Hi I am in New In Php.
I am asking why we are using hidden text box and given value =1.
<input type="text" name="form_submitted" value="1"/>
<html>
<head>
<title>Registration Form</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<?php if (isset($_POST['form_submitted'])): ?>
<?php if (!isset($_POST['agree'])): ?>
<p>You have not accepted our terms of service</p>
<?php else: ?>
<h2>Thank You <?php echo $_POST['firstname']; ?></h2>
<p>You have been registered as <?php echo $_POST['firstname'] . ' ' . $_POST['lastname']; ?> </p>
<p> Go <a href="sample.php" >back</a> to the form</p>
<?php endif; ?>
<?php else: ?>
<h2>Registration Form</h2>
<form action="sample.php" method="POST">
First name: <input type="text" name="firstname"><br>
Last name: <input type="text" name="lastname"><br>
Agree to Terms of Service: <input type="checkbox" name="agree"> <br>
**<input type="hidden" name="form_submitted" value="1"/>**
<input type="submit" value="Submit">
</form>
<?php endif; ?>
</body>
</html>
In this case, the reason the developer have done this, is because it is used in the first IF-statement.
if (isset($_POST['form_submitted'])):
When the form is submitted, it is sent to the same file. When a form is submitted, the form values is accessible via the $_POST paremeter in php. So if $_POST['form_submitted'] is set, then he executes the following code, and if not, the code inside else: is executed
I also have to say that this code is not a good example of how to handle form submissions, and should be improved.
Developers using <input type="hidden" name="form_submitted" value=""> because sometimes they use it as reference for the form submission. They can use it for conditions or whatever functionality they want to use with the hidden input.
Instead of showing the exact input (input text), they're hiding it for more cleaner form.
Related
Thanks in advance for your help. I've searched a lot before posting this but I end up more confused than when I started :)
I'm trying to have one page contain the form fields and after pressing submit, the resulting story with user's form field entries inserted into the story.
It would be great to have the text from the form fields remain so that the user doesn't need to retype everything if they need to change a word or two.
I really appreciate your help. Hopefully this will help many people at once.
<html>
<head>
<title>My MadLib</title>
</head>
<body>
<h1>MadLib</h1>
<?php if (isset($_POST['action']) && $_POST['action'] == "show"): ?>
<p>Hello, I am a <?php echo $_POST['adj'] ?> computer that owns a <?php echo $_POST['noun'] ?>.</p>
<?php else : ?>
<form action="madlib.php" method="post">
<input type="hidden" name="action" value="show">
<p>An adjective: <input type="text" name="adj"></p>
**strong text** <p>A noun: <input type="text" name="noun"></p>
<p><input type="submit" value="Go!"></p>
</form>
<?php endif ?>
</body>
</html>
As you said you don't want to "keep it simple", you may simply add the needed value attribute to each of your <input>s, like this:
<html>
<head>
<title>My MadLib</title>
</head>
<body>
<h1>MadLib</h1>
<?php
if (isset($_POST['action']) && $_POST['action'] == "show") {
?>
<p>Hello, I am a <?php echo #$_POST['adj']; ?> computer that owns a <?php echo #$_POST['noun']; ?>.</p>
<?php
} else {
?>
<form action="madlib.php" method="post">
<input type="hidden" name="action" value="show">
<p>An adjective: <input type="text" name="adj" value="<?php echo #$_POST['adj']"; ?> /></p>
**strong text**
<p>A noun: <input type="text" name="noun" value="<?php echo #$_POST['noun']"; ?> /></p>
<p><input type="submit" value="Go!"></p>
</form>
<?php
}
?>
</body>
</html>
Note the (sometimes unloved) "#" to prevent firing a notice when $_POST['...'] doesn't exist yet. I also added the same in your <p>Hello... line.
I have been trying to create a form that reads a post from an HTML form and displays an element from that post IF it detects that the post exists.
However, each time the post is submitted, it simply reloads the form as though no post were provided.
<!DOCTYPE html>
<html>
<head>
<title>Upload from Manifest</title>
</head>
<body>
<?php
if (isset($_POST['manifest'])) {
echo 'we are in the IF';
echo($_POST['manifest']);
}
?>
<h1>Submission from manifest into main db</h1>
<div class="container offset-top120">
<form method="post" action="https://nhsggc.cogiva.com/prism/loadFromManifest.php" enctype="multipart/form-data">
<input id="manifest" type="text" />
<input id="submit" value="Submit" type = "submit" />
</form>
</div>
</body>
</html>
Your form is going to either a different page (https://nhsggc.cogiva.com/prism/loadFromManifest.php so check for that first) if you wanted it to go to same page, you can give the action as just '#', or put in the whole URL like you have.
You're missing the name attribute from your submit input and text input. Read up on the name attribute!
<input id="manifest" type="text" name="manifest">
<input id="submit" value="Submit" type="submit" name='submit' />
Then your PHP should look like this:
<?php
if (isset($_POST['submit'])) {
echo 'Inside an if';
echo $_POST['manifest'];
}
Then it should work.
when the user input a name to a form. how to display the name to another webpage?
so i have 2 webpage here it is
webpage 1:
<html>
<body>
<form action="lol.php" method="post" <div id="name">
<label for="txtname">name: </label> <br/>
<input type="text" name="txtname" value="" /> </div>
</html>
webpage 2 :
<html>
<body>
<p> echo 'welcome! $_POST
</html>
huhuhu so whats next ? :( im kinda new to php please be gentle guys tnx
As an addition to the already existing answers: One very important thing to keep in mind is protection against Cross Site Scripting attacks. You must assume "All Input Is Evil!". Users might not only enter their name or something like that but also JavaScripts (XSS or even persistent XSS, if you save the inputs) or parts of SQL querys to perform an SQL injection.
Let's say your script accepts a variable called txtname from GET or POST (this is what $_REQUEST means). And you have this code:
<?php echo "Welcome!" .$_REQUEST['txtname']; ?>
One could build a link like this:
http://yourhost/yourscript.php?txtname=<script%20type="text/javascript">alert("This%20might%20also%20be%20an%20evil%20script!");</script>
Then one uses a URL shortening service to build a harmless looking link redirecting to the attacker's URL above, e.g.
http://short.xy/dfudf7
which will redirect the user to the evil JavaScript link above. Then your website will execute any JavaScript or embedd evil iframes or whatever an attacker wants. Your users / customers will only see your website in the address bar and will think all that comes from you although a hacker added malicious parts to the site they view.
Therefore, whenever you output something that comes directly or indirectly from a user input (regardless whether read by $_REQUEST or fetched from a database), you have to make sure, HTML special chars like < and > don't work any more! php offers the function htmlspecialchars to escape these dangerous characters. Then they are displayed just as text and do not function as HTML/JavaScript.
By the way, this is not a protection against SQL injections. If you plan to use a database later, you will also have to look for that. Also in this area there are functions to "demine" a user input before passing it to a database.
You are missing to close <form> tag, missing to add submit button, I have fixed your form and it should be like...
webpage.html
<form action="lol.php" method="post">
<div id="name">
<label for="txtname">name: </label> <br/>
<input type="text" name="txtname" value="" />
<input type="submit">
</div>
</form>
lol.php
<?php echo "Welcome!" .$_POST['txtname']; ?>
NOTE
You can also use $_REQUEST to print name..
<?php echo "Welcome!" .$_REQUEST['txtname']; ?>
Page : 1
<html>
<body>
<form action="lol.php" method="post" <div id="name">
<label for="txtname">name: </label> <br/>
<input type="text" name="txtname" value="" /> </div></form>
</html>
Page : 2
<?php
echo "Welcome ".$_POST['txtname'];
?>
You are missing to close <form> tag, missing to add submit button
webpage.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>webpage</title>
</head>
<body>
<form action="lol.php" method="post" name="form" id="form">
<div id="name">
<label for="txtname">name: </label>
<br/>
<input type="text" name="txtname" id="txtname" />
<input type="submit" name="submit" id="submit" value="Submit">
</div>
</form>
</body>
</html>
lol.php
<?php
if((isset($_REQUEST['submit']) && trim($_REQUEST['submit']) =='Submit'))
{
$txtname = addslashes(trim($_REQUEST['txtname']));
echo "Welcome ".$txtname;
}
?>
I have a simple task , and i'm using a MVC methods and CI framework for this task.
I have made a view to input data to database, and it's work, and i make a 2 anchors, those are an [Update] and [Delete], the function delete is working, but the update isn't working.
After user click anchor [Update], it will linked to another view(update_view), and i want to show the content which i've clicked in the (update_view). and i think it use a set_value to set a second parameter, to show a value in my update_view.
This is my code in a view(update_view)
<!-- update_view.php -->
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<h2>Update</h2>
<?php echo form_open('site/update'); ?>
<p>
<label>Judul : </label>
<input type="text" name="judul" id="judul" value="<?php echo set_value('judul','??')?>"/>
</p>
<p>
<label>Konten : </label>
<input type="text" name="konten" id="konten" size="100px" value="<?php echo set_value('konten','??')?>"/>
</p>
<p><input type="submit" value="Ubah" /></p>
<?php echo form_close(); ?>
</body>
</html>
What should i put in input tag in value attributes, i want to show a value in input fields (judul, konten) from page before where i clicked the anchors.
I still can't show a image for a view before click, because i'm still don't have 10 rep to share images. so i'will show the coding where the view(options_view) i've clicked the anchors.
This below is the code in a view(options_view) :
<!-- options_view.php -->
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<h2>Create</h2>
<?php echo form_open('site/create'); ?>
<p>
<label>Judul : </label>
<input type="text" name="judul" id="judul" />
</p>
<p>
<label>Konten : </label>
<input type="text" name="konten" id="konten" size="100px"/>
</p>
<p><input type="submit" value="Simpan" /></p>
<?php echo form_close(); ?>
<hr/>
<h2>Read</h2>
<?php if(isset($records)): foreach($records as $baris) : ?>
<h3><?php echo $baris->judul ?></h3>
<div><?php echo $baris->konten ?></div>
<?php echo anchor("site/view_update/$baris->id","[Update]"); ?>
<?php echo anchor("site/delete/$baris->id","[Delete]"); ?>
<?php endforeach; ?>
<?php else : ?>
<h3>Tidak ada data.</h3>
<?php endif; ?>
</body>
</html>
i'm still doubt, whether i should add code in my controller or my view(set_value).
So anyone can help me to solve this problem.
Thank's for help
set_value is codeigniter form_helper function. That helps u to print previous input value when form_validation fails.
In your case if u want to show your data u need to pass data to the view in controller.
E.G:
Controller:
$data["me"] = $this->model->getData($id);
$this->load->view("update_view",$data);
View:
<input type="text" name="judul" id="judul" value="<?php echo $me->judul;?>"/>
In one form, I ask a user for his name, I use POST and send the user to FormTwo.php and save the $_POST["name"] to the session.
In the second for I ask for his lastname and do the same and send him to the registerComplete.php page.
I'm trying to echo all the information he wrote, which by my understand should be accesible through the $_SESSION array, right?
What am I doing wrong? :)
RegisterFormOne.php:
<?php session_start(); ?>
<html>
<head>
<title>Registration Form - 1 of 2</title>
</head>
<body>
<h1>Registration - Part 1 of 2</h1>
<p>Please fill in all the required information before submitting the information.</p>
<form action="registerFormTwo.php" method="post">
<dt>First Name:</dt>
<dd><input type="text" name="firstName" /></dd><br />
<dt>Last Name:</dt>
<dd><input type="text" name="lastName" /></dd><br />
<dt>Age:</dt>
<dd><input type="text" name="age" /></dd><br />
<dt>Date of Birth:</dt>
<dd><input type="text" name="dateOfBirth" /></dd><br />
<dt>Gender:</dt>
<dd>Masculino <input type="radio" value="M" name="gender" checked/>
Femenino <input type="radio" value="F" name="gender" />
</dd>
<dt><input type="submit" /></dt>
</form>
</body>
</html>
RegisterFormTwo.php
<?php
if ($_POST){
$_SESSION["firstName"] = $_POST["firstName"];
$_SESSION["lastName"] = $_POST["lastName"];
$_SESSION["age"] = $_POST["age"];
$_SESSION["dateOfBirth"] = $_POST["dateOfBirth"];
$_SESSION["gender"] = $_POST["gender"];
}
?>
<html>
<head>
<title>Registration Form - 2 of 2</title>
</head>
<body>
<h1>Registration - Part 2 of 2</h1>
<p>Please fill in all the required information before submitting the information.</p>
<form action="registerFinish.php" method="post">
<dt>Nationality:</dt>
<dd><input type="text" name="nationality" /></dd><br />
<dt>Profession:</dt>
<dd>
<select name="profession">
<option value="sistemas" selected="selected">Ing. Sistemas</option>
<option value="electrico">Ing. Electrico</option>
<option value="marketing">Marketing y Publicidad</option>
<option value="comercio">Comercio</option>
</select>
</dd><br />
<input type="submit" />
</form>
</body>
</html>
registerFinish.php
<?php
if ($_POST){
$_SESSION["nationality"] = $_POST["nationality"];
$_SESSION["profession"] = $_POST["profession"];
}
?>
<html>
<head>
<title>Registration Complete</title>
</head>
<body>
<h1>Thank you for taking the census.</h1>
<p>Please take a moment to review your inputted information and confirm when you feel everthing is OK.</p>
<ul>
<li><?php /*This should echo his first name, but nothing shows. */ echo $_SESSION["firstName"]; ?></li>
</ul>
</body>
</html>
You miss session_start(); at the beginning of other 2 files.
The session must be started, using session_start(), for each execute of a script in which you want to use $_SESSION.
Here, you have 3 distinct scripts, that are executed via 3 distinct HTTP requests...
Which means session_start() should be called at the beginning of the 3 scripts -- and not only the first one.
As a reference, you can take a look at the Session Handling section of the manual.
RegisterFormTwo.php and registerFinish.php need session_start(); at the start of the file.
You must use session_start() before accession the $_SESSION variable ^^
In addition to your question, it would be easier if you do the following. Please note I intentionally put the form within an array within session because it's being automatically populated and a new form submission will flush the values (which you want).
$_SESSION['form'] = array(); // flushes all the stored form collection in session
foreach ( $_POST as $key => $value )
{
$_SESSION['form'][$key] = $value;
}
// now you can access your form's "name" field via $_SESSION['form']['name']
session_start();
does not clear your session data. Session data will only be cleared when you
session_unset();
session_destroy();
or for individual session var
unset( $_SESSION[ 'yoursessionvar' ] );