Category: php

Pass Variables from One Page to Another -- PHP

Author: D.Shaun Morgan

Tutorial Outline :

• Passing PHP variables with $_POST
• Passing PHP variables in links with $_GET
• Passing PHP variables without POST or GET | $_SESSION
• Passing PHP variables arrays from one page to another
• Passing PHP COOKIE variables

Introduction - php Passing Variables between Pages

In this tutorial about passing php variables, you will learn how to access PHP variables from one page to another .

You will cover the following subjects:

• POST
• GET
• $_SESSION
• $_COOKIE
• Arrays
• passing variables between scripts

Get The PHP Manual

The php manual is an indispensable tool for a php developer. It can be found at php.net . If you are running windows, it comes in an easy-to-use help program. You can download it here http://www.php.net/download-docs.php.

Passing post Data to Another Page

Here is a simple example of how to pass a PHP variable from one page to another with the post method, and how to use the POST super global array to make your coding experiences more efficient and less time-consuming. This tutorial will illustrate how to collect information with a form, in links, and by reading cookies.

The best way to learn any programming language is by doing it yourself. So, we will start this lesson by creating php files:

1. First create a file named passing-vars.php .
2. Second create an HTML FORM on the passing-vars.php file to collect user data.
3. Third you create a file named catching-vars.php and then write some php code in it to handle the variables.

Explanations and How To

If you are new to this stuff, the explanations in the following list should help explain things a little better.

• How to create php files --To create a php file, simply open a text editor like notepad and save your file as YourFile.php
• What is Hosting ?-- A hosting account is a server that your website resides on. You will need a Web server like Apache installed on your PC with php or a hosting account somewhere with php to follow these examples.
  You may want to look at Installing Apache and Installing PHP for instructions on setting up apache and php on your local machine.
• FORM -- Forms are used to collect text data from internet users. It is made up of text boxes and submit-buttons. Data collected with FORMS can vary greatly depending on what type of website a person is operating.
  
  Mrarrowhead.com for example has a FORM at the bottom of each page for collecting user feedback and comments about the website. When the Submit button is clicked, whatever text the user typed into the FORM'S input areas will be passed along to the web server which uses the value in the input box's -- name=variablename attribute to create global variables that live in the server as super-global-arrays – POST, or GET. For now it is enough to know that those variables have a global scope, and are usually sent to the script that you have pointed your form to using the form tag's action="". The example form below is pointing to a script called catching-var.php. catching-var.php will be responsible for processing the data passed to it from the form you place on passing-var.php.

Creating a Form for passing-var.php

Copy the HTML below, paste it into a text editor and then save the file as "passing-var.php" with a php file extension

This FORM is using the post method. You will notice when you submit it that there will be nothing extra in the address bar unlike some other forms you may have used. This is because the POST method does not pass information in the address bar.

Data values corresponding to "name0" through "name4" will each occupy their own space in the $_POST super global array on your server. Now, we will write some php code that makes it possible to pass variable between pages. This code will show you how to access the data that is sent to the POST global variable via an HTML form.

Copy the PHP code below and paste it into a text editor and then save the file as "catching-var.php."

Notice the syntax above. $_POST is like a container that holds information sent to it via the POST method.

Visual example of Super Globals

Testing the Post Script

Open your web browser and navigate to passing-var.php. Insert some data into the form and submit it.

Now the catching-var.php script has access to the data sent over to it by the HTML FORM your created -- passing-vara.php . If all is working correctly, you should see the data that you entered in output on catching-var.php.

Post Summary

That concludes the POST tutorial on learning how to pass variables from one page to another in php. Next we will go over using the "GET"method in your form's "action attribute" to pass php values in between web pages.

Passing variables in URI with Form Method $_GET

Passing variables in the hyperlink is versatile and useful to web programmers. And the "GET METHOD" with HTML Forms is especially useful because it allows you to see those variables in your web browser's address bar as they are sent by your php script as along with the values stored in them as they are passed to the another page of php script.

Let's Take a look at the following example.

GET Anchor / Hyperlink Link Example

If you read the POST tutorial then you have already learned how to make php files with a text editor. If not, then need to go and get a good text editor. I suggest notepad++. It is chocked full of features for just about every kind of programming language you can think of; and the best thing about it is -- it is free. It will cost you nothing; not a dime! However, for those of you who can afford it, I strongly encourage you to make donations to the author of Notepad++ for giving us all such a great text editor. AlSO JUST FYI. I get nothing for promoting it. I plugged it because I honestly like it.

Now that you have a great text editor...

It is time to learn how to write php for the GET METHOD Used with HTML forms.

Complete the Following Steps:

1. Create two .php files -- passing-var.php and catching-var.php.
2. Place those files into a directory on your web server that is able to serve php scripts to the public.
3. On Apache it is usually called htdocs
4. With Windows IIS, I think it is usually called www(But don't quote me on that -- I am an Apache man).
5. The goal either way is the same -- to place your php scripts into a directory that can serve them.

Now that you have created your test php files we can start learning php in the context of the GET/HTML/LINK/FORM Method. To start this lesson we will hack up -- HACK!!! HACK!!! HACK!!!, Excuse me, got a lil choked there!! -- a line of text that will utilize the infamous(?) HTML anchor tag, sometimes referred to as an A Pronounced: A-EE tag, or for those of us who really like to buck the system and STICK IT TO THE MAN WE LIKE TO CALL IT ...SUSPENSE - DRUMROLL...

AN "A" (A-EE)LINK!!! or HYPERLINK!!!

All kidding aside, one of the things I want to make clear about using the GET method of passing variables from one page to another page in PHP versus using the POST method, is how much more versatile GET can be when dealing with user input that changes often,dynamic variable data, and sending that data to the next page to be processed by a php script.

Coding variables into hyperlinks is easy. You actually see those variables all time while you are browsing the Internet. All the cryptic text that you see after a Question Mark "?" in URL's, you know, in the address bar / navigation bar, is a string that represents variable names and data being sent to the next page. They are all paired up then passed to another php page for processing. Take another look at the hyperlink from earlier.

Notice ?name=Shaun&Lname=Morgan.

When you follow that link to "catching-var.php" :

These vars ----- > name=Shaun&Lname=Morgan

will be available to catching-var.php because there is two new variables named name and Lname in the $_GET super global array with data, Shaun&Morgan stored in them respectively.

Now place the following code at the top of the php script that we created called catching-var.php

Notice the values of the name and Lname variables were passed into the "value=" attribute of the form tag.

Example How to Use GET Method - HTML FORMS

After submitting this information to the catching-var.php file, lets do something a little different. Instead of just showing you how to access the GET variable lets do something useful with that data. The next example will show you how you can code the data that was sent into yet another URL to be passed on for more processing. Create a link on your catch-var.php page like the one in the next example.

The resulting link would be:

You can also pass variables in the "action" attribute of the form tag like this:

This method of passing values in php only works if the user clicks on the links that were structured to pass values in the URL using the get method or typing information into a text box within a form tag that is using the "get" method.

Security Concerning the GET Method

The "get method" passes data in the URI. If you look at your web browser's address bar after submitting a "get method" form, you will notice that you can view all variables and values pairs that were written into the page's html forms and links. They can also be modified and resubmitted by the user which makes GET data insecure by itself.

Malicious parameters can be added to GET values in the web browser in an attempt to launch an injection attack against a web server. People who perpetrate injection attacks attempt to cause harm to remote machines by sending servers parameters often encoded into a web browser's address bar. PHP programmers should always watch out for this kind of of attack and be proactive about stopping attackers before they compromise their networks. The following steps can help keep attacks of this nature under control.

1. It is also wise to use a function such as striptags() to keep attackers from injecting unwanted HTML and other code into your web site. The striptags() php function removes html and other scripting tags from the content it processes.
2. Consider writing code to keep track of how many times a web attacker attempts to fill in the same form over and over. If a user is trying to fill a form out continuously, it is probably a spam bot trying to crack your system --- Or a really bored teenager doing what teenagers do -- tearing up stuff!
3. Change passwords often.

The $_GET method in it's is not secure. The POST Method is slightly more secure than the GET method because a user cannot stand behind you and see the variable values you are sending. In today's cyber-landscape of 15 year old semi-skilled-hackers that invest hundreds of hours into getting fat on donuts, and learning how to break into other people's computers and phones, one way to protect your web site data is with encryption. Encryption takes all the traffic entering and leaving a network and turns it into human unreadable streams of bits that require credentials of some type to be viewed by the end user.

Example Passing Variables Using $_SESSION['']

What if I want to pass a certain set of variables over to every page on my site? Do I have to keep coding $_POST or $_GET into the HTML on every page?

Answer: No - You can use Sessions Or Cookies Instead.

SESSIONS will allow you to pass php variables and values to every page a user visits on your web site.

SESSIONS Overview

• Every time a person visits a site that uses php session_start() a new session is started.
• The user is also assigned an unique SESSION id number
• Sessions are valid until the session expires (the expiry value is set in the php.ini file), or until the user closes his or her browser.
• SESSONS are php super global arrays
• The syntax for accessing session variables is -- $_SESSION['name of variables'].
• Using Sessions makes passing variables between pages much easier.
• $_SESSION['name of variables']is available to programmers anywhere on the server that he/she invokes the session_start(); php function.

Example of Form Tag and $_SESSION[''] Variables

First send the variable to a script

Move $_POST Variable Contents into $_SESSION Variable

Call: "session_start()": on testScript.php

Explanation of Example Script

First we use a form to send POST data to a php script -- testScript.php

Next testScript.php calls up the session_start() function, creating a session variable --- $_SESSION['name'] ---and sets it to the value found in $_POST['name']values. Now the $_SESSION['name'] variable can be accessed and used from any page on the server

Accessing $_SESSION Variable

You must call the "session_start()" function in php to gain access to the $_SESSION super global array.

Example on How to Use SESSIONS

Example About Using Cookie Variables

what is php Explanation of PHP Basic Syntax --New to PHP Php is a language that is very much like writing c. The best feature of PHP versus c is that it is designed pri

Filezilla Filezilla Ftp Client, FTP SERVER vs Wsftp By: D.Shaun Morgan While I was writing this article, about halfway through, I realized that it would be unfair to tell my readers about

notepad plus Notepad++ Download Notepad Plus Plus Notepad plus plus is an open source, free text editor. It is

how to write php functions php How to Write PHP functions Part 1 Author: D.Shaun MorganVersions and Skill Level PHP 5 Reader skill level - Begin

register globals long arrays php Security, php.ini, register_globals and register_long_arrays Author: D.Shaun Morgan Versions and Skill Level PHP Version - PHP 5x