CODEWITHSUNDEEP
phphtml
Kris Fallat
Kris Fallat

Reputation: 1

How to pull a variable using PHP to repull information on refresh

I am trying to get the page to save what data to pull up once I refresh. How I figured I would do this is to just re-pull the $ID variable using PHP. But I can't seem to get it to work.

echo "<center><b><p style='color: green'>Order Status: " . $row['status'] . "</p></b></center><br><br>";
    echo "<center><p>Address: " . $row['address'] . "</p></center><br>";
    echo "<center><p>Telephone: " . $row['tel'] . "</p></center><br>";
    echo "<center><p>Email: " . $row['email'] . "</p></center><br>";
    echo "<center><b><p>Order ID: " . $row['ID'] . "</p></b></center><br>";
    echo "<center><p>Submitted on: " . $row['date'] . "</p></center>";
    echo "<br>\n";
    echo "<fieldset>
      <button onclick='window.location='http://qdeliver.ca/fetchorder.php?id='<?php echo $_GET['ID'];?>' name='refresh' type='submit' id='contact-submit' data-submit='...Refreshing'>Refresh Order</button>
    </fieldset>";

Any help would be appreciated. Thanks!

Upvotes: 0

Views: 43

Answers (1)

tyteen4a03
tyteen4a03

Reputation: 1932

If you check the syntax highlighter on your code, it's clear that your <?php echo $_GET['ID'];?> is part of the string in echo, and won't be run.

Use string concatenation:

echo "<fieldset>
  <button onclick=\"window.location='http://qdeliver.ca/fetchorder.php?id=" .  intval($_GET['ID']) . "\" name='refresh' type='submit' id='contact-submit' data-submit='...Refreshing'>Refresh Order</button>
</fieldset>";

NOTE: Your original code is insecure as not filtering user input will open your script to XSS attacks. I've added an intval() call to ensure the ID will always be an integer.

Upvotes: 1

Related Questions