0

i have a login page where a user enters his email and password. this is then passed to another pages (success) where they will have different options.

What i need to do is to get the email address from the prevoius page (login) which I can do but then i want to add it to a url like the one below.

the first part works ok (membersgoods.php?email= but I can't get the email address I just get the text $email.

$email = $_POST['email']
echo '<a href="membersgoods.php?email=$email">    Click here to see your purchased goods</a>';

Can anyone help?

Improve this question
2
  • 2
    This reeks of possibly bad architecture. If the user is logged in, why do you need their E-Mail address in the URL? Is having the E-Mail in the URL enough to access the user's private data? That would be a huge security hole. Commented Feb 4, 2013 at 14:03
  • thank you Pekka - you are right, I need to look into Sessions id's instead. Commented Feb 4, 2013 at 14:42

6 Answers 6

Reset to default
1

It works only with double quotes:

echo "<a href=\"membersgoods.php?email=$email\">Click here to see your purchased goods</a>";

Explanation

If the string is enclosed in double-quotes ("), PHP will interpret more escape sequences for special characters:

\n  linefeed (LF or 0x0A (10) in ASCII)
\r  carriage return (CR or 0x0D (13) in ASCII)
\t  horizontal tab (HT or 0x09 (9) in ASCII)
\v  vertical tab (VT or 0x0B (11) in ASCII) (since PHP 5.2.5)
\e  escape (ESC or 0x1B (27) in ASCII) (since PHP 5.4.0)
\f  form feed (FF or 0x0C (12) in ASCII) (since PHP 5.2.5)
\\  backslash
\$  dollar sign
\"  double-quote
  • The most important feature of double-quoted strings is the fact that variable names will be expanded.
  • When a string is specified in double quotes or with heredoc, variables are parsed within it.
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

you cannot use a variable in ', but you can use it in "

echo "<a href=\"membersgoods.php?email=$email\">    Click here to see your purchased goods</a>";

or 

echo '<a href="membersgoods.php?email='.$email.'">    Click here to see your purchased goods</a>';
Improve this answer

1 Comment

Thank you Bojan, this has worked for me but looking at Pekka point, I think I need to do more with the sessions.
0

You putted your string in single quotes..

echo '<a href="membersgoods.php?email='.$email.'"> Click here to see your purchased goods</a>';

Improve this answer

Comments

0

Try something like this:

<?php
   $query_string = 'mail=' . $_POST['email'];
   echo '<a href="mySite.php?' . htmlentities($query_string) . '">click</a>';
?>

Hope this helps.

\seems like im late to the party :)

Improve this answer

Comments

0

I think you merge the both methods of a form: get and post.

If you use 'get' all attributes will be written in the URL and you can access per $_GET (or $_REQUEST).

If you use 'post' nothing else then the action will be written in the url and you could access the attributes by $_POST (or $_REQUEST).

With <form action="index.php" method="post">...</form> it will work fine.

Improve this answer

Comments

0

You have single quotes around the string preventing expansion of variables.

Try

echo '<a href="membersgoods.php?email='. $email .'">    Click here to see your purchased goods</a>' ;

Further reading : stackoverflow.com Question 14688343

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.