tags:

views:

62

answers:

3
Q: 

Correctly making a <a href> hyperlink with a variable.

Hi. I'm trying to make a small script for my site where the user would go to the page, lets say, http://example.com/test.php?p=22. From there, a script would read the 'p' variable, and result with a hyperlink going to http://example.com/diffdir/22.exe. So far, this is what I have coded:

<?php
 $test = $HTTP_GET_VARS['p'];
 ?>
 <a href="diffdir/".$test.">Test</a>

Now, I would think that inserthing that $test into the <a href> would do the trick, but sadly the hyperlink only leads to http://example.com/diffdir. Would anyone mind pinpointing what I am doing wrong?

A: 

Use $_GET instead of HTTP_GET_VARS, it is deprecated.

And, you need to put the variable into PHP tags:

<a href="diffdir/<? echo $test; ?>">Test</a>
Pekka  2009-12-27 16:52:51
+2  A: 
  • $HTTP_GET_VARS is deprecated, try use $_GET instead.

  • Your 'link' is outside of php tags, by the way, so the interpreter won't execute $test, hence, can't fill in your desired value ..

     <?php  
    $test = $_GET['p'];
 ?>
 <a href="diffdir/<?php echo $test ?>">Test</a>
The MYYN  2009-12-27 16:53:43
Even when I use that (I even copy and pasted just to make sure our script are the exact same), it still only brings me to http://test.com/diffdir.
PuppyKevin  2009-12-27 16:59:21
Could it be that your scripts are not being parsed by PHP at all? Can you paste the actual HTML source code here?
Pekka  2009-12-27 17:02:56
What you see is all that I have. Would it not be as simple and grabbing the p variable, and inserting it into a link?
PuppyKevin  2009-12-27 17:05:32
I mean the actual HTML that your script is producing in your browser? From "View" > "Source code"?
Pekka  2009-12-27 17:06:53
Oh, my bad. Here you go:<a href="diffdir/".22.">Test</a>
PuppyKevin  2009-12-27 17:09:03
A: 

Directly passing data from the URL parameters in $_GET into your HTML output may result in a security threat. Anybody could create a link that leads to your script and passes ANYTHING into the page that the person who is following the link will get, for example harmful javascript code, unwanted ads, etc.

Alway filter input data for possible threats before using it for anything.

Techpriester  2009-12-27 17:01:44
Why of course. I'm just getting the main script to work. After that, I'll only make it work with 2 numbers.
PuppyKevin  2009-12-27 17:10:50

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases