Passing a PHP Variable in the URL

Question

I currently have a login form and I want to pass the username across the URL. It is stored in a session variable.

I have this on the page after the login but it doesn't seem to be working.

$myusername = $_POST['myusername'];

I am looking for something like this:

page.php?myusername=example

The login page is a php page that connects to another php that checks the login details from mySQL database.

The main part from that is this (on the checklogin php page)

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];

On the following page, upon successful login I have this:

   <? 
    session_start();
header( 'Location: menu.php?myusername=$myusername' ) ;
    if(!session_is_registered(myusername)){
    header("location:index.php");
    }
    ?>

Answer 1

Edit, looking at your edits, I'd say the first section about the redirect looks like what you need

But I see you say

It is stored in a session variable.

Are you formatting a URL string from a php session and then trying to transmit get params somewhere? If so, did you try using the session API to get the username and then doing a php redirect?

 session_start();

 $username = $_SESSION['myusername'];

 // redirect
 header("http://your/sites/dir/page.php?myusername=$username");

But it looks like you're relying on the deprecated session_register and register_globals, based on this comment:

I am wanting to pass this throughout the application, I do have it saved as a session I think as this: session_register("myusername");

That's probably not using because register_globals has been turned off. You should leave it off. You want to avoid session_register and instead use the $_SESSION array.

Here's how you pull a "myusername" from a URL GET query

To extract the username from a URL you want to use $_GET, ie

 $myusername = $_GET['myusername'];

The part of the URL you're looking at is known as the "query string". The parameters formatted

?var=value&var2=value2...

are known as "GET" parameters. $_POST parameters are not transmitted in the URL itself. You can read more about HTTP GET vs POST, here.

To save the username in the session do

 session_start();
 // be sure to VALIDATE your inputs
 $_SESSION['myusername'] = $_GET['myusername']; // replace with post if appropriate

Answer 2

$_POST arguments must come from a POSTed form. If you're passing arguments in the URL, that's a GET request, and the values will be available in $_GET.

$myusername = $_GET['myusername'];