简体   繁体   中英

id passing between 2 pages in PHP

I've been working on a way to get a variable passed from one page to another. It's for my exam and I need help with it as my teacher said I could use the internet for help. This link that I've created to pass the variable isn't working as the student id or email is suppose to be passed into the link. This is the relative code:

echo "<table border=1><th colspan=7>Placed Orders</th></tr><tr><td>Student ID or Email</td><td>Name</td><td>Phone Number</td><td>Room Number</td><td>Order</td><td>Approval</td><td>&nbsp;</td></tr>";
while ($row=mysql_fetch_array($result)) {
    $id = $row["StudentIDorEmail"];
    $name = $row["Name"];
    $phone = $row["Phone"];
    $roomnumber = $row["RoomNumber"];
    $order = $row["Orders"];
    $approval = $row["Approved"];
    echo "<tr><td align='center'>" . $id . "</td><td align='center'>" . $name . "</td><td align='center'>" . $phone . "</td><td align='center'>" . $roomnumber . "</td><td align='center'>" . $order . "</td><td align='center'>" . $approval . "</td><td align='center'><a href='approve.php?id=".$id."'>Fill Order</a></td></tr>";
}
echo "</table>";

I'm trying to pass the variable to the approve.php page so that I can make that row get set to 1 and then when it changes to one, it gets deleted from the database. It's been causing me to keep erroring and I don't know what is wrong. Here is the other part of relative code for the page that it's suppose to be passed to and from:

$id = $_GET["StudentIDorEmail"];
$query = "UPDATE tracker WHERE StudentIDorEmail=$id";
if (mysql_query($query, $con)) {
$query1 = "DELETE FROM tracker WHERE Approved=1";
if(mysql_query($query1, $con)) {
    echo "Order was filled successfully!";
} else {
    echo "Error: " . mysql_error();
}

}

Please help because this is the requirements for my exam and I've almost finished it.

Your link is 'approve.php?id=".$id."'

This means you need to access $_GET['id'] , not $_GET['StudentIDorEmail'] .

For future reference, try var_dump($_GET) to see what variables are there.

EDIT: You should learn about SQL injection.

XKCD

In this case, you can use $id = intval($_GET['id']) to ensure you only get numbers.

This is really easy,

<a href='approve.php?id=".$id."'>

Change this to:

<a href='approve.php?StudentIDorEmail=".$id."'>

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM