Set session variable on <a> click

Question

I'm trying to make an <a> link which triggers PHP code on the next page. I've tried using $_GET variables to do this but the thing is I also want to remove the variable afterwards, as I automatically link back to the redirected page with header() . There don't seem to be any feasible ways to do this without redirecting the user to one page alone, but the thing is they're expected to be redirected to the page they were on previously. Keeping $_GET variables then cause an endless loop of redirects.

In general, I wish to avoid using $_GET as it could be abused in the context I'm using it in. Any other workarounds would be greatly appreciated, though. Basically I'm just trying to use an <a> link to remove an entry from a MySQL database.

Here's the PHP that handles the variable.

if (isset($_GET['rm'])) # 'rm' contains the uuid of the entry to be deleted.
{
    $uuid = $_GET['rm'];
    unset($_GET['rm']); # Didn't expect this to work, of course it didn't remove the variable from the URL.
    $query = "DELETE FROM posts WHERE uuid = '$uuid'";
    $result = $mysqli->query($query);
    header("Location: " . $_SERVER['REQUEST_URI']);
    exit();
}

EDIT: I realize now that I have wildly complicated my explanation here. The main goal was to make the click of an <a> link trigger PHP code, with a variable specific to the link clicked. (Each link is a delete button on a post, and each post has a UUID)

If there is a way to alternatively trigger javascript code, that would be immensely helpful as well, since I'm looking to use such a method here too. I will likely be making a separate thread asking about this.

Answer 1

You can use $_SESSION to delete the variable after for example

    if (isset($_SESSION['rm'])) # 'rm' contains the uuid of the entry to be deleted.
{
    $uuid = $_SESSION['rm'];
    unset($_SESSION['rm']); # Didn't expect this to work, of course it didn't remove the variable from the URL.
    $query = "DELETE FROM posts WHERE uuid = '$uuid'";
    $result = $mysqli->query($query);
    header("Location: " . $_SERVER['REQUEST_URI']);
    exit();
}

consider that you have register the value of the next shape.

$_SESSION['rm'] = "My value";

Answer 2

If your goal is to redirect to the current page but remove the query string, you can redirect to header("Location: ?"); which is essentially just that. (Technically you are redirecting to a new query string with no value which is different than no query string at all but php will just show an empty array for $_GET which is essentially the same)

I was going to mention additional options like variables from $_SERVER , but many of those have various security or other issues associated with them. I only mention this because I wouldn't suggest using any unless necessary. Also, it really doesn't get easier than the above.