I am sending 2 variables from HTML form to php json decoding from api url but I got empty values.
<form action="2.php" method="post">
Word: <input type="text" name="q">
<input type="hidden" name="langpair" value="en|it">
<input type="submit">
</form>
to php file
$json = file_get_contents('https://api.mymemory.translated.net/get?q=<? echo $_POST["q"]; ?>;&langpair=<? echo $_POST["langpair"]; ?>');
$obj = json_decode($json);
echo $obj->responseData->translatedText;
I am getting empty page!
For security reasons, you should not pass the variables directly to the url, but if you want to do it should be like this:
$json = file_get_contents('https://api.mymemory.translated.net/get?q='.urlencode($_POST["q"]).'&langpair='.urlencode($_POST["langpair"]));
It is because of your URL! Change it for this :
file_get_contents('https://api.mymemory.translated.net/get?q=' . $_POST["q"]. '&langpair=' . $_POST["langpair"]);
Related
This could be a duplicate, but i couldn't find any one that helped.
I'm trying to pass an array of all the data to another page, throught the post method of a form. It looks like this:
<form method="post" action="../resource_load/export.php" target="_blank">
<input type="hidden" name="tipo" value="<?=$_GET['tipo']?>">
<input type='hidden' name='excel_array' value='<?php echo htmlentities(serialize($_SESSION['excel_array']))?>'>
<input type='submit' class='submit' id='btnExport' value='Export to Excel' />
So here i serialize the $_SESSION data. and this is what it looks like:
value="a:1:{s:12:"dpi_strategy";a:1:{s:5:"Plan1";a:1:{i:0;a:9:{i:0;s:3:"PCR";i:1;s:11:"Description";i:2;s:4:"Task";i:3;s:8:"Resource";i:4;s:13:"Baseline Plan";i:5;s:10:"Trend Date";i:6;s:4:"User";i:7;s:20:"Data Inicialização";i:8;s:6:"Status";}}}}
And here is where i unserialize:
$Excel_array = htmlentities(unserialize($_POST['excel_array']));
Yet, it returns null. Why is that?
If you do this, use htmlentities() to encode and html_entity_decode() to decode with raw values.
Secondly, I don't believe it is a good idea to output the data of serialize and unserialize user submitted data. The reason being is code injection that is a major security issue.
Instead, use json_encode() and json_decode().
Now because I see you have special chars in your array Data Inicialização you are indeed correct to convert those characters to another entity, but aslong if you have everything UTF-8 it will work.
<input type='hidden' name='excel_array' value='<?php echo json_encode($_SESSION['excel_array']) ?>'>
And:
# ../resource_load/export.php
var_dump(json_decode($_POST['excel_array']);
<?php
$temp = array();
$temp['aaa'] = "aaaaaaaaaaaaaaaaaaaaaaa";
$temp['bbb'] = "bbbbbbbbbbbbbbbbbbbbbbb";
$temp['ccc'] = "ccccccccccccccccccccccc";
$arr = array();
$arr['excel_array'] = $temp;
?>
<form method="post" action="">
<input type='hidden' name='excel_array' value='<?php echo htmlentities(serialize($arr['excel_array']))?>'>
<input type='submit' class='submit' id='btnExport' value='Export to Excel' />
</form>
<?php
if( isset($_POST['excel_array']) ) {
echo "<pre>";
$Excel_array = unserialize($_POST['excel_array']);
print_r($Excel_array);
}
?>
remove htmlentities from unserialize because you will unserialize an array and htmlentities use strings
Is it possible to pass an Object through a Hidden Field in an HTML Form using $_POST and retrieve that Object on the page that the form links to?
On the first page, I have a form like the one below:
<?php
session_start();
require_once '../Model/player.php'; // To Enable Creation of a New Player Object
$playerName = filter_input(INPUT_POST, 'playerName');
$playerNumber = 1;
$player = new player($playerName, $playerNumber);
if (isset($player))
{
echo '<p>Successfully created your player!</p><br>';
?>
<form class="viewStats" action="../View/displayPlayerStatsView.php" method="post">
<input type="hidden" name="playerObject" value="<?php echo $player; ?>">
<input type="submit" value="View Your Player's Stats">
</form>
<?php
}
?>
And on the second (receiving) page, I have code like the code below:
session_start();
require_once '../Model/player.php'; // To Use Player Object
$player = filter_input(INPUT_POST, 'playerObject'); // ERROR: Thinks the Player Object is a string.
My error seems to be that the receiving page that retrieves the 'playerObject' from the $_POST array is acting like the Object is a string.
Can anyone give me guidance on how to pass an Object from one page to another using the $_POST array? Is this even possible?
Thank you in advance.
UPDATE:
Based on suggestions to serialize the Object, I now am getting the following errors:
If I change my code on the first (sending) page to:
$playerSerial = serialize((object) $player);
<form class="viewStats" action="../View/displayPlayerStatsView.php" method="post">
<input type="hidden" name="playerObject" value="<?php echo $playerSerial; ?>">
<input type="submit" value="View Your Player's Stats">
</form>
and change the code on the second (receiving) page to:
$playerSerial = filter_input(INPUT_POST, 'playerObject');
print_r($playerSerial);
$player = unserialize($playerSerial);
then the output I get from print_r($playerSerial); is O:6:, which I know is incorrect since the object has properties holding a player's name, number, health, strength, etc.
The require_once '../Model/player.php'; code exists in both PHP files, and it comes right at the top of both before any other code is executed.
You have to make a few additions and corrections:
<?php
//... your previous code
$player = serialize($player);
?>
<form class="viewStats" action="../View/displayPlayerStatsView.php" method="post">
<input type="hidden" name="playerObject" value="<?php echo $player; ?>">
<input type="submit" value="View Your Player's Stats">
</form>
Use the serialize() function to create a string that can be passed to your other page which you can unserialize() as follows:
secondPage.php:
$player = $_POST['playerObject'];
$player = unserialize($player);
Also, you forgot to use echo here:
change
value="<?php $player ?>"
to
value="<?php echo $player; ?>"
Get yourself into serialization: the process of making a string from the object, which can in future be deserialized from the string back to object.
Some docs, which could be useful for you:
PHP - How object serialize/unserialize works?
http://php.net/manual/ru/oop4.serialization.php
http://www.phpinternalsbook.com/classes_objects/serialization.html
I know there are a few ways to pass a variable to another page for a form. But is there any secure way to pass the variable to another page?
POST
First form in the page
$firstName= 'Sarah';
$lastName = 'Lim';
$name = $firstName.' '.$lastName;
<form id="Staff" name="Staff" method="post" action="nextpage.php" enctype="multipart/form-data">
<input name="name" type="text" id="name" value="<?php echo $name?>"/>
<input type="submit" name="submit" value="Submit">
</form>
Passing variable to nextpage.php
$StudName = $_POST['name'];
$split = preg_split('/[ \.]/', $StudName);
echo $split[0].$split[1];
In this case, I must use session to pass the variable to nextpage.php. Is there any other more secured way or neater way? As if I have alot of fields in a form, there would be alot of "$_POST['...']" in my second page.
The only secure way I can think of is to use https, if you're looking for neater code you could do something like $p = $_POST; which will let you do echo $p['blah']; for example.
I can't set a variable from a post array.
I have a simple form with a hidden field in it:
<input name="sid" type="hidden" id="sid" value="<?=$sid?>">
This hidden field gets sent off to a second file (exec.php) where I have the following code:
$sid = $_POST['sid'];
For some reason, when trying to set $sid, it gets a NULL value. For haha's, I ran the following:
foreach($_POST as $var => $value)
{
echo $var . ' : ' . $value . "<br>";
}
This provided a correct value of 1938 for sid. I've looked at this for 3 hours and can't find what is happening. I expect something extremely stupid...any thoughts?
Here is the form on enter.php
<form name="form1" method="post" action="exec.php">
<input name="sid" type="hidden" id="sid" value="<? echo($sid); ?>">
<input name="ticket_totals" type="hidden" id="ticket_totals" value="<?=$ticket_totals?>">
<input name="emp" type="hidden" id="emp" value="<?=$emp?>">
<input name="submit" type="submit" id="submit" value="Submit">
<input type="submit" name="submit" id="submit" value="Close">
</form>
Here is the POST output on exec.php:
type : Other
ticket_totals : 0
emp : 105
sid : 1939
submit : Submit
Okay - this was poor syntax on my part but now I'm curious as to why.
I left out quotation marks - the solution is as simple as this:
$sid = $_POST["sid"]
Now it works like a champ.
Any takers on why? I'd guess there is a setting in the php.ini that requires the quotes. Strangely enough, I have other variables called from the POST array that i'm not using quotes for and they're working fine...
Use Console in FireBug to inspect the POST request to see what is the sid value that is being sent.
If the sid value in request is ok, use var_dump($_POST["sid"]); to see the results on the server.
EDIT: it's considered good PHP style to use the quotes when accessing the associative array because quote-less keys are indistinguishable from constants:
define('myVar',3);
echo $array[myVar]; // retrieves $array[3], not $array['myVar'];
Try to echo the $sid instead of the <?=:
// Change that
<input name="sid" type="hidden" id="sid" value="<?=$sid?>">
// With that
<input name="sid" type="hidden" id="sid" value="<?php echo $sid; ?>">
also for the test time try to change the input type from hidden to text in order to be 100% sure the $sid contains a value.
Using quotes for associative array keys is mandatory, and while it may work without them, it's incorrect and erratic behavior is expected.
I had this same problem, trying to use $_POST[sid] as a variable. I'm am thinking that "sid" is a reserved or restricted variable name, because I changed my variable to $_POST[snid] and it worked just fine. This was my code
$sid = $_POST[sid];
$recipient = "($sid) ($_POST[sid])";
if ($_POST[sid] > 0)
{
$recipient = "It Worked";
}
print $recipient;
When I posted "&sid=15", the result was:
() (15)
Unbelievable. Impossible, right? All I did was change from using "sid" as the index to "snid", and it worked no problem.
So, don't ever use $_POST[sid].
Using the following code I am attempting to:
Test to see if one of the dynamically assigned field names has been submitted;
Use the "Actionable Code" to process the submitted information.
My problem lies in I am incapable of retrieving the appropriate dynamic variable name. $this->get_field_name('email_to') will output a name variable such as widget-mywidget[3][email_to]; but to access this value via PHP I need it in the form of $_POST['widget-mywidget'][3]['email_to'].
How can I go about solving this dilemma?
OUTPUTTED HTML:
<form id="widget-mywidget-3-osiris_contact" method="post" action="">
<fieldset>
<input type="text" name="widget-mywidget[3][user_name]">
<input type="text" name="widget-mywidget[3][user_email]">
<textarea name="widget-mywidget[3][user_message]"></textarea>
</fieldset>
<fieldset>
<input type="hidden" name="widget-mywidget[3][email_to]" value="">
<input type="hidden" name="widget-mywidget[3][email_subject]" value="">
<button type="submit" name="widget-mywidget[3][email_send]">Send</button>
</fieldset>
</form>
PROCESSING PHP:
if(in_array($this->get_field_name('email_to'), $_POST)){ // <--- Where I need help.
// Actionable Code
}
This is what $this->get_field_name does:
function get_field_name($field_name) {
return 'widget-' . $this->id_base . '[' . $this->number . '][' . $field_name . ']';
}
I suggest that you print_r($_POST) and compare it visually for better debugging...
(Or use a debugger...)
$thing = "widget-mywidget[3][email_to]";
$exp = explode("[", $thing);
$get_it = $_POST['".$exp[0]."[".$exp[1]."[".$exp[2]."'];
Try, if it works.