stackoom
  简体   繁体   中英

php pass and get parameter

 原文  2014-04-02 07:20:51       php/ parameter-passing

Question

<?php $daerah_ejen1 = "$_GET[daerah_ejen]";
$kumpulan_ejen1 ="$_GET[kumpulan_ejen]";

echo $daerah_ejen1;
echo $kumpulan_ejen1;
echo $kumpulan_ejen;

$sql= "SELECT * FROM data_ejen WHERE daerah_ejen= '$daerah_ejen1' AND kumpulan_ejen='Ketua Kampung' ORDER BY nama_ejen";
$result = mysql_query($sql) or @error_die("Query failed : $sql " . mysql_error());
?>

my url

laporan_kk_detail.php?daerah_ejen=HULU+LANGAT&kumpulan_ejen=Ketua Kampung

for output daerah_ejen variable has display, but for kumpulan_ejen / kumpulan_ejen1 is not display.

i dont know where the problem

5 answers

solution1
 3  2014-04-02 07:24:15

your quotes accessing $_GET variable is invalid. try this

<?php 
  $daerah_ejen1 = $_GET["daerah_ejen"];
  $kumpulan_ejen1 =$_GET["kumpulan_ejen"];

and you should read something about security, because you can pass malicous code to your script!

edit:// you can have a look on this thread https://stackoverflow.com/questions/19539692/sanitizing-user-input-php

solution2
 3  2014-04-02 07:25:19

you are converting get values in string using double quotes so remove and try

$daerah_ejen1 = $_GET['daerah_ejen'];
$kumpulan_ejen1 =$_GET['kumpulan_ejen'];

also use mysql_real_escape_string() for prevent sql injection.

solution3
 0  2014-04-02 07:28:35

If you need to put the $_GET['name'] in double quotes, wrap it in {} brackets.

eg

$kumpulan_ejen1 ="{$_GET['kumpulan_ejen']}";

Also, as dbh pointed out, you only have $kumpulan_ejen1 , not kumpulan_ejen .

solution4
 0  2014-04-02 07:30:43

  1. The quotes go around the parameter name. This is because $_GET[] is an associative array and its values are referenced using a string key

    $daerah_ejen1 = $_GET['daerah_ejen'];

    $kumpulan_ejen1 =$_GET['kumpulan_ejen'];

  2. Always sanitize your parameter values before using them in a query to protect yourself against SQL injection.

    $daerah_ejen1 = mysqli::real_escape_string($daerah_ejen1)

solution5
 0  2014-04-02 07:31:58

You face 2 problem on your code :

1st is :

$daerah_ejen1 = "$_GET[daerah_ejen]";
$kumpulan_ejen1 ="$_GET[kumpulan_ejen]";

replace it by this :

 $daerah_ejen1 = $_REQUEST['daerah_ejen'];
$kumpulan_ejen1 =$_REQUEST['kumpulan_ejen'];

2nd is :

$sql= "SELECT * FROM data_ejen WHERE daerah_ejen= '$daerah_ejen1' AND kumpulan_ejen='Ketua Kampung' ORDER BY nama_ejen";

replace it by this :

$sql= "SELECT * FROM data_ejen WHERE daerah_ejen= '".$daerah_ejen1. "' AND kumpulan_ejen='Ketua Kampung' ORDER BY nama_ejen";

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Pass text with special characters as get parameter in php PHP: Is it ok to pass $_GET as a parameter of a constructor? php:pass image as a parameter in get url AJAX GET Url Parameter and pass to PHP Through URL pass parameter to php, but php doesn't get it, Why? Pass PHP Class as Parameter php pass parameter issue php pass parameter in url Pass a function as parameter in PHP Using HTML textfield to pass a GET parameter to PHP file
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM