How do i transfer $_GET['id'] ?

**dlite922** · Aug 12 '09, 03:38 PM

how are users getting to submitComment.p hp from image.php?

link, form button?

Then change it to add the photoID as a URL parameter. Either in the link or the forum action.

You can also use session, but not recommended for your problem here.

Dan

**luke noob** · Aug 12 '09, 04:20 PM

sorry Its quite hard to explain but basically i need to get the page id value from one page and store it in to a varable which i can do. but then i need to somehow send that varible information to another page and from that page send it to my database.

on the submitComment.p hp there is a comment form that posts the comment and at the same time stores the information into the database, the problem is that it doesnt insert the photoId (the image.php $_GET['id']) because it dosent recognise it. so i was think or some how sending the id (image.php's $_GET['id']) to the submitComments page so it does.

but how can i send the variable? without form or button? thanx in advance, iv been googling for days

**dlite922** · Aug 12 '09, 04:46 PM

post the entire code from both pages and I'll try to take a look at it for you.

**luke noob** · Aug 12 '09, 04:49 PM

submitComment.p hp

Code:

<?php

require 'database.php';
require 'functions.php';

$timestamp = time();
$date_time_array = getdate($timestamp);

$hours = $date_time_array['hours'];
$minutes = $date_time_array['minutes'];
$seconds = $date_time_array['seconds'];
$month = $date_time_array['mon'];
$day = $date_time_array['mday'];
$year = $date_time_array['year'];
?>
<?php

$timestamp = mktime($hours + 8,$minutes,$seconds,$month,$day,$year);
$theDate = strftime('%Y-%m-%d %H:%M:%S',$timestamp);

mysql_connect("localhost","root",""); 

mysql_select_db("myPhotos") or die("Unable to select database");
 
$theMessage = addslashes(strip_tags($_POST['message']));
 
$photoId = mysql_escape_string($_GET['id']);              
 
$q = "INSERT INTO shoutbox (photoId, date, content) VALUES ('" . $photoId . "', '" . $theDate . "', '" . $theMessage . "')";
$result = $mysqli->query($q) or die ('error could not insert into shout box' . mysql_error());  

$theMessage = str_replace(":frown:","&nbsp;<img src='smilies/frown.gif'>", $theMessage); 

?>
		<div class="comment-unapproved">
			<div class="date">
				<span class="day-month"><?php echo date('d M'); ?></span>
				<span class="year"><?php echo date('y'); ?></span>
			</div>
			<span class="content"><?php echo stripslashes($theMessage); ?></span>
			<div class="clear"></div>
		</div>

review_image.ph p

Code:

<body>  
  <?php 
    require 'functions.php';
  ?>       

      <div id="container">
           <div id="main">
             
    <img src="images/logos/logofold.jpg" width="64" height="126" class="logofold">        
    <img src="images/logos/logo1.jpg" width="913" height="126" id="logo">
     <div class="aerobuttonmenu">
     
<a href="#" class="aero"><span>About Us</span></a> 
<a href="#" class="aero"><span>Services</span></a>
<a href="contact.html" class="aero"><span>Contact</span></a> 
<a href="index.php" class="aero"><span>Home</span></a> 

</div></div></div>
      
      <div id="container"> 
      <img src="images/logos/footer1.jpg" width="100%" height="31" align="right" id="footer1">
      
         <p id="text"><font color="#486583">Photo Description</font></p>
                          </div> </div>
              
       <div id="container">
           <div id="main">

<?php getChosenPhoto($_GET['id']);  ?>
<table align="center"><tr><td>  
<div id="container">
    <div id="comments">
<?php

include("database.php");

   function datediff($d1, $d2)
 {
    $d1 = (is_string($d1) ? strtotime($d1) : $d1);
    $d2 = (is_string($d2) ? strtotime($d2) : $d2);

    $diff_secs = abs($d1 - $d2);
    $base_year = min(date("Y", $d1), date("Y", $d2));

    $diff = mktime(0, 0, $diff_secs, 1, 1, $base_year);
    $diffArray = array(
        "years" => date("Y", $diff) - $base_year,
        "months_total" => (date("Y", $diff) - $base_year) * 12 + date("n", $diff) - 1,
        "months" => date("n", $diff) - 1,
        "days_total" => floor($diff_secs / (3600 * 24)),
        "days" => date("j", $diff) - 1,
        "hours_total" => floor($diff_secs / 3600),
        "hours" => date("G", $diff),
        "minutes_total" => floor($diff_secs / 60),
        "minutes" => (int) date("i", $diff),
        "seconds_total" => $diff_secs,
        "seconds" => (int) date("s", $diff)
    );
    if($diffArray['days'] > 0){
        if($diffArray['days'] == 1){
            $days = '1 day';
        }else{
            $days = $diffArray['days'] . ' days';
        }
        return $days . ' and ' . $diffArray['hours'] . ' hours ago';
    }else if($diffArray['hours'] > 0){
        if($diffArray['hours'] == 1){
            $hours = '1 hour';
        }else{
            $hours = $diffArray['hours'] . ' hours';
        }
        return $hours . ' and ' . $diffArray['minutes'] . ' minutes ago';
    }else if($diffArray['minutes'] > 0){
        if($diffArray['minutes'] == 1){
            $minutes = '1 minute';
        }else{
            $minutes = $diffArray['minutes'] . ' minutes';
        }
        return $minutes . ' and ' . $diffArray['seconds'] . ' seconds ago';
    }else{
        return 'Less than a minute ago';
    }
 }  

$timestamp = time();
$date_time_array = getdate($timestamp);

$hours = $date_time_array['hours'];
$minutes = $date_time_array['minutes'];
$seconds = $date_time_array['seconds'];
$month = $date_time_array['mon'];
$day = $date_time_array['mday'];
$year = $date_time_array['year'];

$timestamp = mktime($hours + 8,$minutes,$seconds,$month,$day,$year);
$theDate = strftime('%Y-%m-%d %H:%M:%S',$timestamp);

mysql_connect("localhost","root",""); 

mysql_select_db("myphotos") or die("Unable to select database"); 
      
$photoId = mysql_escape_string($_GET['id']);
               
$q = "SELECT * FROM shoutbox WHERE photoId = '" . $photoId . "' ORDER BY date DESC LIMIT 5";
      
$result = $mysqli->query($q);
while($row = $result->fetch_array()) {
    $date = strtotime($row['date']);
    $dayMonth = date('d M', $date);
    $year = date('y', $date);                     
    $message = $row['content'];
    $datediff = datediff($theDate, $date);

$message = str_replace(":frown:","&nbsp;<img src='smilies/frown.gif'>", $message);      
?>    
         
        <div class="comment">
            <div class="date">
                <span class="day-month"><?php echo $dayMonth; ?></span>
                <span class="year"><?php echo $year; ?></span>
            </div>
            <span class="content"><?php echo stripslashes($message);?> <span class="time"><?php echo $datediff; ?></span></span>
            <div class="clear"></div>
        </div>
<?php 
}
                                                        
     
?>
    </div>
    <div id="submission">
        <form name="comment-submission">

<a title="Frown"><img border="0" src="smilies/frown.gif" onclick="InsertWord(':frown:');" width="15" height="15"></a>
        
            <textarea id="message" name="message" value="message"></textarea>
            <span class="limit">140</span>
            <input type="submit" id="submit-comment" value="" />
        </form>
        <div class="clear"></div>
    </div>
</div>

**dlite922** · Aug 12 '09, 05:45 PM

I think I know what you need.

In review_image you have this $photo_id that you use to pull an image. Then if someone wants to make a comment, they fill out this form:

<form name="comment-submission"> on like 132 above.

This message and comment should be attached to that photo_id, which needs to get passed to submitComment.p hp

Well, just like how you're sending the message itself, send the photo_id, by putting it in a hidden field inside that form.

One thing I don't see is how you get to submitComment.p hp. Your form doesn't have an action="" that goes to this page.

A hidden field is like

Code:

<input type="hidden" value="<?php echo $photo_id;?>" />

Does that help?

Dan

**dlite922** · Aug 12 '09, 05:47 PM

Forgot to mention, when you put it in a hidden field, you grab it just like you grab message, via $_POST. make sure you still run mysql_escape on it because just because it's hidden, doesn't mean people can't change the value.

Dan

**luke noob** · Aug 12 '09, 06:18 PM

i tryed this but i get an error saying Undefined index: photo_Id in C:\wamp\www\fot ostor\submitCom ment.php

submitComment.p hp

[code=php]
$theMessage = addslashes(stri p_tags($_POST['message']));

$photoId = mysql_escape_st ring($_POST['photo_Id']);

$q = "INSERT INTO shoutbox (photoId, date, content) VALUES ('" . $photoId . "', '" . $theDate . "', '" . $theMessage . "')";
$result = $mysqli->query($q) or die ('error could not insert into shout box' . mysql_error());
[/code]

review_image.ph p

[code=php]
<textarea id="message" name="message" value="message" ></textarea>
<span class="limit">1 40</span>
<input type="hidden" id="photo_Id" value="<?php echo mysql_escape_st ring($photoId); ?>" name="photo_Id" >
<input type="submit" id="submit-comment" value="" />
</form>
[/code]

**dlite922** · Aug 12 '09, 07:57 PM

is your form posting to that page?

i.e. ensure your form action is equal to "submitComment. php" and the method is equal to 'post'.

By the way, escape_string() is useless when you echo in the hidden field.

If you do the above it will work.

Dan

**luke noob** · Aug 12 '09, 09:15 PM

didnt work, thanx anyway for your help and time, i think i gonna up to be honest..

**bibiki** · Sep 12 '09, 11:04 PM

your [id]

i am a newbie myself, and am struggling with the exact same problem... so i thought i might offer some insight: ae you sure that your SQL statement of WHERE has the proper value. What I see you have is:
WHERE photoId = '" . $photoId . "
Try maybe:
"...... WHERE photold= 'photoId' ...." Note that I am specifically suggesting you take out the periods and double quotes.

**Dormilich** · Sep 13 '09, 02:03 PM

Originally posted by bibiki

"...... WHERE photold= 'photoId' ...."

that would insert "photoId" as value, which is imo not intended.

**bibiki** · Sep 13 '09, 03:20 PM

yeah... I c that I forgot the dollar sign. so my actual suggestion is that you put in '$photoId'

**Dormilich** · Sep 13 '09, 03:34 PM

both ways are valid. which one you use is a matter of personal preference.

**bibiki** · Sep 13 '09, 03:57 PM

thanks man. however, i am not sure if we are both pounding on the same problem here. what i am trying to contribute to is luke_noob's problem about passing variables without a form. I strugled with that question, too, and I was answered yesterday by a moderator nicknamed Atli. So, I think I got it good this time.
I would not like to take up your time trying to teach you (a moderator) what you already know. However, I would like to add the following.
The value of $_GET['id'] is taken from the URL of the page this ($_GET['id']) script is executed in. In other words, the initial page that linkes to the script page holding the $_GET script must have something like:
<a href="this_scri pt.php?id=<?php echo 'whatever_the_i d_is'?>"
Now, the $_GET takes the id from the URL - www.this_script .php?id=<?php echo 'whatever_the_i d_is'?>. Then you use the mysql_escape_st ring($_GET['id']) to clear off any unwanted symbol so that you get only the result of " <?php echo 'whatever_the_i d_is'?> "
THAT'S IT. All Luke_noob must pay attantion to is the nature of $_GET method. What it does is take variable values from the URL it is executed in. This did it for me. Atli explained it for me and I thought I should pass it on to Luke_noob too. I hope that helps everybody.