WordPress.org

Ready to get started?Download WordPress

Forums

Passing $_GET data to a query (5 posts)

  1. thebindlestick
    Member
    Posted 7 years ago #

    Just like it sounds, I have a script passing a user name to the next page using the header redirect;

    http://www.mydomain.com?id=$user_id

    So what is the syntax to get that variable into a query string like;

    "(SELECT firstname, lastname, email from tablename WHERE id = '$_GET[id]')";

    I tried it just like that and no dice. Dos it need echo'd or placed into another variable first?

  2. rjregenold
    Member
    Posted 7 years ago #

    try this:

    "(SELECT firstname, lastname, email from tablename WHERE id = '{$_GET['id']}'";

    or

    $userid = $_GET['id'];
    "(SELECT firstname, lastname, email from tablename WHERE id = '{$userid}'";

    hope that helps.

    rj

  3. pizdin_dim
    Member
    Posted 7 years ago #

    Rjregenold's second example is better, with a slight modification:

    Instead of $userid = $_GET['id']; you should be using $userid = (isset($_GET['id'])) ? $_GET['id'] : '';

    With that approach, you won't get an error if "id" is not set.

  4. rjregenold
    Member
    Posted 7 years ago #

    That's very helpful. Thanks. I'm just learning PHP. ;)

  5. polyxena
    Member
    Posted 7 years ago #

    Caution! - pizdin_dim's method is the correct way to go but you should never put $userid or $_GET[anything] straight into a database query without checking it first. If it should be a numeric string, then check the string contains only numbers, if it should be a string, strip out tags and any unacceptable special characters. Read up about SQL injection attacks...

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.