Re: How to create a user friendly URL with parameters? [message #182539 is a reply to message #182538] |
Sun, 11 August 2013 23:10 |
Scott Johnson
Messages: 196 Registered: January 2012
Karma:
|
Senior Member |
|
|
On 8/11/2013 2:40 PM, Robert Heller wrote:
> At Sun, 11 Aug 2013 16:50:38 -0400 Jerry Stuckle <jstucklex(at)attglobal(dot)net> wrote:
>
>>
>> On 8/11/2013 4:09 PM, carapooz(at)gmail(dot)com wrote:
>>> Hello,
>>> I have a search form using a POST method (not a GET one!).
>>> After recieving the request I would like to have my page (the same page) be reloaded on the server with user friendly url in the browser address box.
>>> http://exemple.com/spage.php?id=12&ci=13
>>>
>>
>> So why not use the GET method for your form and save yourself the trouble?
>
> Also: it is possible to use $_REQUEST[] as a replacement for *both* $_GET[]
> and $_POST[]. Thus the form can be POSTed, but the search page can be accessed
> with a URL (eg GET method). If you do this, be sure to validate and check for
> spoofed URLs.
>
>>
>>> I did it like this:
>>>
>>> ...
>>>
>>> page = 'spage.php?id=' . $received['sloc'] . '&ci=' .$received['sdef'];
>>>
>>> if($redirect == 1){
>>> header('Location: ' . $page);
>>> exit();
>>> }
>>> ...
>>>
>>> And it works on my local computer but it does not work on Godaddy server.
>>> How it can be done? And wthat is the best way to make a transfer from POST to GET?
>>>
>>> Thank you.
>>> A+
>>>
>>
>> You didn't give the entire code, so first of all we don't know what
>> $redirect contains.
>>
>> But the most common problem with this type of code is the headers
>> already being sent. This will be done by ANYTHING (even white space)
>> being sent before the header() call. For instance, is GoDaddy inserting
>> something ahead of your code? Or do you have ANYTHING which will send
>> output before your header call (even a blank line at the start of the
>> file will do this).
>>
>> If you still can't find your problem, immediately after the <?php in
>> your file, add:
>>
>> error_reporting(E_ALL);
>> ini_set('display_errors', '1');
>>
>> What message(s) is(are) displayed?
>>
>> Note: Don't leave this code in on a production system.
>>
>
I would also add what Robert touched on but needs to be driven home.
Do not use $_REQUEST UNLESS.....you have some trustworthy validation
checks that you would trust all your bank account information to.
The request superglobal also contains $_COOKIES, which from my last
recollection are loaded last and can overwrite your gets and posts which
can really spoil your day.
I personally don't use it period.
Scotty
|
|
|