FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » variable value gets lost
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: variable value gets lost [message #174459 is a reply to message #174451] Sun, 12 June 2011 21:06 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 6/12/2011 3:13 PM, Co wrote:
> Hi All,
>
> I have a page with shows the profile of one of my users.
> the id of the user is send to the page: profile.php?id=3
> It is retrieved on the page by $id = $_GET['id'].
>
> When I click a submit button on the page to add a message
> to the user I lose his $id.
> How can I preserve the value of $id to add the message to the user?
>
> $sqlName = mysql_query("SELECT * FROM myMembers WHERE
> id='$logOptions_id' LIMIT 1") or die ("Sorry we had a mysql error!");
>
> while ($row = mysql_fetch_array($sqlName)) { $firstname =
> $row["firstname"];$lastname = $row["lastname"];$username =
> $row["username"];$userid = $row["id"];}
>
> if ($userid != $id){
> $query = mysql_query("SELECT * FROM profile_comments WHERE
> profile_id='$uid' AND user_id='$userid' AND comment='$comment'");
> $numrows = mysql_num_rows($query);
> print $numrows;
> if ($numrows == 0){
> $commdate = date("d F Y"); // 08 October, 2010
> print $commdate;
> mysql_query("INSERT INTO profile_comments VALUES ('', '$uid',
> '$userid', '$username', '$comment', '$commdate')");
>
> Marco

You do NOT want to pass the user's id in either the form or the URL. It
is so easy to hack and assume the id of another user it's not even funny.

Rather, pass it in the $_SESSION.

Also, anything you pass is in the URL is in the $_GET array. Variables
in your program are not automatically set (in a secure system, anyway).

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Why does relative include fail?
Next Topic: Codeigniter - pagination
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Nov 30 23:49:29 GMT 2024

Total time taken to generate the page: 0.04407 seconds