i am new to php, but im trying. i need you guys help. i have the following url in the browser address bar www.dome.com\mypage.php?stu=12234342 i am trying to pass the url from the main page to the select case page call select.php if i should echo the url i get www.dome.com\select.php. so i have decided to echo $_SERVER['HTTP_REFERER'] instead, this gives me the correct url. how can i echo the variable from www.dome.com\mypage.php?stu=12234342 (12234342) unto select.php. select.php contains code that needs the $var stu=12234342 in order to display the correct message.
$request_url=$_SERVER['HTTP_REFERER'] ; // takes the url from the browers echo $request_url;
$cOption = $_GET['id'];
switch($cOption) {
case 1:
echo ' some text';
break;
case 2:
echo ' this page.php';
break;
case 3:
echo 'got it';
break;
default:
echo 'Whoops, didn\'t understand that option: <i>'.$cOption.'</i>';
}
?>
try
echo $_GET['stu'];
on select.php
That's why you need to call the select.php file like this: www.dome.com/select.php?stu=12234342
and then you can add:
echo $_GET['stu'];
By the way, you need to research about XSS, because that's a huge vulnerability.
You may use parse_url() and parse_string() to grab the variable from a url:
<?php
//assuming www.dome.com/mypage.php?stu=12234342;
$url=$_SERVER['HTTP_REFERER'];
//parse the url to get the query_string-part
$parsed_url=parse_url($url);
//create variables from the query_string
parse_str($parsed_url['query'], $unsafe_vars);
//use the variables
echo $unsafe_vars['stu'];//outputs 12234342
?>
But note: you can't rely on the availability of HTTP_REFERER.