index.php?example

Forum Moderators: coopster

Message Too Old, No Replies

8:07 pm on Feb 9, 2007 (gmt 0)

I am trying to setup a way so that variables passed via the url are actually set as a variable. Ex..

the "rid" is the variable that i want populated with the value of 1

$rid = 1

so that it may be used in :

$result=mysql_query("select firstname from $table where id=$rid");

8:17 pm on Feb 9, 2007 (gmt 0)

$rid = $_GET['rid'];

You should always make sure the variables are as you expect, so for an integer like that, this is better:
$rid = intval($_GET['rid']);

And when possible, make sure it's in the range you expect, etc. before using.

8:18 pm on Feb 9, 2007 (gmt 0)

All variables passed through the URL are accessible through $_GET.

$rid = $_GET['rid'];

You will DEFINITELY want to escape your variables before passing them into a query.

8:23 pm on Feb 9, 2007 (gmt 0)

$id= mysql_real_escape_string($_GET['id']);

worked great. Thanks!