you will have to use "&" to separate the variables. ie <a href=contactus.php?email=director&subject=job enquiry>
Otherwise it will be deem as one variable instead CK Ong --- CJ <[EMAIL PROTECTED]> wrote: > I have a "contact us" php script on my site that > allows users to email > direct from the webiste. I want to be able to pass > the to address and > subject line to the script so I can call teh web > page from elsewhere on the > site and have it automatically choose the correct > email address and subject > line. > > EG instad of using <a > href=mailto:joe@;bloggs.mail.com> which requires them > to have an email client set up on the machine I want > to link to > <a href=contactus.php?email=director subject=job > enquiry> > The script already handles the email=director by > setting a default entry in > a drop down form but I can't get it to separate the > first and second > variables in the URL. > > Also is this a big security risk as I will be > echoing the 2nd variable as > the contents of a form field. Would it be possible > for someone to type in > the URL with HTML/php in it that would make a mess > of everything? How can I > protect against this? Would it be sufficient to > just pase the 2nd variable > for non alphabetic characters and remove them? > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > __________________________________________________ Do You Yahoo!? Play for a chance to win a trip to Sydney! http://sg.mobile.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
