I don't understand appending variables to a url or using hidden fields

Beginners - Learning PHP
#1

Hello all,
The chapter I am working on talks about appending one or more varairables to a url by simply adding page.php?name=something.

One example in a table row is this:

Edit Delete</a

I don’t understand what this is doing. I understand that this is an alternative form of hyper link that takes you to a php page but I don’t understand adding a variable. The text talks about hidden fields and Get and Post too but I am trying to just understand the first part. I have looked up some examples online and I still am not able to wrap my head around this yet.
Thank you
Jaloney
#2

You use url parameters to pass values from one page to another as part of a link, for example:

Link Text

Then to get these values on the page linked to, SomePage.php in this case, we use $_GET, for example:

[php]$intNumber = $_GET(Number);
$strText = $_GET(Text);[/php]

When you submit values from a form using post, it looks like this:

To get these values on the “receiving” page, we use $_POST, for example:

[php]$intNumber = $_POST(Number);
$strText = $_POST(Text);[/php]

Note that you can also have a form method of get:

For which you use $_GET in much the same way as you would a URL parameter.

Take a look here for more info: http://www.w3schools.com/php/php_forms.asp

#3

xerxes
Okay this is helpful. I read all the info on the link and also refreshed my info on html hidden fields in forms.

I understand best the examples of adding hidden fields to a form. Then I append the variable name to a url and send it without it being seen in the url. But I see all these messages that say you can see the hidden fields in the HTML source code anyways so it is not a secure method. So if it is not secure, why bother?

I understand that the input type “hidden” for form elements like password might show up on the HTML source code. I don’t understand how hackers could get the hidden data a person inputs on a form and sends to a script via an ammended php script.

Still a bit confused
Jaloney

#4

If you have an admin section within a site, which is all password protected and you list the users on a page within it then links like this: edituser.php?ID=2 are fine.

However, on the main site, if you want to allow users to edit their own details then you can use their session variables to retrieve only their information.

#5

Thank you xerxes
I don’t know how to send you good karma…
Jaloney

Sponsor our Newsletter | Privacy Policy | Terms of Service