Please have a look
Website interface
I only can insert these data with click both of the submit <button>.
I wish to use only one submit <button> to submit these data twice.
Here is my code.
As u can see, I for loop this <form>
<?php
for($x=1; $x<=2; $x++)
{
?>
<div class="col-lg-6">
<label>Passenger <?php echo $x ?> </label>
<form role="form" method='post'>
<div class="form-group">
<label>Title</label>
<label class="radio-inline">
<input type="radio" name="gander" value="Mr" checked>Mr
</label>
<label class="radio-inline">
<input type="radio" name="gander" value="Ms">Ms
</label>
</div>
<div class="form-group">
<label>Enter name of Passenger</label>
<input class="form-control" name='name'>
</div>
<div class="form-group">
<label>Enter Passenger Id <?php echo $x ?></label>
<input class="form-control" placeholder="960529-01-6925" name='ic'>
</div>
<button type="submit" class="btn btn-default" name="addbtn" method="post">Submit Button</button>
</form>
</div>
<?php
}
?>
Here is the isset button code
<?php
if(isset($_POST["addbtn"]))
{
$ganderphp = $_POST["gander"];
$namephp = $_POST["name"];
$icphp = $_POST["ic"];
$sql = "INSERT INTO `passenger_data`(`pass_gender`,`pass_name`,`pass_ic`,`Username`) VALUES ('$ganderphp','$namephp','$icphp','$username')";
if (mysqli_query($conn, $sql)) {
echo $sql;
}else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
}
?>
Its not user friendly because user only can submit data on one of the form first.
I did try to take the submit button out of the looping, but its not working.
I need a solution to make user can submit only once for all these data.
Base on some research, maybe array[] and for each can done this but i just don know how to use it.
Appreciate for any answer.
First of all, take the <form> and submit <button> element outside of the for loop, and then change the name attributes like this:
name="gander[<?php echo $x; ?>]"
name='name[<?php echo $x; ?>]'
and
name='ic[<?php echo $x; ?>]'
So your HTML form would be like this:
<div class="col-lg-6">
<form role="form" method='post'>
<?php
for($x=1; $x<=2; $x++){
?>
<label>Passenger <?php echo $x ?> </label>
<div class="form-group">
<label>Title</label>
<label class="radio-inline">
<input type="radio" name="gander[<?php echo $x; ?>]" value="Mr" checked>Mr
</label>
<label class="radio-inline">
<input type="radio" name="gander[<?php echo $x; ?>]" value="Ms">Ms
</label>
</div>
<div class="form-group">
<label>Enter name of Passenger</label>
<input class="form-control" name='name[<?php echo $x; ?>]'>
</div>
<div class="form-group">
<label>Enter Passenger Id <?php echo $x ?></label>
<input class="form-control" placeholder="960529-01-6925" name='ic[<?php echo $x; ?>]'>
</div>
<?php
}
?>
<button type="submit" class="btn btn-default" name="addbtn" method="post">Submit Button</button>
</form>
</div>
And after submitting, process your form like this:
if(isset($_POST["addbtn"])){
for($x = 1; $x <= 2; ++$x){
$ganderphp = $_POST["gander"][$x];
$namephp = $_POST["name"][$x];
$icphp = $_POST["ic"][$x];
// construct the query and execute it
}
}
Sidenote: Learn about prepared statements because right now your query is susceptible to SQL injection. Also see how you can prevent SQL injection in PHP.
Related
Below is the html code for my form and the php code which i am using to pass data to a class method.Now the problem that i have is that the control does not seem to enter the if loop which i concluded by testing as you can see."test0" gets printed but "test1" and other subsequent "tests" do not get printed.
<form action="" method="post" enctype=multipart/form-data>
<div class="form-group">
<label for="job name">Job name:</label>
<input type="text" class="form-control" id="jobnm" value="<?php echo $_GET['jobnm'];?>" disabled>
</div>
<div class="form-group">
<label for="name">Name:</label>
<input type="text" class="form-control" name="name" required>
</div>
<div class="form-group">
<label for="email">Email address:</label>
<input type="email" class="form-control" name="mail" required>
</div>
<div class="form-group">
<label for="phone">Enter a phone number:</label><br><br>
<input type="tel" id="phone" name="phone" placeholder="+91-1234567890" pattern="[0-9]{10}" required><br><br>
<small>Format: 1234567890</small><br><br>
</div>
<label >Gender</label>
<div class="radio">
<label><input type="radio" name="optradio" value="m">Male</label>
</div>
<div class="radio">
<label><input type="radio" name="optradio" value="f">Female</label>
</div>
<div class="radio">
<label><input type="radio" name="optradio" value="o">Other</label>
</div>
<div class="custom-file">
<input type="file" class="custom-file-input" name="cvFile" required>
<label class="custom-file-label" for="customFile">Upload resume</label>
</div>
<button type="submit" class="btn btn-primary">Submit</button>
<button type="reset" class="btn btn-danger" >Reset</button>
</form>
<?php
require_once 'db-config.php';
require_once 'classCandi.php';
echo "test0";
if(isset($_POST['submit']))
{
echo "test1";
$jobID = $_GET['jobid'];
echo "test2";
$canName = $_POST['name'];
$canEmail = $_POST['mail'];
$canPhone = $_POST['phone'];
$canRadio = $_POST['optradio'];
echo "test3";
//Upload file
$fnm = "cv/";
$cvDst = $fnm . basename($_FILES["cvFile"]["name"]);
move_uploaded_file($_FILES["cvFile"]["tmp_name"],$cvDst);
echo "test4";
$obj = new Candi($conn);
$obj->storeInfo($jobID,$canName,$canEmail,$canPhone,$canRadio,$cvDst);
echo "test5";
echo '<script language="javascript">';
echo 'alert("Submitted");';
echo '</script>';
echo "test6";
}
The below code won't be true anytime! It's because you didn't understand how $_POST works.
if(isset($_POST['submit']))
There's no input element in your frontend that has name="submit". And to see, there's none of the inputs have name attribute at all.
Instead, the better way to do is, understand how this works and change your code so that, it includes:
a name attribute for all the input and form elements.
a check on the values and not $_POST['submit']
And finally...
don't copy and paste without understanding the code.
don't check on $_POST['submit'] truthness.
Example, for $canName = $_POST['name']; to work, you need to have:
<input type="text" name="name" id="name" value="<?php echo $something; ?>" />
// ^^^^^^^^^^^
And have your attribute and values in quotes please:
enctype="multipart/form-data"
// ^ ^
Good day. I just wanna ask how can I insert the data from the forms generated from a while loop. This is what I tried so far. I added a loop where they will have different id or names but when I tried on clicking the button the first form is the only one working. Thank you so much in advance.
<?php
include "../config/dbconfig.php";
$data['productCode'] = "1"; // sample data
$stmt = $conn->prepare("SELECT * FROM tbl_category");
//$stmt->bind_param("i", $data['productCode']);
$stmt->execute();
$result = $stmt->get_result();
$i = 1;
while ($stuff = $result->fetch_assoc()) {
?>
<div class="col-sm-6" style="margin-top:20px;">
<div class="card">
<div class="card-header"><?php echo $stuff['categoryname']; ?>
</div>
<div class="card-body outermydiv">
<div class="myDIV">
<form method="POST" name="itemform" action="">
<div class="form-row">
<div class="col-5">
<input type="text" class="form-control" name="name[<?php echo $i; ?>]" id="itemname[<?php echo $i; ?>]" placeholder="Item name" required autocomplete="off">
</div>
<div class="col">
<input type="number" class="form-control" name="cost[<?php echo $i; ?>]" id="itemcost[<?php echo $i; ?>]" placeholder="Cost" required>
</div>
<div class="col">
<input type="number" class="form-control" name="price[<?php echo $i; ?>]" id="itemprice[<?php echo $i; ?>]" placeholder="Price" required>
<input type="hidden" class="form-control" name="code[<?php echo $i; ?>]" id="forcatcode[<?php echo $i; ?>]" value="<?php echo $stuff['categorycode'] ?>">
</div>
<div class="col">
<button type="submit" class="btn btn-success" name="btnsaveitem" id="btnsaveitem">Save</button>
</div>
<?php $i++; ?>
<input type="hidden" name="count" value="<?php echo $i; ?>" />
</div>
</form>
</div>
<br>
</div>
</div>
</div>
<?php
}
?>
and here is my insert code
<?php
if (isset($_POST['btnsaveitem'])) {
$count = $_POST['count'];
for ($i = 1; $i < $count; $i++) {
//$code = $_POST['code'][$i]; // check empty and check if interger
$foritemname = $_POST['name'][$i]; // check empty and strip tags
//$qty = $_POST['qty'][$i]; // check empty and check if interger
$stmt = $conn->prepare("INSERT INTO tbl_items(`itemname`) VALUES ('".$foritemname."')");
//$stmt->bind_param("iss",$name);
$stmt->execute();
}
}
?>
Starting by rewriting your form...
You don't need $i for anything, but I'll leave the declaration in case you want it for something else.
Don't submit array type data, each form will submit its own set of fields.
It probably makes more sense to add $stuff['categorycode'] as the value of each submit to avoid needing the hidden field. I'll leave it your way for now.
Form:
foreach ($stmt->get_result() as $i => $stuff) { ?>
<div class="col-sm-6" style="margin-top:20px;">
<div class="card">
<div class="card-header"><?php echo $stuff['categoryname']; ?></div>
<div class="card-body outermydiv">
<div class="myDIV">
<form method="POST">
<div class="form-row">
<div class="col-5">
<input type="text" class="form-control" name="name" placeholder="Item name" required autocomplete="off">
</div>
<div class="col">
<input type="number" class="form-control" name="cost" placeholder="Cost" required>
</div>
<div class="col">
<input type="number" class="form-control" name="price" placeholder="Price" required>
</div>
<div class="col">
<button type="submit" class="btn btn-success" name="btnsaveitem">Save</button>
</div>
</div>
<input type="hidden" class="form-control" name="code" value="<?php echo $stuff['categorycode']; ?>">
</form>
</div>
<br>
</div>
</div>
</div>
<?php
}
Receiving script: (extend with additional fields as desired)
if (isset($_POST['btnsaveitem'])) {
$stmt = $conn->prepare("INSERT INTO tbl_items(`itemname`) VALUES (?)");
$stmt->bind_param("s",$_POST['name']);
$stmt->execute();
}
This is all untested code.
Using PDO I am attempting to update a particular database record via a form that is in part created by php. However, when I hit the submit button the page redirects to .
The Relevent Controller function:
public function updateRecord ($selectTable, $value) {
include ('View/selectTable.php');
$tableFields = $this->db->getTableFields ($selectTable);
$results = $this->db->getRecord($selectTable, $value);
echo $_POST['saveContactForm'];
include '/View/updateRecord.php';
}
View:
<form class="form-horizontal" method="POST" id= "saveContactForm">
<?php for ($a = 1; $a < count ($tableFields); $a++):?>
<div class="form-group">
<label class="col-sm-2 control-label" for=" <?php echo $tableFields [$a] ?>"><?php echo $tableFields [$a] ?></label>
<div class="col-sm-10">
<input type="text" class="form-control" id="<?php echo $tableFields[$a] ?>" placeholder="<?php echo $results[0][$tableFields[$a]] ?>">
</div>
</div>
<?php endfor ?>
<input type ="submit" class ="btn btn-primary">
</form>
I am not getting error or warnings. However, I did discover that regardless of where I put the echo $_POST['saveContactForm'] I am unable to get the post variables.
I am having following codings in my form..how do I get the value of all radio button values on submit which is inside looping? Or give me any other solution for this.
<form action="res.php" method="post">
<?php
for($i=1;$i<=5;$i++)
{
?>
<div class="well well-sm well-primary">
<input type="hidden" name="ques"/>Questions?
</div>
<div class="well well-sm">
<div class="radio">
<label>
<input type="radio" name="optradio<?php echo $i; ?>" value="a">Option 1
</label>
</div>
<div class="radio">
<label>
<input type="radio" name="optradio<?php echo $i; ?>" value="b">Option 2
</label>
</div>
<div class="radio">
<label>
<input type="radio" name="optradio<?php echo $i; ?>" value="c">Option 3
</label>
</div>
</div>
<?php
}
?>
<button type="submit" class="btn btn-success" name="submit">Finish</button>
</form>
Use array of radio button as follows
<form method="post">
<?php
for($i=1;$i<=5;$i++)
{
?>
<div class="well well-sm well-primary">
<input type="hidden" name="ques"/>Questions?
</div>
<div class="well well-sm">
<div class="radio">
<label>
<input type="radio" name="optradio[<?php echo $i; ?>]" value="a">Option 1</label>
</div>
<div class="radio">
<label>
<input type="radio" name="optradio[<?php echo $i; ?>]" value="b">Option 2</label>
</div>
<div class="radio">
<label>
<input type="radio" name="optradio[<?php echo $i; ?>]" value="c">Option 3</label>
</div>
</div>
<?php
}
?>
<button type="submit" class="btn btn-success" name="submit">Finish</button>
</form>
To access the posted values, you can simply use $_POST['optradio']
Considering the selection for 5 questions to be Option 1, Option 2, Option 3, Option 1, Option 2
POST['optradio'] will give array like
Array ( [1] => a [2] => b [3] => c [4] => a [5] => b )
To access sigle values from this array, you can use foreach loop as,
<?php
foreach($_POST['optradio'] as $option_num => $option_val)
echo $option_num." ".$option_val."<br>";
?>
take a one hidden input for storing radio button name array in for loop
like
<input type="hidden" name="testradio[]" value="optradio<?php echo $i; ?>">
and then fetch radio button value using foreach
$rdobtn = $_POST['testradio'];
$idx = 0;
foreach($rdobtn as $val){
$rdovalue = $val[$idx];
// perform opertation using above $rdovalue variable.
$idx++;
}
}
Yes, as Sean commented, try this:
<form action="res.php" method="post">
<?php
for($i=1;$i<=5;$i++)
{
?>
<div class="well well-sm well-primary">
<input type="hidden" name="ques"/>Questions?
</div>
<div class="well well-sm">
<div class="radio">
<label>
<input type="radio" name="optradio[<?php echo $i; ?>]" value="a">Option 1
</label>
</div>
<div class="radio">
<label>
<input type="radio" name="optradio[<?php echo $i; ?>]" value="b">Option 2
</label>
</div>
<div class="radio">
<label>
<input type="radio" name="optradio[<?php echo $i; ?>]" value="c">Option 3
</label>
</div>
</div>
<?php
}
?>
<button type="submit" class="btn btn-success" name="submit">Finish</button>
</form>
and then use the below in PHP side to get radio button value as :
foreach ($_POST['optradio'] as $optNum => $option) {
// do stuff with $optNum and $option
}
Try this:
<input type="radio" name="optradio[]" value="a">
And in PHP file,
$_POST['optradio'] will result as an array.
I have a php order form named (order.php) and when the user clicks the (submit button "Next Step") it takes him to another page called (confirm-order.php)
The (confirm-order.php) shows the information that the user submitted from the (order.php) using the $_POST[] and by assigning each one of these to a variable.
Data showing on the (confirm-order.php) plain text like for example :
$itemName = $_POST['itemName'];
<?php echo $itemName; ?>
at the end of page there is a form contains only one element as (submit button)
How can i insert the $itemName data into mysql database only (after the submit button is clicked and the form actions take me to the confirmation page)?
I know how to insert data into mysql, but it didn't work with the isset() function
Do i have to write the isset function inside the form first? and below it the mysql database code?
order.php page:
<form class="form-horizontal well" action="confirm-order.php" method="POST">
<fieldset>
<legend>Personal Shopper Order Form</legend>
<div class="control-group">
<label class="control-label" for="select01">Choose a plan</label>
<div class="controls">
<select id="select01" name="plan">
<option>Lite Plan $0 per order</option>
</select>
</div>
</div>
<div class="control-group">
<label class="control-label" for="itemName">Item Name</label>
<div class="controls">
<input type="text" class="input-xlarge" id="itemName" name="itemName">
<p class="help-block">Item name exapmle: iPad3 White 32GB wifi & 3G.</p>
</div>
</div>
<div class="control-group">
<label class="control-label" for="itemID">Item ID</label>
<div class="controls">
<input type="text" class="input-xlarge" id="itemID" name="itemID">
<p class="help-block">example: Ebay Item ID, Amazon Item ID.</p>
</div><br>
<div class="control-group">
<label class="control-label" for="itemURL">Item URL</label>
<div class="controls">
<input type="text" class="input-xxlarge" id="itemURL" name="itemURL">
<p class="help-block">Direct web link to the item.</p>
</div>
</div>
<div class="control-group">
<label class="control-label" for="textarea">Item Details</label>
<div class="controls">
<textarea class="input-xlarge" id="textarea" name="itemDetails" rows="6"></textarea>
<p class="help-block">Item details (name, color, specifications etc...)</p>
</div>
</div>
<li id="li_3" data-pricefield="money_simple" data-pricevalue="0">
<div class="input-prepend input-append">
<label class="control-label" for="element_3_1">Item Price</label>
<div class="controls">
<span class="add-on">$</span>
<input id="element_3_1" data-price-value="10.00" name="element_3" type="text" class="element text large">
<p class="help-block">Item exact price on the US online store.</p>
</div>
</div>
</li>
<li id="li_7" data-pricefield="money_simple" data-pricevalue="0">
<div class="input-prepend input-append">
<label class="control-label" for="element_7_1">Local Shipping Cost</label>
<div class="controls">
<span class="add-on">$</span>
<input id="element_7_1" data-price-value="10.00" name="element_7" type="text" class="element text large">
</div>
<p class="help-block">Local shipping fee from the US Store to Sky2ship (if applicable).</p>
</div>
</li>
<li id="li_8" data-pricefield="radio" data-pricevalue="0">
<div class="control-group">
<div class="controls">
<p class="help-block">Order Processing Service Fee.</p>
<label class="radio">($0) Standard 2-3 days
<input id="element_8_1" data-pricedef="00.00" name="element_8" class="element radio" type="radio" value="$0 Standard 2-3 Day">
</label>
<label class="radio">($10) Express 1 day
<input id="element_8_2" data-pricedef="10.00" name="element_8" class="element radio" type="radio" value="$10 Express Same Day">
</label>
</div>
</div>
</li>
<legend>Personal Information & Shipping Address</legend>
<div class="control-group">
<label class="control-label" for="input04">Full Name</label>
<div class="controls">
<input type="text" class="input-medium" id="fullName" name="fullName">
<p class="help-block">First & last name.</p>
</div>
</div>
<div class="control-group">
<div class="controls">
<label class="radio">Male
<input type="radio" name="optionsRadios" id="optionsRadios1" value="option1" checked>
</label>
<label class="radio">
<input type="radio" name="optionsRadios" id="optionsRadios2" value="option2">Female
</label>
</div>
</div>
<div class="input-prepend">
<label class="control-label" for="prependedInput">Email Address</label>
<div class="controls">
<span class="add-on">#</span>
<input type="text" class="span2" id="prependedInput" name="Email">
<p class="help-block">Your email address.</p>
</div>
</div>
<div class="control-group">
<label class="control-label" for="input06">Address</label>
<div class="controls">
<input type="text" class="input-xxlarge" id="input06" name="streetAddress" placeholder="Street Address">
<p class="help-block">Your shipping address.</p>
</div>
</div>
<div class="control-group">
<div class="controls controls-row">
<input type="text" class="span2" id="City" name="City" placeholder="City">
<input type="text" class="span3" id="State" name="State" placeholder="State / Province">
</div>
</div>
<div class="control-group">
<div class="controls controls-row">
<input type="text" class="span2" id="PostalCode" name="PostalCode" placeholder="Postal Code">
<input type="text" class="span3" id="Phone" name="Phone" placeholder="Phone Number">
</div>
</div>
<div class="control-group">
<label class="control-label" for="select01">Country</label>
<div class="controls">
<select id="select02" name="Country">
<option>IRAQ</option>
<option>JORDON</option>
</select>
</div>
</div>
<li class="total_payment" align="right" data-basetotal="0">
<span>
<h3 class="alert-success">$<var>0</var></h3>
<h5>Total</h5>
</span>
</li>
<div class="control-group">
<label class="control-label" for="optionsCheckbox">Read & Agree</label>
<div class="controls">
<label class="checkbox">
<input type="checkbox" id="optionsCheckbox" value="option1">
I agree to the site's Terms of Service & Privacy Policy.
</label>
</div>
</div>
<div class="form-actions">
<button type="submit" class="btn btn-primary">Confirm Order</button>
<button type="reset" class="btn">Cancel Order</button>
</div>
</fieldset>
</form>
confirm-order.php page:
<?php
$itemName = $_POST['itemName'];
$plan = $_POST['plan'];
$itemID = $_POST['itemID'];
$itemPrice = $_POST['element_3'];
$processService = $_POST['element_8'];
$itemDetails = $_POST['itemDetails'];
$streetAddress = $_POST['streetAddress'];
$City = $_POST['City'];
$State = $_POST['State'];
$PostalCode = $_POST['PostalCode'];
$Phone = $_POST['Phone'];
$Country = $_POST['Country'];
$fullName = $_POST['fullName'];
$Email = $_POST['Email'];
$itemURL = $_POST['itemURL'];
$itemLocalShipCost = $_POST['element_7'];
?>
<?php
$db_host = "localhost";
$db_user = "root";
$db_pass = "000000";
$db_name = "dbname";
if (isset($_POST['submit'])) {
$db_connect = mysqli_connect($db_host,$db_user,$db_pass,$db_name);
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql ="INSERT INTO lite_order (lite_plan, lite_item_name)
VALUES
('$plan','$item')";
if (!mysqli_query($db_connect,$sql))
{
die('Error: ' . mysqli_error($db_connect));
}
echo "1 record added";
}
?>
<address>
<strong>Shipping Address.</strong><br>
<?php echo $streetAddress; ?><br>
<?php echo $City; ?>, <?php echo $State; ?>, <?php echo $PostalCode; ?><br><?php echo $Country; ?><br>
<abbr title="Phone">P:</abbr><?php echo $Phone; ?>
</address>
<address>
<strong><?php echo $fullName; ?></strong><br>
<?php echo $Email; ?>
</address>
<table class="table">
<thead>
<tr>
<th>Plan</th>
<th>Item Name</th>
<th>Item ID</th>
<th>Local Shipping Cost</th>
<th>Item Price</th>
<th>Order Processing Fee</th>
</tr>
</thead>
<tbody>
<tr class="success">
<td><?php echo $plan; ?></td>
<td><?php echo $itemName; ?></td>
<td><?php echo $itemID; ?></td>
<td><?php echo "$" . $itemLocalShipCost; ?></td>
<td><?php echo "$" . $itemPrice; ?></td>
<td><?php echo $processService; ?></td
></tr>
</tbody>
</table>
<strong>Item URL</strong><p class="alert alert-info"><?php echo $itemURL; ?></p>
<pre class="pre-scrollable"><?php echo $itemDetails; ?></pre>
<p>Your Total <h3 class="question"><?php echo "$" . $orderTotal; ?></h3></p>
<div class="form-actions"><form action="pending-order.php" method="post" name="confirmed-order">
<button type="submit" name="submit" class="btn btn-primary">Submit Order</button>
<button type="button" class="btn">Previous</button></form>
</div>
</div>
</div>
</div>
</div>
</div>
Whereto insert the mysql database code to insert all the variables into database after the submit button is clicked? where to place the isset() function? i tried it, it didn't insert any data into my table.
EDIT: a simple example
do <form>, validation and inserting in one file, say form.php:
<? // check if FORM has been posted
$posted = isset($_POST['submit']);
if ($posted) { // form has been posted...
// validate input
if (!isset($_POST['item']) || strlen(trim($_POST['item'])) == 0)
$error['item'] = "please insert an item-name!";
if (!isset($_POST['price']) || !is_numeric($_POST['price']))
$error['price'] = "please enter a valid price!";
// ready for input?
if (!isset($error)) { // no $error --> go insert!
// I'll do the db-operation with PDO and a prepared statement.
// this is cool, easy and safe. LEARN IT!
$sql = "INSERT INTO table (item,price) VALUES (:item,:price)";
$insert = $db->prepare($sql);
$insert->execute(array(
':item' => $_POST['item'],
':price' => $_POST['price']
));
} // $error
} // submit
?>
Now, in the <body> of the same page...
<? // check whether to display confirmation or form...
if ($posted && !isset($error)) {
// form was sent AND no error --> confirm
?>
<h1>Confirmed!</h1>
<p>Your data has been sent, thank you very much!</p>
go to somepage
<?
} else {
// form not sent or errors --> display form
?>
<h1>Please enter data</h1>
<? // display error-message, if there's one:
if (isset($error)) {
$output = "";
foreach ($error as $field => $msg)
$output .= (strlen($output) > 0?', ':'') . "[$field]: $msg";
echo "<p>There were errors: $output</p>";
} // $error
?>
<form method="post">
<!-- if the form has been sent, bring back the field's value from $_POST -->
<p>item-name: <input type="text" name="item"
value="<?=($posted?$_POST['item']:'')?>" /></p>
<p>price: <input type="text" name="price"
value="<?=($posted?$_POST['price']:'')?>" /></p>
<p><input type="submit" name="submit" value="submit" /></p>
</form>
<?
} // submit & $error
?>
See the use of a ternary-operator for setting the value-attribute of the <input>-elements:
(<condition>?<what to do if true>:<what to do if false>)
There are two specific things I can contribute.
First, isset tests for null... which is different than empty. If you have a form field that is submitted empty, then set a local variable to that posted value, then test it with isset; isset will return true because the value exists which is different than the variable not having been registered in the page load at all.
Second... ANYTHING can post to your form (think evil autonomous Korean hacker bots). Also, there are many ways a form can get submitted without having activated the submit button itself so there is no guarantee you will even see a submit key in your $_POST vars. What you need to define in your processing script is a "default action". What I mean by that is a very basic and SAFE behavior (like redirecting to a 'something is wrong' page) that kicks off by default such that the only way around it is to submit a correct form with all anticipated values correctly set.
If you do this, you can ignore the value of the submit button itself and instead focus on the contents of the POST. Did I receive everything I expected to receive? Was it all in the correct format? Was the user authenticated correctly? Only after all these questions have been tested to your satisfaction would you switch from the default behavior to a form processing behavior in which the posted data can be inserted into your database.
Example using your 3 page structure:
reference: filter vars
Page 1:
<form action=./page2 method=POST>
<input type=text value=1234 name=numericValue />
<input type=text value="dummytext" name=stringValue />
<input type=submit value=submit name=submit />
</form>
Page 2:
<?php
$args = array('numericValue' => FILTER_VALIDATE_INT
,'stringValue' => FILTER_SANITIZE_STRING);
$clean_data = filter_input_array(INPUT_POST,$args);
if (is_array($clean_data))
{
$_SESSION["saved_clean_data"] = $clean_data;
}
else
{
Header(<something wrong page>);
die();
}
?>
<form action=./page3 method=POST>
<input type=submit name=submit value=No />
<input type=submit name=submit value=Yes />
</form>
Page 3:
<?php
if ($_POST["submit"] === "Yes")
{
$cleanNum = $_SESSION["saved_clean_data"]["numericValue"];
$cleanStr = $_SESSION["saved_clean_data"]["stringValue"];
// DB insert Query, use advice from michi about PDO
// parameterize your queries to help prevent sql injection
}
else
{
Header(<somewhere for declined submits>);
die();
}
?>
Well we can do this in the following ways
You store all the data in session and use it in confirmation page and then on data insertion page. Do remember to update or delete it if user updates or cancel the order.
You can dynamically create the confirm order page using javascript and HTML and when user clicks confirm button then only we post it to the PHP page. This will also reduce a server call.
One other ways is to again send the collected posted values and keep it as hidden fields in the confirmation page and post it when clicked confirm.
create a form and store variables in hidden fields , then create this submit button in the form
So clicking this form will store the info. See the exmple here
<form class="form-horizontal well" action="confirm-order.php" method="POST">
<input type="hidden" value="<?php echo $itemName; ?>" />
<input type="submit" value="Confirm Order" />
</form>
Well there are couple of ways about doing this:
Store all the data from the previous page i.e. from order.php in the $SESSION[] variables:
Explaination: Setting it in Session will enable you to access the same variable from anywhere in the site until the session of the user. Means that after you store it in session you can access it in pending-order.php page.
How to do it: In this page at the top, instead of setting the variables at top write the following:
$SESSION['itemName'] = $_POST['itemName']
then echo it using:
echo $SESSION['itemName']
and then in the pending-order.php you can assign a value to a variable like so:
$itemName = $SESSION['itemName']
and now you can store the variable in the db.
Put hidden fields inside the form of confirm-order.php page:
Explaination: Create hidden input fields in confirm-order.php form and set the values that are in the variables. This way when you click the submit button you can access them in pending-order.php in the same way you are doing on confirm-order.php.
How to do it: Simply put the variables in value attribute of the hidden input like so:
<form action="pending-order.php" method="post" name="confirmed-order">
<input type="hidden" value="<?php $itemID ?>" id="someID">
</form>
Try
<button type="submit" class="btn btn-primary" NAME="submit">Confirm Order</button>
And use
IF (isset($_POST['submit]) {
$itemName = $_POST['itemName'];
$plan = $_POST['plan'];
$itemID = $_POST['itemID'];
$itemPrice = $_POST['element_3'];
$processService = $_POST['element_8'];
$itemDetails = $_POST['itemDetails'];
$streetAddress = $_POST['streetAddress'];
$City = $_POST['City'];
$State = $_POST['State'];
$PostalCode = $_POST['PostalCode'];
$Phone = $_POST['Phone'];
$Country = $_POST['Country'];
$fullName = $_POST['fullName'];
$Email = $_POST['Email'];
$itemURL = $_POST['itemURL'];
$itemLocalShipCost = $_POST['element_7'];
// your mysql INSERT codes here
}
EDIT 1:
change <button type="submit" class="btn btn-primary">Confirm Order</button>
TO <input type="submit" class="btn btn-primary" value="Confirm Order">
isset() function work when the input field type is submit.like
<input type="submit" value="Confirm Order" />
so update the code form
<div class="form-actions">
<button type="submit" class="btn btn-primary">Confirm Order</button>
<button type="reset" class="btn">Cancel Order</button>
</div>
to
<div class="form-actions">
<input type="submit" class="btn btn-primary" value="Confirm Order" />
<input class="btn" type="reset" value="Cancel Order" />
</div>