Like the question says, how do I add a parameter to a URL?
Example:
When you click on a link to get a featured product on Product Hunt, the URL is appended with ?ref=producthunt.
Can I just add a parameter like this manually to the few links that I have on my website? Are there any scenarios where this might be suboptimal to do?
The parameters in the URL correspond to the superglobal $_GET array.
It means that if your URL is in the form
www.domain.com?key1=val1&key2=val2 ,
then $_GET[key1] contains val1 , and so on.
It is perfectly legitimate to add these parameters manually in a link (a typical use case would be a login button, which redirects you to the current URL and appends &todo=login . You can then add a bit of PHP code that triggers the login process when $_GET contains the value 'login' at the key 'todo').
The other way of adding these parameters is forms. In an HTML form, you specify a 'method' which can be 'get' or 'post'.
If you choose 'get', when the form is submitted, the URL will automatically be appended with the form answers.
NB: It is generally NOT SAFE to directly read values from the $_GET, as the user can fill it with any value (just by changing the URL) so it is good practice to use filters that ensure inputs are safe. Check http://www.w3schools.com/php/php_filter.asp for more on filters
The parameters added to the url is called query string and they have a format
it must start will ?
every paraper will be seperated with &
Example: http://www.yoururl.com?name=myname&age=34&ect=somethingelse
The mistake you did is by putting ?= which is not converted by your web server.
you can pas like '?websitename=website-name'
Querystring parameters are key value pairs that are separated from the URL's domain and path with a ? and separated from each other with an &, i.e ?key=value&key2=value2.
The values can be accessed client-side (in Javascript) and server-side by the webserver or by a server-side language is being used, PHP, ASP.NET, Java.
Some values should be encoded using a function such as encodeURIComponent to ensure that they are valid.
Risks
You need to be careful that the querystring does not contain any sensitive information such as a sequential order number, i.e ?order=5 as someone could manually change the value to see another user's order (?order=6, if no other authentication in place). The order value should be encrypted so it cannot be guessed. Also, do not execute any code passed in on the querystring with eval() as the contents could be changed by a malicious user to execute a crosssite scripting (XSS) attack on another user and steal their cookie or login credentials.
Related
I'm trying to add param in the url, like in this example:
https://www.google.com/ > https://www.google.com/search?q=qq
Opening the last link you can see "qq" in the "q" input.
For this site it doesn't work (this is the problem):
https://www.calabriasue.it/assistenza/richiesta-assistenza-e-supporto/
https://www.calabriasue.it/assistenza/richiesta-assistenza-e-supporto/?nome=mario
Can I add url param also in the last one? I need it.
Thanks!
I tried using different input names, different params ecc but it doesn't work.
Google's server side code is designed to generate an HTML document with an input field that is prefilled with the current search term which is reads from the URL. That is why adding q=search+term to the URL populates the input field.
You can't make arbitrary third-party websites prefill inputs. They have to explicitly provide a mechanism to make it possible.
Parameters only work as long as the code for the target website is expecting to handle a parameter named "nome" with a value "mario". In the case of the google website, it is expecting a parameter named "q" and has a form input for it.
Clicking a URL sends a a GET request type, and the target site may only be accepting parameters from a POST request type. You could consider using the application known as "PostMan" to help with that.
Alternately, the target page you are viewing may be forwarded / routed from a different page which accepts parameters.
I'm using a Bank E-Payment webservice and set the redirectURL into http://Example.com/EPaymentResultCallback?Param1=0&Param2=1
when the bank finish it's job, browser redirects to preceding url.
But the problem is: Bank webservice has changed my url into http://Example.com/EPaymentResultCallback?Param1=0&Param2=1 (noticing the extra &).
In fact my innocent url encoded and therefore Param2 will be lost.
I cannot change the websercive obviously. but interested to know if there is a way to resolve the second url parameter (Param2) on my website?
For more general explanation: 'mywebsite' calls a webservice and redirected to a whole new website. after 'new website' done, browser redirects to the given URL (in fact 'mywebsite/somesubUrl/param1¶m2') but parameter separator (&) changed into (&) so the second parameter (param2) won't delivered correctly to the action method and an exception raise, pointing that the second input parameter in the action method could not be null.
Actually i`m looking for a built-in solution to read encrypted url. that would be the best. but any other idea is welcomed.
I am working on an email validation link for a website. When a user registers and finishes filling in their personal data (and it passes all the checks), they are sent to a jsp page saying that an email has been sent to the address they entered as the username, with a link to click to validate the email address. So that part is all well and good, I generate the link (for now just using my localhost) and it looks like this as an example http://localhost:9999/javawork/msc/validate/?6FRQ8RAT&u=1s3w1Iih64egX01188HT. When they click the link it goes to the jsp page index.jsp in the validation folder. At this point I need to grab the entire URL and send it to a function to make sure the URL is formatted properly (for security purposes). If it passes and the format is fine, I need to grab the 8 digit code immediately after the '?' and also the value of 'u'. I then send those values to a function that checks that they match what we have in our DB, and if they do, I update the DB record with a validation date so we know they have validated their email address.
So my question is first, how do I grab the entire URL to check the format, and second, how do I grab the 8 digit code, and the value of 'u'? I have been looking online and all examples require creating multiple functions or classes, and using the URL class. And they all want me to make an instance of a URL object and initialize it using the entire URL. But it is not a static URL, it will be different for every user that registers, as it generates a random 8 digit code to check against, and the value of 'u' is the masked user id from the DB. I don't understand how it can require you to initialize the entire URL in order to get the values, when you don't know what the values are until you get them from the URL.
Is there a simple way to grab the values, and the entire URL? Even if I can just get everything after the '?', I know the base URL and can build a new String to check the formatting if I can get from the '?' and after. Please help with that part. Thanks.
The Interface HTTPServletRequest contains a method getRequestURL which returns a StringBuffer which you may use to check the format of the entire URL.
You can get it, in a jsp page with :
<%=request.getRequestURL()%>
If you are using the format of request that you specified above, then your second question :
how do I grab the 8 digit code, and the value of 'u'?
May be answered by manipulating that StringBuffer to split at the ? and & for the 8 digit code.
Or use another request method,
ServletRequest.getParameter(java.lang.String name)
To grab each parameters, though, i'm not certain how it will end up handling the unnamed parameter of the 8 digit code. Let me know how that goes.
Don't think of the 8-digit code as an unnamed parameter. Think of it as a parameter without a value.
request.getParameterNames() will give you the 8-digit code as well as "u". So you can loop through like so:
String code = "";
for(String paramName : request.getParameterNames()) {
if(!paramName.equalsIgnoreCase("u"))
code = paramName;
}
I am accessing a set of websites using variables
<cfhttp url="http://website.com/index.php?title=#var1#:#var2#&action=edit##EditPage" method="GET">
Some pages do not provide the data I need and instead of #EditPage in the URL show a fragment
edit&redlink=1. I want to treat these pages differently. How do I go about identifying them?
The hash "#" used in URL is used by browsers and not servers. Typically when a browser sees the hash in the URL it will jump to either an anchor on the page with the same name, or an element with that id. Exceptions, are when javascript is used to modify the page dynamically based on the hash.
If I'm understanding you correctly, what you want to do is construct the URL in a separate variable first. Something like URLtoGet. Then, you can use cfif to switch on whether that constructed URL contains the fragment you specified. Look into contains(), find(), and findNoCase() to determine which is the best option for you.
I use bit.ly to shorten my urls.
My problem - paramters are not passed.
Let me explain I use http://bit.ly/MYiPhoneApps which redirects (let's say) to http://iphone.pp-p.net/default.aspx
Now when I try http://bit.ly/MYiPhoneApps?param=xx this param is not added to the resulting url.
I know I could create an extra "short url" including a paramter - so http://bit.ly/WithParam would result in http://www.mysite.com/somepath/apage.aspx?Par1=yy and so forth.
But what I want is to have a short URL directing to a page - and then I want to add a parameter to this shortened url - which shoul (of course) land at my page.
Is this a shortcome of bit.ly (and others are maybe able to do it) - or does "parameter forwarding" not work with 301 redirections?
Manfred
There's no technical reason why it couldn't be done. The service would simply have to look at what parameters it is being sent, and then rewrite the target URL accordingly.
The problem is that it's not necessarily well defined how to do that.
Suppose you have the url http://example.com/default.aspx?foo=bar, and it has the short url http://foo.com/ABCD. What should happen if you try to access http://foo.com/ABCD?foo=baz? Should it replace the value, so you get foo=baz? Should it append it to make foo=bar&foo=baz? If we include both, which order should they be in?
The system cannot know which parameters are safe to override and which are not, because sometimes, you DO want both of them in the URL, and it may matter what order things are added in.
You could argue "Well, just don't allow this for URLs where parameters are already present", but there's also the issue that it's going to complicate the process a lot more. Without this, you just lookup a key in a database and send a redirect header. Now, you need to also analyze the URL to check for parameters, and append part of the URL you were called by. That requires more system resources per redirect, which may become a big problem if your service is used very frequently - you'll need more server power to handle the same amount of redirects. I don't think that tradeoff is considered to be "worth it".
As mentioned in comments by rinogo and Jurgen
In Clickmeter
Destination URL : www.yoursite.com?myparam1={id1}&myparam2={id2}
Tracking link : www.go.clickmeter.com/38w2?id1=123&id2=abc
After click : www.yoursite.com?myparam1=123&myparam2=abc
In TinyUrl
Destination URL : http://x.com?a=1
Shorten URL : https://tiny url.com/y6gh7ovk
Shorten URL + param : https://tiny url.com/y6gh7ovk?a=2
Resultant URL : http://x.com/?a=1&a=2
Added space to post tinyurl
URL shortening associates a unique key based on a full URL (parameters and all), so it is not possible to pass parameters to a shortening service.
Typically
http://iphone.pp-p.net/default.aspx?param=10
must produce a different key to
http://iphone.pp-p.net/default.aspx?param=22
'Parameter forwarding' is simply not possible in these kinds of redirects, as parameters are not valid parts of a shortened URL is most (if not all) services.