02-05-2012, 01:32 PM
(12-22-2011, 07:00 AM)★Cooldude★ Wrote:PHP Code:<?PHP
if(isset($_POST['go'])){
$text1 = $_POST['text1'];
$text2 = $_POST['text2'];
$text3 = $_POST['text3'];
$text4 = $_POST['text4'];
header("location: page.php?VAR1=$text1&VAR2=$text2&VAR3=$text3&VAR4=$text4");
}
?>
<form action='' METHOD='POST'>
Text1: <input type='text' name='text1'>
<br>
Text2: <input type='text' name='text2'>
<br>
Text3: <input type='text' name='text3'>
<br>
Text4: <input type='text' name='text4'>
<br>
<input type='submit' name='go' Value='go'>
</form>
If you would like to modify the URL on form submit, you must use the GET method in your forms. However you must always ensure you apply sanitisation upon said $_GET['']; variables to prevent SQL injections on your website. Here is an example on how to build a custom URL using the GET method from a form:
PHP Code:
<?php
if(isset($_GET['action']))
{
$submit = $_GET['action'];
$phone_number = intval($_GET['phone_number']);
if($phone_number)
{
//continue with form submittion
}
else
{
die('phone number is not numerical');
}
}
?>
<html>
<body>
<form method="GET">
Phone Number: <input type="text" name="phone_number" /><br />
<input type="submit" name="action" value="submit" />
</form>
</body>
</html>
get.php?phone_number=(number_here)&action=submit
A very basic, yet secure URL that is not susceptible to SQL injection attacks because i have made sure that if the phone number being entered is not numerical, the page will output an error only. This is done by using the function intval upon the phone number entered in the form, and if the function returns false, a NULL value is given to $phone_number causing the next IF statement to return FALSE.