1

I've got a form asking for user input. The input should be a name which exists in my database.

<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
    Name: <input type="text" name="name" value="<?php echo $name;?>">
    <span class="error">* <?php echo $nameErr;?></span>
    <br><br>
    <input type="submit" name="login" value="Login">
</form>

I'm trying to first check user input, and then if the input is clean, send the user off to another site.

This is what I'm using to scrub the input:

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    if (empty($_POST["name"])) {
        $nameErr = "Name is required";
    } else {
        $name = test_input($_POST["name"]);
        // check if name only contains letters and whitespace
        if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
            $nameErr = "Only letters and white space allowed"; 
        }
    }
}

Then I would like to send to the next site after querying to my database and receiving an ID:

<form action = "http://website.com/~username/site.php" method="get">
    Name: <input type="text" name="name"><br>
    <Input type="submit">
</form>

How should I go about doing this?

Professor Abronsius
  • 33,063
  • 5
  • 32
  • 46
Tawm
  • 535
  • 3
  • 12
  • 25
  • So you want to redirect the user if his name is within your database table? Use phps header() function to do so. – maxhb Dec 04 '15 at 17:03
  • I've tried doing that. Where should i be putting the header() function? When I tried it, it didn't seem to execute. – Tawm Dec 04 '15 at 18:29
  • To redirect a user use header('Location: myfile.php'). – maxhb Dec 04 '15 at 18:33
  • Okay so that works well. Now I need to also be able to send that ID I get form a query to the next page. – Tawm Dec 04 '15 at 20:14

1 Answers1

0

Use header() function to achieve your goal

header('Location: yourfile.php?id=' . $yourIdValue); // adopt to your needs

In your target script fetch id with

$id = $_GET['id'];
maxhb
  • 8,554
  • 9
  • 29
  • 53
  • Is there a way to do this with $_POST? – Tawm Dec 05 '15 at 16:51
  • Using $_POST is possible but more complicated. Why prefer post over get? – maxhb Dec 05 '15 at 16:57
  • For security reasons, to keep people from editing the URL to access another ID. How much more complicated? – Tawm Dec 05 '15 at 18:22
  • POST is nor more secure than GET. If you wanna use POST, have a look at these examples (using curl): http://stackoverflow.com/questions/3045097/php-redirect-and-send-data-via-post – maxhb Dec 05 '15 at 19:55