Ben Yates February 2016

Framework7 not passing URL variable to next page

I can't get Framework7 to use the URL variable ?username=User1 on the next page.

It is generated and assigned to the link on page 1 but doesn't get used in either the SQL query or the echo statements on page 2.

Page 1 sets the variable in a hyperlink with;

profile.php?username=<?php echo htmlentities($row['username'], ENT_QUOTES, 'UTF-8'); ?>

Page 2 'gets' the variable using;

<?php $username = (isset($_GET['username']))? trim(strip_tags($_GET['username'])) : ""; ?>

Framework7 is a web application framework - www.idangero.us/framework7/.

Edited to add full source of profile.php which is to use variable.

<?php 

    // First we execute our common code to connection to the database and start the session 
    require("common.php"); 

    // At the top of the page we check to see whether the user is logged in or not 
    if(empty($_SESSION['user'])) 
    { 
        // If they are not, we redirect them to the login page. 
        header("Location: index.php"); 

        // Remember that this die statement is absolutely critical.  Without it, 
        // people can view your members-only content without logging in. 
        die("Redirecting to index.php"); 
    } 

    // Everything below this point in the file is secured by the login system 



    // We can retrieve a list of members from the database using a SELECT query. 
    // In this case we do not have a WHERE clause because we want to select all 
    // of the rows from the database table. 
    $query = " 
        SELECT 
            id,
            username,
            email
        FROM users WHERE username = '$username'
    "; 

    try 
    { 
        // These two statements run the query against your database table. 
        $stmt = $db->prepare($query); 
        $stmt->execute(); 
    } 
    catch(PDOException $ex) 
    { 
        // Note: On a production website        

Answers


Bloafer February 2016

You have not assigned the $username variable you should use something like this:

<?php 

    // First we execute our common code to connection to the database and start the session 
    require("common.php"); 

    // At the top of the page we check to see whether the user is logged in or not 
    if(empty($_SESSION['user'])) 
    { 
        // If they are not, we redirect them to the login page. 
        header("Location: index.php"); 

        // Remember that this die statement is absolutely critical.  Without it, 
        // people can view your members-only content without logging in. 
        die("Redirecting to index.php"); 
    } 

    // Everything below this point in the file is secured by the login system 



    // We can retrieve a list of members from the database using a SELECT query. 
    // In this case we do not have a WHERE clause because we want to select all 
    // of the rows from the database table.

    $username = (isset($_GET['username']))? trim(strip_tags($_GET['username'])) : "";

    $query = " 
        SELECT 
            id,
            username,
            email
        FROM users WHERE username = '$username'
    "; 

    try 
    { 
        // These two statements run the query against your database table. 
        $stmt = $db->prepare($query); 
        $stmt->execute(); 
    } 
    catch(PDOException $ex) 
    { 
        // Note: On a production website, you should not output $ex->getMessage(). 
        // It may provide an attacker with helpful information about your code.  
        die("Failed to run query: " . $ex->getMessage()); 
    } 

    // Finally, we can retrieve all of the found rows into an array using fetchAll 
    $rows = $stmt->fetchAll(); 
?> 

<?php include('header.php') ?>

<div class="pages navbar-through toolbar-through">
<div class="page" data-page="profile">

<div class="page-content">

<div class="content-block">
<div class 

Post Status

Asked in February 2016
Viewed 3,634 times
Voted 11
Answered 1 times

Search




Leave an answer