...

View Full Version : Changing Contents via URL



ConnorJack
10-09-2009, 07:16 PM
Is there a way I can add a URL attribute (like ?user=connorjack) and it will change what is on the page. For example, if I have a page with some embed code in. Part of the embed code includes a username, so I want to change that via the URL rather than create duplicate pages thousands of time.

mlseim
10-09-2009, 07:29 PM
At the top of your page ...


<?php
$user=$_GET['user'];

// now, you can use the $user variable anywhere you want in your HTML (see below).

?>
<html>
... your html page stuff

... wherever your embed code is ....

<blah blah <?=$user?> blah blah>

</html>

met
10-09-2009, 07:34 PM
to expand


//url = users.php?user=testing
$user = $_GET['user'];

if(isset($user)) {
/* you should validate the variable to prevent malicious input */
$query = 'SELECT * FROM `users` WHERE username="' . $user . '" LIMIT 1';
$result=mysql_query($query);
$r=mysql_fetch_array($result);
echo '<h2>Viewing: ' . $r['username'] . ' Profile</h2>';
// etc

} else {

echo '<p>Please select a user...</p>';
$qry = mysql_query('SELECT * FROM `users` ORDER BY id ASC');
while($r=mysql_fetch_array($qry)) {
echo '<a href="users.php?user='.$r['username'].'">'.$r['username'].'</a><br />';
}
}

ConnorJack
10-09-2009, 07:36 PM
At the top of your page ...


<?php
$user=$_GET['user'];

// now, you can use the $user variable anywhere you want in your HTML (see below).

?>
<html>
... your html page stuff

... wherever your embed code is ....

<blah blah <?=$user?> blah blah>

</html>


Great! Thanks! And I can change the variable with "?user=username"?

mlseim
10-09-2009, 08:20 PM
That's right,

If you do this, "http://www.mywebsite.com?user=connorjack",
the variable called $user will contain the value of "connorjack".

As Met is alluding to ...
Anything you bring into your script should be "sanitized" so that nothing
malicious can be injected. Bringing in a username, like "connorjack" poses
no problems as we can see, but we don't know what the rest of your script
is doing (as we can't see it of course), so just be careful about what you
allow and how the variable is used.

Your webpage (or script) needs to either be .php (instead of .html),
or you have to instruct your webhost server to process .html as a PHP script.
Since you posted this in the PHP forum, I assume you already know about PHP.

ConnorJack
10-09-2009, 08:25 PM
That's right,

If you do this, "http://www.mywebsite.com?user=connorjack",
the variable called $user will contain the value of "connorjack".

As Met is alluding to ...
Anything you bring into your script should be "sanitized" so that nothing
malicious can be injected. Bringing in a username, like "connorjack" poses
no problems as we can see, but we don't know what the rest of your script
is doing (as we can't see it of course), so just be careful about what you
allow and how the variable is used.

Your webpage (or script) needs to either be .php (instead of .html),
or you have to instruct your webhost server to process .html as a PHP script.
Since you posted this in the PHP forum, I assume you already know about PHP.

Yeah, thanks for your help. It is working. I do know HTML, CSS and a little PHP. But I only started with MySQL a few days ago.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum