skip to Main Content

For example, I have a list of motorcycles on index.php. Is there a better way to pass its ID to inventory.php when someone clicks on a specific motorcycle than using href and $_GET? Hidden fields and submiting form through JavaScript? What is the best way to do it? I want my urls to be SEO friendly. Thanks.

3

Answers


  1. I understand the first part of your question and I will try my best to answer it here.

    Your clickable link is probably like this.

    <a href ="inventory.php?motorcycle_id=100">Click me</a>
    

    Note that 100 here is the motorcycle ID you are passing to inventory.php

    Then in inventory.php file

    <?php
    
    $motorcycle_id =$_GET['motorcycle_id'];
    
    ?>
    

    I would definitely stick with this approach because of SEO you mentioned.

    Our beloved SEO url will be http://yoursite.com/inventory/100

    You will need to add an htaccess code to that effect

    Options +FollowSymlinks -MultiViews
    RewriteEngine On
    
    RewriteRule ^([0-9]*)/(.*)/?$ /inventory.php?motorcycle_id=$1 [L,QSA]
    
    Login or Signup to reply.
  2. You can use $_POST too, each submit button (which can look like a motorcycle photo or anything you like) will be associated with a form and each form will contain an invisible form element (up to your imagination) with desired ID value. This way the motorcycle ID will be invisible for user (as long as they don’t inspect the code).

    <form method="post">
      <input type="text" name="id" value="your_desired_id">
      <input type="submit" name="submitted" value="Button">
    </form>
    

    And add some CSS to hide form elements and disguise submit button as an img. I use this method quite often with HTML, unfortunately I am not a CSS wizard.

    Login or Signup to reply.
  3. Using $_GET[id"] is not necessarily a security problem, what you do with it once you get it is the issue.

    If you really want your urls to be SEO friendly, Samuel James’s answer about SEO friendly urls is a good option.

    But to be really SEO friendly you would have to seriously consider to go a bit further.

    Your id is only meaningful to you, motorcycle/7865 means nothing to users or search engines.

    If the motorcycle that you have indexed as id 7865 is Yamaha SCR 950, then your url should be something like motorcyles/Yamaha-SCR-950

    That helps search engines which in turn helps users, and that is, basically, the idea behind semantic urls.

    On the php file where you would receive the $_GET[id"] parameters you would have to get something like $_SERVER['QUERY_STRING'] which would give you the motorcyles/Yamaha-SCR-950 part and search your database for Yamaha SCR 950 instead of the traditional way of searching by id.

    You will need to add something to the .htaccess file like this (just pulled it from one I have around but should be multipurpose)

    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-l
    RewriteRule ^(.*)$ index.php?$1 [L,QSA]
    

    And you will need something like a semantize/unsemantize function that removes spaces, non url characters, etc.

    A very simple example (almost pseudocode, don’t use as is):

    function semanticUrls($string,$do=true){
    
        if($do) {
            return  strtr($string, " ", "-");
        } else {
            return  strtr($string, "-", " ");
        }
    }
    

    Then you could search with something like (obviusly don’t use as is, you should be using PDO with prepared statements; if only for security reasons)

    $sql = "SELECT * FROM motorcycles WHERE name LIKE '".  semanticUrls($querystring,0)."'";
    

    You are probably not using anything like Model View Presenter/Controller, otherwise you would already be using semantic urls. You should really check this method out. It is simpler to adopt then you might think, and even if you don’t want to use OOP, you can still benefit from something like MVP. And, if you are not using prepared statements, like PDO offers, you need to double check the $_GET[id"] before passing it to the db.

    Here is one of the best explained courses out there: https://www.udemy.com/php-mvc-from-scratch/

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search