get syntax

Passing data through a weblink

Get? Get what!?

OK, say.. You have a calender, and you want to place a link of each day on the calender to a new page, which holds all the meetings for that day. Obviously, you do not want to have a new page for each day, and link to that. No, you are building a dynamic website, so you have created a file “show_appointments.php” wich is standard for each day of the month, and just gets filled with information, based on the day selected. Now.. You need to include the selected day somehow in the link, which points to the show_appointments file. You can do this by defining the day in the last section of the link:

<a href=”show_appointments.php?day=23″>23rd of May</a>

So, when somebody clicks that link, (s)he is sent to the page show_appointments.php, and the array $_GET holds one entry, namely the value 23, belonging to the key day. (Read more about arrays in the tutorial on arrays). Or, in other words: $_GET['day'] == 23. In order to access values which were passed through a link, you have to refer to the $_GET value:

1
2
3
<? 
 $day = $_GET['day'];
 ?>
<? 
 $day = $_GET['day'];
 ?>

Is that all? Nope. Unfortunately not. First of all.. This is just one variable. But you could of course have a series of variables passed through an url. This is how you go about it.

<a href=”show_appointments.php?day=23&month=5″>23rd of May</a>

The second issue is that you can not be certain that the page which is loaded, was accessed through a link with added variables. So you need to check whether the variable was set before actually using it:

1
2
3
4
5
6
7
8
9
10
11
<? 
// set a default value, to be sure
$day = 1;
 
if(isset($_GET['day']))
  {
  $day = $_GET['day'];
  }
 
echo $day;
?>
<? 
// set a default value, to be sure
$day = 1;

if(isset($_GET['day']))
  {
  $day = $_GET['day'];
  }

echo $day;
?>

A third issue has to do with the safety of your programs, and the vulnerability of the program to hacking. In PhP you can automatically have the variables extracted from the $_GET array. This is set in the php.ini, and called “REGISTER_GLOBALS”, which should be switched off. If you switch it to on, the variables are automatically defined in the script, and people can pass values through the URL to the script you are running. This is in particular a problem when you are using database driving scripts, but can also affect other scripts. (Have a look at a paper about SQL inject). It is therefore wise to check whether the variable is actually of the type, and holds the information which you would expect. In an other tutorial we will get into this.

Continue by reading about Passing data from a form

Leave a Reply