Re: How to create a user friendly URL with parameters? [message #182540 is a reply to message #182539] |
Mon, 12 August 2013 01:06 |
Jerry Stuckle
Messages: 2598 Registered: September 2010
Karma:
|
Senior Member |
|
|
On 8/11/2013 7:10 PM, Scott Johnson wrote:
> On 8/11/2013 2:40 PM, Robert Heller wrote:
>> At Sun, 11 Aug 2013 16:50:38 -0400 Jerry Stuckle
>> <jstucklex(at)attglobal(dot)net> wrote:
>>
>>>
>>> On 8/11/2013 4:09 PM, carapooz(at)gmail(dot)com wrote:
>>>> Hello,
>>>> I have a search form using a POST method (not a GET one!).
>>>> After recieving the request I would like to have my page (the same
>>>> page) be reloaded on the server with user friendly url in the
>>>> browser address box.
>>>> http://exemple.com/spage.php?id=12&ci=13
>>>>
>>>
>>> So why not use the GET method for your form and save yourself the
>>> trouble?
>>
>> Also: it is possible to use $_REQUEST[] as a replacement for *both*
>> $_GET[]
>> and $_POST[]. Thus the form can be POSTed, but the search page can be
>> accessed
>> with a URL (eg GET method). If you do this, be sure to validate and
>> check for
>> spoofed URLs.
>>
>>>
>>>> I did it like this:
>>>>
>>>> ...
>>>>
>>>> page = 'spage.php?id=' . $received['sloc'] . '&ci=' .$received['sdef'];
>>>>
>>>> if($redirect == 1){
>>>> header('Location: ' . $page);
>>>> exit();
>>>> }
>>>> ...
>>>>
>>>> And it works on my local computer but it does not work on Godaddy
>>>> server.
>>>> How it can be done? And wthat is the best way to make a transfer
>>>> from POST to GET?
>>>>
>>>> Thank you.
>>>> A+
>>>>
>>>
>>> You didn't give the entire code, so first of all we don't know what
>>> $redirect contains.
>>>
>>> But the most common problem with this type of code is the headers
>>> already being sent. This will be done by ANYTHING (even white space)
>>> being sent before the header() call. For instance, is GoDaddy inserting
>>> something ahead of your code? Or do you have ANYTHING which will send
>>> output before your header call (even a blank line at the start of the
>>> file will do this).
>>>
>>> If you still can't find your problem, immediately after the <?php in
>>> your file, add:
>>>
>>> error_reporting(E_ALL);
>>> ini_set('display_errors', '1');
>>>
>>> What message(s) is(are) displayed?
>>>
>>> Note: Don't leave this code in on a production system.
>>>
>>
>
> I would also add what Robert touched on but needs to be driven home.
>
> Do not use $_REQUEST UNLESS.....you have some trustworthy validation
> checks that you would trust all your bank account information to.
>
> The request superglobal also contains $_COOKIES, which from my last
> recollection are loaded last and can overwrite your gets and posts which
> can really spoil your day.
>
> I personally don't use it period.
>
> Scotty
>
>
Ditto here, Scott. I find it much better to use the appropriate
superglobal ($_GET, $_POST or $_COOKIE) to ensure the value is coming
from where it is supposed to.
Additionally, what happens if you're expecting a value for 'xyz' in the
$_GET or $_POST array, and at some point change other code to set a
cookie named 'xyz'? It can cause all kinds of weird, hard to find problems.
$_REQUEST, IMHO, is just a bug waiting to occur.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|