monkeybidz Posted March 20, 2011 Share Posted March 20, 2011 Trying to pass VARS $URL1 and $type to header location.Heres the code. $URL1 = $_POST['url']; $type = $_POST['type_request']; session_start(); $string = strtoupper($_SESSION['string']); $userstring = strtoupper($_POST['userstring']); session_destroy(); if (($string == $userstring) && (strlen($string) > 4)) { header("Location: $success"); exit(); The VARS come from a FORM and then go to this script for checkind data. I need to have them continue to the next page. Quote Link to comment Share on other sites More sharing options...
nicholasolsen Posted March 20, 2011 Share Posted March 20, 2011 You could pass the vars through the URL, then use the GET method to retrieve the data on the next page. Your current redirection: header("Location: $success"); Replace it with: header("Location: $success&var1=$var1&var2=$var2&var3=$var3"); On the next page, use the following code to retrieve the data: $var1 = $_GET['var1']; $var2 = $_GET['var2']; $var3 = $_GET['var3']; Note: When using the GET method to retrieve data, make sure you write a security-script that kills the load if the vars are "unknown". You should therefore only have a set of keywords allowed per var. Example: if (isset($_GET)) { if ($var1 == "allowedKeyword") { echo "This is allowed"; exit(); } if ($var2 == "allowedKeyword") { echo "This is allowed too"; exit(); } if ($var3 == "allowedKeyword") { echo "This is allowed toooo!"; exit(); } else { echo "One or more of the variables are tempered with, and therefore the script has been killed."; } } Quote Link to comment Share on other sites More sharing options...
monkeybidz Posted March 21, 2011 Author Share Posted March 21, 2011 I was hoping to pass them without revealing the var in the url bar or box. Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted March 21, 2011 Share Posted March 21, 2011 Use sessions. At the start of your first script put <?php session_start(); ?> then right before the header() call, put <?php $_SESSION['url'] = $URL; $_SESSION['type'] = $type; ?> In the second script put <?php session_start(); $URL = $_SESSION['url']; $type = $_SESSION['type']; ?> Ken Quote Link to comment Share on other sites More sharing options...
monkeybidz Posted March 21, 2011 Author Share Posted March 21, 2011 What the problem here is that I used to have a form that posted directly to another page, but I added CAPTCHA and now the page redirects to a data check page and then to its destination if no errors, but tghis doesn't let the vars go through. Is there a way to hide the vars from the url or shorten the url so the vars are not exposed? Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted March 21, 2011 Share Posted March 21, 2011 Did you try using sessions? Ken Quote Link to comment Share on other sites More sharing options...
monkeybidz Posted March 21, 2011 Author Share Posted March 21, 2011 Yup! Vars would not appear. Guessing theres a conflict with another session, the only way it works is if I use the way nicolassolsen said like: header("Location: $success&var1=$var1&var2=$var2&var3=$var3"); But this works and exposes my vars information. I need to hide the new vars because someone made an automated script that floods my site with requests. I changed the vars names to buy me some time. Is there a way to give the page an alias in the url bar? Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted March 21, 2011 Share Posted March 21, 2011 Please post the code you tried when using sessions. Another way to do it is to store the vars in a database table and then retrieve them. Ken Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.