Sending Data from one page to another without using form php

Question

How to send data from one page to another without using form? I am getting id and type by GET method

 <a href="form.php?id=<?php echo $_GET['id']."&".$_GET['type']; ?>" class="orderbtn">Order Now</a>

When I go to form.php, I fill the form and click on the submit button my form page code is below

form.php

<div id="form">
  <p class="rf">*Required Fields </p>
  <form action="formsubmitted.php" onsubmit="return formValidate()" method="post" name="myform">
         <span class="required" title="Required Field">*</span>
         <span style="font-size:16px; color:#000; font-family:Arial, Helvetica, sans-serif;">Name: </span>  
         <input id="name" title="Enter Your Full Name" type="text" name="name" autofocus="autofocus" required="required" value=""/><br/>
          <span class="required" title="Required Field">*</span>
         <span style="font-size:16px;color:#000; font-family:Arial, Helvetica, sans-serif;padding-right:10px;">Email:</span> 
         <input id="email" type="email" name="email" required="required" placeholder="xyz@example.com"/><br/>
          <span class="required" title="Required Field">*</span>
         <span style="font-size:16px;color:#000; font-family:Arial, Helvetica, sans-serif;">Address:</span>
         <input id="address" title="Enter Address" type="text" name="address" required="required" value=""/><br/>
         <span class="required" title="Required Field">*</span>
         <span style="font-size:16px;color:#000; font-family:Arial, Helvetica, sans-serif;">Contact Number:</span>
         <input id="contactno"  title="Enter Number" type="text" name="contact" required="required" value=""/><br/>
         <input id="submit" name="submit" type="submit" value="Submit"/></span>
   </form> 
</div>

When I submitted it goes to formsubmitted.php page where I am inserting data into database using post method i.e.

formsubmitted.php

   <?php
    $connection = mysql_connect("localhost","root","");
        $select_db = mysql_select_db("fashion",$connection);
        if(!$connection)
        {
            die ("Could not Connect".mysql_error());
        }

         $query = "INSERT INTO `order` (flname,email,address,contact) VALUES ('{$_POST['name']}','{$_POST['email']}','{$_POST['address']}','{$_POST['contact']}');";
     echo $query . "<br />";
     $res = mysql_query($query,$connection);
     if(!$res) {die("Could Not Enter Data".mysql_error());}
     else { echo "Enter Data Successfully."; }

     ?>

I want to insert the id and type which I am getting in the url in form page how can i do that?

I see inline-styling and usage of `mysql_query` both of which are bad practices in web design. I think you should be concerned about those for now. — samayo, Dec 12 '13 at 17:38
Your code provides an excellent example of how to construct dangerous SQL queries. http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php — Dave, Dec 12 '13 at 17:44
yes u both r rights but next time i will be surely not doing that designing — Zeeshan, Dec 12 '13 at 19:10

Krish R · Accepted Answer · 2013-12-12T17:45:39.923

1

You need to add &type=

 <a href="form.php?id=<?php echo $_GET['id']."&type=".$_GET['type']; ?>" class="orderbtn">Order Now</a>

...................................................................................................^

You need use to $_GET in form.php

 <?php   $id = $_GET['id'];
         $type = $_GET['type'];
  ?>

     <form action="formsubmitted.php" onsubmit="return formValidate()" method="post" name="myform">
    ......
      <input name="id" type="hidden" value="<?php echo $id;?>">
      <input name="type" type="hidden" value="<?php echo $type;?>">
    </form>

in formsubmitted.php:

 <?php echo $_POST['id']; echo $_POST['type']; ?>

edited Dec 12 '13 at 17:45

answered Dec 12 '13 at 17:39

Krish R

22,583
7
50
59

i do that but it is inserting the id value in type coloumn in database and id is 0 when a new record is added.. – Zeeshan Dec 12 '13 at 19:15
in formsubmitted.php, use print_r($_POST); to verify the posted value – Krish R Dec 12 '13 at 19:17
it is printing now like this Array ( [name] => Imran Mushtaq [email] => imi.mushtaq@gmail.com [address] => 3280y28y [contact] => 73427343 [id] => 7 [type] => winter [submit] => Submit ) but the same problem id colomn=0 and Type colomn has the value of id... – Zeeshan Dec 12 '13 at 19:39
[id] => 7 [type] => winter, it carried and posted the proper values. – Krish R Dec 12 '13 at 19:40
how you say id=0 ? can you show your formsubmitted.php file source' – Krish R Dec 12 '13 at 19:42
formsubmitted.php "; $res = mysql_query($query,$connection); if(!$res) {die("Could Not Enter Data".mysql_error());} else { echo "Enter Data Successfully."; } ?> – Zeeshan Dec 12 '13 at 19:51
`$query = "INSERT INTO order (flname,email,address,contact,Type,id) VALUES ('{$_POST['name']}','{$_POST['email']}','{$_POST['address']}','{$_POST['contact'‌]}','{$_POST['type']}', '{$_POST['id']}') ";` – Krish R Dec 12 '13 at 19:54
You have shuffled the id and its respective post value in query, i have modified in above, please use it – Krish R Dec 12 '13 at 19:55
hmm it works .. I am thinking the colomn name type is after id thats why i am inserting values in that sequence... but thanks for helping – Zeeshan Dec 12 '13 at 20:01

score 0 · Answer 2 · answered Dec 12 '13 at 17:41

0

You can send this params in a hidden field As this:

<input type="hidden" name="type" id="type" value="<?php echo $_GET['type'];?>"/>

And you need to add protection against XSS

answered Dec 12 '13 at 17:41

Yaroslav Osetrov

894
1
10
13

Sending Data from one page to another without using form php

2 Answers2