Dynamic Links in php and mysql

Question

I would like to pass information from one page to the next using dynamic links. For example, when a person clicks

<a href ="glossary.php>A</a>

A will be saved into a variable and passed to glossary.php. Where the following Mysql query will be on glossary.php

letter_query = "SELECT * FROM Glossary WHERE Letter =$clickedletter;
letter_id = mysql_query($letter_query) or die(mysql_error);
$row = mysql_fetch_assoc($letter_id);

I have the following MySQL table:

Glossary (Glossaryid, Letter, Word, Definition, userid).

Here's an example of the information that would be stored: Glossaryid => 01, Letter => B, Word => Ball, Definition => A round thing people use to play with, but some get paid to play with it.

I have a page containing HTML with the links in alphabetical order, i.e A B C D E F G H I, etc. When a person clicks on a link I would like to display the all the words starting with clicked letter onto a page called glossary.php.

Google ["HTTP GET parameters"](http://en.wikipedia.org/wiki/Query_string). And ["PHP request variables"](http://php.net/manual/en/reserved.variables.request.php). And ["SQL Injection"](http://en.wikipedia.org/wiki/SQL_injection) — ppeterka, Sep 10 '13 at 11:50
search for a basic tutorial on how HTTP and PHP actually work, this is basic knownledge you will need to start programming... Do not start with SQL databases if you can not even make a correct HTML link tag. — NDM, Sep 10 '13 at 11:51

score 2 · Accepted Answer · answered Sep 10 '13 at 11:53

In this link, A isn't really a usable value. It's just content being displayed:

<a href ="glossary.php">A</a>

However, you can also make it into a usable value on the URL itself:

<a href ="glossary.php?letter=A">A</a>

Now when you load the glossary.php page, the value will be available to that page as a query string parameter here:

$_GET["letter"]

By putting values on the query string instead of trying to save them internally, this has the added benefit of increased portability. Anything can link to that same URL with that same value with minimal effort, even from off-site (where it wouldn't otherwise have access to save the value in your code), users can even bookmark the link if they'd like.

Note: Before using the value directly in a SQL query, make sure you're familiar with SQL injection. This URL parameter can be spoofed by a user to have any value they'd like in it, including SQL code itself. You'll want to make sure it's been sanitized before using it in a database query.

I'd mention security, as OP seems to be low on knowledge regarding that field. — ppeterka, Sep 10 '13 at 11:55
@ppeterka66: Good call. I've added it to the answer. My PHP knowledge is a bit dated (for example, I have no PDO experience), so hopefully he can at least follow some research tips to understand the topic. — David, Sep 10 '13 at 11:57

score -1 · Answer 2 · answered Sep 10 '13 at 11:51

-1

Try :

<a href ="glossary.php?clickedletter=A">A</a>

$clickedletter=$_GET['clickedletter'];
letter_query = "SELECT * FROM Glossary WHERE Letter =$clickedletter;
letter_id = mysql_query($letter_query) or die(mysql_error);
$row = mysql_fetch_assoc($letter_id);

answered Sep 10 '13 at 11:51

Nil'z

7,487
1
18
28

1

Nice [SQL Injection](http://en.wikipedia.org/wiki/SQL_injection)! It should say **Don't** try in the first line. Also, an answer without explanation is not worth anything. – ppeterka Sep 10 '13 at 11:52
1

the OP obviously lacks basic knowlegde, just giving him the code will not help him. If you do want to spoonfeed him, at least give *some* information about what's happening, and why this piece of code works... – NDM Sep 10 '13 at 11:53

Dynamic Links in php and mysql

2 Answers2