So i am trying to implement a PHP program in which you can put in basically any kind of key and value given in the url query. So for example if i would put "www.domain.se/dispatch.php?randomkey=randomvalue" it would echo "randomkey=randomvalue" but if i then right in the browser add to it "www.domain.se/dispatch.php?randomkey=randomvalue&secondkey=secondvale" it would echo "randomkey=randomvalue
secondkey=secondvalue"
Right now i have only managed to get the first given key with this code and dont know how to move on. Any ideas? This is my code in dispatch.php:
<?php
$query = $_SERVER['QUERY_STRING'];
echo key($_GET);
?>
You can use print_r function to print an array in human readable format:
<?php print_r($_GET); ?>
or if you want to also see types use var_dump function:
<?php var_dump($_GET); ?>
If your practice is to use for loop this is answer:
for( $_GET as $key => $value )
echo "$key : $value <br>";
Use above codes only for debug or during test period not in a production site to prevent security issues. Also consider using htmlspecialchars to prevent cross site scripting attacks.
So this piece of code nailed it:
<?php
$query = ($_GET);
foreach ($query as $key => $value) {
print_r($key. ": ". $value);
echo '<br/>';
}
?>
But for anyone reading. Be aware as this is for school and as i have been warned this is not a secure way to deal with this.
Related
So here I am again trying to find better ways of doing things. 90% of tutorials do things the normal way below:
if (isset($_POST['name']) && isset($_POST['password'])) {
// Does some stuff...
}
It is fine but it does seem too static since I prefer something far more dynamic. For example lets say looping through all $_POST arrays within a contact form. This way I can change the name or the fields to whatever I want or add more...my code will always handle the rest.
I know a foreach loop would come in handy but, as someone new to the world of programming and php I thought you could show me how something like this is done. So how do I replace the above with a for loop? I am not sure where to start.
try this:
$check=true;
if(isset($_POST)){
foreach($_POST as $key=>$value){
if(!isset($_POST[$key]){
$check = false;
break;
}
}
}
based on $check you can verify if it was properly sent or not.
Another approach is to have a sort of verification because it is possible you might not get the key in $_POST
$keys =array("input1","input2");
$check=true;
if(isset($_POST)){
foreach($keys as $input){
if(!array_key_exists($input,$_POST)){
$check = false;
break;
}
}
}
Well you could try something like this :-
<?php
$inputNames = array("input1","input2");
foreach($inputNames as $input)
{
if (isset($_POST["$input"]) && isset($_POST["$input"])) {
// Does some stuff...
}
}
?>
Make an array with the names of all your input tags, and then simply do a foreach between them. In this way, you always only need to edit the names array.
You can always use foreach loop like that:
foreach($_POST as $key => $value){ echo '$_POST["'.$key.'"] = "'.$value.'"'}
But remember, that anyone, can modify your form, prepare some post statement and send data that can create little mess with your code. So it`s good way to validate all fields.
Dynamic validation is of course possible, but you need to do it right!
I have a form that submits to a database. But before it enters the database the submitted data is output on the screen. Currently, if I have "Mike's" submitted, it outputs "Mike\'s".
I have tried the below code to see if it is Magic Quotes, but this has not helped.
if ((function_exists("get_magic_quotes_gpc") && get_magic_quotes_gpc()) ||
ini_get('magic_quotes_sybase')
) {
foreach($_GET as $k => $v)
$_GET[$k] = stripslashes($v);
foreach($_POST as $k => $v)
$_POST[$k] = stripslashes($v);
foreach($_COOKIE as $k => $v)
$_COOKIE[$k] = stripslashes($v);
}
What should I look for?
Note: To sanitize the string
<?php
$mike = "Mike's";
echo filter_var($mike, FILTER_SANITIZE_STRING);
?>
Despite looking like a constant, editing $_POST should work. Then again, your code didn't work for me, either.
This works:
function getReq($key){
return isset($_REQUEST[$key]) ? stripslashes($_REQUEST[$key]) : "";
}
I haven't found why PHP (5.3.0 on WAMPSERVER 2.0 in my case) seems to magically change POST data while get_magic_quotes_gpc() returns 0, and frankly don't care to waste more time on its dirty innards.
There's a possibility it's in the code you're using to output to the screen.
If you were, for instance, using var_export(), one would expect to see character escapes on apostrophes.
It seems silly to answer after all these years but I see your post is active so i'll try.
First try this function stripslashes(). Doc: (https://www.php.net/manual/en/function.stripslashes.php)
Should this not work.
Do you display the data directly from the $_POST variable or retrieve it from the DB?
It might be saved as is in the DB and that would mean a UTF8 convert issue.
I kept my answer short and don't wish to add more unncessary info unless you need it.
Given the following php5 code that output a gigantuous amount of difficult to read code:
<?=var_dump($_SERVER);?>
<?=print_r($GLOBALS); ?>
Question: how to make the output more human-readable? e.g. houw to but every "item" on a new line?
You can just wrap a pre-element around it:
<pre><?php var_dump($_SERVER); ?></pre>
<pre><?php print_r($GLOBALS); ?></pre>
Also note that <?= requires short_open_tags to be set to true (which is false in newer versions of php)
On your development environment, you should install the Xdebug extension.
Amongst other useful features (such as a debugger !), it'll get you nicer var_dump() :
colors
formating
For example, here's a screenshot of the beggining of the output I get for var_dump($_SERVER); :
(source: pascal-martin.fr)
You can use <pre> tag to format the output
<pre><?=print_r($GLOBALS); ?></pre>
Like everyone else mentioned, you can wrap that in <pre> tags to make it readable. I usually have the following 2 functions in my code at all times. Used as utility functions, inspired by cake.
function pr() {
$vars = func_get_args();
echo '<pre>';
foreach ($vars as $var) {
print_r($var);
}
echo '</pre>';
}
function prd() { //dies after print
$vars = func_get_args();
echo '<pre>';
foreach ($vars as $var) {
print_r($var);
}
echo '</pre>';
die();
}
Apart from the <pre> trick, you can try using dbug
Makes things much nicer and clearer: dBug
the previous answers suggest good solution, but if you want more control on the output you can run a loop over the arrays.
$_SERVER and $_GLOBALS are arrays, so you can do
foreach($_SERVER as $key=>$value){
echo $key . ' is ' . $value . '<br />' . PHP_EOL;
}
you can also add if statements to ignore some items in $_SERVER/$_GLOBALS
It's not whatever "server headers" but regular arrays.
To output array contents, a programmer usually makes use of a loop, and then format output in the manner they wish:
.
foreach($_SERVER as $key => $value){
echo "<b>$key:</b> $value<br>\n";
}
Note that your output being gigantic only because you're printing out the contents of $GLOBALS variable, which being completely useless for you.
please see: http://pastebin.com/5za3uCi1
I'm quite new to php and I'm editing the ventrilo status script. What I'd like it to do is that it stores everything in one big variable for easy parsing instead of using separate echo's. Can someone tell me how I can accomplish this?
Thanks,
Dennis
You can use the output buffer and get the contents of it:
ob_start();
echo 'foobar';
$contents = ob_get_contents(); // now contains 'foobar'
ob_end_clean();
declare a variable at the beginning, say $data or whatever. then, replace the echo calls:
echo "hello";
with this:
$data .= "hello";
then return the $data variable at the end of the function.
Instead of the echo, you can use a simple affectation :
$request = "CVentriloStatus->Request() failed. <strong>$stat->m_error</strong><br><br>\n";
But you'll soon have issues to manage multiple variables.
You could create an object to handle and store your information, but If you need something easy to set up and simple to operable, I'd go for arrays :
$ventriloStatus = array();
$ventriloStatus['requestObj'] = $stat->Request();
$ventriloStatus['requestMsg'] = "CVentriloStatus->Request() failed. <strong>$stat->m_error</strong><br><br>\n";
Add your data using keys.
Then retrieve the value easily :
echo $ventriloStatus['requestMsg'];
You can even parse your data using a simple loop
foreach($ventriloStatus as $key => $value){
echo $key.' : '.$value.'<br />';
I have a form that has multiple fields, and for testing purposes is there a way I could print out the values entered in all the fields, without having to individually print each value.
You should be able to do a var_dump($_REQUEST);
http://us2.php.net/manual/en/reserved.variables.request.php
http://us2.php.net/manual/en/function.var-dump.php
For extra credit, I always have:
function pre($data) {
print '<pre>' . print_r($data, true) . '</pre>';
}
Whenever I need to debug an array - which is very often - I just do pre($arr); to get a nicely formatted dump.
print_r() / var_dump() are simple and gets the job done.
If you want a styled/dynamic option check out Krumo:
http://krumo.sourceforge.net/
A lot of developers use print_r() and var_dump() ... Krumo is an alternative: it does the same job, but it presents the information beautified using CSS and DHTML.
I basically use:
echo "<pre>"; print_r($_POST) ; echo "</pre>";
It prints the post values in a nice formatted way.
If you pay close attention to the $_POST[] or $_GET[] method, you will realize that both of them are actually arrays.This means that you can play around with them just like you do with any other arrays.
For example, you can print_r($_POST) and you will see everything the way were entered..
This PHP code doesn't require any knowledge of the fields in the form that submits to it, it just loops through all of the fields, including multiple-choice fields (like checkboxes), and spits out their values.
<?php
// loop through every form field
while( list( $field, $value ) = each( $_POST )) {
// display values
if( is_array( $value )) {
// if checkbox (or other multiple value fields)
while( list( $arrayField, $arrayValue ) = each( $value ) {
echo "<p>" . $arrayValue . "</p>\n";
}
} else {
echo "<p>" . $value . "</p>\n";
}
}
?>
If you're debugging a lot, I would recommend installing XDebug.
It makes var_dump's very pretty and useful (giving you the type and length of the variable aswell).
This shows more than just POST variables, but it's about as easy as it gets.
<?php
phpinfo(INFO_VARIABLES);
?>
Besides using inline debug statements, you could also considering transient debugging, i.e. you could use an IDE with debug capabilities, like eclipse or zend studio. This way you could watch any variable you'd like to.
bye!
use print_r($_POST); or var_dump($_POST);
you can always display var echo command:
echo ($_POST['value']);
Very simply,
phpinfo();
It includes a listing of all variables passed to PHP from a form, in an easy-to-read format.