot.

But one question.

How do I know whether its being called like that or internally.

In other words:

see_user gets the data from the form that called it, uising the _Post[] command. But how do I know whether its being called from someone typing it in their browser as opposed to being called from the form.

If that makes sense lol.

Thanks,
Rob.

Posted: Thu Mar 16, 2006 4:18 pm
by xterra
Nm. Worked. Thanks.