Values incoming from/with an anchor href (basics)

**Andy Hassall** · Jul 17 '05, 02:22 AM

Re: Values incoming from/with an anchor href (basics)

On 10 Jan 2004 13:33:45 -0800, mcompengr@earth link.net (martin) wrote:
[color=blue]
>A page has links that want to invoke the same php file,
>but pass in different values for a given variable.
>
><a href=process.ph p?flag=1> Do One </a>
><a href=process.ph p?flag=2> Do Two </a>
><a href=process.ph p?flag=3> Do Three </a>
>
>But, we don't want variables in the URL, right?[/color]

Why not?
[color=blue]
>So, is it possible to not have them there and
>still have multiple links load the same php file,
>but with different results?[/color]

Depends what you're objecting to.

You can make them look nicer with Apache's mod_rewrite, e.g. transparently
turn /process/1 into process.php?fla g=?. But from the looks of the filename,
and the 'Do' part of the link text, it looks like this page will have a
side-effect. In which case, you should be using POST and not GET.

--
Andy Hassall <andy@andyh.co. uk> / Space: disk usage analysis tool
<http://www.andyh.co.uk > / <http://www.andyhsoftwa re.co.uk/space>

**Chung Leong** · Jul 17 '05, 02:22 AM

Re: Values incoming from/with an anchor href (basics)

> But, we don't want variables in the URL, right?

An idea propagated by people who don't know security but think they do.
There have been a number of publicized cases where sloppily coded websites
exposed sensitive user information because they failed to validate GET
variables (usually a user id). Placing variables in the URL by itself
doesn't introduce any vulnerability, however.
[color=blue]
> So, is it possible to not have them there and
> still have multiple links load the same php file,
> but with different results?[/color]

Yes. You can use the path as the identifier.

<a href=process.ph p/flag1> Do One </a>
<a href=process.ph p/flag2> Do Two </a>
<a href=process.ph p/flag3> Do Three </a>

$PATH_INFO would yield "/flag1", "/flag2", or "/flag3".

It's rather pointless though.

**CountScubula** · Jul 17 '05, 02:22 AM

Re: Values incoming from/with an anchor href (basics)

"martin" <mcompengr@eart hlink.net> wrote in message
news:a7086603.0 401101333.956e1 e6@posting.goog le.com...[color=blue]
> A page has links that want to invoke the same php file,
> but pass in different values for a given variable.
>
> <a href=process.ph p?flag=1> Do One </a>
> <a href=process.ph p?flag=2> Do Two </a>
> <a href=process.ph p?flag=3> Do Three </a>
>
> But, we don't want variables in the URL, right?
> So, is it possible to not have them there and
> still have multiple links load the same php file,
> but with different results?
>
> -Martin[/color]

As was posted, I would agree about it being pointless, now thats said, here
is one stupid aproach. Aha, now you guys cant call it stupid, I already did
;)

Wrap you links with other pages
<a href=wa.php> Do One </a>
<a href=wb.php> Do Two </a>

file wa.php
<?php
$flag = "1";
include("proces s.php");
?>

file wb.php
<?php
$flag = "2";
include("proces s.php");
?>

--
Mike Bradley
http://www.gzentools.com -- free online php tools

Values incoming from/with an anchor href (basics)

Values incoming from/with an anchor href (basics)

Comment

Comment

Comment