Keywords: PHP | URL Parameters | Variable Passing | $_GET | String Interpolation
Abstract: This article provides an in-depth analysis of passing PHP variables through URLs, focusing on string interpolation and variable scope issues. By comparing incorrect examples with proper implementations, it explains the core mechanisms of URL parameter passing and offers advanced solutions including session management and file inclusion. The article includes detailed code examples and discusses security considerations for $_GET superglobal usage.
Fundamental Principles of URL Parameter Passing
In web development, passing parameters through URLs is a common method for data exchange between pages. PHP uses the $_GET superglobal variable to access query parameters from URLs, which operates based on the HTTP GET request method. When users click links containing query strings in browsers, server-side PHP scripts can access these parameter values through the $_GET array.
Common Error Analysis
Beginners often encounter two typical issues when passing PHP variables through URLs: string interpolation errors and variable scope problems.
Regarding string interpolation, many developers mistakenly believe that variables can be directly embedded within single-quoted strings. In reality, PHP's single-quoted strings do not support variable interpolation. For example, the following code:
echo '<a href="pass.php?link=$a">Link 1</a>';This passes the literal string $a to the URL, not the value of variable $a. The correct approach is to use the string concatenation operator:
echo '<a href="pass.php?link=' . $a . '">Link 1</a>';Or use double-quoted strings:
echo "<a href=\"pass.php?link=$a\">Link 1</a>";Variable Scope Issues
Another common error is referencing undefined variables in the receiving page. In the original example, pass.php attempts to use variables $a and $b, but these variables are not defined in pass.php. URL parameters are passed through the $_GET array, so the receiving page should directly compare the value of $_GET['link']:
if ($_GET['link'] == 'Link1') {
echo "Link 1 Clicked";
} else {
echo "Link 2 Clicked";
}Advanced Solutions
For scenarios requiring variable sharing across multiple pages, several more robust solutions are available:
File Inclusion Method: Define shared variables in a separate PHP file and include that file in pages where needed:
// config.php
$a = 'Link1';
$b = 'Link2';
// In other pages
include 'config.php';Session Management: Use the $_SESSION superglobal variable to maintain data during user sessions:
session_start();
$_SESSION['link_a'] = 'Link1';
$_SESSION['link_b'] = 'Link2';Security Considerations
When handling URL parameters, security must be considered. Always validate and filter user input to prevent SQL injection and cross-site scripting attacks:
// Verify parameter existence
if (isset($_GET['link'])) {
// Filter input
$link = filter_var($_GET['link'], FILTER_SANITIZE_STRING);
// Validate parameter value
if (in_array($link, ['Link1', 'Link2'])) {
echo $link . " Clicked";
} else {
echo "Invalid link";
}
}Practical Application Scenarios
The database query example from the reference article demonstrates typical real-world applications of URL parameters. After obtaining product IDs from a database, they are passed through URLs to display specific content on target pages:
// Sending page
echo '<a href="product.php?id=' . $product_id . '">View Product</a>';
// Receiving page
if (isset($_GET['id']) && is_numeric($_GET['id'])) {
$product_id = (int)$_GET['id'];
// Query database based on ID and display product information
}This pattern is widely used in e-commerce websites, content management systems, and other scenarios, enabling flexible display of dynamic content.