Solar wrote:
Kon-Tiki wrote:
1) I want to browse between entries on a page, and'm using $pagina to keep track of which page. The problem's that I'm redefining it each time, so it kinda loses its purpose, and gives an error when browsing back (instead of pagina-- becoming 0, it becomes -1).
Pass the variable in the URL -
http://www.example.com?pagina=1. Details can be found in your PHP manual of choice.
Then, if you use guarded PHP code, which is safer:
This prevents people from redefining variables you use in your code to stuff that makes the code do something else. Consider:
Code: Select all
http://somewebsite.com/admin/killuser.php?user=kontiki&authed=1
where the second parameter would be an internal variable that would be overridden, allowing anybody to "be admin" without authentication. If you don't enable it it overrides the default value, if you do enable it it just defines $_GET["authed"] which isn't equal to $authed.
For most things you want to use post parameters however. For page number info and stuff that just defines where you are get stuff is better. This way you can make your website give a consistent result for a given URL, while maintaining user authentication (not in the url that is) and session management.
You should give any database table you want to use somewhat intensively numbers. No matter how inhumane to assign everybody a number, it's a lot more effective and stable. You can't mis-spell a number.