freshwaterwest
asked on
$_GET not passing from form to php script on shared hosting
Hi, I have a form which passes values in the url (ie. ?brand_id=1 etc) to a php script which then uses the variables to point to an seo-friendly url/page
It worked perfectly on my local server and other live server but on my clients server in this case it doesn't work and I don't have access to the root (appears to be shared apache settings).
Register globals is set to on so I tried adding stripslashes but this hasn't worked
many thanks experts...
PS. I also tried it with $_POST and $_REQUEST too
It worked perfectly on my local server and other live server but on my clients server in this case it doesn't work and I don't have access to the root (appears to be shared apache settings).
Register globals is set to on so I tried adding stripslashes but this hasn't worked
many thanks experts...
PS. I also tried it with $_POST and $_REQUEST too
<?php
//take the posted search criteria and reformat into seo friendly url
$brand_id = mysql_real_escape_string(stripslashes($_GET['brand_id']));
//convert the model variables into a url
$model = mysql_real_escape_string(stripslashes($_GET['model']));
$modelnameurl = urlencode(strtolower($model));
$modelnameurl_dash = str_replace("+", "-", $modelnameurl);
$prices = mysql_real_escape_string(stripslashes($_GET['prices']));
if($brand_id == 1) {$thebrand = "brand-name-here";}
if($brand_id == 2) {$thebrand = "brand-name-here";}
if($brand_id == 3) {$thebrand = "brand-name-here";}
if($brand_id == 4) {$thebrand = "brand-name-here";}
if($brand_id == 6) {$thebrand = "brand-name-here";}
if($brand_id == 7) {$thebrand = "brand-name-here";}
if($brand_id == 8) {$thebrand = "brand-name-here";}
if($brand_id == 9) {$thebrand = "brand-name-here";}
if($_GET['model'] != '') {$themodelname = '/'.$modelnameurl_dash;};
if($_GET['prices'] != '') {$theprices = '/'.$prices;};
$my_uri = $thebrand.$themodelname.'/'.$brand_id.$theprices;
header( 'Location: /products/'.$my_uri.'' ) ;
exit;
?>
If register_globals is on you should be able to use $brand_id directly (http://www.php.net/manual/en/security.globals.php). Can you tell us what PHP version is running on this shared hosting package? Please not that stripslashes only has meaning when the magic quotes feature enabled.
ASKER
yes, php does work fine, it's just the variables are getting passed for some reason
I did a phpinfo which revealed the magic quotes being on
I did a phpinfo which revealed the magic quotes being on
Stored in session variable.
Because $_GET is First time load correctly.But if reload that same page,does not get $_GET variable
ex:
$_SESSION("brand_id")=$bra nd_id;
then load that page and get session variable and access the value.
But check the session variable when u cleared the cookies.
Because $_GET is First time load correctly.But if reload that same page,does not get $_GET variable
ex:
$_SESSION("brand_id")=$bra
then load that page and get session variable and access the value.
But check the session variable when u cleared the cookies.
ASKER
hi ashokhein -
so are you saying I can or need to use a session var to get around this?
just to clarify first page has a form which sends the url with variables to a php script (no html at this point). The script above then redirects to the page using the variables to create an seo-friendly url
hope that makes sense..
cheers
so are you saying I can or need to use a session var to get around this?
just to clarify first page has a form which sends the url with variables to a php script (no html at this point). The script above then redirects to the page using the variables to create an seo-friendly url
hope that makes sense..
cheers
Do you have a PHP version for us?
ASKER
hi davekok,
php is version 5. I was wrong magic quotes is actually off.. although I previously didn't have the stripslashes in anyway..
thanks
php is version 5. I was wrong magic quotes is actually off.. although I previously didn't have the stripslashes in anyway..
thanks
ASKER
PHP Version 5.2.14
If you are trying codes which were written for php4 than there is a chance it will not work
Simple thing to do is try some code example which is written for php5 plus and see how it respond
Well at least it is new enough so we don't have to consider $HTTP_GET_VARS. Can you dump the query string $_SERVER['QUERY_STRING'] to see if the something isn't blocking query string from getting past to PHP.
you can set the server setting in .htaccess file placed in the root directory of the server.
Sorry this one,.. You can set the PHP setting in the .htaccess file and place that in the root directory. It will work.
ASKER
hi davekok,
I've just done a test and dumped the query as you suggested - seems to be working fine:
string(59) "brand_id=1&model=model+na me&prices= price0&sub mit=Go"
this is exactly how I intended so no idea why my script above is not picking this up..?
thanks
I've just done a test and dumped the query as you suggested - seems to be working fine:
string(59) "brand_id=1&model=model+na
this is exactly how I intended so no idea why my script above is not picking this up..?
thanks
ASKER
I've taken out the mysql_real_escape_string in all cases and it's now working, no idea why this should be the case.. the input is from a drop down form so should I be concerned about sanitizing?
cheers
cheers
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
right I see, so if I included a connection this might work - I'll give it a try...
thanks
thanks
ASKER
spot on thanks - the connection was on the following page so I added it to the current and all worked perfectly with the orig code
many thanks
many thanks
<?php
phpinfo();
?>