1) Understanding the format of URL's parameters
Three symbols are used to define a string of parameters to pass:
? concatenates the URL and the string of parameters. & separates multiple parameters. = assigns a value to the variable.
In this example, we have two parameters, login and password, which are assigned the values "me" and "1234".
2) Values are sent from the form, to the server
You have nothing to do to send the values: all variables and values in a form are sent automatically providing the action of the form is a page to load.
The attribute "name" of each form item will provide the name of the variable and the attribute "value" its value.
See at the source of the form at bottom.
The GET method appends the data to the URL, while the POST method would transmit them directly.
Sending data without form
To pass parameters to another page or a script without displaying a form (but with a form tag), we use the "hidden" field:
This invisible form will pass to otherpage.html the parameter: varname=12345.
3) Extracting data received from the URL in the page
The location.search attribute contains the chain of parameters, it remains to be analyzed.
Here is the complete code to process data sent:
- location.search is the property that holds the list of parameters.
- substring(1) skips the ? symbol and returns the string minus this sign.
- split("&") splits the string and returns an array whose elements are the parameters.
- this array is assigned to the "parameters" variable. We can now access individual elements by subscripting the array. Parameters is the first element.
- we have to split again the parameter into another small array that holds the name of the variable and the value.
- in this example, we need only for the value, so we subscript the small array to second item, temp.
- the unescape function convert special characters.
- we have assigned the l variable with the login value and the p variable with the password.
- the login is written in the log field thanks to the getElementById method.
- and password to the pass field.
4) Updating the page with data received
In this example, I suppose we want to write the data into the page that
is loaded with the parameters.
The login variable has been assigned in the previous code.
Two fields have been defined in the page:
The fields are identified by the id property. To fill them with data we have to use the DOM's method getElementById("") and the innerHTML property.
getElementById("log").innerHTML = login;
Use GET and POST Through HTML Form
HTML form is one of the most powerful features of PHP. Any form element will be automatically available to the
action destination of the form.
Fetching data to
$username = isset($_POST['username']) ? $_POST['username'] : ""; $email = isset($_POST['email']) ? $_POST['email'] : ""; echo "Username: ".$username; echo "Email: ".$email;
The sample output of the script may be:
Username: johndoe Email: firstname.lastname@example.org
The example above shows how to pass a variable using
POST through an HTML form. The form element needs to have the
method attribute. The
action contains the next page, in this case, it’s
nextPage.php. The method can be a
GET. You can then access the elements in the
nextPage.php using a
This example will create a
GET variable and can be accessed on
echo $phpVariable = $_GET['phpVariable']; //output: Dog
The GET can be accessed using
Another way is to add a hidden element in an HTML form that submits to the next page.
//Using POST $phpVariable = $_POST['phpVariable']; //Using GET $phpVariable = $_GET['phpVariable']; //Using GET, POST or COOKIE; $phpVariable = $_REQUEST['phpVariable'];
You can change the method from
GET to use the
GET are bot insecure, but
GET is easier to hack since it’s available through the front-end.
$_REQUEST can both accept
COOKIE. It’s good to use
$_REQUEST on self-referential forms for validations.
Use session and cookie
cookie are easier to use, but the
session is far more secure than the cookies, but not completely secure.
//page 1 $phpVariable = "Dog"; $_SESSION['animal'] = $phpVariable; //page 2 $value = $_SESSION['animal'];
When using the
session, always remember to add
session_start() on both pages before accessing the
//page 1 $phpVariable = "Dog"; $_COOKIE['animal'] = $phpVariable; //page 2 $value = $_COOKIE['animal'];
The most obvious difference between
session is that that
session will be stored on the server-side while the
cookies will have the client side as the storage.
DelftStack is a collective effort contributed by software geeks like you. If you like the article and would like to contribute to DelftStack by writing paid articles, you can check the write for us page.