3

I am trying to maintain a custom built PHP roster system. I'm trying to pass a variable along to a second PHP page. Previously, this was being done through a form with a dropdown:

<form METHOD=POST ACTION=\"awardedit.php\">
<input TYPE=\"hidden\" NAME=\"pagestep\" value=\"1\">
<select name=\"username\">
<option value=\"" . $username . "\">" . $username;
</select>
</form>

(somehow, even without closing the option tag, this still worked)

These were followed by individual buttons that determined where it went to on "awardedit.php"

However, the dropdown list is not the way to go when we have a large number of users. The usability is not great.

I'm attempting to query the database to get a list of the users, then display the users in a table, along with the those buttons that get you to different sections of awardedit.php.

I just cannot figure how to pass the $username variable through without "form method = post action = awardedit.php"

I know how to echo the username through to show the users username, but I don't know the code to pass through the variable.

I'm sorry this is so bad, but I really am very amateur and have been reading and reading to try and figure this out, (sessions, ajax, $_POST), but I just can't figure out how to implement this change.

j08691
  • 204,283
  • 31
  • 260
  • 272
Weeve Stinwood
  • 31
  • 1
  • 1
  • 2
  • question is, are you already inside PHP with that form? the escaped quotes suggests it. – Funk Forty Niner Apr 23 '16 at 19:08
  • Yes, I just edited out all of the "echo"s. – Weeve Stinwood Apr 23 '16 at 19:09
  • As the answer below i also recomend you to use GET method instead of form – David Lavieri Apr 23 '16 at 19:16
  • 1
    Just because the dropdown list becomes too long it doesn't mean you can't use a form. – RST Apr 23 '16 at 19:59
  • @DavidLavieri: And, as I said to the other two people, _please please please don't do that_ and don't teach others to do so. – Lightness Races in Orbit Apr 23 '16 at 20:20
  • @LightnessRacesinOrbit Dude, this guy just want to get an edit form (just a display not even will update any data on it) out of a username, does he need to make JWT and send it by POST because is super insecure and that can update his bank account? Whaat? Chill dude.... I got your link down there sure cool but still i think this is way too simple for such complications – David Lavieri Apr 23 '16 at 20:40
  • @DavidLavieri: You are mistaken. On Stack Overflow, we do not teach "solutions" that are literally, by definition, _wrong_ and demonstrably broken. If you want to do that, there's always Yahoo Answers! – Lightness Races in Orbit Apr 23 '16 at 20:44

2 Answers2

1

Here are the following solutions to your problem :

GET :

Use GET to pass variable to your another page :

Here as :

<a href="/awardedit.php?username=<?php echo $username; ?>" >Submit Username</a>

Note : Now it becomes a link when you click on it so it passes your username variable data to your awardedit.php page.

And then on that page you can catch the variable value using the following code:

<?php $username = $_GET["username"];
//And then do whatever you want to do with it
?>

If you want to do it this way so then there you can use the following way to do this :

COOKIES:

Use COOKIES if you don't want to do anything unsecure :

setcookie("username", $username, time()+5);
header("Location: awardedit.php");

And then fetch the cookie at your awardedit.php page as :

if (isset($_COOKIE['username'])) {
$username = $_COOKIE['username'];
}

Still if you don't want to do it this way so you can do it the following way and it's more secure way :

SESSIONS :

Set a session like this way :

$_SESSION['username'] = $username;

And on your awardedit.php page to fetch the value.you can do it like this way :

$username = $_SESSION['username'];
echo $username;

Remember to run the session_start() statement on both these pages before you try to access the $_SESSION array, and also before any output is sent to the browser.

Umair Shah
  • 2,305
  • 2
  • 25
  • 50
  • 1
    No, don't do this. Using inappropriate HTML `form` ACTIONs is not just theoretically wrong, but also [practically harmful](http://stackoverflow.com/a/14587231/560648). GET and POST are two different things for a _reason_! – Lightness Races in Orbit Apr 23 '16 at 19:20
  • You can save your value in a session variable and get it in your next page. – Aparna Apr 23 '16 at 19:26
  • 1
    @LightnessRacesinOrbit : Is there any else remaining way to do this so that I can also learn something but if that is the secure way and more popular & common way to do the job??? – Umair Shah Apr 23 '16 at 19:37
1

pass variables through Url, href="localhost/myphp.php?name=jake" and use GET in the myphp.php file to get the var, echo $_GET["name"];//jake

Hachachin
  • 89
  • 8
  • No, don't do this. Using inappropriate HTML `form` ACTIONs is not just theoretically wrong, but also [practically harmful](http://stackoverflow.com/a/14587231/560648). GET and POST are two different things for a _reason_! – Lightness Races in Orbit Apr 23 '16 at 20:20