Without Session Pass variable in another page using PHP

Question

I have working some code.... Without session send another page in php... Any one help me.

<?php
$forget=$_POST['forget'];
if(isset($forget))
{
  mysql_connect("localhost","root","")or die(mysql_error());
  mysql_select_db("tamil")or die(mysql_error());
  $query=mysql_query("select * from register where username='$forget' OR email='$forget'")or die(mysql_error());
  if(mysql_num_rows($query)== 1)
  {
        $row=mysql_fetch_array($query);
        header('Location: new_password.php',$row);
        echo $row['username'];

  }
  else
  {
        echo "enter valid details";
  }

}
else
{
  echo "enter your name or mail";
}
?>

I will send $row variable in another page.... header('Location: new_password.php',$row );

Since when is the second parameter from `header()` an array ? — Daan, Aug 03 '15 at 12:49
@Tamil: Please consider not to pass the POST-Vars directly to your SQL-Statement to avoid [SQL Injections](http://php.net/manual/en/security.database.sql-injection.php) — mario.van.zadel, Aug 03 '15 at 13:42

Harish Lalwani · Answer 1 · 2015-08-03T12:54:58.217

0

keeping the security measures at stake you can also urlencode and serialize the entire result send like this

 header('Location: new_password.php?row='.urlencode(serialize(($row)));

while ideally we just send user_id

header('Location: new_password.php?id='.$row['id']);

edited Aug 03 '15 at 12:54

answered Aug 03 '15 at 12:49

Harish Lalwani

754
5
20

Without Session Pass variable in another page using PHP

1 Answers1