(12-22-2011, 07:00 AM)★Cooldude★ Wrote: PHP Code:
<?PHP
if(isset($_POST['go'])){
$text1 = $_POST['text1'];
$text2 = $_POST['text2'];
$text3 = $_POST['text3'];
$text4 = $_POST['text4'];
header("location: page.php?VAR1=$text1&VAR2=$text2&VAR3=$text3&VAR4=$text4");
}
?>
<form action='' METHOD='POST'>
Text1: <input type='text' name='text1'>
<br>
Text2: <input type='text' name='text2'>
<br>
Text3: <input type='text' name='text3'>
<br>
Text4: <input type='text' name='text4'>
<br>
<input type='submit' name='go' Value='go'>
</form>
If you would like to modify the URL on form submit, you
must use the
GET method in your forms. However you must
always ensure you apply sanitisation upon said $_GET['']; variables to prevent SQL injections on your website. Here is an example on how to build a custom URL using the GET method from a form:
PHP Code:
<?php
if(isset($_GET['action']))
{
$submit = $_GET['action'];
$phone_number = intval($_GET['phone_number']);
if($phone_number)
{
//continue with form submittion
}
else
{
die('phone number is not numerical');
}
}
?>
<html>
<body>
<form method="GET">
Phone Number: <input type="text" name="phone_number" /><br />
<input type="submit" name="action" value="submit" />
</form>
</body>
</html>
On form submit, this should give the URL:
get.php?phone_number=(number_here)&action=submit
A very basic, yet secure URL that is
not susceptible to SQL injection attacks because i have made sure that
if the phone number being entered is
not numerical, the page will output an error only. This is done by using the function
intval upon the phone number entered in the form, and if the function returns false, a NULL value is given to
$phone_number causing the next IF statement to return FALSE.
![[Image: mobooka-review.png]](http://www.mobookareview.com/mobooka-review.png)
![[Image: cooldude.png]](http://i1081.photobucket.com/albums/j357/jETZKYE/cooldude.png)
