0

I want to pass the URL string data to dashboard.php from login.php here I have just a login auth whereas the data present in the URL is been carried from homepage.php form to login via URL string, I want to carry forward this string to dashboard

The code which gets redirected from dashboard.php for login session for login:

<?php
if(!$_SESSION["UserName"])
{
    //Do not show protected data, redirect to login...
     $FullName = $_REQUEST["name_"]; 
     $Subject = $_REQUEST["subject_"];
     $Phone = $_REQUEST["phone_"];
     $Email = $_REQUEST["email_"];
     $Message = $_REQUEST["message_"];
    header("Location: login.php?name_=$FullName&subject_=$Subject&phone_=$Phone&email_=$Email&message_=$Message");

}

?>

URL String shown in login.php after redirect:

http://localhost/youngants/login.php?name_=Sharayu%20Bhave&subject_=hello&phone_=9876543210&email_=bhave.sharayu@gmail.com&message_=hh

After the user logs in and redirects to dashbord.php I get a blank URL string and data is not displayed, see below :-

http://localhost/youngants/dashboard.php?name_=&subject_=&phone_=&email_=&message_=

My login code where I pass the same URL again via header(), see below :-

if(isset($_POST['login']))  
                                    {  
                                        $username=$_POST['Username'];  
                                        $user_pass=$_POST['password'];  
                                        $encrypt_pass = md5($user_pass);


                                        $check_user="select * from tbl_logindetails WHERE UserName='".$username."' AND Password='".$encrypt_pass."'";
                                        $run=mysqli_query($connection,$check_user); 



    if(mysqli_num_rows($run))  
                                            {  
                                                //echo "<script>window.open('www.google.com','_self')</script>"; 
                                                header("Location: dashboard.php?name_=$FullName&subject_=$Subject&phone_=$Phone&email_=$Email&message_=$Message");                                  

                                                $_SESSION['UserName']= $username; //here session is used and value of $user_email store in $_SESSION.  


                                            }  
                                            else 
                                            {  

                                              echo "<script>alert( 'Error in Registering Useer, Please try again later' )</script>";  
                                            }  
                                        }

My html form from which i take data :-

 <form class="form ajax-contact-form" method="" action="dashboard.php">
                            <div class="alert alert-success hidden" id="contact-success">
                                <span class="glyphicon glyphicon-ok "></span> &nbsp;
                                <strong>Success!</strong> Thank you for your message.
                            </div>
                            <div class="alert alert-danger hidden" id="contact-error">
                                <span class="glyphicon glyphicon-remove "></span> &nbsp;
                                <strong>Error!</strong> Oops, something went wrong.
                            </div>
                            <div class="row col-p10">
                                <div class="col-sm-6">
                                    <label class="mb10">
                                        <input type="text" name="name_" id="name_" required class="form-control" placeholder=" Full Name * ">


                                    </label>
                                </div>
                                <div class="col-sm-6">
                                    <label class="mb10">
                                        <input type="text" name="subject_" id="subject_" required class="form-control" placeholder=" Subject *">
                                    </label>
                                </div>
                            </div>
                            <div class="row col-p10">
                                <div class="col-sm-6">
                                    <label class="mb10">
                                        <input type="text" name="phone_" id="phone_" class="form-control" placeholder=" Phone">
                                    </label>
                                </div>
                                <div class="col-sm-6">
                                    <label class="mb10">
                                        <input type="email" name="email_" id="email_" required class="form-control" placeholder=" Email Address *">
                                    </label>
                                </div>
                            </div>
                            <label>
                                <textarea name="message_" id="message_" cols="30" rows="10" required class="form-control" placeholder=" Message *"></textarea>
                            </label>
                            <div class="mb40"></div>
                            <div class="clearfix">
                            <!-- Enter your google site key here for captcha -->
                               <div class="pull-right xs-pull-left xs-box">



                                </div>  
                                <div class="pull-left">
                                    <button type="submit" class="btn btn-icon btn-e" value="submit" name="submit"><i class="icon icon_mail_alt"></i> Sumbit</button>



                                </div>
                            </div>
                        </form>

I want is to take the above URL from login.php back to dashboard.php and display this data there on dashboard.php. Note, I have only the user id pass auth on login where the URL link carries data from homepage.php.

halfer
  • 19,824
  • 17
  • 99
  • 186
Chinmay Bapat
  • 1
  • 1
  • 5
  • 1
    eiser to just shove it in a session –  Jan 10 '16 at 04:57
  • i do not want to keep sesson variables for security reason as user doesnt have access to only selected fields as per their subscriptions so i am using $REQUEST to just use the variable and on submit it clears off. – Chinmay Bapat Jan 10 '16 at 04:59
  • 2
    You don't want to use sessions for security reasons but you're willing to use GET? hmm... – Nijraj Gelani Jan 10 '16 at 05:01
  • Sessions are more secure rather than GET since sessions are stored in the server side, meanwhile the GET requests will be visible on the screen, browser history and connection logs. – Firat Akandere Jan 10 '16 at 05:02
  • sessions are used in my code but for some privacy transactions only, here where i want to show data to user so no use of using sessions nd simply pass it by URL string, the user confirms, he logsout, finish url filled is resert. @FiratAkandere – Chinmay Bapat Jan 10 '16 at 05:03
  • how does the user get from login.php back to dashboard? –  Jan 10 '16 at 05:05
  • @Dagon buddy its like this... on my homepage i have a form where user contacts to the developer for suggesstions, here when the user submits form on homepage i take the user to his personal dashboard to confirm the question he asked, but if the user not logged in he is redirected to login.php with the parameter of his asked question via URL, after login i redirect back to dashboard taking the same paramter but i get a blank value in URL as data is not displayed. – Chinmay Bapat Jan 10 '16 at 05:08
  • so the dashboard redirect url should be populated wit the variables –  Jan 10 '16 at 05:09
  • I think you should show us also the html form – Firat Akandere Jan 10 '16 at 05:10
  • @Dagon i have posted the URL from login that i redirect and the blank URL field i get in the dashboard.php, please see question i edited it for ua needed info – Chinmay Bapat Jan 10 '16 at 05:11
  • @FiratAkandere i hv posted the html form also as per your need, plz see question. – Chinmay Bapat Jan 10 '16 at 05:13
  • Is this an ajax form? Does it send form data by using POST method? – Firat Akandere Jan 10 '16 at 05:16
  • no buddy not an ajax form, i have generated the form css which loks like ajax form, the class name i gave so the i understand the css class while development @FiratAkandere – Chinmay Bapat Jan 10 '16 at 05:20
  • Be careful with SQL injection here - this will get hacked easily! – halfer Jan 10 '16 at 10:23

1 Answers1

0

on login, when redirecting to dashboard your URL is 

 header("Location: dashboard.php?name_=$FullName&subject_=$Subject&phone_=$Phone&email_=$Email&message_=$Message");

those variables dont exist. you need to use $_GET['name_'] etc, the names used in the url

  • buddy u mean dashboard.php?name_=$_GET['name_'] like this when i redirect after login am i right?? – Chinmay Bapat Jan 10 '16 at 05:18
  • correct, but i would drop the use of underscore in the variable names –  Jan 10 '16 at 05:19
  • i did as u said, i gives be the error as Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in C:\xampp\htdocs\youngants\login.php on line 38 – Chinmay Bapat Jan 10 '16 at 05:24
  • this is what i did header("Location: dashboard.php?name_=$_GET['name_']&subject_=$_GET['subject_']&phone_=$_GET['phone_']&email_=$_GET['email_']&message_=$_GET['message_']"); – Chinmay Bapat Jan 10 '16 at 05:26
  • try `header("Location: dashboard.php?name_=".$_GET['name_']."&subject_=".$_GET['subject_']."&phone_=".$_GET['phon‌​e_']."&email_=".$_GET['email_']."&message_=".$_GET['message_']); ` –  Jan 10 '16 at 05:29
  • @ChinmayBapat store those $_GET values in separate variable and use them inside the `header()` function. – Nijraj Gelani Jan 10 '16 at 05:29
  • ^why, no need, extra memory usage for no gain –  Jan 10 '16 at 05:35
  • @dagon no buddy still a blank URL on dashboard.php http://localhost/youngants/dashboard.php?name_=&subject_=&phone_=&email_=&message_= .... i tried nds checked as u told above – Chinmay Bapat Jan 10 '16 at 05:43
  • add `print_r($_GET)` and post the result –  Jan 10 '16 at 05:45
  • @dagon u mean print_r($_GET)['name'] ?? – Chinmay Bapat Jan 10 '16 at 05:48
  • @Dagon m not getn u, can u plz tell me what exactly i need to add after dashboard.php?name_= – Chinmay Bapat Jan 10 '16 at 05:50
  • @Dagon i did this header("Location: dashboard.php?print_r($_GET)"); and what i got in dashboard.php url is http://localhost/youngants/dashboard.php?print_r(Array) with Notice: Undefined index: name_ in C:\xampp\htdocs\youngants\dashboard.php on line 405 error message – Chinmay Bapat Jan 10 '16 at 05:55