using codeigniter mvc pattern I create form in view that take only two values form user
<form action="<?php base_url(); ?> blogs/new_post" method="POST">
<label>Title</label>
<input type="text" name="post_title" />
<label>discription</label>
<input type="text" name="post_detail" />
<input type="submit" value="post" />
</form>
now when i submit the form, data goes to the controller now here confusion created in my code that i can't able to understand i use three cases in controller fist is if i use !empty($_POST) in controller and in view weather i fill the form or not fill the form message displayed in controller is post
my question is why always displaying post why not displaying not a post when i fill nothing in the form
if(!empty($_POST)) {
echo "post";
} else {
echo "not a post";
}
my second question is same related to the first condition now i use isset instead of !empty
public function new_Post() {
if(isset($_POST)) {
echo "post";
} else {
echo "not a post";
}
}
in this case either i fill form or not fill form when i submit the form the result always same that is "post"
and in third case if i use !isset the the result is always not a post eiter i fill or not fill the form
hope so you will understand my problem when i comes to if(!empty($_POST)) this condition then my mind is confuse what is the purpose of $_post
This is because you are using the whole global variable $_POST to check empty and isset(). $_POST is not empty when you click on the button. You just Print_r the $_POST it will have the value of submit button. You need to print the value of $_POST on click and see the values in the array
Well, in CodeIgniter (and most of the framework) doesn't allow you to access $_POST directly due to security reason.
You must access $_POST values through $this->input->post()
For more information read Input Class from CodeIgniter's docs
https://www.codeigniter.com/user_guide/libraries/input.html
$_POST is exist when you click on the button:
so empty and isset cant work Correctly
the value at the first is
Array
(
)
SO U should check
if($_POST)
instead
if(!empty($_POST)) OR if(isset($_POST))
AND best way is u check
if ($this->input->post())
Related
I need to redirect the user to a site that gets the "Short_proj_name" information. So i did this:
<form action="Main.php?short_proj_name=<?=$_REQUEST['short_proj_name']?>" method="post" name="formProjName" target="_blank" id='frmProjName'>
However, upon searching, i found out that there are several reasons NOT to use $_REQUEST, one of them being security and all that. However, simply doing $_POST['short_proj_name'] or $_GET['short_proj_name'] never returns the information i need.
Basically, how would i go about doing an if statement that checks if the $_GET is empty, and does a $_POST instead? Can i do that in the action method of my form?
EDIT:
Adittionally, is it possible that maybe using both $_POST and $_GET return null, yet using $_REQUEST doesnt? As far as i know, $_REQUEST is both get and post together, but none of them returns any information
It works if i do it as so:
if(!empty($_POST['short_proj_name']))
{
$projName = $_POST['short_proj_name'];
}
elseif (!empty($_GET['short_proj_name']))
{
$projName = $_GET['short_proj_name'];
}
else
{
$projName = $_REQUEST['short_proj_name'];
}
But i'm not sure if that solves the security problem at all
I think the answer here is to always use _GET.
A form can actually send both _GET and _POST data based on what you use in the "action" attribute of the form. The action part doesn't care what you set the "method" attribute as.
From what you are showing above, the params are all in the "action" part of the form so these are always passed into _GET anyway. If the inputs were inside the form then those would be received via _POST
Here's an example.
In PHP I would receive $_GET['monkey'] = '1' and $_POST['lion'] = 1
<form method='post' action='receive.php?monkey=1'>
<input type='text' name='lion' value='1' />
<input type='submit' />
</form>
There shouldn't really ever be an instance where you need to check if the answer is in _GET or _POST and as mentioned in a comment, it's quite a security risk to use $_REQUEST or check if it's in _GET or _POST.
Most times, you can just push the page request URL back into the form "action" to ensure all the same _GET params are included on the form _POST.
The big mistake most people do is try to move them from _GET into hidden input fields inside a form thinking they need to do that to carry all that data through.
However, this type of function call might help you but I wouldn't approve of it.
function getRequestParam($param){
if(isset($_GET[$param])){return $_GET[$param];}
if(isset($_POST[$param])){return $_POST[$param];}
return "";
}
you can like
<?php
if(!empty($_POST))
{
$projName = $_POST['short_proj_name'];
}
else
{
$projName = $_GET['short_proj_name'];
}
?>
<form action="Main.php?short_proj_name=<?=$projName ?>" method="post" name="formProjName" target="_blank" id='frmProjName'>
but i think it's ugly
Here is a simple code :
<?php
if (isset($_GET) && $_GET['short_proj_name'] != '')
echo $_GET['short_proj_name'];
else if (isset($_POST) && $_POST['short_proj_name'] != '')
echo $_GET['short_proj_name'];
else
echo $_REQUEST['short_proj_name'];
?>
But if you get the value from a post or get, it can be anything so be careful...
If the "short_proj_name" is a file name, a nasty person can get access to other files just by guessing their names...
I have a form, which redirects the user to "page1.php" after the form is submitted. What I want to do is to redirect the user to "page2.php" after the form is submitted, but I need to make sure that the POST request was sent. Example:
<form action="page1.php" method="POST">
<input type="text" name="username" />
<input type="text" name="age" />
<input type="submit" value="" />
</form>
When the user clicks on Submit, it redirects him to page1.php. I want to redirect him to page2.php, but I need to make sure that the data is sent to the server. I can't use AJAX. Is there any way to do it with cURL or something like that? Any examples?
Thanks!
I guess this works !!
In page1.php
<?php
//do establish session
//and check for the input fields obtained via $_POST
if(isset($_POST['name_of_your_field']) && !empty($_POST['name_of_your_field'])){
if(!mail($to,$subject,$message)){
header('location:form.php?msg=error');
}else{
header('location:page2.php?msg=succes');
}
}
?>
You can check if the POST request was sent with something like:
if($_SERVER['REQUEST_METHOD'] == 'POST') {
// do something...
}
You can create a hidden input in your form and send additional info about the form that is submitted, e.g. action.
Inside you will do your magic and redirect user with:
header('Location: page2.php');
exit();
In your 'page1.php' processor, add a 'header' redirect to 'page2.php'.
header("Location: page2.php");
exit;
you could do a check if query is complete
example
<?php
$query=mysqli_query(".......your query statement")or trigger_error(mysqli_error());
if($query){
header("Location:page2.php");
}
else{
die('error');
}
?>
In your situation, you can just simple check for the posted data. Like
$username = $_POST['username'];
$age = $_POST['age'];
if($username&&$age){ /* This is to check if the variables are not empty */
// redirect to page2
}
It is logical that if those are not empty, meaning they are posted. Even if they are empty, as long as you get there, that means it was posted. There is no need to check if posted or not, what needs to be checked was, if posted data was there.
I hope I made it clear. ^_^ but making sure is not bad at all. Happy coding friend.
I am submitting form to page and checking if submit button value InsertMe isset but non of the code inside is executed
<?php
if (isset($_POST['InsertMe'])){
//code to execute
echo "Test";
}
?>
and insert buttons looks like that
<input style="float:right;" name="InsertMe" id="InsertMe" type="submit" class="rectangular-button" value="Add User" />
if (!isset($_POST['InsertMe']) || empty($_POST['InsertMe'])) {
// error message here
} else {
// What you want to do if not empty and is set.
}
This code will check if the variables is set and if if it's empty.
"||" is the PHP operator to check or. So in this case it's checking if it's set OR empty.
Make sure you have the form tag set to post.
<form method="post">
you are selecting Id I think we should be use name tag parameters in isset()
I'm wondering if it's possible to manually change the value of an isset value. That is, to do something like this:
isset($_POST['search_user']) = true;
Why I want to do this: I have two different "submit" forms on one page. When one form is submitted, I want to capture all the values of that form into SESSION variables. However, when the other form is submitted, the SESSION variables are wiped out (since the first form is not, technically, submitted anymore).
My idea was that, if the second form is submitted, then automatically set the value of the first form to true
If I understand your question correctly, if a second form is submitted, why not just destroy the current session and start new sessions using the variables posted from the new form?
http://php.net/manual/en/function.session-destroy.php
session_destroy();
...Or, you can set another session variable if the second form is submitted:
if (isset($_POST['search_user'])) {
$_SESSION['search_user'] = "true";
}
if ($_SESSION['search_user'] == "true") {
// Second form was submitted
}
You can try to define a name and a value for each submit button, so you retrieve this in the PHP file and do what you want, according you need. For instance:
HTML to the first form:
<form name="form1" action="page2.php" method="post">
<input type="submit" value="1" name="button01">
</form>
HTML to the second form:
<form name="form2" action="page2.php" method="post">
<input type="submit" value="1" name="button02">
</form>
Then you can detect the form thas was submited doing this in page2.php:
if($_POST['button01'] == "1")
{
// Do what you need based on form1 submit
}
elseif($_POST['button02'] == "1")
{
// Do what you need based on form2 submit
}
Try this and then leave some comment telling if it helps you.
I'm trying to write my first PHP script (hopefully). I want to send user input from a form inside an HTML page to a PHP script and validate them inside script. then, if there is any problem with input data, return to first page and highlight wrong fields. else go to another page (something like successful).
How do i send feedback from second script to first page without using forms?
In short, you'd have something like this:
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$errors = array();
$name = $_POST['name'];
if ($name !== 'Fred') {
$errors[] = 'Please enter "Fred"';
}
... validate more fields ...
if (count($errors) == 0) {
... form is ok ...
header('Location: everything_is_ok.php');
exit();
}
}
?>
<form action="<?php echo $_SERVER['SCRIPT_NAME'] ?>" method="POST">
Enter 'Fred': <input type="text" name="name" value="<?php echo htmlspecialchars($name) ?>" /><br />
<input type="submit" />
</form>
Basically: Have the form page submit back to itself. If everything's ok, redirect the user to another page. Otherwise redisplay the form.
Just make your Form POST to itself, then in your PHP check the values and if they are valid, don't display your form and do your submit code. If they are invalid, display the form with the values and errors displaying.
Reload the first page and send the feedback in the session, for example. If session['errors'] exist, echo them. Note you'll have to include some php tags in your html page anyway.
Use a session... here's a link to help you get started: http://www.tizag.com/phpT/phpsessions.php