FUDforum: comp.lang.php » variable value gets lost

Home » Imported messages » comp.lang.php » variable value gets lost

Show: Today's Messages :: Polls :: Message Navigator

Re: variable value gets lost [message #174459 is a reply to message #174451]

Sun, 12 June 2011 21:06

Jerry Stuckle
Messages: 2598
Registered: September 2010

Karma:

Senior Member

On 6/12/2011 3:13 PM, Co wrote:
> Hi All,
>
> I have a page with shows the profile of one of my users.
> the id of the user is send to the page: profile.php?id=3
> It is retrieved on the page by $id = $_GET['id'].
>
> When I click a submit button on the page to add a message
> to the user I lose his $id.
> How can I preserve the value of $id to add the message to the user?
>
> $sqlName = mysql_query("SELECT * FROM myMembers WHERE
> id='$logOptions_id' LIMIT 1") or die ("Sorry we had a mysql error!");
>
> while ($row = mysql_fetch_array($sqlName)) { $firstname =
> $row["firstname"];$lastname = $row["lastname"];$username =
> $row["username"];$userid = $row["id"];}
>
> if ($userid != $id){
> $query = mysql_query("SELECT * FROM profile_comments WHERE
> profile_id='$uid' AND user_id='$userid' AND comment='$comment'");
> $numrows = mysql_num_rows($query);
> print $numrows;
> if ($numrows == 0){
> $commdate = date("d F Y"); // 08 October, 2010
> print $commdate;
> mysql_query("INSERT INTO profile_comments VALUES ('', '$uid',
> '$userid', '$username', '$comment', '$commdate')");
>
> Marco

You do NOT want to pass the user's id in either the form or the URL. It
is so easy to hack and assume the id of another user it's not even funny.

Rather, pass it in the $_SESSION.

Also, anything you pass is in the URL is in the $_GET array. Variables
in your program are not automatically set (in a secure system, anyway).

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================

Report message to a moderator

[Message index]

		variable value gets lost By: Co on Sun, 12 June 2011 19:13
		Re: variable value gets lost By: Mathieu Maes on Sun, 12 June 2011 19:43
		Re: variable value gets lost By: Jerry Stuckle on Sun, 12 June 2011 21:06
		Re: variable value gets lost By: Co on Sun, 12 June 2011 21:17
		Re: variable value gets lost By: Denis McMahon on Mon, 13 June 2011 00:56
		Re: variable value gets lost By: Jerry Stuckle on Mon, 13 June 2011 01:24

Previous Topic:	Why does relative include fail?
Next Topic:	Codeigniter - pagination

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Wed Nov 27 10:21:22 GMT 2024

Total time taken to generate the page: 0.05440 seconds