0

I send data using header in php through this code.

$msg="ljqefnjnf";
header("Location: search.php?sms=".$msg);

and my url is :

localhost/search.php?sms=ljqefnjnf

How to get the sms data in search.php file

SOURAV
  • 304
  • 2
  • 4
  • 15

5 Answers5

2

use $_GET

$sms = $_GET['sms'];

Just see this for more information

Niranjan N Raju
  • 11,832
  • 3
  • 19
  • 41
  • If i send a array then what should i do like this: $msg = array( "A", "B", "C" ); header("Location: search.php?sms=".$msg); – SOURAV Nov 04 '15 at 10:15
  • see this link, u can use `serialize()` for that. http://stackoverflow.com/questions/5098397/how-to-pass-an-array-in-get-in-php – Niranjan N Raju Nov 04 '15 at 10:18
1

You need to use PHP's $_GET.

$sms = $_GET['sms'];
Ashley
  • 1,389
  • 2
  • 11
  • 25
0

use PHP $_GET or $_REQUEST

$sms = $_GET['sms'];
$sms = $_REQUEST['sms'];

$_REQUEST, by default, contains the contents of $_GET, $_POST and $_COOKIE.

Abhishek Sharma
  • 6,523
  • 1
  • 12
  • 20
0

The value you seek is in the $_GET array which holds all the values of arguments passed in through a URL.

In your case you would want to do this:

$message = $_GET['sms'];

But it could be anything in that array. For example if you have this URL search.php?fruit=apple&color=purple then you would do this: 

$fruit = $_GET['fruit'];
$color = $_GET['color'];

You should note though, never blindly trust a user's input without validating it first. You can leave yourself open to attacks such as Injection Attacks

Community
  • 1
  • 1
Henders
  • 1,154
  • 1
  • 22
  • 25
  • If i send array then how I will do it like this : $msg = array( "A", "B", "C" );; header("Location: search.php?sms=".$msg); – SOURAV Nov 04 '15 at 10:17
  • Whatever you add to the URL it needs to be valid for a url. You cannot send a raw PHP array in the $_GET array as far as I know. You would instead need to convert it to something else like a json array with `json_encode()` and then decode it at the other end with `json_decode`. You could also send it as a comma separated string or something if you have no keys. Does that make sense? – Henders Nov 04 '15 at 10:20
0

Indeed, like @Rahautos said, you can use both $_GET or $_REQUEST global but don't forget that everything which is passed in your url can be "hijacked". You should make tests on what you get from it.

For example, never do that.

<?php
    $sms = $_GET['sms'];
    unlink($sms . '.php');
?>

You can do, instead of it

<?php
    $sms = $_GET['sms'];
    $allowed_files = array('conf', 'tmp');
    if (in_array($sms, $allowed_files) {
        unlink($sms . '.php');
    }
?>