How to keep already-set GET parameter values on form submission?

Question

I have a URL : foo.php?name=adam&lName=scott, and in foo.php I have a form which gives me values of rectangleLength & rectangleBreadth with a submit button.

When I click this submit button with form action as $_SERVER['REQUEST_URI'], I get this result URL: foo.php?rectangleLength=10&rectangleBreadth=5 (these values have been filled in by the user).

Notice that I am losing my previous values name & lName from the URL.

How can I keep them?

Also, keep in mind that I have to come back to foo.php and if the user wants to submit the form again then the length and breadth values should change.

Answer 1

To handle query with arrays:

foreach (explode("\n", http_build_query($query, '', "\n")) as $keyValue) {
    [$key, $value] = explode('=', $keyValue, 2);
    $key = htmlspecialchars(urldecode($key), ENT_COMPAT | ENT_HTML5);
    $value = htmlspecialchars(urldecode($value), ENT_COMPAT | ENT_HTML5);
    echo '<input type="hidden" name="' . $key . '" value="' . $value . '"' . "/>\n";
}

Answer 2

My personal preference would be to specify the keys you wish to accept and be sure to run the value through htmlspecialchars().

$url_params = array(
  'tab'
);
foreach( $url_params as $key ) {
  echo !empty( $_GET[$key] ) ? '<input type="hidden" name="'. $key .'" value="'. htmlspecialchars( $_GET[$key] ) .'" />' : '';
}

Answer 3

There are different ways to do this. All of them write the parameters they receive into a file, memory, or a database and retrieve them later with a key

The easiest method is something like a session variable: http://php.net/manual/en/features.sessions.php

The main setup is something like this (caution: that is unsecure code, make sure you only add session variables you want to keep, and sanitize user input!):

<?php
session_start();
foreach ($_GET as $key=>$value) {
    $_SESSION[$key]=>$value;
}

?>

and now, as long as the user does not close the browser, you can access these variables with $_SESSION[varname];

Answer 4

You can add two hidden fields in the form on the first target site, blabla.php in your case:

<form ...>
  <input type="hidden" name="name" value="<?php echo htmlspecialchars($_GET['name']);?>">
  <input type="hidden" name="lName" value="<?php echo htmlspecialchars($_GET['lName']);?>">

  <!-- rest of the form here -->
</form>

For a dynamic solution, use a foreach loop:

<?php
foreach($_GET as $name => $value) {
  $name = htmlspecialchars($name);
  $value = htmlspecialchars($value);
  echo '<input type="hidden" name="'. $name .'" value="'. $value .'">';
}
?>

You may consider locking the dynamic approach down to a list of known possible keys:

<?php
$keys = array('name', 'lName', ...);
foreach($keys as $name) {
  if(!isset($_GET[$name])) {
    continue;
  }
  $value = htmlspecialchars($_GET[$name]);
  $name = htmlspecialchars($name);
  echo '<input type="hidden" name="'. $name .'" value="'. $value .'">';
}
?>

Answer 5

Once, I needed sorting the results in a table keeping the search results coming from GET. I did like that:

unset($_GET['sort']); // sort param is removed, otherwise there will be created many sort params
$url = http_build_query($_GET);

echo "<a href='?".$url."&sort=title'>Title</a>";
echo "<a href='?".$url."&sort=author'>Author</a>";

Answer 6

1. In menu (calling html) I call VendorSearch.php. variable fromvs is used in URL.
2. The target php VendorSearch.php will do different jobs based on the value of $_GET['fromvs']

3. In VendorSearch.php, aftersession_start(),

   $srchfor =""; $fromwhat = $_GET['fromvs']; $_SESSION['fromwhat'] = $fromwhat; $vs = $fromwhat;

4. Use hidden input to store URL passed variable

   <div style='position: absolute; top: 10px; left: 400px;'><input type='hidden' hidden='hidden' id='fromvs' name='fromvs' value="<?php echo $_SESSION['fromwhat']; ?>"></div>

5. But this thie

Segment in Calling html .... Add a Subcontractor .... Assign Subcontractor Contracts ..... Log Out ....

Segment in target php: VendorSearch.php

<?php
//VendorSearch.php
//http://mted202.mtaent.org:9051/ocr/login.php rweinbau 
require_once('dbinfo.php');

session_start();
$c = oci_pconnect("ocr","ocrmta","HQT4");
oci_set_client_identifier($c, $_SESSION['username']);
$username = htmlentities($_SESSION['username'], ENT_QUOTES); 
.....
$srchfor ="";

$fromwhat = $_GET['fromvs'];
$_SESSION['fromwhat'] = $fromwhat;
$vs = $fromwhat;

if (isset($_POST['srchvnd']))
{ 
 $vs = $_POST['fromvs'];

 somefunction($vs);

}
else
{
    ;
}

?>
<body>
<form class="vfrmsrch" name="vndsearch" id="vndsearch" action="VendorSearch.php?fromvs='<?php    echo $fromwhat; ?>'" method="POST"> 
    <div style='position: absolute; top: 10px; left: 400px;'><input type='hidden' hidden='hidden' id='fromvs' name='fromvs' value="<?php echo $_SESSION['fromwhat'];  ?>"></div>
......
</form>
.......
</body>  
</html> 
<?php
function somefunction($vvs){    
//$msg = "We are inf somefunction() function </a></div><br>";

// echo  "<div style='position: absolute; top: 100px; left: 10px;'><a style='color:blue'>".$msg;

$_SESSION['fromwhat'] = $vvs;
............

oci_close($c);
}

Answer 7

Following code works for my project. Hope it help some. 1. In menu (calling html) I call VendorSearch.php. variable fromvs is used in URL. 2. The target php VendorSearch.php will do different jobs based on the value of $_GET['fromvs'] 3. In VendorSearch.php, aftersession_start(),

$srchfor ="";
$fromwhat = $_GET['fromvs'];
$_SESSION['fromwhat'] = $fromwhat;
//save value to $VS
$vs = $fromwhat;

3. Use hidden input to store URL passed variable
<div style='position: absolute; top: 10px; left: 400px;'><input type='hidden' hidden='hidden' id='fromvs' name='fromvs' value="<?php echo $_SESSION['fromwhat'];  ?>"></div>

4. But this thie field's value may lost after clicking button "srchvnd". So use a function to reset 
$_SESSION['fromwhat'];  

if (isset($_POST['srchvnd']))
{ 
     $vs = $_POST['fromvs'];

     somefunction($vs);

}

-----------------Source code----------------------

Segment in Calling html 
....
<body>
<div style="  position: absolute; top: 1px; left: 5px; height:740px;  width:205px; border-radius: 10px;" >
<!-- Start css3menu.com BODY section -->
<ul  id="css3menu1" class="topmenu">
    <li class="topfirst"><a href="VendorSearch.php?fromvs=V" target="I1" style="width:183px;">Add a Subcontractor </a></li>
    ....
    <li class="topmenu"><a href="VendorSearch.php?fromvs=S" target="I1" style="width:183px;">Assign Subcontractor Contracts</a></li>
    .....
    <li class="toplast"><a href="login.php" target="_self" style="width:183px;">Log Out</a></li>
</ul>
....
</div>

Segment in target php: VendorSearch.php

<?php
//VendorSearch.php
//http://mted202.mtaent.org:9051/ocr/login.php rweinbau 
require_once('dbinfo.php');

session_start();
$c = oci_pconnect("ocr","ocrmta","HQT4");
oci_set_client_identifier($c, $_SESSION['username']);
$username = htmlentities($_SESSION['username'], ENT_QUOTES); 
.....
$srchfor ="";

$fromwhat = $_GET['fromvs'];
$_SESSION['fromwhat'] = $fromwhat;
$vs = $fromwhat;

if (isset($_POST['srchvnd']))
{ 
     $vs = $_POST['fromvs'];

     somefunction($vs);

}
else
{
    ;
}

?>
<body>
    <form class="vfrmsrch" name="vndsearch" id="vndsearch" action="VendorSearch.php?fromvs='<?php echo $fromwhat; ?>'" method="POST"> 
        <div style='position: absolute; top: 10px; left: 400px;'><input type='hidden' hidden='hidden' id='fromvs' name='fromvs' value="<?php echo $_SESSION['fromwhat'];  ?>"></div>
    ......
      <td><input type="submit" class="slbt" name="srchvnd"  id ="srchvnd" vaue="Search"></input></td>
     ......
    </form>
.......
</body>  
</html> 
<?php
function somefunction($vvs){    
//$msg = "We are inf somefunction() function </a></div><br>";

// echo  "<div style='position: absolute; top: 100px; left: 10px;'><a style='color:blue'>".$msg;

$_SESSION['fromwhat'] = $vvs;
............

oci_close($c);
}

Answer 8

A simpler solution to keep the URL unchanged by using http_build_query

 <form action="<?php echo $_SERVER["PHP_SELF"] . '?'.http_build_query($_GET); ?>" ... 
  ..
  ..