FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.
Home » Imported messages » comp.lang.php » variable value gets lost
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: variable value gets lost [message #174452 is a reply to message #174451] Sun, 12 June 2011 19:43 Go to previous messageGo to previous message
Mathieu Maes is currently offline  Mathieu Maes
Messages: 5
Registered: May 2011
Karma:
Junior Member
On 12 jun, 21:13, Co <vonclausow...@gmail.com> wrote:
> Hi All,
>
> I have a page with shows the profile of one of my users.
> the id of the user is send to the page:  profile.php?id=3
> It is retrieved on the page by $id = $_GET['id'].
>
> When I click a submit button on the page to add a message
> to the user I lose his $id.
> How can I preserve the value of $id to add the message to the user?
>
> $sqlName = mysql_query("SELECT * FROM myMembers WHERE
> id='$logOptions_id' LIMIT 1") or die ("Sorry we had a mysql error!");
>
>         while ($row = mysql_fetch_array($sqlName)) { $firstname =
> $row["firstname"];$lastname = $row["lastname"];$username =
> $row["username"];$userid = $row["id"];}
>
>                                 if ($userid != $id){
>                                         $query = mysql_query("SELECT * FROM profile_comments WHERE
> profile_id='$uid' AND user_id='$userid' AND comment='$comment'");
>                                         $numrows = mysql_num_rows($query);
>                                         print $numrows;
>                                         if ($numrows == 0){
>                                                 $commdate = date("d F Y"); // 08 October, 2010
>                                                 print $commdate;
>                                                 mysql_query("INSERT INTO profile_comments VALUES ('', '$uid',
> '$userid', '$username', '$comment', '$commdate')");
>
> Marco

Hi Marco,

Since you haven't provided the HTML code from your form, I will assume
the following:
<form method="post" action="profile.php">
....
<input type="submit" />
</form>

Look at the first line where I provide the form "action". If you click
the submit button, the data will be sent to profile.php which does not
contain your user ID (?id=9000).

I guess the best solution is to add the user ID inside the form as a
hidden input:
<form>
<input type="hidden" name="id" value="<?php echo $id;?>" />
</form>

As a result, the User ID is being sent with your form, and can be read
as follows:
<?php
$id = $_POST['id']; //Assuming you're using POST method
?>

I should warn you that the ID is exposed to the user, which can be
manipulated. If there are certain security limitations (i.e. only be
able to post comments to a certain group of users), you must validate
$_POST['id'] to make sure the user is allowed to post using that ID!!

Kind regards,
Mathew

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Why does relative include fail?
Next Topic: Codeigniter - pagination
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Nov 23 18:13:30 GMT 2024

Total time taken to generate the page: 0.05061 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.1.3.
Copyright ©2001-2023 FUDforum Bulletin Board Software