Using a hidden value instead of $ _GET or $ _REQUEST

Question

Using a hidden value instead of $ _GET or $ _REQUEST

I use hidden values for forms.

Example:

 <form method="post" action="page.php">
 <input type="text" name="name""
 <input type="hidden" name="book_id" value="$bookid">
 <input type="button">
 </form>

$bookidis the value $_GETforbook.php?id=34324

Therefore, instead of executing, page.php?id=$bookidI use $bookidin a hidden field.

My question is: is it harmful to use hidden values using $GETor $POSTin action of a form?

+5

php get hidden request

Sam khan Nov 08 '11 at 16:07

source share

2 answers

: , vs, $GET $POST ?

: $_GET $_POST . , . .

+3

Your Common Sense 08 . '11 16:31

Treffynnon · Accepted Answer · 2011-11-08T16:09:42+0000

To answer your question: no, it is not harmful to use hidden inputs in this way.

To fix the provided code, you need to specify the hidden input of the name and change the method to GET:

 <?php
 if(array_key_exists('id', $_GET)) {
     $bookid = (int) $_GET['id'];
 }
 ?>

 <form method="get" action="page.php">
     <input type="text" name="name">
     <input type="hidden" name="id" value="<?php echo $bookid; ?>">
     <input type="button">
 </form>

Using a hidden value instead of $ _GET or $ _REQUEST

More articles: