Passing hidden values and inserting in php/mysql

valentinayounes · December 3, 2017, 1:51pm

Hello, while looking for a solution to a problem in my code i came across hidden values .

Now in my code the user enters a username which I enter in the database in an account_info table
I want to pass the username to another page where I can insert it in another table called patient_info

But I’m not sure how to use hidden values in a correct syntax.

My Code:
HTML:

 <ion-item>
        <ion-label stacked>Patient Username</ion-label>
        <ion-input  type="text" placeholder="P_JhonDoe" formControlName="p_username"
                    [(ngModel)]="PatientUsername"></ion-input>
      </ion-item>

If anyone can help me with these?
or if there is a better way please let me know about it!
Thank you in advance

Gandalf · December 3, 2017, 1:53pm

Are you referring to hidden input fields in forms?

valentinayounes · December 3, 2017, 1:59pm

Yes i did a little research about it and i read that it can do what I want it to do

Gandalf · December 3, 2017, 2:01pm

Be aware that the contents of a hidden field can be seen in view source, so you should not use them for confidential information.

valentinayounes · December 3, 2017, 2:11pm

i am only passing the username so i guess that is okay.
or please if you can tech me a better way to do it please i’d be grateful

Mittineague · December 3, 2017, 2:44pm

So if I were to load your page, open the browsers dev tools and change the hidden inputs value to “valentinayounes” and submit, there would not be any problems?

valentinayounes · December 3, 2017, 3:11pm

I don’t know any better way if you do please i am all in for always learning more ways

Mittineague · December 3, 2017, 3:44pm

You could continue to use GET or POST after initial validation and authentication, but IMHO doing so should only be when security and data integrity are of little to no concern.

Seeing “patient” in your example concerns me. Unless this is for some type of personal use only script be forewarned that medical data, like financial data, has strict restrictions and violations can result in severe penalties. If you are developing a DIY script intended for public consumption I advise you to abandon the idea.

That said, I think what you are looking for is $_SESSION

benanamen · December 3, 2017, 5:55pm

This whole concept is wrong and violates Database Normalization and the proper use of a Relational Database. You DO NOT duplicate data. Look up and learn Database Normalization.

system · March 5, 2018, 1:03am

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.