1

Since I'm a newbie, I might be doing a lot of bad steps and with that making mistakes that I just can't figure out. The first sets up the uid, pwd. A second one sets the fname. The lines below were created by the following code:

   session_start();
if (isset($_POST['fname']))
{
$uid    =   $_POST['uid'];                  #   $uid contains "myname"
$pwd    =   $_POST['pwd'];                  #   $pwd contains "myapss"
$fname  =   $_POST['fname'];            #   $fname contains "john doe"    as expected...
echo $uid.$pwd.$fname;              #   This echo confirms that the variavbles were received (debugging only)
$_SESSION   = $uid;             #------------------
}
else
whatever

This is where I'm having trouble: I set up the < href= as follows : (the "a" was removed from this post as it it reserved word).

    $hrefed     =   ('<  href="edit_user.php?');
$hrefed     .=  ("{id='$uid' ,");
$hrefed     .=  ("pwd='$pwd' ,"); 
$hrefed     .=  ("fname='$fname'}"); 
$hrefed     .=  ('">Edit Selected Info</a>');

and it translates to:

    <  href="edit_user.php?{id='myname' ,pwd='mypass' ,fname='john doe'}">Edit Selected  Info</a>

When clicking on the link created to pass control to another program I get the message that no variables were Posted. Can someone give me some idea what is the correct way to set up the call parameters to the other page

Thank You and have a nice Thanksgiving.

piokuc
  • 25,594
  • 11
  • 72
  • 102
huskydusky
  • 21
  • 1
  • 7

1 Answers1

1

Try this:

$hrefed     =   ('<a href="edit_user.php?');
$hrefed     .=  ("&id=$uid");
$hrefed     .=  ("&pwd=$pwd"); 
$hrefed     .=  ("&fname=$fname"); 
$hrefed     .=  ('">Edit Selected Info</a>');

What you're creating here is called a GET query string. Read more here: http://en.wikipedia.org/wiki/Query_string

Also, use $_GET instead of $_POST in your script:

if (isset($_GET['fname']))
{
$uid    =   $_GET['uid'];                  #   $uid contains "myname"
$pwd    =   $_GET['pwd'];                  #   $pwd contains "myapss"
$fname  =   $_GET['fname'];            #   $fname contains "john doe"    as expected...
echo $uid.$pwd.$fname;              #   This echo confirms that the variavbles were received (debugging only)
$_SESSION   = $uid;             #------------------
}

Read more about HTTP request methods here: http://en.wikipedia.org/wiki/GET_(HTTP)#Request_methods

These will solve your immediate problem.

The more serious problem is that you shouldn't just print a user's password on a web page. You shouldn't even store the password, only a hash of it. If this is just a hobby project, that's OK but please remember to do some research about basic web security before making a real-world web site.

See:

Community
  • 1
  • 1
Botond Balázs
  • 2,512
  • 1
  • 24
  • 34
  • Balasz,Koszonom segitsegedet. Thanks for your help. I'll look up the links you've pointed me to. – huskydusky Nov 23 '12 at 19:23
  • Nagyon szívesen :) I'm glad I could help and thanks for taking the time to respond in my native language. – Botond Balázs Nov 23 '12 at 20:50
  • En nem nem Magayroesagban szulletem, if you wish, Irjal pkhuskydusky at gmail.com. Your example worked perfectly and once again thank you for the help. – huskydusky Nov 24 '12 at 04:05
  • @Balazs, I have the following problem now and I'd ask for your help. – huskydusky Nov 30 '12 at 15:38
  • @Balazs, I have the following problem now and I'd ask for your help. Given: `echo ('< href="edit_info.php?&id=$nome&user=$fname">Edit Selected Info');` how do I capture the $nome and $fname in edit_info.php? I can't get hold of the two variables. If you could explain how this would work I'd appreciate. Udvozollek, Peter – huskydusky Nov 30 '12 at 15:48