开发者

$_GET $_POST URL overwrite issue PHP

问答 作者:

I'm working on a favoriting system for the members of my website and I'm having trouble sending my POST开发者_C百科 data. Basically what I want to happen, is for a member to go to the comic_profile page, click the "Add Favorite" icon, and have the page refresh and say that the comic has been favorited.

My URL is: http://www.talesstudio.com/comic_profile.php?comicid=3

My issue is that everytime I click the favorite icon, the URL turns into: http://www.talesstudio.com/comic_profile.php?addfav=Submit The page then throws the error "MISSING DATA TO RUN" because the comic id is not being re-captured.

Here's the favorite icon/form code:

 <?php echo "$comicname"; ?> <?php
$sql3 = mysql_query("SELECT * FROM Favorites WHERE comic_id='$comicid' AND user_id='$userid' LIMIT 1");
$count3 = mysql_num_rows($sql3);
if ($count3 < 1) {
    echo '<form action="comic_profile.php?comicid='.$comicid.'&" method="GET">
<input type="button" name="addfav" src="images/addfav.png"></form>';

} else{
    echo 'imagefile';
}

$comicid = ereg_replace("[^0-9]", "", $_GET['comicid']); // filter everything but numbers for security
if ($comicid == "") {
    echo "Added to your favorites.";
    exit();
}

And my SQL/POST code:

 if( isset($_POST["addfav"]))
  { $sqlfav = mysql_query("INSERT INTO Favorites (user_id, comic_id) VALUES ('$userid','$comicid')");     
     exit();
  }

I'm probably doing something something simple and stupid that I just can't see. Any thoughts?

Set your add favorite form's method to POST (per your isset()). That should do it.

You should change your form to method="POST". This will send the form data in post body which will not cause the Query string in the URL to change.

Also, if you are modifying data on the server, you should never use a GET query. The usual reason for this is that GET queries are often run be robots/search engines, which in this case could cause a heap of favourites being added to your database. While I realise this shouldn't happen because the user needs to be logged in (presumably?), it is still bad practice - use POST.

继续阅读:formsphp

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9