Verification: a143cc29221c9be0

Passing arguments to php page

1) Understanding the format of URL's parameters

Three symbols are used to define a string of parameters to pass:

  ?   concatenates the URL and the string of parameters.
  &   separates multiple parameters.
  =   assigns a value to the variable.

Example:

https://www.xul.fr/demo.html?login="me"&password="1234"

In this example, we have two parameters, login and password, which are assigned the values "me" and "1234".

2) Values are sent from the form, to the server

You have nothing to do to send the values: all variables and values in a form are sent automatically providing the action of the form is a page to load.

The attribute "name" of each form item will provide the name of the variable and the attribute "value" its value.

...various widgets...

See at the source of the form at bottom.

The GET method appends the data to the URL, while the POST method would transmit them directly.

Sending data without form

To pass parameters to another page or a script without displaying a form (but with a form tag), we use the "hidden" field:

This invisible form will pass to otherpage.html the parameter: varname=12345.

3) Extracting data received from the URL in the page

The location.search attribute contains the chain of parameters, it remains to be analyzed.

Here is the complete code to process data sent:

Explanation:

  1. location.search is the property that holds the list of parameters.
  2. substring(1) skips the ? symbol and returns the string minus this sign.
  3. split("&") splits the string and returns an array whose elements are the parameters.
  4. this array is assigned to the "parameters" variable. We can now access individual elements by subscripting the array. Parameters[0] is the first element.
  5. we have to split again the parameter into another small array that holds the name of the variable and the value.
  6. in this example, we need only for the value, so we subscript the small array to second item, temp[1].
  7. the unescape function convert special characters.
  8. we have assigned the l variable with the login value and the p variable with the password.
  9. the login is written in the log field thanks to the getElementById method.
  10. and password to the pass field.

4) Updating the page with data received

In this example, I suppose we want to write the data into the page that is loaded with the parameters.
The login variable has been assigned in the previous code.
Two fields have been defined in the page:

The fields are identified by the id property. To fill them with data we have to use the DOM's method getElementById("") and the innerHTML property.

getElementById("log").innerHTML = login;

Use GET and POST Through HTML Form

HTML form is one of the most powerful features of PHP. Any form element will be automatically available to the action destination of the form.

POST Request

Fetching data to nextPage.php

$username = isset($_POST['username']) ? $_POST['username'] : "";
$email       = isset($_POST['email']) ? $_POST['email'] : "";
echo "Username: ".$username;
echo "Email: ".$email;

The sample output of the script may be:

Username: johndoe
Email: johndoe@gmail.com

The example above shows how to pass a variable using POST through an HTML form. The form element needs to have the action and method attribute. The action contains the next page, in this case, it’s nextPage.php. The method can be a POST or GET. You can then access the elements in the nextPage.php using a $_POSTor $_GET.

GET Request

Bring me to nextPage

This example will create a GET variable and can be accessed on nextPage.php.

Example:

echo $phpVariable = $_GET['phpVariable'];
//output: Dog

The GET can be accessed using $_GET

Another way is to add a hidden element in an HTML form that submits to the next page.

Example:

nextPage.php

//Using POST
$phpVariable = $_POST['phpVariable'];
//Using GET
$phpVariable = $_GET['phpVariable'];
//Using GET, POST or COOKIE;
$phpVariable = $_REQUEST['phpVariable'];

You can change the method from POST to GET to use the GET request. POST and GET are bot insecure, but GET is easier to hack since it’s available through the front-end.

The $_REQUEST can both accept GET, POST or COOKIE. It’s good to use $_REQUEST on self-referential forms for validations.

Use session and cookie

The session and cookie are easier to use, but the session is far more secure than the cookies, but not completely secure.

session

//page 1
$phpVariable = "Dog";
$_SESSION['animal'] = $phpVariable;

//page 2
$value = $_SESSION['animal'];

Note

When using the session, always remember to add session_start() on both pages before accessing the $_SESSION array.

//page 1
$phpVariable = "Dog";
$_COOKIE['animal'] = $phpVariable;

//page 2
$value = $_COOKIE['animal'];

The most obvious difference between cookies and session is that that session will be stored on the server-side while the cookies will have the client side as the storage.

Contribute

DelftStack is a collective effort contributed by software geeks like you. If you like the article and would like to contribute to DelftStack by writing paid articles, you can check the write for us page.