db table names as alias in php GET-paramter?

Question

I am looking for a possibility to pass db table name and column name via php and GET parameter.

I have a data grid with following structure: table_name1.column1, table_name2.column1, table_name2.column1.

There is a search function for the grid, where I need those parameters.

From the url "?table_name1.column1=22" I am getting through the $_GET only table_name1_column1=22

How would you solve that?

are you sure that you want to include table and column names in a GET situation, instead of creating some mapped codes? — CosminO, Aug 27 '13 at 08:29
I was thinking about that, but it is actually a password secured application with very few users, that are not going to crack the application... — Anatoliy, Aug 27 '13 at 08:38
not really safe what you are doing, but u may want to urlencode your GET parameters — Aaron Gong, Aug 27 '13 at 08:41

score 3 · Answer 1 · answered Aug 27 '13 at 08:26

3

Encode the variable with base64 and decode before you use. I know that's dirty.

But php variables doesn't support periods (dots)

answered Aug 27 '13 at 08:26

Ajmal M Sali

598
6
14

Simply you are asking about, why the variables passed with dots are converted to underscore.. rite? – Ajmal M Sali Aug 27 '13 at 08:28
Here is a reference too – Ajmal M Sali Aug 27 '13 at 08:30
http://stackoverflow.com/questions/68651/get-php-to-stop-replacing-characters-in-get-or-post-arrays – Ajmal M Sali Aug 27 '13 at 08:30
No, I am not asking why, I am asking whether there is a workaround for this? I knew the link you posted here. – Anatoliy Aug 27 '13 at 08:35
1

If you could use some other character for . And replacing it in every get variable. Base64encode works. – Ajmal M Sali Aug 27 '13 at 08:43
I use "!" instead of dot. Then before the use in the algorithm I am doing a str_replace. I am sure that this is not most egelante solution but it works. – Anatoliy Aug 27 '13 at 09:49

score 0 · Answer 2 · answered Aug 27 '13 at 08:42

0

This is a documented feature of PHP. Its basically because PHP cannot have variable names with dots in them.

$x.y = 1  // is an invalid variable name

MANUAL Convert dots to _ in GET & POST

answered Aug 27 '13 at 08:42

RiggsFolly

93,638
21
103
149

but at the same time this works fine: $foo["table.column"]=10; print_r($foo); – Anatoliy Aug 27 '13 at 09:05

score 0 · Answer 3 · answered Aug 27 '13 at 09:33

You can use serialize function of php to pass the text "table_name1.column1" in url. But for that you need to do few coding to get the result. Below I have given code which you can use:

Page1.php

<?php
$test = serialize('table_name1.column1=11::table_name2.column2=22');
?>
<a href='Page2.php?qs=<?php echo $test?>'>test</a>

Use this $test to pass as query string. In above example, I am passing on anchor tag click.

Page2.php

use following code to Unserialize the query string and use the values.

<?php

$test2 = unserialize($_GET['qs']);

$ex = explode('::',$test2);

$new_arr = array();
foreach($ex as $val)
{
    $ex2 = explode('=',$val);
    $new_arr[$ex2[0]] = $ex2[1];
}

echo $new_arr['table_name1.column1']; //print 11
echo $new_arr['table_name2.column2']; //print 22


?>

Hope this will help you :)

score -1 · Answer 4 · answered Aug 27 '13 at 08:24

-1

You need to seperate each parameter with &.

So: ?table=table_name1&column=column1

answered Aug 27 '13 at 08:24

Gerben Jacobs

4,515
3
34
56

but if I have 10 columns it makes the url really long and un-readable (as I have to pass here also other parameters like the mode of the grid etc). Furthermore I built an algorithm for matching GET-parameters with my SQL-query, where I have such columns like table.column.... – Anatoliy Aug 27 '13 at 08:33

db table names as alias in php GET-paramter?

4 Answers4