I'm trying to build email subscribtion form but it don't work for me. After click it redirects to next page but there is no data input in database. Also also it redirects after "Continue" even inputs values is blank.
Form in HTML:
<form action="https://www.next-page.com" method="post">
<input type="text" name="name" placeholder="Your name" id="name"/>
<input type="text" name="email" placeholder="E-mail" id="email"/>
<label for="tac">
<input type="checkbox" id="tac"/>
<span class="concheck">I have read and agree to the <a class="tac">terms and conditions</a></span>
<span class="please">Please, agree our terms and conditions</span>
</label>
<button class="continue" type="submit" name="submit"><span>+</span> Continue</button>
<button class="carga"><img src="img/loading.gif"/></button>
</form>
PHP in HTML:
<?php
require_once "db.php";
if(isset($_REQUEST['submit']))
{
mysqli_query($con, "INSERT INTO database (name, email) VALUES ('".$_POST["name"]."', '".$_POST["email"]."')");
$_POST["name"];
$_POST["email"];
header("Location: https://www.next-page.com");
}
?>
DB.php
<?php
$con = mysqli_connect("localhost","username","password","databasename");
mysqli_set_charset($con,"utf8");
?>
If you have this two codes into one file for example like index.php then you should remove https://www.next-page.com from action
<form action="/" method="post">
I think it should work.
And also there should be
if(isset($_POST['submit']))
action should go for the PHP that will validate, so create a new PHP script that will validate it, insite put the method you want to use $_GET, or $_POST if this don't work, please use PHP + name.php on CMD/terminal and post the error here, if you trying to do this in the same page, you have to use .php on the file, and also remove the action from it.
Related
Currently, I have an index.php file with a form and a text input from the user as well as a submit button. When the submit button is pressed, the process.php file is supposed to get the data and echo it out. However, it just sends me to a blank page and does not echo anything out. I am well aware that I would need to style it the page, etc... But it just isn't echoing out at all. I am already connected to the mySQL DB with another php script and have tested that and it works fine so I know I am connected. What am i doing wrong?
index.php
<form action="process.php" form method="post" id="myForm">
<div class="col-xs-12 col-md-6">
<div class="input-group">
<span class="input-group-addon">
<input aria-label="..." type="checkbox" id="checkbox1">
</span>
<input aria-label="..." class="form-control" type="text" id="food1">
</div>
</div>
<input type="submit" value="Submit">
</form>
process.php
<?php
//Check whether the form has been submitted
if($_POST['submit'] == "Submit")
{
$varFood1 = $_POST['food1'];
$sql = "SELECT menu.dish FROM menu WHERE menu.description LIKE '%varFood1%'"; // sql query
$result = mysql_query($sql);
// Loop the recordset $result
// Each row will be made into an array ($row) using mysql_fetch_array
while($row = mysql_fetch_array($result)) {
echo "Items : {$row['dish']}\n";
}
}
?>
Use name attribute not id. <input aria-label="..." class="form-control" type="text" id="food1"> Try printting out the POST in the future.
<input aria-label="..." class="form-control" type="text" id="food1" name="food1">
Additional changes...
$varFood1 = mysql_real_escape_string($_POST['food1']);
$sql = "SELECT menu.dish FROM menu WHERE menu.description LIKE '%$varFood1%'";
without escaping you open yourself to injections. You should consider switching driver to mysqli or PDO as well.
The problem is that you are checking for $_POST['submit'], which the process.php file does not see, because it does not exist in the POST array. Solution: give your submit button a name, instead of this:
<input type="submit" value="Submit">,
which is what you have, do this:
<input type="submit" name="submit" value="Submit">
I have a form for asking information about courses , every course has it page, but the information page is one for all.
The form should be something like that:
<form action="#" method="POST">
<label for="name">Name</label>
<input name="name" type="text">
<label for="email">Email</label>
<input name="email" type="email">
<input type="hidden" id="code" value="<?php echo $course_code; ?>">
<input id="submit" type="submit" value="Invia" />
</form>
I wish to change the var $course code according to the referrer page. (With a $_GET var)
I tried "Shortcode Exec PHP" plugin to execute php in wp pages, but doesnt work.
When you POST the form, the variable won't be set in $_GET but in $_POST. It's either one or the other, so if you want to read the $_GET var, you must also use GET on the form, like this:
<form action="#" method="GET">
<label for="name">Name</label>
...
(this is what Fred commented on, but I couldn't expand upon that comment due to my low rep)
I was wrong to use "Shortcode Exec PHP" plugin.
I set a shortcode:
$course_name = $_GET['cn'];
$courses= array("courses1","courses2","couses3");
if (in_array($course_name, $courses)) {
echo $course_name:
}
and the in the wordpress page can be used the name of the shortcode
[couse_name]
Now its work!
You can just use $_REQUEST so it doesn't matter if its a POST or a GET from the form. But I wouldn't use GET from a form unless it was a search or something where the user could bookmark the url and see the result. Mostly use POST for all other instances.
HTML form...
<form method="post">
<label>Name<br>
<input type="text" name="name">
</label>
...
<input type="submit" value="Invia">
</form>
PHP page that handles the form...
<?php
// $_REQUEST will contain POST, GET & COOKIE
echo $_REQUEST['name'];
?>
I've created a members area where a user can update their bio. The problem is that the information the user submits isn't updating the rows in the database.
Member's Area
<body bgcolor="#E6E6FA">
<button>Log Out</button><br><br>
<input type="text" name="age"placeholder="Enter a your age."><br>
<input type="text" name="bio"placeholder="Enter your bio.">
<input type="submit" name="submit" value="Submit your details!">
PHP
<?php
if(isset($_POST['submit'])){
$con=mysql_connect("localhost","root","****","****");
// Check connection
if (mysql_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$age = mysql_real_escape_string($_POST['age']);
$bio = mysql_real_escape_string($_POST['bio']);
$name = mysql_real_escape_string($_SESSION['username']);
mysql_query($con,"UPDATE accs SET age='.$age.' WHERE name='.$name.'");
mysql_query($con,"UPDATE accs SET bio='.$bio.' WHERE name='.$name.'");
mysql_close($con);
};
?>
</body></html>
Any Ideas as to what is wrong here?
in your HTML page, the form should be inside the <form></form> tags
<form method="post" action="update.php">
<input type="text" name="age" placeholder="Enter a your age.">
<br>
<input type="text" name="bio" placeholder="Enter your bio.">
<input type="submit" name="submit" value="Submit your details!">
</form>
In your PHP page - to check the results, you can temporarily echo $age; echo $bio;
As you are using $_SESSION['username']; I think you are missing session_start(); to the top of your PHP code.
Also mysql_query only needs the SQL command, and not the connection ($con), that is mysqli, which is strongly advised to use instead of mysql_*.
As a side note, don't rely on user names in your database as the update criteria. If not already introduced, you can add an ID column to your table
a) create a proper submit form. use form tags around your form fields.
b) check, that the form is correctly submitted, by checking the $_POST array.
var_dump($_POST);
c) check, that you have values for the fields that you want to insert.
do a var_dump() before mysql_query(), to see what's going on.
var_dump($age, $bio, $name);
d) combine your two query calls into one:
mysql_query($con, "UPDATE accs SET age='.$age.', bio='.$bio.' WHERE name='.$name.'");
If you want to use the page it self to process your request, then empty the action property of your form. For example :
<form method="post" action="">
<input type="text" name="age"placeholder="Enter a your age."><br>
<input type="text" name="bio"placeholder="Enter your bio.">
<input type="submit" name="submit" value="Submit your details!">
</form>
So I'm trying to create this form and every time I try to create a dummy user it creates an empy one in the database.
Here's the php code create.php:
<?php
session_start();
include ('connection.php');
$username = $_POST['usernamesignup'];
$email = $_POST['emailsignup'];
$password = $_POST['passwordsignup'];
mysql_query("INSERT INTO users (usernamesignup, passwordsignup, emailsignup)
VALUES ('$username', '$password', '$email')")or die (mysql_error());
header('Location: login.html');
mysql_close($db);
?>
And here's the part of the form Login.html:
<form action="create.php" autocomplete="on">
<h1> Sign up </h1>
<p><label for="usernamesignup" class="uname" data-icon="u">Your username</label>
<input id="usernamesignup" name="usernamesignup" required="required" type="text" placeholder="mysuperusername690" /></p>
<p><label for="emailsignup" class="youmail" data-icon="e" > Your email</label>
<input id="emailsignup" name="emailsignup" required="required" type="email" placeholder="mysupermail#mail.com"/></p>
<p><label for="passwordsignup" class="youpasswd" data-icon="p">Your password </label>
<input id="passwordsignup" name="passwordsignup" required="required" type="password" placeholder="eg. X8df!90EO"/></p>
<p><label for="passwordsignup_confirm" class="youpasswd" data-icon="p">Please confirm your password </label>
<input id="passwordsignup_confirm" name="passwordsignup_confirm" required="required" type="password" placeholder="eg. X8df!90EO"/></p>
<p class="signin button"><input type="submit" value="Sign up"/></p>
<p class="change_link">Already a member? Go and log in </p>
</form>
Any help would be greatly appreciated.
EDIT: The adding of method:"post" did the trick. Thank you very much to all of you for your fast response and the very valid advises on security and on how I should change to a more current form instead of what I used here.
You need to specify the form method to POST in your case. Try
<form action="create.php" autocomplete="on" method="POST">
You have to check if the values sent by your form are not null or with an empty string. And please be very careful your code is vulnerable to sql injections and hash your password in sha512 or something like that.
have a look to this function : http://php.net/manual/en/function.empty.php
and try to add this in your form :
<form action="create.php" autocomplete="on" method="post">
try adding this to your form tag
method='post'
Default method for form is GET, and you're trying to get your values from POST, so they're empty...
You should do:
$password = $_GET['password'];
// etc.
Or, if you don't know:
$password = $_REQUEST['password'];
// etc.
I recommend you to use a mysqli class. I've used this one myself in smaller projects: https://github.com/ajillion/PHP-MySQLi-Database-Class
You're missing "form validation" in your code. This prevents empty and malicious form submits if you integrate validation properly into your forms and backend code
A simple example of how to make sure data was entered in the specific fields, try this:
<?php
if (empty($_POST['usernamesignup']), empty($_POST['...']))
{
echo 'Not all required data was submitted';
}
else
{
// Process the form, all data was received
}
4. Have you considered using a php framework? Try something like Codeigniter or Laravel if you want something more advanced and usable.
Please consider including <form action="create.php" autocomplete="on" method="POST">
Please I beg you, Don't store raw password in database just use an encryption method.
And use PDO instead of mysql_*
see here: http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/
I have a form field:
<input type="text" value="" name="Email" id="Email">
and my form action confirmation url is this:
http://.../index.php?Email=<?php echo $_POST['Email']; ?>
However after submitting, the Email parameter is not coming through. Is this something that can be done in PHP, or does it only read the field on initial page load?
Thanks
Your issue is that you are mixing $_GET and $_POST.
See your code here, http://.../index.php?Email=<?php echo $_POST['Email']; ?>, when you post to that one, there will no longer be a $_POST['Email'], but a $_GET['Email']. So the first post will likely work (if you are using <form method="post" action="...">), but the second submit will fail, as $_POST['Email'] no longer exists.
So I recommend that you don't use parameters in the action. Instead, put them in a hidden field or switch to only $_GET parameters.
Option 1, use hidden field
Change the form on your second page to:
<form action="http://.../index.php" method="POST">
<input type="hidden" name="Email" id="Email" value="<?php echo $_POST['Email'];?>" />
...
</form>
Option 2, use only $_GET
Change the form on your first page to <form ... method="GET">
And then change the form on the second page to use $_GET['Email'] and the method to GET.
<form action="http://.../index.php??Email=<?php echo $_GET['Email'];?>" method="GET">
...
</form>
Option 3, Use $_REQUEST instead of $_POST
Simply use http://.../index.php?Email=<?php echo $_REQUEST['Email']; ?> as your action url, as $_REQUEST is a merge of $_GET and $_POST. Be aware that this is a merge of $_GET, $_POST and $_COOKIE.
It depends on the your FORM method
Your form should be
<form method='post' action='http://.../index.php'>
<input type="text" value="" name="Email" id="Email">
<input type='submit' value='Post data'>
</form>
and to access email in index.php you can write code as below
<?php
$emailValue = $_POST["Email"];
//Use variable for further processing
?>
if your form is as below (please check that method is get
<form method='get' action='http://.../index.php'>
<input type="text" value="" name="Email" id="Email">
<input type='submit' value='Post data'>
</form>
and to access email in index.php you can write code as below
<?php
$emailValue = $_GET["Email"];
//Use variable for further processing
?>
You don't need to define the structure of the GET request; that's what the form does.
For instance:
<form action="workerbee.php" method="GET">
<input type="text" name="honey_type" value="sweet" />
</form>
...when submitted, would automatically append the field - honey_type - to the URL for you. It would end up like this:
http://example.com/workerbee.php?honey_type=sweet
You can then access the value via $_GET['honey_type'] in workerbee.php. To pre-fill the form with the existing submitted value - assuming that workerbee.php holds the form - just add a conditional value parameter:
<?php
$honey_type = !empty($_GET['honey_type']) ? $_GET['honey_type'] : null;
?>
<input type="text" name="honey_type" value="'<?php echo htmlspecialchars($honey_type); ?>'" />
If you're trying to use data from your current form, your form tag should read as follows:
<form action="http://.../index.php" method="GET">
If you're trying to pass data your server already has (such as from a previous form), then you should use a hidden field instead:
<input name="email" type="hidden" value="<?php echo $_POST['Email']; ?>">