Have you noticed an URL with a question mark following the filename? Most probably you have. This is a technique used to pass data to web pages using URL query strings. What is a URL query string?
URL Query String is that portion of the URL that contains data to be passed to a web application. Simply put, it’s the portion of the URL following the question mark. For example, on “index.php?pageid=7&username=Leo” the URL query string would be “pageid=7&username=Leo”.
You can send data on a query string in two ways:
- on a hyperlink
- with a HTML form
Passing a query string with a hyperlink
click me
Passing a query string with a HTML form
If you enter “Abraham” on the username field, “Austin” on the location field and click the submit button, you will be taken to the following URL: index.php?username=Abraham&location=Austin
When somebody clicks this link
click me
Two variables will be sent: username and location. The query string it’s the portion following the question mark and the variables are separated by an ampersand (&). You can pass more variables if you wish by separating each variable name/value pair from the next with an ampersand. For example: index.php?username=Leo&location=Texas&style=green&blogname=CodeRemix
How to access query string variables using PHP
click me
There is a variable named username and its value is “Leo”. Another variable name is location and its value is “Texas”. After you click the above link, you can access this data at index.php. For example, you could display the contents of the $_GET variables like this:
echo 'Welcome '.$_GET['username'].' from '.$_GET['location'];
Which would display “Welcome Leo from Texas”.
TIPS
Data sent from a form or a hyperlink with the GET method is visible through the browser’s address bar. Don’t use the $_GET method when working with passwords or other sensitive information.
$_GET data is usually passed to the browser to indicate what page or article to load from a Website. Data you get from a $_GET variable may be used to make a query to your MySQL database. In a previous article, we discussed SQL injection attacks and how to protect your database from them. SQL injection attacks are often overlooked in books or online tutorials aimed for PHP/MySQL beginners. If you are a PHP/MySQL novice it is imperative you learn how to prevent SQL injection attacks. Please read our article Protect your script from hackers: SQL injection attack prevention ASAP to secure your scrips and database.
Tags: PHP