So I am trying to work on securing a database that I use by using $_POST instead of $_GET.

Here is how I was origianally doing it:

while($data = mysql_fetch_array)
  echo '<a href="targetpage.php?id=' . $data['id'] . '">View</a>';

The page that it goes to has the code:

$id = $_GET['id'];
$sql = "SELECT * FROM tbl WHERE id =" . $id;

I was trying to get it go look like:

while($data = mysql_fetch_array)
  echo '<a href="targetpage.php">View</a>';
  echo '<input type="hidden" value="' . $data['id'] . '" name="' . $data['name'] . '">';

I can't figure out how to get the information the target page to get the id of the link that was clicked on. Since there is an array of people (30 of them), how do I get the correct id to show the information for that person?


If I understand what you are trying to do correctly, I think that you need two hidden variables with consistent names. For example:

echo "<input type=\"hidden\" value=\"".$data['id']."\" name=\"id\">";
echo "<input type=\"hidden\" value=\"".$data['name']."\" name=\"name\">";

You can then access them as id and name in the receiving program.

Be careful using single quotes since php doesn't do substitution for variables within single quotes.