Question on $_GET[]

razzel · April 13, 2010, 10:04am

Can anybody help my solve this problem?

In the header, I have a login form. If you login, the login form is replaced by a logout button. The text “You’re logged in” is also shown above the log out button.
I also have a navigation in the left column. If you click a link in the navigation, the content area in the middle of the page will be updated. The problem is that the login in information gets lost. The text “You’re logged in” and the log out button is replaced with the log in form. I guess it’s a $_GET problem, but how do I solve it.

I do want to use the get method, and not the post method.

StarLion · April 13, 2010, 10:08am

GET is very unsecure, but…

How about showing us the relevant code sections?

DarthGuido · April 13, 2010, 10:14am

Use sessions to store the login data.

Jake_Arkinstall · April 13, 2010, 11:01am

Make sure you have:

session_start()

At the top of your PHP file, and save the login information in the $_SESSION array.

frank1 · April 13, 2010, 11:08am

yup session and its decendents should work here…

plus get is never suppose to pass confidential data(that also in an unecrypted form in HTTP protocol…)
even if you succeed in passing variable to each page
the user_id=1
will peep into data of user_id=2 …lol with url hijack…

razzel · April 15, 2010, 10:56am

I dont understand how to do it. I know how to “transfer” values between pages, using get or post. But I dont want to do that.
“How about showing us the relevant code sections?” Sorry, but I dont know how do to this, what to write. I am trying to describe the problem.
I know its a session problem.

Jake_Arkinstall · April 15, 2010, 11:14am

Paste your current code.

smftre · April 15, 2010, 11:15am

Your question is quite hard to follow.
The guys are right, you will want to use $_SESSION to store your login info at the end.
You will want to use $_POST on your login form to process the details to the session.
Please elaborate or provide code for us to debug.

razzel · April 15, 2010, 11:52am

The webpage consist of a header, which is included, a left navigation which is included, a content area which is included and a footer which is included.
In the navigation, there is a list of links. When I click a link, I update the content area by switching to another included file. So far no problem.
I have two forms, one log in and one log out form. I have put the forms in variables, because I want to be able to hide the log in form when the user logs in and instead show a log out button:

$my_form=‘<form id=“form1” action=“test.php” method=“get”>
User name:
<input type=“text” name="username " />
Password:
<input type=“text” name=“password” />
<br />
<input type=“submit” id=“knapp” name=“knapp” value=“Log in” />’;

$log_out=‘<form name=“form2” action=“test.php” method=“get”>
<input type=“submit” value=“Log out” />
</form>’

When the user puts in his name and the correct password I use unset() to hide the log in form and echo to show a another form, a logout form:

$my_password=“secret”;

if ($my_password== $_GET[‘password’])
{
echo "You are logged in;
unset($my_form);
echo $ log_out;
}

This will hide the log in form and show the logout form. When I click the log out button, the log in form pops up again. No problem so far. Now to the problem. Let’s say I log in. The log out button pops up on the main page. Let’s say I also click a link in the navigation area:

<li><a href=“?var_music=music”>Music</a></li>

If I click a link in the navigation area, a new included file is shown in the content area and the log in form replaces the log out button. That’s the problem. The browser does not know that I want the logout button to stay at the top of the page.
I know it’s a session problem. I know that I should put this in the main page above the html tag.

<?php
session_start();
?>

But what else do I have to do to make the connection work? I know how to “transfer” values between pages using get and post, but here I am not trying to show something on another page. I want to keep the values on the main page, here test.php. And I want to use the get method.

Paul_Wilkins · April 15, 2010, 10:39pm

With sessions, you need to set their value before any output occurs to the page.

Typically this means checking if the login was successful before any output occurs, setting a session value such as $_SESSION[‘username’] = $username and then redirect back to the same page.

When the page loads, it checks if the session value is set, and shows the appropriate form.

razzel · April 17, 2010, 5:58pm

What do you mean by “redirect back to the same page”?

Paul_Wilkins · April 17, 2010, 10:47pm

Sometimes there can be issues where the updated session variables are not accessible yet on the same page, so redirecting back to the same page allows the page to cleanly handle the changed circumstances.

The other benefit is that by redirecting back to the same page, the posted data is no longer involved, which can help to prevent issues relating to that as well.

Topic		Replies	Views
Using GET Method to Maintain Variables After Logging In PHP	2	504	April 18, 2010
I don't know how to transfer user_id to the next page in php PHP	10	18378	April 18, 2015
Difference between $_POST and $_GET PHP	14	2799	August 11, 2018
Can't get $_POST['email'] for some reason PHP	12	1290	September 12, 2015
Using session variable instead of GET method PHP	7	4355	October 8, 2014

Question on $_GET[]

Related topics