Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

PHP

Jackie Jen
Jackie Jen
2,723 Points
Posted by Jackie Jen
Jackie Jen
2,723 Points

How to get the URL path

PHP language

I'm using localhost xampp and i able to send email and include a link for user to click when they checking the email. But the the link is fixed that direct user to a page that does not contain information.

The situation i face as below: 1) when user key in the information on a php form and send email to the receiver. when receiver click the link when checking email it will redirect the receiver to the form that user key in. But then the information does not show. 2) I'm using method=post and i try method=get the url path is different method(post) url path = http://localhost/deliver/response_page.php method(get) url path =http://localhost/deliver/response_page.php?text_name=&status=all&status=+&pick_up_date=&deliver_date=&status1=%23c5c5c5&status2=%23c5c5c5&status3=%23c5c5c5&request_response4=Response&status4=%23c5c5c5&status5=%23c5c5c5 3) is that secure if i use method=get ? 4) How can i get the url path any idea or link for me to learn as i have no idea where to start from?

3 Answers

Andreas cormack
seal-mask
.a{fill-rule:evenodd;}techdegree seal-36
Andreas cormack
Python Web Development Techdegree Graduate 33,011 Points
Andreas cormack
.a{fill-rule:evenodd;}techdegree seal-36
Andreas cormack
Python Web Development Techdegree Graduate 33,011 Points

Hi Kenny

I have done this sort of thing before where if a user has forgotten his login credentials. All i did was retrieve his userid and append it to the link and put that link in an email. forexample if there id was 10 which comes from the database my link would look like this ./mydomainname/forgotten.php?uid=10.

so when the user gets the email he clicks on the link and it redirects him to the above location.

and on that page i do the following.

<?php

if(isset($_GET["uid"])){
  $userid= intval($_GET["uid"]);
  // i then use this id to update the database with the updated credentials where the userid =10.
}


?>
In terms of it being secure long as you cleanse input and escape output you should be ok. as you can see I am converting the value to an integer
hope this helps
Jackie Jen
Jackie Jen
2,723 Points
Jackie Jen
Jackie Jen
2,723 Points

Thanks Andreas. Really appreciate your help. for your case u need information from uid to display the page. If let said i need status, text_name, pick_up_date those information to properly display the page. so i need to append those information in my url path? example http://localhost/deliver/response_page.php? text_name=kenny&status=accept&pick_up_date=13/08/2014

Am i right?

Andreas cormack
seal-mask
.a{fill-rule:evenodd;}techdegree seal-36
Andreas cormack
Python Web Development Techdegree Graduate 33,011 Points
Andreas cormack
.a{fill-rule:evenodd;}techdegree seal-36
Andreas cormack
Python Web Development Techdegree Graduate 33,011 Points

I have not tried passing multiple get variables in a link but i cannot see why it wont work. Just grab the get variables than do a check to see they are all set. Let us know how you get on if it doesn't work I shall then try it myself. so for my code below the link should look like this http://localhost/deliver/response_page.php? text_name=kenny&status=accept&pick_up_date=13/08/2014

<?php
if(isset($_GET["text_name"]) and isset($_GET["status"]) and isset($_GET["pick_up_date"]))
   {
      echo "Text_name is : ".$_GET["text_name"]);
     echo "status is : ".$_GET["status"]);
     echo "pick up date : ".$_GET["pick_up_date"]);
  }
?>

depends on how your logic works you might not have to check all the variables.

Jackie Jen
Jackie Jen
2,723 Points
Jackie Jen
Jackie Jen
2,723 Points

Thanks Andreas, I will update you whether it works or not. Cheer

Josh Torres
Josh Torres
8,945 Points
Josh Torres
Josh Torres
8,945 Points

Hello Kenny,

Here is a good link on the difference between the GET and POST methods: http://www.w3schools.com/tags/ref_httpmethods.asp

As for a form, you are usually going to want to use the POST method because it does not show the variables in the URL. The GET method is mainly used for pages that you want the user to be able to bookmark in their browser, such as a search result that they may want to go back to later. For information that you are trying to send or store, you are most likely going to want to use the POST method to hide the variables that are being sent, otherwise the user can simply resend the form with new variables by changing the URL values. With a simple email form, the security isn't that big of a deal, but it is still best practice to use the POST method for everything, unless you need the full request to be in the URL.

Here is another good link on using the two methods with PHP: http://www.w3schools.com/php/php_forms.asp

Some highlights: Note: GET should NEVER be used for sending passwords or other sensitive information!

Note: POST method is invisible to others (all names/values are embedded within the body of the HTTP request) and has no limits on the amount of information to send.

When you use the POST or GET method, the input fields name value in your form will be stored in the $_GET[ ] or $_POST[ ] arrays. For example:

<form action="form.php" method="post">
Email: <input type="text" name="email"/>
<input type="submit" />
</form>


<?php
// Form.php file
// store email variable via POST method
$email = $_POST["email"];
?>