By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,417 Members | 1,845 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,417 IT Pros & Developers. It's quick & easy.

Simple beginners question about inserting data via an URL

P: n/a
Hi all,

For a couple of nights I have been trying to figure something out..

I am trying insert a couple of fields into a database. My url looks
something like this;

www.site.com/addlog.php?var1=blah&var2=blah

The addlog.php script looks like this;

<?php
$dbhost = 'xx';
$dbuser = 'xx';
$dbpass = 'xx';

$conn = mysql_connect($dbhost, $dbuser, $dbpass) or
die ('Error connecting to mysql');

$dbname = 'xx';

mysql_select_db($dbname);
$query = "INSERT INTO log values('$var1','$var2');";
print_r($_GET);
mysql_query($query) or die('Error, insert query failed');

mysql_close($conn);
?>

The var1 variable gets passed on just fine (I even see it echoed back
with the print command).. but var2 seems to dissapear.. It never gets
passed to anywhere..
What am I missing here? When I make the url www.site.com/addlog.php?var2=blah&var1=blah
I just see var2.. so it seems to only accept the 1st variable..?

Alex

Oct 10 '07 #1
Share this Question
Share on Google+
9 Replies


P: n/a
To see if they are coming though the URL to the script okay, which
they should be.

echo $_GET['var1'] . "<br />" . $_GET['var2'];


Try

$var1 = mysql_real_escape_string($_GET['var1']);
$var2 = mysql_real_escape_string($_GET['var2']);

$query = "INSERT INTO log VALUES ('$var1','$var2')";
mysql_query($query,$conn) or die(mysql_error());

Oct 10 '07 #2

P: n/a
I tried both ideas.. but neither of them return me the string that I
had in the url :(

What I dont understand is that I can pass 1 string, just not multiple
strings from the URL.
On Oct 10, 7:54 pm, macca <ptmcna...@googlemail.comwrote:
To see if they are coming though the URL to the script okay, which
they should be.

echo $_GET['var1'] . "<br />" . $_GET['var2'];

Try

$var1 = mysql_real_escape_string($_GET['var1']);
$var2 = mysql_real_escape_string($_GET['var2']);

$query = "INSERT INTO log VALUES ('$var1','$var2')";
mysql_query($query,$conn) or die(mysql_error());

Oct 11 '07 #3

P: n/a
de**@icepick.com wrote:
On Oct 10, 7:54 pm, macca <ptmcna...@googlemail.comwrote:
>To see if they are coming though the URL to the script okay, which
they should be.

echo $_GET['var1'] . "<br />" . $_GET['var2'];

Try

$var1 = mysql_real_escape_string($_GET['var1']);
$var2 = mysql_real_escape_string($_GET['var2']);

$query = "INSERT INTO log VALUES ('$var1','$var2')";
mysql_query($query,$conn) or die(mysql_error());


I tried both ideas.. but neither of them return me the string that I
had in the url :(

What I dont understand is that I can pass 1 string, just not multiple
strings from the URL.

(Top posting fixed)

If your URL is really something like:

http://www.example.com?var1=blah&var2=blah

Then $_GET['var1'] will contain the first value, and $_GET['var2'] will
contain the second value. If it doesn't work, either your url is wrong
or you're not accessing the data correctly.

P.S. Please don't top post. And when using examples, use example.com as
the domain - that's what it's reserved for.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Oct 11 '07 #4

P: n/a
If you are using a form, check your html form and make sure that you
dont have a spelling mistake for the input name.
Oct 11 '07 #5

P: n/a
If your URL is really something like:
>
http://www.example.com?var1=blah&var2=blah

Then $_GET['var1'] will contain the first value, and $_GET['var2'] will
contain the second value. If it doesn't work, either your url is wrong
or you're not accessing the data correctly.

P.S. Please don't top post. And when using examples, use example.com as
the domain - that's what it's reserved for.
Jerry,
I simplified my webpage to

<?php
echo $_GET['var1'];
echo $_GET['var2'];
echo $_GET['var3'];
?>

And the url I use now to test is (besides the example part)
http://www.example.com/php/blah.php?...lah&var3=candy

When I do this it only returns one variable.
There must be something simple I am missing here..
Oct 12 '07 #6

P: n/a
In our last episode, <11*********************@y27g2000pre.googlegroups. com>,
the lovely and talented de**@icepick.com broadcast on comp.lang.php:
Jerry,
I simplified my webpage to
><?php
echo $_GET['var1'];
echo $_GET['var2'];
echo $_GET['var3'];
?>
And the url I use now to test is (besides the example part)
http://www.example.com/php/blah.php?...lah&var3=candy
When I do this it only returns one variable.
There must be something simple I am missing here..
Are you doing this from the command line? If so, you should single quote
the url because your shell is interpreting the ampersand, not passing it
through.

so for example in bash or sh:

Fri Oct 12 02:49:34 bash3.2:ttyp0:lars
debranded~$lynx -dump http://localhost/~work/index.php?var1=test&var2=blah\
blah&var3=candy
[1] 5661
[2] 5662
Fri Oct 12 02:51:12 bash3.2:ttyp0:lars
debranded~$test
You got test as expected by setting var1, but the shell has done its own
thing with everything after the first &.

Single quote it and it will pass the whole url through:

Fri Oct 12 02:54:33 bash3.2:ttyp0:lars
debranded~$lynx -dump 'http://localhost/~work/index?var1=test&var2=blah\
blah&var3=candy'
testblahblahcandy

Fri Oct 12 02:56:03 bash3.2:ttyp0:lars
debranded~$

Which is the right answer.

--
Lars Eighner <http://larseighner.com/ <http://myspace.com/larseighner>
Countdown: 466 days to go.
What do you do when you're debranded?
Oct 12 '07 #7

P: n/a
de**@icepick.com wrote:
>If your URL is really something like:

http://www.example.com?var1=blah&var2=blah

Then $_GET['var1'] will contain the first value, and $_GET['var2'] will
contain the second value. If it doesn't work, either your url is wrong
or you're not accessing the data correctly.

P.S. Please don't top post. And when using examples, use example.com as
the domain - that's what it's reserved for.

Jerry,
I simplified my webpage to

<?php
echo $_GET['var1'];
echo $_GET['var2'];
echo $_GET['var3'];
?>

And the url I use now to test is (besides the example part)
http://www.example.com/php/blah.php?...lah&var3=candy

When I do this it only returns one variable.
There must be something simple I am missing here..
OK, what do you get if you do the following:

<pre>
<?php
print_r($_GET);
echo "\n" . $_SERVER['QUERY_STRING'] . \n";
?>
</pre>
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================

Oct 12 '07 #8

P: n/a
On Oct 12, 10:02 am, Lars Eighner <use...@larseighner.comwrote:
In our last episode, <1192164404.526476.12...@y27g2000pre.googlegroups. com>,
the lovely and talented d...@icepick.com broadcast on comp.lang.php:
Jerry,
I simplified my webpage to
<?php
echo $_GET['var1'];
echo $_GET['var2'];
echo $_GET['var3'];
?>
And the url I use now to test is (besides the example part)
http://www.example.com/php/blah.php?...lah&var3=candy
When I do this it only returns one variable.
There must be something simple I am missing here..

Are you doing this from the command line? If so, you should single quote
the url because your shell is interpreting the ampersand, not passing it
through.

so for example in bash or sh:

Fri Oct 12 02:49:34 bash3.2:ttyp0:lars
debranded~$lynx -dumphttp://localhost/~work/index.php?var1=test&var2=blah\
blah&var3=candy
[1] 5661
[2] 5662
Fri Oct 12 02:51:12 bash3.2:ttyp0:lars
debranded~$test

You got test as expected by setting var1, but the shell has done its own
thing with everything after the first &.

Single quote it and it will pass the whole url through:

Fri Oct 12 02:54:33 bash3.2:ttyp0:lars
debranded~$lynx -dump 'http://localhost/~work/index?var1=test&var2=blah\
blah&var3=candy'
testblahblahcandy

Fri Oct 12 02:56:03 bash3.2:ttyp0:lars
debranded~$

Which is the right answer.

--
Lars Eighner <http://larseighner.com/ <http://myspace.com/larseighner>
Countdown: 466 days to go.
What do you do when you're debranded?

Thanks everyone.. this turned out to be the problem indeed.. I tested
it with WGET instead of with a regular web browser..
I got it working now.. thanks a lot.

Oct 13 '07 #9

P: n/a
..oO(de**@icepick.com)
>Thanks everyone.. this turned out to be the problem indeed.. I tested
it with WGET instead of with a regular web browser..
Well, from the server's point of view even WGET is a "regular browser".
It's a user agent that speaks HTTP - like any other browser. So it was
most likely the mentioned shell escaping problem.

Micha
Oct 13 '07 #10

This discussion thread is closed

Replies have been disabled for this discussion.