Saved Bookmarks
| 1. |
Solve : how can get a variable from another page ?? |
||||
|
Answer» Hi
index.php $qty=0; $totalprice=0; foreach($listproduit as $produit) { $subqty=$produit['quantity']; $subtotal=$produit['quantity']*$produit['price']; $totalprice+=$subtotal; $qty+=$subqty; ?> I want to make output $qty in the page header.php A Transactional Database such as MySQL that takes the data passed to it from a dynamic html form, is one method. On the next page it populates the dynamic HTML with the information that was written from the first page to the database. You would need to have it create a user account or give a user identity to associate the point of sale info to the correct customer connected, this acts as a primary key so that the correct customer gets the correct data at the 2nd page and all ADDITIONAL pages. I'd avoid trying to do this through just a variable as for if you had more than a single customer connected at the same time, the customer who accessed it last would alter the variable data for the other. Sure it would work ok if only 1 person interfaced with it at a time. Additionally passing directly to a variable without testing the data that is passed to it can allow for hackers to send an overflow to it and sometimes assume admin control of a server etc. So a form that takes in information and tests the data before its passed to the server is best to avoid intentional buffer overflows. Such a test would be an IF statement that verifies that the item prices NEVER exceed say $5000.00, quantities never exceed 50,000, etc so that someone couldnt just send a huge number to it and overflow it to either crash it or gain access through an exploit.do you think it is a secure way here: header.php session_start(); // store session data $_SESSION[$qty]=1; ?> index.php session_start(); // read session data $qty=$_SESSION['views'] ; ?>When it comes to php, I am not a data security specialist... Maybe someone else here works with data security and php to answer this better than I can. Generally I set limits so that the value passed has to be between say 0 and 10,000 and this way negative numbers for quantity are disallowed as well as any numbers greater than 10,000 are disallowed. My php experience is mainly with internal applications that are web BASED on ( internal network ) Intranet where the only threats are if you have a rogue employee. As well as playing around with php turn based games etc. Setting up data conditions are important so that only realistic ( allowed ) values are entered as well as string data never exceeds a specific character length limit etc. So all data passed across should be tested. Some OVERHEAD can be taken off of the server by using local client side scripts in javascript that test values before they are passed to the server. Then at the server the values should be tested again ( especially if web based where you are subject to hackers etc) to make sure that the data to be passed to the SYSTEM conforms to allowed data type values and character string lengths. |
|||||