we can use $_GET method to pass info via url but it shows the info in url like
<a href =profile.php?id=$user>click here</a>
and in profile.php?id=$user , we can access username via
$username=$_GET['id'];
is there any safer method to achieve because i don;t want to show the info passed in url.
any help is appreciated.
i know what post does.
i don't want to send data via form but via url.
what i want is when someone click a link i want to send some information of the user alongwith it.
WHy can't you pass the username instead? That field will be unique too right? As long as everybody is allowed to see other people's profiles, should work.
This is how I used to do in such situation.
1) create one form with hidden fields.
2) on click the link I call javascript function
3) functions sets hidden value to the passed value.
4) submit form (post method)
5) use post array in the action page.
Page 1
<script lang='javascript'>
function showprofile(usrid)
{
doucment.getElementById('uid').value=usrid;
document.frm.submit();
}
</script>
<a href="javascript:showprofile('<?php echo $user?>')">click here</a>
<form action='profile.php' method=post id=frm name=frm>
<input type=hidden id=uid name=uid >
</form>
Page 2 (profile.php)
<?php
$userid=$_POST['uid];
echo $userid;
.
.
.
?>
I don't now what you are trying to do, but, how about doing it by ajax?
Although the above method will prevent userid from being displayed in the url, it will however remain visible in the html code, which can be viewed in browsers' 'view source' feature.
As I mentioned, do you really need to display the userid anyway? You could always encode or hash the id and then check it in the profiles page against all users. Although, I think that's over-egging the situation.
thanks for your replies. i have got one better method by using sessions.
i have got one doubt there too.
give some advice for that
I don't see how sessions will help with viewing another user's profile.
my aim by passing data via url was to keep track which user is logged in right now.
i had one doubt can i set $_SESSION to a vatiable like $_SESSION=$username;
and access it across pages.
Yes, once user has logged in, you keep them logged in with a session. I got confused as you mentioned profile.php in your first post and I assumed that you just needed to access the profile of some other member.
it is not quite working in my case though.
if i set $_SESSION to a fixed string then i can access across many pages
but if i set
$_SESSION=$username
i am not able to access it in linked page.
can you suggest any reason for the same.
after logging in, store the user id in session ($_SESSION['userid'] = "nchy13"). Access the session variable from any other page as long as the user is online.
whereever you want to use session, you must begin your code with
session_start();
Otherwise you can not access session values.
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.