Application Development - passing parameters

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
nick279
Forum Newbie
Posts: 2
Joined: Wed Sep 20, 2006 9:07 am

Application Development - passing parameters

Post by nick279 »

Everah | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Hi everyone,

Been reading through a couple of forums, just a couple of things been bugging me - been writing in Perl (arrgh) and looking to switching to PHP completley (kind of mid-transition like tables -> css [which I've done woohoo] down with tables!)

I am currently posting hidden variables [ALL system variables] using forms and header files eg fields like 'action', 'clientid' etc -> and am thinking of using sessions but was warned that they can be hijacked. (Apologies if this is an ignorant comment)
I am probably completley wrong but can you just pas/retrieve session variables simply and securley?

The current way I am doing things works, but if I need say 20 variables passed, they have to be included as hidden in every form and theres got to be a better way (? I hope  ?)

[u]Iterating through mysql records[/u] (basic example - any comments would be great as get sick and tired of bodging it)

is there an easier way of outputting dynamic variables than <?=$variable?> or "asads ".$variable." asda<br>";

Code: Select all

while ($row = mysql_fetch_array($res)) {


print '<form action="clients.php" method="post" name="form_'.$row['clientid'].'">';
print 'Client : '.$row['clientid'].'<br>';    // Perl you can do the following : "Client : $row['clientname']"
print '<input type="submit" value="Edit Client">';
print '<input type="hidden" name="clientid" value=" '.$row['clientid'].' ">';
print '<input type="hidden" name="action" value="clientEdit">';

}

Everah | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

use php tags while posting php code....
nick279 wrote:The current way I am doing things works, but if I need say 20 variables passed, they have to be included as hidden in every form and theres got to be a better way (? I hope ?)
use sessions... your current way is way too easy to hack than sessions...
with session you don't have to lug the variables around from page to page... sessions are made for exact that thing...

and regarding your next question, it's faster to just break out of php and output HTML normally... so your loop will be..

Code: Select all

<?php while ($row = mysql_fetch_array($res)) { ?>
<form action="clients.php" method="post" name="form_'<?php echo $row['clientid'] ?>">
Client : <?php echo $row['clientid'] ?><br>
<input type="submit" value="Edit Client"> 
<input type="hidden" name="clientid" value="<?php echo $row['clientid']?> ">
<input type="hidden" name="action" value="clientEdit">
<? } ?>
avoid use of short php tags... their support maybe discontinued in future dur to collision with xml tags...
and regarding // Perl you can do the following : "Client : $row['clientname']"
you can also do it in PHP : "Client : {$row['clientname']}" - just surround the variable with the curly braces...
nick279
Forum Newbie
Posts: 2
Joined: Wed Sep 20, 2006 9:07 am

Post by nick279 »

use sessions... your current way is way too easy to hack than sessions...
with session you don't have to lug the variables around from page to page... sessions are made for exact that thing...
What I had in the back of my mind, so will start as of now properly!
Yeah had a problem with IE caching generated certain(get request) pages so presumabley requiring a valid session/session id will cure it
avoid use of short php tags... their support maybe discontinued in future dur to collision with xml tags...
and regarding // Perl you can do the following : "Client : $row['clientname']"
you can also do it in PHP : "Client : {$row['clientname']}" - just surround the variable with the curly braces...
Excellent! Thanks for that helps a lot. Have a lot to learn :)

Cheers n00b
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

you're welcome...

for learning I would suggest reading some good books on PHP, recommendations can be found here.

having php manual locally is very very handy as you must have figured out by yourself... a chm is what I prefer.

other than that, in case you really get stuck go to goole first.. most of the queries have been answered n number of times [where n = 1k - 1000k] here, there and everywhere... if you are still unable to solve it, you can come right here :)
Post Reply