Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

_POST and _GET in php..

Options
  • 19-06-2007 12:45pm
    #1
    jackdaw
    Closed Accounts Posts: 1,788 ✭✭✭


    How can i send DATA through a post or get form from one page to another, where i want the data to be contant ? and not editable like it is on a form ?
    <form action="loan_film_DB.php?ID=$ID" method="get">
<B>Name of Borrower : </B> <input type="text" name="borrower" /><br><br>
<!--<B>ID : </B> <input type = "text" name = "ID" /> <br><br> -->
<CENTER><input type="submit" /></CENTER>
</form>


    Above i want to enter the borrower name, but i want the ID to remain constant,
    I have passed the ID as a parameter on the previous page but can't seem to "re pass" it from this form ? is there a way in forms to have a value passed but not editable by the user ?


Comments

  • Options
    #2
    Evil Phil
    Registered Users Posts: 7,468 ✭✭✭Evil Phil


    Could you use a HTML hidden field? That's what I would do in Asp.net.

    When it comes to repassing the ID value, are you populating the form with it server side?


  • Options
    #3
    seamus
    Registered Users Posts: 68,317 ✭✭✭✭seamus


    There are two ways of doing this:

    1.
    The easy way. Use hidden inputs in your forms.
    So instead of <input type = "text" name = "ID" />, you use <input type = "hidden" name = "ID" />
    This input type doesn't appear on the page, but does get passed as a normal variable.
    The problem is that it can still be edited if a user knows what they're doing.

    2.
    The good way. Use sessions. A session stores a cookie on the user's machine. This session cookie is a unique indentifier for a text file that's stored on your server. Into this text file, you can put whatever information you like. So long as the user has the session cookie, you can get the information on the session.

    You'll have to read up a bit more on sessions before you can use them, but for storing information about a user across multiple pages, sessions are really the best way to go.


  • Options
    #4
    ron_darrell
    Users Awaiting Email Confirmation Posts: 351 ✭✭ron_darrell


    seamus wrote:
    There are two ways of doing this:

    1.
    The easy way. Use hidden inputs in your forms.
    So instead of <input type = "text" name = "ID" />, you use <input type = "hidden" name = "ID" />
    This input type doesn't appear on the page, but does get passed as a normal variable.
    The problem is that it can still be edited if a user knows what they're doing.

    2.
    The good way. Use sessions. A session stores a cookie on the user's machine. This session cookie is a unique indentifier for a text file that's stored on your server. Into this text file, you can put whatever information you like. So long as the user has the session cookie, you can get the information on the session.

    You'll have to read up a bit more on sessions before you can use them, but for storing information about a user across multiple pages, sessions are really the best way to go.

    Sessions are not necessarily the 'good way'. If cookies are disabled on the client browser then your session variables will not be available and so your page will fail/do something you hadn't predicted. The hidden field is probably a sturdier way of doing things but of course more open to abuse. Other ways include writing the variable to a text file or database. But I think the hidden field is probably the easiest way to do it.

    -RD


  • Options
    #5
    jackdaw
    Closed Accounts Posts: 1,788 ✭✭✭jackdaw


    Ok thanks folks ! I have started on sessions.. they seem the best way
    for my needs ..


  • Options
    #6
    seamus
    Registered Users Posts: 68,317 ✭✭✭✭seamus


    ron_darrell wrote:
    Sessions are not necessarily the 'good way'. If cookies are disabled on the client browser then your session variables will not be available and so your page will fail/do something you hadn't predicted. The hidden field is probably a sturdier way of doing things but of course more open to abuse. Other ways include writing the variable to a text file or database. But I think the hidden field is probably the easiest way to do it.

    -RD
    Ah well we could argue till the cows come home on that one :)
    Any properly written page should be able to take account of cookies being disabled, if the cookies are critical to the pages working. You could even fall back to hidden fields in that case, or direct the user to enable cookies.


  • Advertisement
  • Options
    #7
    jackdaw
    Closed Accounts Posts: 1,788 ✭✭✭jackdaw


    seamus wrote:
    There are two ways of doing this:

    1.
    The easy way. Use hidden inputs in your forms.
    So instead of <input type = "text" name = "ID" />, you use <input type = "hidden" name = "ID" />
    This input type doesn't appear on the page, but does get passed as a normal variable.
    The problem is that it can still be edited if a user knows what they're doing.

    2.
    The good way. Use sessions. A session stores a cookie on the user's machine. This session cookie is a unique indentifier for a text file that's stored on your server. Into this text file, you can put whatever information you like. So long as the user has the session cookie, you can get the information on the session.

    You'll have to read up a bit more on sessions before you can use them, but for storing information about a user across multiple pages, sessions are really the best way to go.


    Hmmm... this is still not working .. the ID is blank .. when i use this 
    <form action="loan_film_DB.php" method="get">
<B>Name of Borrower : </B> <input type="text" name="borrower" /><br><br>
<<input type=hidden name = ID value= "$ID"> /> <br><br>
<CENTER><input type="submit" /></CENTER>
</form>

    and i have the $ID var assigned above that like : 
    $result = mysql_query("SELECT ID,Title FROM Films");
while ($row = mysql_fetch_assoc($result)) {
	$title = $row['Title'];
	$ID = $row['ID'];
	
}


  • Options
    #8
    jackdaw
    Closed Accounts Posts: 1,788 ✭✭✭jackdaw


    maybe it's because the $ID var is out of scope ??


  • Options
    #9
    Ziycon
    Registered Users Posts: 1,987 ✭✭✭Ziycon


    Try this: 
    <form action="loan_film_DB.php" method="get">
<B>Name of Borrower : </B> <input type="text" name="borrower" /><br><br>
<input type="hidden" name="ID" value="<?php echo $ID; ?>"/> <br><br>
<CENTER><input type="submit" /></CENTER>
</form>


  • Options
    #10
    marco_polo
    Moderators, Science, Health & Environment Moderators Posts: 10,079 Mod ✭✭✭✭marco_polo


    seamus wrote:
    Ah well we could argue till the cows come home on that one :)
    Any properly written page should be able to take account of cookies being disabled, if the cookies are critical to the pages working. You could even fall back to hidden fields in that case, or direct the user to enable cookies.

    Just out of interest with php, can you do URL rewriting in the event of cookies being unavailable?


  • Options
    #11
    IRLConor
    Subscribers Posts: 4,076 ✭✭✭IRLConor


    marco_polo wrote:
    Just out of interest with php, can you do URL rewriting in the event of cookies being unavailable?

    Yes, it's very easy. You can get PHP to do it transparently and automatically for relative URLs. See the session documentation for details.


  • Advertisement
  • Options
    #12
    Inspector Gadget
    Registered Users Posts: 1,393 ✭✭✭Inspector Gadget


    Ziycon wrote:
    Try this: 
    <form action="loan_film_DB.php" method="get">
<B>Name of Borrower : </B> <input type="text" name="borrower" /><br><br>
<input type="hidden" name="ID" value="<?php echo $ID; ?>"/> <br><br>
<CENTER><input type="submit" /></CENTER>
</form>

    ...or failing that, use $_SESSION["ID"] instead of $ID (don't forget to use session_start() to get that side of things rolling)

    Gadget


Advertisement