0

So you would think that I could search up on Google and learn all about URL encoding from all the tutorials, but I have been left seriously confused, and extremely frustrated.

Here is what I need to do:

I need to make a html link that links to a php file. the link needs to carry over a variable to the php file. (for example: mysite.com/php_file.php?variable=22)

Then, in the php file, I need to say something like...

$variable = [Whatever 'variable' equals up there in the URL]

echo "Your variable is...".$variable;

Output:
Your variable is...22


But so far (even after hours of Google searches) I have absolutely no clue whatsoever on how to make this work. I have tried many different tests, but none have worked.

Can someone please help explain this to me? I know it can be done, and thats why it's so frustrating. Thank you so much in advance! :)

Edited by mybluehair: n/a

4
Contributors
6
Replies
7
Views
7 Years
Discussion Span
Last Post by mschroeder
0

No worries.
Remember to mark as solved if solved :)
otherwise is there anything else you you need help with?

0

None of what was explored here is url encoding. URL encoding means encoding characters that not safe to be passed in the url, for example a "/" or a "+". When you url encode a url you encode those in hex or decimal format. "/" => %2F => %47.

For example say you passed a directory path as a variable in the url:
domain.com/?secret=/home/user/secret/folder/

This would cause problems if you didn't encode the url. If you HAD to pass this in the url you could encode the "/"'s as:
domain.com/?secret=%2Fhome%2Fuser%2Fsecret%2Ffolder%2F

When you decoded the incoming url you would have a variable with the slashes restored.
Obviously, there are MAJOR security issues with passing a path in the url like this....but it is just illustrative.
More on url encoding: http://www.blooberry.com/indexdot/html/topics/urlencoding.htm

Additionally, if you're using variables from the URL they are accessed from the $_GET array. $_REQUEST should be avoided for this as it works its way down the list of $_GET $_POST etc till it finds an occurrence of what you want.

Being able to access: domain.com/?variable=purple as

<?php
echo $variable; //purple

Relies on a feature of php called "register globals" this was defaulted to OFF in php 4.2.0 DO NOT rely on this being enabled. As of php 5.3.0 this is depreciated. You can read all about it here: http://php.net/manual/en/security.globals.php

Edited by mschroeder: Updated to address register_globals

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.