$_GET $_POST URL overwrite issue PHP
I'm working on a favoriting system for the members of my website and I'm having trouble sending my POST开发者_C百科 data. Basically what I want to happen, is for a member to go to the comic_profile page, click the "Add Favorite" icon, and have the page refresh and say that the comic has been favorited.
My URL is: http://www.talesstudio.com/comic_profile.php?comicid=3
My issue is that everytime I click the favorite icon, the URL turns into: http://www.talesstudio.com/comic_profile.php?addfav=Submit The page then throws the error "MISSING DATA TO RUN" because the comic id is not being re-captured.
Here's the favorite icon/form code:
<?php echo "$comicname"; ?> <?php
$sql3 = mysql_query("SELECT * FROM Favorites WHERE comic_id='$comicid' AND user_id='$userid' LIMIT 1");
$count3 = mysql_num_rows($sql3);
if ($count3 < 1) {
echo '<form action="comic_profile.php?comicid='.$comicid.'&" method="GET">
<input type="button" name="addfav" src="images/addfav.png"></form>';
} else{
echo 'imagefile';
}
$comicid = ereg_replace("[^0-9]", "", $_GET['comicid']); // filter everything but numbers for security
if ($comicid == "") {
echo "Added to your favorites.";
exit();
}
And my SQL/POST code:
if( isset($_POST["addfav"]))
{ $sqlfav = mysql_query("INSERT INTO Favorites (user_id, comic_id) VALUES ('$userid','$comicid')");
exit();
}
I'm probably doing something something simple and stupid that I just can't see. Any thoughts?
Set your add favorite form's method to POST (per your isset()). That should do it.
You should change your form to method="POST"
. This will send the form data in post body which will not cause the Query string in the URL to change.
Also, if you are modifying data on the server, you should never use a GET query. The usual reason for this is that GET queries are often run be robots/search engines, which in this case could cause a heap of favourites being added to your database. While I realise this shouldn't happen because the user needs to be logged in (presumably?), it is still bad practice - use POST.
精彩评论