Whats the best way to pass variables
Moderator: General Moderators
Whats the best way to pass variables
Im really getting into php now and i realize that my goal is to make my sight as efficient as possible. Thanks to this sight i have learned about pagination, image resizing, passin varibles and much more. My question to all out there is what would be the best way to pass variables.
Im basically making an online catalog which displays garments. There are many sub catageroies in this such as Coats, Jackets and types of materials, also accesories etc.... I didnt make the site to have users with passwords, but i probably will incorporate one when i get more experienced.
Ive recently encountered a problem with pagination. Im having trouble passing the variables to the next page of the script. I read around and saw two solutions to the problem. Post the variables to the pagination script, which i did and which works, or to use sessions. Now as far as i have read sessions are the way to go for something like this. I also dont want to use cookies. What would you do in my situation, keep it the way it is or go for the sessions?
Im basically making an online catalog which displays garments. There are many sub catageroies in this such as Coats, Jackets and types of materials, also accesories etc.... I didnt make the site to have users with passwords, but i probably will incorporate one when i get more experienced.
Ive recently encountered a problem with pagination. Im having trouble passing the variables to the next page of the script. I read around and saw two solutions to the problem. Post the variables to the pagination script, which i did and which works, or to use sessions. Now as far as i have read sessions are the way to go for something like this. I also dont want to use cookies. What would you do in my situation, keep it the way it is or go for the sessions?
You could also use query strings which is a very popular way of doing this. So your links on pages would look like:
somesite.com/index.php?page=2
Then on each page you can access the var like this:
With that information you can then generate pagination.
somesite.com/index.php?page=2
Then on each page you can access the var like this:
Code: Select all
$_GET['page']- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Query strings are far better anyway for this sort of thing... you can't link to a specific page too easily if it relies on sessions (Unless you hijack the session id). Any large application which passes variables for such cosmetci things I use GET, only sensitive data gets posted.
You'll have to sanitize things a bit which is one disadvantage of GET. Say someone wants to bookmark a particular page... sessions wont cut it
You'll have to sanitize things a bit which is one disadvantage of GET. Say someone wants to bookmark a particular page... sessions wont cut it
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Not sure how you mean. You mean can you use both at the same time?soianyc wrote:Can i incorporate sessions and query strings? If so will it be a hassle or pretty straight forward??
You can use any combination of methods in your scripts. Maybe a point to note is that (although you should usually know where to expect it to be from) $_REQUEST[] looks through all the possible locations for your variables i.e. GET, POST, SESSION, COOKIES
Re: Whats the best way to pass variables
How about laser eye surgery or glasses!?soianyc wrote:... i realize that my goal is to make my sight as efficient as possible.
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
Not neccesarily. I have created my own class that can sanitize any input.
With $_GET I generally have a list of pre-defined variables, and if the current input does not match any of those possibilities I consider it the users error, and terminate the script.
Simple as sanitizing your input, especially with sql queries.
For example, look at hotmail and ebay. The url sometimes is extremely long. So $_GET evidently is an effective way of passing information. But keep in mind, never ever ever EVER trust anything that the user can define.
With $_GET I generally have a list of pre-defined variables, and if the current input does not match any of those possibilities I consider it the users error, and terminate the script.
Simple as sanitizing your input, especially with sql queries.
For example, look at hotmail and ebay. The url sometimes is extremely long. So $_GET evidently is an effective way of passing information. But keep in mind, never ever ever EVER trust anything that the user can define.