How to map post data to variables
handy.php
if($this->input->method() === 'post') {
$obj = json_decode($this->input->raw_input_stream);
print_r($this->input->raw_input_stream);
print_r($obj);
$name = $obj->name;
$mobile = $obj->mobile;
$state = $obj->state;
}
My postman response is
In codeigniter If you are sending xyz = 'some_value' using post you can set that POST value in variable as
$xyz = $this->input->post('xyz');
Your code should look like:
if($this->input->post()) {
$name = $this->input->post('name');
$mobile = $this->input->post('mobile');
$state = $this->input->post('state');
}
Assuming that you have sent some data for name, mobile and state. You can clear notices at your own.
Related
I am trying to create a session for each field of a form so that I can call it back in on the additional information form on the next page.
<?php
session_start(); // starting the session
if (isset($_POST['Submit'])) {
$_SESSION['breakdowndate'] = $_POST['breakdowndate'];
$_SESSION['policyinception'] = $_POST['policyinception'];
$_SESSION['customername'] = $_GET['customername'];
$_SESSION['customersurname'] = $_GET['customersurname'];
$_SESSION['covertype'] = $_POST['covertype'];
$_SESSION['vehiclemake'] = $_POST['vehiclemake'];
$_SESSION['vehiclemodel'] = $_POST['vehiclemodel'];
$_SESSION['vehiclereg'] = $_POST['vehiclereg'];
$_SESSION['vehicleage'] = $_POST['vehicleage'];
$_SESSION['excess'] = $_POST['excess'];
$_SESSION['mileage'] = $_POST['mileage'];
$_SESSION['paid'] = $_POST['paid'];
$_SESSION['HSRS'] = $_POST['HSRS'];
$_SESSION['fault'] = $_POST['fault'];
$_SESSION['garage'] = $_POST['garage'];
$_SESSION['telephone'] = $_POST['telephone'];
}
?>
Using some code and after a few modifications I have the code above trying to store data that has been submitted in the form..
How can I improve this code to make it work?
If it is not working, try debugging.
If it is saving the POST, then there is not much left to do.
Set session.cookie.secure to true. You may want to set session.cookie_lifetime.
As far as security, consider if you have something worth protecting. Does it matter if someone gets a visitor's session cookie? If not, forget it.
session_set_cookie_params(0, '/', '', true, false);
session_start();
error_reporting(E_ALL); // debug
if (isset($_POST['Submit'])) {
$_SESSION['breakdowndate'] = $_POST['breakdowndate'];
$_SESSION['policyinception'] = $_POST['policyinception'];
$_SESSION['customername'] = $_GET['customername'];
$_SESSION['customersurname'] = $_GET['customersurname'];
$_SESSION['covertype'] = $_POST['covertype'];
$_SESSION['vehiclemake'] = $_POST['vehiclemake'];
$_SESSION['vehiclemodel'] = $_POST['vehiclemodel'];
$_SESSION['vehiclereg'] = $_POST['vehiclereg'];
$_SESSION['vehicleage'] = $_POST['vehicleage'];
$_SESSION['excess'] = $_POST['excess'];
$_SESSION['mileage'] = $_POST['mileage'];
$_SESSION['paid'] = $_POST['paid'];
$_SESSION['HSRS'] = $_POST['HSRS'];
$_SESSION['fault'] = $_POST['fault'];
$_SESSION['garage'] = $_POST['garage'];
$_SESSION['telephone'] = $_POST['telephone'];
} else {
echo '<h3>Session Not Saved</h3>';
}
echo htmlentities(var_export($_REQUEST, true)); // debug
echo htmlentities(var_export($_SESSION, true)); // debug
DEBUG
It should work - if not, test and debug.
Show all Warnings.
Check $_SESSION after setting.
Check Request.
$_REQUEST includes $_COOKIE which should contain a SESSION cookie.
We need to regenerate id. Try this. (Sorry for bad english)
<?php
session_start(); // starting the session
if (isset($_POST['Submit'])) {
session_regenerate_id();
$_SESSION['breakdowndate'] = $_POST['breakdowndate'];
$_SESSION['policyinception'] = $_POST['policyinception'];
$_SESSION['customername'] = $_GET['customername'];
$_SESSION['customersurname'] = $_GET['customersurname'];
$_SESSION['covertype'] = $_POST['covertype'];
$_SESSION['vehiclemake'] = $_POST['vehiclemake'];
$_SESSION['vehiclemodel'] = $_POST['vehiclemodel'];
$_SESSION['vehiclereg'] = $_POST['vehiclereg'];
$_SESSION['vehicleage'] = $_POST['vehicleage'];
$_SESSION['excess'] = $_POST['excess'];
$_SESSION['mileage'] = $_POST['mileage'];
$_SESSION['paid'] = $_POST['paid'];
$_SESSION['HSRS'] = $_POST['HSRS'];
$_SESSION['fault'] = $_POST['fault'];
$_SESSION['garage'] = $_POST['garage'];
$_SESSION['telephone'] = $_POST['telephone'];
session_write_close();
}
?>
Store your variables in an array and loop as shown below. You can use session_start(); on your next page and access them:
<?php
session_start(); // starting the session
$sessionItems = array('breakdowndate','policyinception','customername'...'telephone');
if (isset($_POST['Submit'])) {
foreach($sessionItems as $item) {
$_SESSION[$item] = $_POST[$item];
}
}
?>
Back story: Basically I'm trying to make a BTC api & to do this I need to basically use the ($custom inside of it) as i need to parse the variable $_SESSION['username'] onto my callback file to validate the user. I'm truly stuck here.
function getAddress($address, $callback, $_SESSION["username"], $secret)
{
$username = $_SESSION['username'];
$root_url = 'https://blockchain.info/api/receive';
$parameters = 'method=create&address=' . $address .'&callback='. urlencode($callback);
$callback = $callback.'?custom='.$username.'&secret='.$secret;
$response = file_get_contents($root_url . '?' . $parameters);
$object = json_decode($response);
return $object->input_address;
}
I know that I can't just put the variable $_SESSION['username'] there however, I'm not 100% sure how to do this: callback file:
$confirmation_level = 4;
$real_secret = 'ZzsMLGKe162CfA5EcG6j'; //Your Secret Key
$address = 'address'; //Your Bitcoin Address
$username = $_GET['custom'];
$input_address = $_GET['input_address'];
$transaction_hash = $_GET['transaction_hash'];
$input_transaction_hash = $_GET['input_transaction_hash'];
$value_in_satoshi = $_GET['value'];
$value_in_btc = $value_in_satoshi / 100000000;
//skipping to validate part
$btcpaidupdate = $odb ->prepare("UPDATE `users` SET paid=1 WHERE `username` = '$username'");
$btcpaidupdate ->execute();
So as you can see I'm completely stuck on how to parse the actual variable onto the callback api file.
I am using a single page submission form to create and also edit a record. It creates the record fine and will populate the form and update it if I define the record id myself.
It will not update if I try and pull in the $_GET value.
Here is what I have:
if(isset($_GET['id'])) {
$id = $_GET['id'];
$guests = Guest::find_by_id($id);
}
$message = "";
if(isset($_POST['submit'])) {
$guest = new Guest();
if (isset($_GET['id'])) {
$guest->id = $id;
}
$guest->name = $_POST['guest_name'];
$guest->info = $_POST['guest_info'];
$guest->image_path = $_POST['guest_image_path'];
$guest->sc_player = $_POST['guest_sc_player'];
if($guest->update()) {
$message = "Uploaded successfully.";
} else {
$message = join("<br />", $guest->errors);
}
}
It works if I replace the second if statement with $guest->id = "14"
Where is your ID I can't see it anywhere, where is it set?
This starts when a user fills out a form with optional inputs. The values are passed by AJAX to another PHP page to insert into a database. If a particular input is empty, I don't want to update the data stored in the database. Is there a way to check, besides writing lots of if statements, to see if an input value is empty? If it is empty, how can I write the statement so MySQL won't update the corresponding field in the database?
if(isset($_POST['f_name']) && isset($_POST['m_name']) && isset($_POST['l_name']) && isset($_POST['alt_name'])){
$fname = $_POST['f_name'];
$mname = $_POST['m_name'];
$lname = $_POST['l_name'];
$altname = $_POST['alt_name'];
If some of the $_POST entries are empty, then they shouldn't be put into the database. I'm saying this because if there's already an existing value in the database, I don't want to overwrite the value with an empty one.
In this case you also don't allow people to enter just a blank space / &bnsp;
<?php
$empty = FALSE;
foreach ($_POST as $key)
{
if (!isset($key) || strlen(trim($key)) != 0)
{
$empty = TRUE;
}
}
if (!$empty)
{
$fname = $_POST['f_name'];
$mname = $_POST['m_name'];
$lname = $_POST['l_name'];
$altname = $_POST['alt_name'];
}
?>
well...you could use foreach to check all the values.
$empty = FALSE;
foreach ($_POST as $key) {
if (!isset($key)) {
$empty = TRUE;
break;
}
}
if (!$empty) {
$fname = $_POST['f_name'];
$mname = $_POST['m_name'];
$lname = $_POST['l_name'];
$altname = $_POST['alt_name'];
}
I usually use shorthand if statments (also known as the ternary operator) to do something like this. You might be able to write your SQL query something like this:
$query = "UPDATE my_table SET f_name = ".(!empty($fname) ? "'$fname'" : 'f_name').", m_name = ".(!empty($mname) ? "'$mname'" : 'm_name').", ";
//etc.. etc..
I have attempted to use $_SESSION in a form input I am creating however I cannot get it to work and do not know what I am doing wrong, it works with my previous part of the form when carrying data over to the next page - however the code does not seem to work for the main part of the form.
<?php
//This includes the variables, adjusted within the 'config.php file' and the functions from the 'functions.php' - the config variables are adjusted prior to anything else.
require('configs/config.php');
require('configs/functions.php');
//Check to see if the form has been submited, if it has we continue with the script.
if(isset($_POST['confirmation']) && isset($_POST['name']) && isset($_POST['email']) && isset($_POST['address1']) && isset($_POST['city']) && isset($_POST['postcode']) and $_POST['confirmation']=='true')
{
//Slashes are removed, depending on whether magic_quotes_gpc is on.
if(get_magic_quotes_gpc())
{
$_POST['name'] = stripslashes($_POST['name']);
$_POST['email'] = stripslashes($_POST['email']);
$_POST['address1'] = stripslashes($_POST['address1']);
$_POST['address2'] = stripslashes($_POST['address2']);
$_POST['city'] = stripslashes($_POST['city']);
$_POST['postcode'] = stripslashes($_POST['postcode']);
$_POST['phonenum'] = stripslashes($_POST['phonenum']);
}
//Create the future reference number of the repair.
$maxid = mysql_fetch_array(mysql_query('select max(id) as id from repairs'));
$id = intval($maxid['id'])+1;
//Create the future reference number of the repair.
$maxref = mysql_fetch_array(mysql_query('select max(reference) as reference from repairs'));
$reference = intval($maxref['reference'])+8;
//Here the session variables are converted back into standard variables.
$model = $_SESSION['model'];
$problem = $_SESSION['problem'];
$info = $_SESSION['info'];
$device = $_SESSION['device'];
$price = $_SESSION['price'];
$image = $_SESSION['image'];
//Here the variables are protected using mysql_real_escape_string.
$name = mysql_real_escape_string(substr($_POST['name'],0,150));
$email = mysql_real_escape_string(substr($_POST['email'],0,255));
$address1 = mysql_real_escape_string(substr($_POST['address1'],0,255));
$address2 = mysql_real_escape_string(substr($_POST['address2'],0,255));
$city = mysql_real_escape_string(substr($_POST['city'],0,100));
$postcode = mysql_real_escape_string(substr($_POST['postcode'],0,9));
$phonenum = mysql_real_escape_string(substr($_POST['phonenum'],0,11));
$date = date("r");
//Here the variables are protected using trim.
$name = trim($name);
$email = trim($email);
$address1 = trim($address1);
$address2 = trim($address2);
$city = trim($city);
$postcode = trim($postcode);
$phonenum = trim($phonenum);
//Here the variables are protected using htmlspecialchars.
$name = htmlspecialchars($name);
$email = htmlspecialchars($email);
$address1 = htmlspecialchars($address1);
$address2 = htmlspecialchars($address2);
$city = htmlspecialchars($city);
$postcode = htmlspecialchars($postcode);
$phonenum = htmlspecialchars($phonenum);
//Here the variables are protected using strip_tags.
$name = strip_tags($name);
$email = strip_tags($email);
$address1 = strip_tags($address1);
$address2 = strip_tags($address2);
$city = strip_tags($city);
$postcode = strip_tags($postcode);
$phonenum = strip_tags($phonenum);
//The details about the repair are entered into the database
$query = mysql_query("insert into repairs (id, model, problem, info, name, email, address1, address2, city, postcode, phonenum, price, date, reference) values ('$id', '$model', '$problem', '$info', '$name', '$email', '$address1', '$address2', '$city', '$postcode', '$phonenum', '$price', '$date', '$reference')") or die(header('Location: 404.php'));
?>
Some HTML is here.
<?
}
else {
header('Location: 404.php');
}
?>
Can anyone help me to get this to work?
You have to initiate your session in the beginning of your script with session_start()
set your error logging to the most verbose level. If your Paste is exact, you have some spaces in the beginning which cause, that you cant send headers anymore and so you cant initiate the session.