PHP include doc not picking up $_GET variables

Question

Everything i read tells me this should work

page 1 is

<?php
$state = $_GET['state'];
$brand = $_GET['brand'];

include ("my_path/state_brand_page_01.php");

?>

page 2 is

<?
//get all dealers for this brand and state
session_start();
include ('../../lib/db.php');

//=======================Start Local Insert

  //This stops SQL Injection in POST vars
  foreach ($_POST as $key => $value) {
    $_POST[$key] = mysql_real_escape_string($value);
  }

  //This stops SQL Injection in GET vars
  foreach ($_GET as $key => $value) {
    $_GET[$key] = mysql_real_escape_string($value);
  }

//get dealer

echo $state;
echo $_GET['state']; // NOTHING SHOWING

$dquery = mysql_query("SELECT * FROM dealer WHERE state='$_GET[state]' AND brand='$_GET[brand]' ORDER BY company DESC") or die(mysql_error());


?>

I am getting nothing here, no echo of the var, no return from the database. The page works fine on its own, just not when included

Thanks

Answer 1

try to put it into session

$_SESSION['state'] = $_GET['state'];

$_SESSION['brand'] = $_GET['brand'];

Answer 2

Maybe your path is interpreted as a URL (like www.foo.com/state_brand_page_01.php) and as such include() fetches it using the HTTP methods? That would cause the $_GET to get lost.

Refer to https://www.php.net/manual/en/function.include.php

Below Example #2.

Answer 3

Both $state and $_GET['state'] should be available if the querystring included state=whatever.

When I've seen a problem with that is if you include by URL instead of file path ie:

include('http://www.test.com/file.php'); 

It won't know about your values because it's parsed before it's included. (Also considered bad practice for secuity reasons.)