php $_GET variable is a predefined php variable name, and values are sent by the HTTP GET method. Get method is not so profound, and the amount of data can be sent is max 100 characters, it displays data (including passwords and usernames) in user's browser address bar, Also makes it vulnerable to SQL injections (Kind of My SQL exploitation done by typing characters in address bar) .
However it is useful, when you want to point to a particular page to retrive data...
Or collect Data from HTML form
<a href="http://www.somesite.com/get_some_data.php?name=sandy>sandy's data</a>
Example :
<form name="someform" method="GET" action="toSomePhpFile.php">
"myform.html":
<form action="collect.php" method="GET">
Name: <input type="text" name="name" />
Email: <input type="text" name="email" />
<input type="submit" />
</form>
"collect.php"
<? phpWhen user clicks submit button, it will look like this in address bar on the browser.
echo $_GET["name"] .<br />";
echo $_GET["email"] . "years old! ";
?>
http://www.somesite.com/welcome.php?name=sandy&email=sandy@yahoo.com
1 comment:
if you receive the get file and want to add a var defendant on the value s received? can it be done?
$x = $_GET["x"]; $y = $_GET["y"];
now before inserting to db I want to add
$z =(if $x=1 then $z=fresh, if $x=2 then $z=new.... etc.)
I'm new to php etc. and cannot find a solution
Thank you
Gordon
Post a Comment