URL querystring with a php include
You can't include a query string in an include().
Assuming this is a local script, you could use:
$_REQUEST['mls'] = $_REQUEST['mlid'];
$_REQUEST['lid'] = 0;
$_REQUEST['v'] = 'agent';
include("agentview.php");
if it's a remote script on a different server, don't use include.
Get URL query string parameters
$_SERVER['QUERY_STRING'] contains the data that you are looking for.
DOCUMENTATION
- php.net: $_SERVER - Manual
PHP - include a php file and also send query parameters
Imagine the include as what it is: A copy & paste of the contents of the included PHP file which will then be interpreted. There is no scope change at all, so you can still access $someVar in the included file directly (even though you might consider a class based structure where you pass $someVar as a parameter or refer to a few global variables).
Manipulate a url string by adding GET parameters
Basic method
$query = parse_url($url, PHP_URL_QUERY);
// Returns a string if the URL has parameters or NULL if not
if ($query) {
$url .= '&category=1';
} else {
$url .= '?category=1';
}
More advanced
$url = 'http://example.com/search?keyword=test&category=1&tags[]=fun&tags[]=great';
$url_parts = parse_url($url);
// If URL doesn't have a query string.
if (isset($url_parts['query'])) { // Avoid 'Undefined index: query'
parse_str($url_parts['query'], $params);
} else {
$params = array();
}
$params['category'] = 2; // Overwrite if exists
$params['tags'][] = 'cool'; // Allows multiple values
// Note that this will url_encode all values
$url_parts['query'] = http_build_query($params);
// If you have pecl_http
echo http_build_url($url_parts);
// If not
echo $url_parts['scheme'] . '://' . $url_parts['host'] . $url_parts['path'] . '?' . $url_parts['query'];
You should put this in a function at least, if not a class.
php include variable file from query string
First, make absolutely sure that the file included is allowed, preferably by using a whitelist.
Then, you can use a function like file_get_contents() to read the file into a string and output it with echo.
To wrap up (this is a way to do it, other ways exist):
$file = $_GET['folder']."/".$_GET['file'];
if (in_array($file, $whitelist)) {
$contents = file_get_contents($file);
} else {
$contents = "Not allowed";
}
echo "<body><div id='targetDiv'>$contents</div>"
You could for example generate the whitelist by scanning the directory you want to be able to show. (Which is outside the scope of this answer ;-)).
Another solution could be to check the canonical resulting path with realpath().
Keep query string for external urls
You can do this by adding this script at the end of your page. This code will pass variables to every links on client side.
<p><a href="/about/">Internal</a></p>
<p><a href="https://google.com">External</a></p>
<p><a href="/post/?id=1">Link with query string</a></p>
<script>
var index = window.location.href.indexOf('?')
if(index != -1){
var querystring = window.location.href.slice(index + 1)
var tagA = document.getElementsByTagName('a');
for(var i = 0; i < tagA.length; i++){
var href = tagA[i].getAttribute('href');
href += (href.indexOf('?') != -1)? '&' : '?';
href += querystring;
tagA[i].setAttribute('href', href);
}
}
</script>
Related Topics
How to Remove Numbers from a String with Regex
How to Access Element Attributes with Simplexml
Comparing Floats - Same Number, But Does Not Equal
How to Examine Defined Constants in PHP
Is There Any Legitimate Use for Bare Strings in PHP
PHP Regex Get Text Between Bbcode Tags
Get Order Increment Id in Magento
Prepared Parameterized Query with Pdo
How to Add a PHP Simplexmlelement to Another Simplexmlelement
Curl Import Character Encoding Problem
Warning: MySQLi_Query() Expects at Least 2 Parameters, 1 Given. What
PHP Curl: How to Set Body to Binary Data
Show Name Instead of Id from Different Table
MySQL Stored Function to Create a Slug
Read and Write to a File While Keeping Lock
Query on a Many-To-Many Relationship Using Doctrine with Symfony2