从URL获取值php获取方法[关闭]

http://sath3g.altervista.org/jsonint.html?id=5678

I have to take the value of id with php. I tried in this way but it doesn't work.

<html>
<head>
</head>
<body>
  <?php
    $variabile_get = $_GET['id']; 
    echo( $variabile_get);
  ?>
</body>
</html>

I don't see nothing. Someone can help me????

If you want to print variable value in HTML you should always use escape function as for example htmlspecialchars to prevent attack on your site so the code should be:

   <html>
    <head>
    </head>
    <body>
      <?php
        $variabile_get = $_GET['id']; 
        echo htmlspecialchars($variabile_get);  
      ?>
    </body>
    </html>

Of course if you expect that id is int you could also change lines:

        $variabile_get = $_GET['id']; 
        echo htmlspecialchars($variabile_get);

to

        $variabile_get = intval($_GET['id']); 
        echo $variabile_get;

use this

jsonint.html it should be .php file not like .html

   <html>
    <head>
    </head>
    <body>
      <?php
        $variabile_get = $_GET['id']; 
        echo $variabile_get;  //your wrong code here
      ?>
    </body>
    </html>

change http://sath3g.altervista.org/jsonint.html?id=5678 to http://sath3g.altervista.org/jsonint.php?id=5678

use the following code

<html>
<head>
</head>
<body>
<?php
$variabile_get = $_GET['id']; 
echo $variabile_get;
?>
</body>
</html>

Change the .html extension of the file to .php. PHP won't process a file that's not identified as a PHP file.

The problem is not in your code, you just use the wrong file extension, change it to .php. Also, you must prevent your site from attacks like XSS by filter the data you received from the user, just use the htmlspecialchars() function, It works by changing the problematic character to html display character. and dont forget to check if the value of $_GET['id'] is a number. use intval() for that.

Example

When the user enter in the data field the character ">", he can apply the tag <script> and do dangerous things. We DONT want him to do that, so we will apply htmlspecialchars() on the received data and the output will be &lt; , the browser will still display the ">" character.

Bypassing

The user can bypass this function by using different multi-byte encoding, so we need to use the ENT_QUOTES option, like this:

   echo htmlspecialchars($input, ENT_QUOTES);