I don't understand appending variables to a url or using hidden fields

Hello all,
The chapter I am working on talks about appending one or more varairables to a url by simply adding page.php?name=something.

One example in a table row is this:

Edit Delete</a

I don’t understand what this is doing. I understand that this is an alternative form of hyper link that takes you to a php page but I don’t understand adding a variable. The text talks about hidden fields and Get and Post too but I am trying to just understand the first part. I have looked up some examples online and I still am not able to wrap my head around this yet.
Thank you

You use url parameters to pass values from one page to another as part of a link, for example:

Link Text

Then to get these values on the page linked to, SomePage.php in this case, we use $_GET, for example:

[php]$intNumber = $_GET(Number);
$strText = $_GET(Text);[/php]

When you submit values from a form using post, it looks like this:

To get these values on the “receiving” page, we use $_POST, for example:

[php]$intNumber = $_POST(Number);
$strText = $_POST(Text);[/php]

Note that you can also have a form method of get:

For which you use $_GET in much the same way as you would a URL parameter.

Take a look here for more info: http://www.w3schools.com/php/php_forms.asp

Okay this is helpful. I read all the info on the link and also refreshed my info on html hidden fields in forms.

I understand best the examples of adding hidden fields to a form. Then I append the variable name to a url and send it without it being seen in the url. But I see all these messages that say you can see the hidden fields in the HTML source code anyways so it is not a secure method. So if it is not secure, why bother?

I understand that the input type “hidden” for form elements like password might show up on the HTML source code. I don’t understand how hackers could get the hidden data a person inputs on a form and sends to a script via an ammended php script.

Still a bit confused

If you have an admin section within a site, which is all password protected and you list the users on a page within it then links like this: edituser.php?ID=2 are fine.

However, on the main site, if you want to allow users to edit their own details then you can use their session variables to retrieve only their information.

Thank you xerxes
I don’t know how to send you good karma…

Sponsor our Newsletter | Privacy Policy | Terms of Service