Ask a question    Sign Up Sign In
  1. Home
  2. html - How do i use GET correctly in php?

989 votes
2 answers

html - How do i use GET correctly in php?

Get the solution ↓↓↓

i tried to find a solution for my problem for 2 hours now, but i don't know why my code does not work.

I have a sql output which looks like this:

function output(){
    while($row = $this->statement->fetch()) {
        $id = $row["id"];
        echo '
            <tr>
                <td>'.$row["comname"].'</td>
                <td>'.$row["district"].'</td>
                <td>'.$row["industry"].'</td>
                <td>"<a href="?details=' . $id . '">Details</a>"</td>
            </tr> 
            <br>
            ';
    }

If someone click on the link "Details" i want to give out more information about that specific company. Therefore i save the id in the url to identify which company was clicked. To check if the Details link was clicked, i wrote this:

Edit: just added the "$id = $_GET['details']" after your hints, it looks like this now:

    if (isset($_GET['details'])){
        $id = $_GET['details'];
        echo $id;
    }
}

When i click on the link "Details" it changes the URL correctly, but it doesn't print the id. (I don't only want to print the id, i just do this to check the functionality.) Why does my code not work? Is there a second "$GET" i have to use? I really don't know what is going on.

Edit: The php-code ends here, there is nothing i do afterwards.

Edit2: I tried print_r($_GET) and it looks like, the id is not even in the $GET-Array. Also theif (isset($_GET['details'])) statement is not executed.

Thank you!

962
votes

Answer

Solution:

You should print the$_GET['details']:

if (isset($_GET['details'])){
    echo $_GET['details'];
}

Or put it in a variable:

if (isset($_GET['details'])){
    $id = $_GET['details'];
    echo $id;
}
Write your answer



341
votes

Answer

Solution:

is just an array of all GET parameters in the URL. You see them for example on https://www.google.com?q=stack+overflow where the parameterq is set tostack+overflow. So if you would echo out$_GET["q"] on that URL you would getstack+overflow. You can store it in a variable like $id and echo it out, but you need to set it first like$id = $_GET["details"];

EDIT: I just realized the code you have now is vulnerable to an attack called XSS or HTML Injection. Since we can specify the$_GET["details"] and so$id that is being echoed, an attacker can put HTML code or the<script> tag in there to execute dangerous JavaScript code on everyone that accesses the URL.

Luckily, there is an easy fix: just put the functionhtmlspecialchars() around whatever user input youecho. Theecho you have here would becomeecho htmlspecialchars($id);

Write your answer



Share solution ↓

Additional Information:
Link To Source
People are also looking for solutions of the problem: foreach() argument must be of type array|object, null given

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Similar questions

Find the answer in similar questions on our website.

767 apache - PHP - how to do GET request when username password is asked in a popup?
819 php,mysql,html - Display SQL query(conjunction) properly in HTML
683 php - DOMDocument need to search for an element that has attribute class="something"
791 php - Delete files/uploads when delete User
170 PHP + SQL - Using SQL Server 'Create To' scripts to create tables through PHP
502 Including a html form in a php script
419 php - Mysql to JSON, how to get a nested array?
376 html - PHP JSON generation problems
424 php - Getting "Call to undefined function: 'define': in phalanger web site
587 c# - PHP Get IP based on host name

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.





About the technologies asked in this question

PHP

PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites. The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/


JavaScript

JavaScript is a multi-paradigm language that supports event-driven, functional, and mandatory (including object-oriented and prototype-based) programming types. Originally JavaScript was only used on the client side. JavaScript is now still used as a server-side programming language. To summarize, we can say that JavaScript is the language of the Internet.
https://www.javascript.com/


HTML

HTML (English "hyper text markup language" - hypertext markup language) is a special markup language that is used to create sites on the Internet. Browsers understand html perfectly and can interpret it in an understandable way. In general, any page on the site is html-code, which the browser translates into a user-friendly form. By the way, the code of any page is available to everyone.
https://www.w3.org/html/

Welcome to programmierfrage.com

programmierfrage.com is a question and answer site for professional web developers, programming enthusiasts and website builders. Site created and operated by the community. Together with you, we create a free library of detailed answers to any question on programming, web development, website creation and website administration.

Get answers to specific questions

Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.

Help Others Solve Their Issues

Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.