0

Ok the issue I get is passing variables to dynamic pages
for example
page1 has a combobox with all states to used to search a database
for example:

<tr>
            	<center><form action="page2.php" method="post" name="statesearch" id="statesearch" >
        		<td><div align="right">State</div></td>
                <td width="25%" align="center"><select name="state" onchange="statesearch.submit();">
                	<option value="" selected></option>
                    <option value="AL">Alabama</option>
                    <option value="AK">Alaska</option>
                    <option value="AS">Arizona</option>
                    <option value="AR">Arkansas</option>
                    <option value="CA">California</option>
                    <option value="CO">Colorado</option>
                    <option value="CT">Connecticut</option>
                    <option value="DC">District of Columbia</option>
                    <option value="DE">Delaware</option>
                    <option value="FL">Florida</option>
                    <option value="GA">Georgia</option>
                    <option value="GU">Guam</option>
                    <option value="HI">Hawaii</option>
                    <option value="ID">Idaho</option>
                    <option value="IL">Illinois</option>
                    <option value="IN">Indiana</option>
                    <option value="IA">Iowa</option>
                    <option value="KS">Kansas</option>
                    <option value="KY">Kentucky</option>
                    <option value="LA">Louisana</option>
                    <option value="ME">Maine</option>
                    <option value="MD">Maryland</option>
                    <option value="MA">Massachusetts</option>
                    <option value="MI">Michigan</option>
                    <option value="MN">Minnesota</option>
                    <option value="MS">Mississippi</option>
                    <option value="MO">Missouri</option>
                    <option value="MT">Montana</option>
                    <option value="NE">Nebraska</option>
                    <option value="NV">Nevada</option>
                    <option value="NH">New Hampshire</option>
                    <option value="NJ">New Jersey</option>
                    <option value="NM">New Mexico</option>
                    <option value="NY">New York</option>
                    <option value="NC">North Carolina</option>
                    <option value="ND">North Dakota</option>
                    <option value="OH">Ohio</option>
                    <option value="OK">Oklahoma</option>
                    <option value="OR">Oregon</option>
                    <option value="PA">Pennsylvania</option>
                    <option value="PR">Puerto Rico</option>
                    <option value="RI">Rhode Island</option>
                    <option value="SC">South Carolina</option>
                    <option value="SD">South Dakota</option>
                    <option value="TN">Tennessee</option>
                    <option value="TX">Texas</option>
                    <option value="UT">Utah</option>
                    <option value="VT">Vermont</option>
                    <option value="VI">Virgin Islands</option>
                    <option value="VA">Virginia</option>
                    <option value="WA">Washington</option>
                    <option value="WV">West Virginia</option>
                    <option value="WI">Wisconsin</option>
                    <option value="WY">Wyoming</option>
            	</select></td>
                <td><div align="left">
                	<input name="doSearch" type="submit" id="doSearch" value="Search">
                </div></td>
          	</form></center>
       	</tr>

the page2 includes pagination to create dynamic pages such as page2.php?page=2

<?php

/* DB Connection */
include 'dbcp.php';

/* For the pagination */
if (isset($_GET["page"])) { $page  = $_GET["page"]; } else { $page=1; }; 
$start_from = ($page-1) * 20;

/* Getting the search variable */
$state=$_POST['state'];

/* MySQL Query */
$result = mysql_query("SELECT `id`,`lastname`,`firstname`,`name`,`waddress`,`wphone`,`state2`,`district3` FROM congress WHERE state2='$state' ORDER BY district3 ASC LIMIT $start_from, 20") or die (mysql_error()); 
$num = mysql_num_rows($result);

/* For the pagination */
$rs_result = mysql_query("SELECT COUNT(Name) FROM congress WHERE state2='$state'") or die (mysql_error());
$row = mysql_fetch_row($rs_result); 
$total_records = $row[0]; 
$total_pages = ceil($total_records / 20);

?>
<html>
<head></head>
<body>
<div class="textbox1">
    	<p align="center"><h2><?php echo $state; ?></h2></p>
        <div class="textbox3">
		  <div align="right">
		    Page
			<?php
			/* For the pagination setting up the links to the different pages */
			for ($j=1; $j<=$total_pages; $j++) { 
            	if ($j==$page)
				echo "<a href='page2.php?page=".$j."'><u>".$j."</u></a> ";
				else
				echo "<a href='page2.php?page=".$j."'>".$j."</a> ";
			};
			?>
	      </div>
    	</div>
      <table align="center" width="75%">
		<?php
			/* Breaking apart and displaying the Query results */
			$i=0;
			while ($i < $num) {

				$id=mysql_result($result,$i,"id");
				$name=mysql_result($result,$i,"name");
				$state=mysql_result($result,$i,"state2");
				$district=mysql_result($result,$i,"district3");
				$waddress=mysql_result($result,$i,"waddress");
				$wphone=mysql_result($result,$i,"wphone");
		?>
		
        	<tr>
					<td rowspan="3"><img src="photo/congress/<?php echo $id; ?>-50px.jpeg" /></td>
                	<tr>
                    	<td><font face="Arial, Helvetica, sans-serif"><?php echo $name; ?></font></td>
            			<td><font face="Arial, Helvetica, sans-serif">State: <?php echo $state; ?>&nbsp;&nbsp;&nbsp;&nbsp; District: <?php echo $district; ?></font></td>
                    </tr>
                    <tr>
						<td><font face="Arial, Helvetica, sans-serif"><?php echo $waddress; ?><br />Washington, DC 20515</font></td>
						<td><font face="Arial, Helvetica, sans-serif"><?php echo $wphone; ?></font></td>
                    </tr>
                <td colspan="3">&nbsp;</td>
			</tr>
        
		<?php	
				$i++;
			}
		?>
        </table>	
  	    <div class="textbox3">
		  <div align="right">
		    Page
			<?php
			/* For the pagination setting up the links to the different pages */
			for ($j=1; $j<=$total_pages; $j++) { 
            	if ($j==$page)
				echo "<a href='page2.php?page=".$j."'><u>".$j."</u></a> ";
				else
				echo "<a href='page2.php?page=".$j."'>".$j."</a> ";
			};
			?>
	      </div>
    	</div>
	</div>
<!--reposting the state variable hidden-->
<form action="page2.php" method="post">
	<input name="state" type="hidden" value="<?php echo $state; ?>" />
</form>
</body>
</html>

the problem seems to be passing the variable to the dynamically created pages after the first search

page2.php sees the variable and produces the results fine however click on others page2.php?page=2 for example it looses the variable and returns nothing...
any thoughts on this would be great...
I did try using $_SESSION as a variable but was getting the same issue...

3
Contributors
3
Replies
6
Views
6 Years
Discussion Span
Last Post by karthik_ppts
0

I was under the impression that $_SERVER is a security issue leaving oneself open to XSS attacks.

0

I was under the impression that $_SERVER is a security issue leaving oneself open to XSS attacks.

PHP_SELF exploits can be avoided by using the htmlentities() function. For example, the form code should be like this to avoid the PHP_SELF exploits:

<form name="test" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post">

The htmlentities() function encodes the HTML entities. Now if the user tries to exploit the PHP_SELF variable, the attempt will fail and the result of entering malicious code in URL will result in the following output:

<form name="test" method="post"
action="form-action.php/&quot;&gt;&lt;script&gt;alert('xss')&
lt;/script&gt;&lt;foo">

As you can see, the script part is now 'sanitized'.

So don't forget to convert every occurrence of "$_SERVER" into "htmlentities($_SERVER)" throughout your script.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.