-1

this is an url example : http://search.yahoo.com/bin/search?p=computers (it is only an example for specification and clarification)

in this url , the method used to submit data is get . After the question mark , there is one parameter . In this parameter , there is a variable called "p" and a value called " computers". If you change the value of p , like for example cars or horses or food instead of computers , the value will be processed in the search file and the server will give you back the data according to the value you submit through the query string in the url. But when I change the variable p to any other word like for example c file or page and try to submit again the value
like that :

http://search.yahoo.com/bin/search?page=computers
or

http://search.yahoo.com/bin/search?c=computers

the server fails to give me back the specified request and instead it turn me back to the search page , some other websites give me an error , in other websites the page stayed the same and does not change

so my question is : why , generally, when we change the variable , in some cases and in some other websites , the page does not change???????

why when we change the variable , in some cases , give an error ???????

why when we change the variable , in some cases like our example , it takes us to search page ???????

I need answers to these questions , one by one and with some explanation please

4
Contributors
18
Replies
49
Views
3 Years
Discussion Span
Last Post by Tpojka
0

What is possible gain with answers to those questions?

Same thing is if you were asking:

"When I type goolge.com, sometimes it redirects me to google, but sometimes if I type gollgge it redirects me to error server page. Explanation why is that, please."

I think it is pretty irrelevant until we don't know what is purposes of answers. Can you explain what do you expect of answers, letting someone would think about questions?

0

I need answers to these questions , one by one and with some explanation please

Don't dictate.

Do some research on url querystring key-values - then you'll see why. If the key is valid, then you may be in luck.

0

A key should not be changed as your code depends on the provided key.
Its the value that changes.

0

What is possible gain with answers to those questions?

it does not concern you , I did not ask your help

if you understood the question very well you would not post this nonsense :

"Same thing is if you were asking:". It is not the same thing and you did not understand one word of all what I wrote

I will be grateful if you do not write to me anymore ok? I do not want you , tpojka, to reply to my posts. You are free to answer others but not me.

0

Now now children, play nicely. :)

@strongard63

This is an open forum and all are allowed to contribute. Your question although of importance to you is also important to other users with a similar query. Therefore you do not 'own' the thread and cannot dictate who should be allowed to answer. If however you believe that a post does not adhere to Daniweb's Rules, then please 'Flag it as a Bad Post'.

I have my opinions about the quality of your thread-starting post and tpojka's reply - but I don't think that either should be censured.

-1

Don't dictate.

first , I wrote "please"
second I have no interest to "dicatate" or " to give an order" or " to dominate or " or or or. You should refrain to use this type of vocabulary with me . Do you have some complexes of inferiority so that you answer me like that "Don't dictate."!!!!? . If you do not like my message , you simply do not write to me . It is simple and sincere.

"Do some research on url querystring key-values - then you'll see why."

should I understand this as an indirectly saying:" go the hell out of the site we do not owe you an answer , if you want answer then search yourself" If so , then save your breath , I no need your "Do". We know each other? you come to me I did not come to you

finally , seeing this :
"Do some research on url querystring key-values - then you'll see why. If the key is valid, then you may be in luck." I do not blame you because , seeing what you wrote it becomes clear to me that it is a message of a newbie

"Do some research" why do you think I post my answer in this forum!!!!!!? because I did not find something that can help me. You do not find all in the Internet because some is sponsored , some is not accessible and because the internet is an immense and gigantic area

"If the key is valid, then you may be in luck"

I do not believe in luck , there is no luck in computer science .
"the key is valid" what ? the password? or the username? do you see the light? do you know how to write in keyboard????

-2

"A key should not be changed as your code depends on the provided key.
Its the value that changes."

thank you , but what you wrote is known for a kid of 3 year and is outclassed.

the problem that a lot of people do not understand the real meaning of the question and they let their emotions interfere with the objective , instructive way of replying

0

you are the moderator , too as I see
keep in your mind that if you want your site to be sucessful , you should respect users that come to your site , a moderator should be a model to others not dismissing them and expelling them and for what? because of a fault of yours. You are responsible for misunderstanding my question not me . After seeing what you wrote to me I have no pleasure in site , feel free to ban me . There are other sites that are more interesting than yours
I never regret one damn question I asked in this forum and I never regret one damn word I wrote , now. I do believe that are many genious in this site like "ddanbe" whose answers are wise but I do believe that there are others who are ignorant and because of their ignorance they become agressive and throw heavy stuff on others like this " What is possible gain with answers to those questions?

Same thing is if you were asking:"

Don't dictate.

"Do some research on url querystring key-values - then you'll see why. If the key is valid, then you may be in luck."

totally bullshit

0

We have coffee addicter here? Which reminds me to make one to myself too. :)
Despite the fact that OP language and tone is out bounderies of some standard codex of behavior, I will try to offer another explanation.
Again, it is something like you ask "Why this programmer call variable $q and not $p? Why???!!!"
All written sounds exactly like that. And now I will recapitulate other things in post.
No matter diafol is being moderator or editor on forums, but I have noticed enormous help he (by avatar) provided in so many quality posts on various topics here. Maybe there is even more, but I am only here on PHP subforum.

Kind regards,

0

"it is something like you ask "Why this programmer call variable $q and not $p? Why???!!!

no I did not ask so , I said why when we change the variable of query string from ?p=computers to ?page=computers the server gives a different page , a different content or an error???? there should be an explanation why??? but as you ignore the answer , you classify the question as trivial and nonsensical.

And those who were seen dancing were thought to be insane by those who could not hear the music

0

Dear strongard63, I think your that your reply is disproportionate to the comments made. In case I have caused any offence, I shall try to explain my comments:

Don't dictate.

This was in response to your 'one by one' comment, which I took to be a bit forward. I realise that English may not be your first language and that linguistic nuances sometimes cause some issues. I apologise if I misconstrued this.

Do some research on url querystring key-values - then you'll see why.

This was an attempt to get you to research this topic by giving you the term - 'key-value'. No more no less.

If the key is valid, then you may be in luck

This was supposed to mean that if the 'key' was a valid 'key' - something that the php code could pick up, e.g. $_GET['p'] or $_GET['c'] - then you'd probably get some action taking place. If the php code did not have say a
$_GET['comp'],then having www.example.com?comp=3546 would result in no action taking place. That is the extent of the "then you may be in luck" statement.

I will reiterate that none of my comments were meant to cause offence.

My second post was simply a response (with my moderator hat on) to try to explain not just to you, but to others, that all members are allowed to respond to all threads, as long as they adhere to our house rules. Again this was not meant to cause offence nor was it an attempt to belittle you.

You are responsible for misunderstanding my question not me

Quite, but I do not believe I did. I may just not have provided the "answer on a plate" that you were expecting.

In reply to your personal remarks about my conduct as a moderator and member, I'll refer you to my profile page - look at my stats, comments and votes. I don't always get it right and indeed as we're all human, I too make mistakes.

After seeing what you wrote to me I have no pleasure in site , feel free to ban me . There are other sites that are more interesting than yours

I'm very sorry you feel that way, but rest assured nobody has any reason to ban you - I don't think that was even mentioned in this thread. And, yes I believe you, some find other sites more interesting than Daniweb, which, by the way, is not my site. I have the honour of moderating the forums - that's all.

Please feel free to PM me if you so wish.

Edited by diafol

0

It is pointless to use more than one question mark in sentence, right?

if (isset($_GET['p']) && $_GET['p'] !== '')
{
    // search DBs by parameters
    if (is_found($_GET['p']))//function where queries are
    {
        display_it();// self-explanatory
    }
} // next line meaning you have no 'p' argument in url I.E.
else redirect('404');//in this case something like redirect('search');

If you have ever been programming search page it should be very logical code.
What is the part that you can't understand in this code logic?
Also, would be nice to see the examples of other sites/searches/(non-)results beside yahoo mentioned in first post.

-1

ok , now , your answer is instructive and logical
but I what if ,when we change the 'P' argument, instead of giving an 404 redirect , the site does not change . What does this mean??????

0

I said it and I say it again daniweb is an interesting and instructive site . But when I felt offended ,and as I am a person who says the word in the face and hate hypocrisy, I responded with seriousness and sincerity. As I had some bad experiences concerning "forum" in some other , in the past , sites so It becomes clear to me that I will get banned this is why I said I lost the pleasure in this site. But I regret nothing
anyway , nothing happens and you are the welcome.
this is the first part

0

first of all , I am new to computer science and , I said it before , I am like a sailor in an agitated , deep vast sea , from all the directions I see only the sky and the sea . This metaphoric to say that I never had any support in computer science. I did not even study it at university or something similar .

second , I said you misunderstand my question you and tpojka because my question belongs to the field of hacking and is not an ordinary question but I made it a little impilicit because some websites consider asking about hacking is forbidden. In Local File Inclusion or Remote File Inclusion and more importantly , SQL injection , when you change the variable of the query string , you get either an error or some error disappear . This can be seen as a vulnerability that can be exploited . In some websites when you click a link or a button to submit data , they say " access denied" but once you change the variable in the query string , the "access denied" disappear from the page . This is a vulnerability. But I do not know exactly why the error disappears.

this was of my question. But Tpojka wrote:"Same thing is if you were asking:" absolutely not

0

second , I said you misunderstand my question you and tpojka because my question belongs to the field of hacking and is not an ordinary question but I made it a little impilicit because some websites consider asking about hacking is forbidden

Your question as asked, was answered reasonably. If you have a hidden agenda for asking that question, then we would be unaware of that and it's not up to us to second guess your intentions.

The question as asked has nothing to do with hacking. If you want to ask about "url querystring and security", fine, no problem - this info is freely available all over the internet.

This can be seen as a vulnerability that can be exploited . In some websites when you click a link or a button to submit data , they say " access denied" but once you change the variable in the query string , the "access denied" disappear from the page . This is a vulnerability.

Not really. Most pages will ignore a nonsense querystring. Some sites may depend on querystrings (or a rewritten url) for their "routing" - e.g. the loading of certain files and the running of a function. It is possible that it's these "routing urls" that result in your 404s.

this was of my question. But Tpojka wrote:"Same thing is if you were asking:" absolutely not

With respect, strongard63, I don't think that your original question was that clear. But, Tpojka, to his credit proceeded to help you again. I suggest that we stop with the "he said that he said that she said" and concentrate on the information that you need.

What is it exactly that you want to know - in plain-speak please. If you're looking to hack somebody's site, then I suggest you try another site which allows those types of questions, otherwise, ask away :)

0

/diafol/ -I suggest that we stop with the "he said that he said that she said" and concentrate on the information that you need.

So right. But people earn about $40/h and should be respectfull demands to those who want to help for free. I am trying to help on forums, almost never ask questions because I know how to use search queries on google or forums or sof and taking my stay on community sites for learning more while helping others.

Insert coin. Continue.

/strongard63/ -so my question is : why , generally, when we change the variable , in some cases and in some other websites , the page does not change?

We are still waiting examples of websites
that keep search results after changing url to non-valid one.
If that is owned website, code should be posted on inspection and eventually solving some vagueness.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.