Guys I have an external php file and its code is
session_start();
$_SESSION['test'] = $_POST['click'];
$query= "SELECT * FROM software where id='".$_SESSION['test']."' ";
$result=mysqli_query($con, $query);
$row=mysqli_fetch_array($result);`
on my index page I have
<form method="POST">
aaaa
<input name="click" type="submit" value="2">
</form>
<?php print_r($row);?>
and it works completely fine. But on another page of my site called exten.php I have
<?php print_r($row); ?>
which dosen't work if i direct user here onclick of link on second line of index
If your
<?php print_r($row);?>
is the only PHP code in your exten.php, it won't display anything because the $row variable that is set in your index page is not reachable.
If I get it well, you want to display the result of the click action on the button on a second page, named exten.php. If so, the action attribute on the form tag must be set.
<form action="exten.php" method="POST">
But if you want to display the value of what you have put in session (the variable test), the you have to start the session and then call your variable.
session_start();
echo $_SESSION['test'];
That is true for any pages.
Not sure why you put the value of a form input into session and then put this session variable in your query but in any case, you should sanitize your input values before using them in a SQL query. For example:
$test = filter_var($_SESSION['test'], FILTER_SANITIZE_STRING);
Related
I am currently attempting to create a simple test web page which takes in a user's input of their name through a form and then after the form is submitted, the page is refreshed and the page now ONLY displays "Hello NAME".
Now, after going to this specific URL, you are no longer able to enter the name again and you only see the "Hello NAME" phrase. Also, the page with the form and the final phrase must be reachable by the same URL - they must be the same page.
Any help would be greatly appreciated!
So from what I understand you want to get a value from $_GET or $_POST.
After it goes to the other url you can set the NAME set by the user on a $_SESSION variable, you just need to start the session at the start of the page session_start() and then add the name into the variable $_SESSION['name'] = $_POST['name'] or $_SESSION['name'] = $_GET['name']; depends on what you want to do or use. And don't forget about htmlentities() and strip_tags() to "sanitize" the variable or to make it more secure to use.
After that you should print something like
echo "Hello ". $_SESSION['name']; or anything like that.
Here's a very basic example of how to do that using a session and post/redirect/get.
<?php
session_start(); // be sure to start the session first
// **don't output anything before this**
// if the name has been added to the session, echo the hello message and exit the script
// (the form won't be displayed)
if (isset($_SESSION['name'])) {
echo 'Hello ' . $_SESSION['name'];
exit;
}
// if the name has been posted, save it to the session and redirect to the same page
// (the form won't be displayed)
if (isset($_POST['name'])) {
$_SESSION['name'] = $_POST['name'];
header('Location: ' . $_SERVER['REQUEST_URI']);
exit;
}
// If neither of those things are true, go ahead and show the form.
?>
<form method="post">
<input type="text" name="name">
<input type="submit" value="Submit">
</form>
Using PHP Sessions is one solution, and another one that you can use is using the GET Parameters.
<form action="page2.php" method="get">
<input type="text" name="user_name">
<button type="submit">Submit</button>
</form>
In the example above, what the form will do is submit the entered value (from the user_name input) to access it on page2.php file (this is the form action attribute).
In your page2.php file, you can access the value from the form by using
<?php
/** $_GET['user_name'] is the name of your input in the form */
echo "Hello " . $_GET['user_name'];
?>
NOTE: $_GET parameters is not recommended when accessing sensitive data, as this value is displayed and can be edited by the end-user in the URL.
So when the user clicks submit, I would like it to take the form inputs and permanently save them to a variable. I'm not to sure how this could be done, but I am aware of this method, but it doesn't save it permanently.
<?php
$test = %_POST["example"];
?>
<form action="#" method="post">
Example Input: <input type="text" name="example"><br>
<input type="submit" name="submit"><br>
</form>
I then put
<?php echo $test ?>
which displayed my variable value, but as soon as the page is refreshed it's gone because of POST. How can I do something similar but when the page is refreshed it's still there?
I am open to other alternatives.
The problem is that $_POST variable lives only "per request", as you have already seen yourself when refreshing the page.
You can however use sessions to keep the variable alive as long as the session lives. Or you save the data to a database and fetch the data again when requesting the page.
Regarding sessions, you would do that like this:
<?php
session_start();
if (isset($_POST['example'])) {
$test = $_POST["example"];
$_SESSION['formData'] = $test;
}
if (isset($_SESSION['formData'])) {
echo $_SESSION['formData'];
}
<?php
For more information and a simple tutorial see: http://www.w3schools.com/php/php_sessions.asp
I am new to php. How can I use session to remember my multiple form input like this:
In the first webpage, I can input for example a product name, when I click submit, the second page can tell me the product name I typed in. AND, if I go back to the first page again, and input another product name, and click submit, the second page can display the first product and the new product. If I input more product names continuously in this way, I can see all products listed in the second page.
How can I use session to do this?
First page (order.html):
<html><body>
<h4>Order Form</h4>
<form action="showorder.php" method="post">
Product name: <input name="prodname" type="text" />
<input type="submit" />
</form>
</body></html>
Second page (showorder.php):
<html><body>
<?php
$Pname = $_POST['prodname'];
echo "You ordered ". $Pname . ".<br />";
?>
</body></html>
You can use the $_SESSION array in the following fashion:
$_SESSION['products'][] = $_POST['prodname'];
That means that $_SESSION['products'] will be an array containing all the purchased products.
Don't forget to call session_start() in the beginning of all relevant pages, and filter your code against SQL injections and such.
session_start();
$_SESSION['everthing'] = $_POST['username'];
Then you can echo out the session, or just assign a variable to it. Sessions will stay there until the browser is closed
i have a form and when i post it i create a cookie, then i read the cookie and if isset then do something:
inside read.php
<?php if (isset($_COOKIE['voteforme'])) {
echo 'You voted this profile';
} else {?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="hidden" name="vote_points" id="vote_points" value="1000" />
<input type="submit" name="votes_send" id="votes_send" value="Vote for me" />
</form>
<?php } ?>
then i do some cookie creation inside 'create.php':
if (isset($_POST['votes_send'])){
$get_vote_for_me = $_POST['vote_points'];
$get_talent_id = $_POST['talent_id'];
$value1 = "voteforme";
$value2 = "voteforme_points";
setcookie($value1,$value2, time()+3600*24*7);
}
this script is creating the cookie i need. basically if the cookie $_COOKIE['voteforme'] is set then show a message, else show the form.
the problem i have is that i need to refresh the page a second time for the page to read the cookie and see if exists or not.
the file structure is index.php where i include the read.php and 'create.php'
any ideas??
thanks
edit:
even if i set the form action to any of those files the result is the same
edit, index.php structure:
<?php
require_once("read.php");
include 'create.php';
?>
<!doctype html>
<head>...
<body>...
<div id="tab5" class="tab_content">
<?php read();?> // the read.php it's a function
</div>
...
the read.php i am requiring it it at the top but i'm not actually calling git until inside the body as a function
adit:
i've also tried to add the setcookie inside the else statement inside the 'read.php', but there it doesn't get created
Why don't you check for the cookie set after you set the cookie? Then proceed to update your page. You just can't print anything to the page before doing your cookie work.
Another solution would be to use javascript to reduce the number of reloads.
A third idea would be to use a global variable which you can check in addition to the cookie -- that way if you set the cookie you would execute the appropriate code based on the global variable.
I would suggest you separate the files. POST data to create.php and add a redirection in create.php back to index.php. This way page will load and it will be able to read your cookie.
or you could try this, if not done already:
first include create.php and then read.php
setcookie() doesn't set the value in $_COOKIE immediately, it'll only be there after the client sends another request with the cookie. You can set it manually if you want.
It seems pretty simple but I can't find a good way to do it.
Say in the first page I create a variable
$myVariable = "Some text";
And the form's action for that page is "Page2.php". So in Page2.php, how can I have access to that variable? I know I can do it with sessions but I think it's too much for a simple string, and I do only need to pass a simple string (a file name).
How can I achieve this?
Thanks!
HTML / HTTP is stateless, in other words, what you did / saw on the previous page, is completely unconnected with the current page. Except if you use something like sessions, cookies or GET / POST variables. Sessions and cookies are quite easy to use, with session being by far more secure than cookies. More secure, but not completely secure.
Session:
//On page 1
$_SESSION['varname'] = $var_value;
//On page 2
$var_value = $_SESSION['varname'];
Remember to run the session_start(); statement on both these pages before you try to access the $_SESSION array, and also before any output is sent to the browser.
Cookie:
//One page 1
$_COOKIE['varname'] = $var_value;
//On page 2
$var_value = $_COOKIE['varname'];
The big difference between sessions and cookies is that the value of the variable will be stored on the server if you're using sessions, and on the client if you're using cookies. I can't think of any good reason to use cookies instead of sessions, except if you want data to persist between sessions, but even then it's perhaps better to store it in a DB, and retrieve it based on a username or id.
GET and POST
You can add the variable in the link to the next page:
Page2
This will create a GET variable.
Another way is to include a hidden field in a form that submits to page two:
<form method="get" action="page2.php">
<input type="hidden" name="varname" value="var_value">
<input type="submit">
</form>
And then on page two:
//Using GET
$var_value = $_GET['varname'];
//Using POST
$var_value = $_POST['varname'];
//Using GET, POST or COOKIE.
$var_value = $_REQUEST['varname'];
Just change the method for the form to post if you want to do it via post. Both are equally insecure, although GET is easier to hack.
The fact that each new request is, except for session data, a totally new instance of the script caught me when I first started coding in PHP. Once you get used to it, it's quite simple though.
Thanks for the answers above. Here's how I did it, I hope it helps those who follow. I'm looking to pass a registration number from one page to another, hence regName and regValue:
Create your first page, call it set_reg.php:
<?php
session_start();
$_SESSION['regName'] = $regValue;
?>
<form method="get" action="get_reg.php">
<input type="text" name="regName" value="">
<input type="submit">
</form>
Create your second page, call it get_reg.php:
<?php
session_start();
$regValue = $_GET['regName'];
echo "Your registration is: ".$regValue.".";
?>
<p>Back to set_reg.php
Although not as comprehensive as the answer above, for my purposes this illustrates in simple fashion the relationship between the various elements.
Passing data in the request
You could either embed it as a hidden field in your form, or add it your forms action URL
echo '<input type="hidden" name="myVariable" value="'.
htmlentities($myVariable).'">';
or
echo '<form method="POST" action="Page2.php?myVariable='.
urlencode($myVariable).'">";
Note this also illustrates the use of htmlentities and urlencode when passing data around.
Passing data in the session
If the data doesn't need to be passed to the client side, then sessions may be more appropriate. Simply call session_start() at the start of each page, and you can get and set data into the $_SESSION array.
Security
Since you state your value is actually a filename, you need to be aware of the security ramifications. If the filename has arrived from the client side, assume the user has tampered with the value. Check it for validity! What happens when the user passes the path to an important system file, or a file under their control? Can your script be used to "probe" the server for files that do or do not exist?
As you are clearly just getting started here, its worth reminding that this goes for any data which arrives in $_GET, $_POST or $_COOKIE - assume your worst enemy crafted the contents of those arrays, and code accordingly!
There are three method to pass value in php.
By post
By get
By making session variable
These three method are used for different purpose.For example if we want to receive our value on next page then we can use 'post' ($_POST) method as:-
$a=$_POST['field-name'];
If we require the value of variable on more than one page than we can use session variable as:-
$a=$_SESSION['field-name];
Before using this Syntax for creating SESSION variable we first have to add this tag at the very beginning of our php page
session_start();
GET method are generally used to print data on same page which used to take input from user. Its syntax is as:
$a=$_GET['field-name'];
POST method are generally consume more secure than GET because when we use Get method than it can display the data in URL bar.If the data is more sensitive data like password then it can be inggeris.
try this code
using hidden field we can pass php varibale to another page
page1.php
<?php $myVariable = "Some text";?>
<form method="post" action="page2.php">
<input type="hidden" name="text" value="<?php echo $myVariable; ?>">
<button type="submit">Submit</button>
</form>
pass php variable to hidden field value so you can access this variable into another page
page2.php
<?php
$text=$_POST['text'];
echo $text;
?>
Sessions would be the only good way, you could also use GET/POST but that would be potentially insecure.
**page 1**
<form action="exapmple.php?variable_name=$value" method="POST">
<button>
<input type="hidden" name="x">
</button>
</form>`
page 2
if(isset($_POST['x'])) {
$new_value=$_GET['variable_name'];
}
It works.
Send data throw URL, without form.
$upit = "SELECT * FROM usluga";
$data = $mysql->query($upit);
while ($row = mysqli_fetch_object($data))
{
echo "<a href='"."index.php?tretmanId=$row->tretman_id"."'>$row->naziv</a>";
echo "<br><br>";
}
and you can get this value on the target page with "$_GET['name from URL']", like this
$TrermanIdFromUrl = $_GET['tretmanId'];
You can for example call the page you want by including variables in the url:
header("Location: ../signup.php?newpwd=passwordupdated");
And on your signup.php page, you would have
if (isset($_GET['newpwd']) && $_GET['newpwd'] == "passwordupdated") {
//code here
}