How to fetch QueryString values without using GET?

My AJAX code is passing QueryString to a PHP file. The QueryString looks like this:

var strUrl = "./lib/filldropdown.php?DivName = " + DivName + "&DropDownControlName = " + DropDownName + "&SqlQuery = " + SqlQuery;

In the f开发者_运维问答ile "filldropdown.php", I want to fetch the values from the query string. How to do this without using GET? And also, please let me know whether the query string is written correctly or not.

You might be able to use $_REQUEST['...'], which will both respond to params sent via POST|GET.

Ummm. $_GET['DivName'] should be one piece of your data. Just to note

• Don't build the query string yourself. Build a JS array and use a javascript library (I recommend JQuery) to do the QS creation
• The = shouldn't have spaces
• Passing an SQLQuery in your params is A BAD IDEA. I will quickly hack your app, the second I see that. Look up little bobby tables.

Are you sure you're using $_GET and not $GET or something else. If it's really broken (which might be due to some sort of config issue, but I haven't heard of this happening before). $_REQUEST might work for you, or you can try to get the query string from $_SERVER['QUERY_STRING'], but you'll have to parse it yourself.

As Paul Tarjan pointed out in his question, the query string is not correct nor is safe to pass SQL queries to a PHP script. They should always be generated server side with strict sanitation on any user provided data.