hi there, i'm processing a form which simply passes a few hidden variables through a page.<form action='2delete.php'>
<input type=hidden name=jobtitle value=$_GET['foo']>
<input type=submit value='Go'>
</form>

The browser doesn't like the apostrophes in the $_GET['foo'] so when i just put $_GET[foo], if $foo has space in it, for example "nice variable" it truncates it to "nice", which screws up all my SQL Queries..
Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or `T_NUM_STRING' in /dir/blah/bar/page.php on line 149[/code] (above is the error it returns)

what can i put so that it doesn't hate spaces, and so it doesn't return an error?

thanks!

Hi

you miss the <? ?> tags ;))

please look at this


<form action='2delete.php'>
<input type=hidden name=jobtitle value='<? echo $_GET['foo']; ?>' >
<input type=submit value='Go'>
</form>

fantastic! thanks very much for the answer... i'm not sure why i didn't think of this myself.
many thanks
regards

You might want to think twice about using short tags (<? ?>) if this has any possibility of being used on a different server, as short tags can be disabled. I personally always use the long tags (<?PHP ?>) for this very reason. Also, if you are going to use short tags anyway, you might as well use the shorthand version:

<?= $_GET['foo']; ?>

please clarify me: whats wrong by using the echo?

Nothing at all. The problem is the short tags (<? rather than <?PHP). Short tags can be disabled in the php.ini file, and I highly discourage using them in most instances. The last part of my post above was to simply show that if you are using short tags, you might as well use the shorthand way of echoing a variable.

<?= $var; ?>

is the same as:

<? echo $var; ?>

ohh :) I'm allways learning :D