Some thing is wrong in this code, because when i press the submit button the code inside this block of code it is not executed.
Here is the code:
if(isset($_POST["form"])) {
if (Form::isValid($_POST["form"])){
include 'config_php/insert_lead.php';
} else{
header("Location: " . $_SERVER["PHP_SELF"]);
exit();
}
}
This is a small portion of the form:
<form action="index.php?s=2468" id="multiphase" method="post" class="form-horizontal">
<fieldset>
<input type="text" class="form-control shadow" name="first_name" required="" placeholder="Voornaam:" id="multiphase-element-22">
<input type="text" class="form-control shadow" name="last_name" required="" placeholder="Achternaam: " id="multiphase-element-23">
<input type="email" class="form-control shadow" name="email1" required="" placeholder="E-mailadres:" id="multiphase-element-28">
<input type="submit" value="Submit" name="submit" class="btn btn-primary" id="multiphase-element-29">
</fieldset>
</form>
One more thing the form is generated using PFBC
There isn't a post value named 'form', so you should set one to look for on the submission.
Notice that I have also used the entire POST array in the Form::isValid() check.
PHP:
if(isset($_POST["postback"])) {
$valid = true;
if (Form::isValid($_POST)){
include 'config_php/insert_lead.php';
} else{
header("Location: " . $_SERVER["PHP_SELF"]);
exit();
}
}
HTML:
<form action="index.php?s=2468" id="multiphase" method="post" class="form-horizontal">
<fieldset>
<input type="text" class="form-control shadow" name="first_name" required="" placeholder="Voornaam:" id="multiphase-element-22">
<input type="text" class="form-control shadow" name="last_name" required="" placeholder="Achternaam: " id="multiphase-element-23">
<input type="email" class="form-control shadow" name="email1" required="" placeholder="E-mailadres:" id="multiphase-element-28">
<input type="hidden" name="postback" value="1">
<input type="submit" value="Submit" name="submit" class="btn btn-primary" id="multiphase-element-29">
</fieldset>
</form>
In your code $_POST["form"] is the fault you doing...
if you are using $_POST["form"] then it means you have named any of your input field as "form" which i dont see in your code...
so instead of $_POST["form"] you should use any of the input name you using...
I suggest to use..
$_POST["submit"] instead of $_POST["form"]
because you have already named submit input field as submit...
See if it help
Change form tor submit:
<?php
if(isset($_POST["submit"])) {
if (Form::isValid($_POST["form"])){
include 'config_php/insert_lead.php';
} else{
header("Location: " . $_SERVER["PHP_SELF"]);
exit();
}
}
The the if will be executed BUT the you will still have problems with the next if (Form::isValid($_POST["form"])) I don't know how isValid works but $_POST["form"] does not exist. You can validate all inputs one by one.
Related
I wasn't sure how to phrase the title, but here's what I'm trying to do.
I have a form to login to webmail, I don't have access to the webmail - it just posts the form input to the website and the webmail server takes it from there.
Everyone logging in to this page will be using the same email extension (e.g. "#myemail.com"), so I want to save the hassle of typing that every time, instead they can just write "mike" and the form will add "#myemail.com" on it's own.
I could post this form to a middle ground php page that sticks "mike" + "#mymail.com" together and posts this info to the webmail?
Or is there a simpler way to do this without having to create another page?
<form name="loginForm" action="http://webmail.emailsrvr.com/login.php" method="POST" target="_blank">
<input type="hidden" name="js_autodetect_results" value="SMPREF_JS_OFF">
<input type="hidden" name="just_logged_in" value="1">
<input type="hidden" name="type" value="v3">
<input type="hidden" name="useSSL" id="useSSL" value="">
<input type="email" name="user_name" placeholder="Username" required autofocus>
<input type="password" name="password" placeholder="Password" required>
<label for="remember"><input type="checkbox" name="remember">Remember my info</label>
<button type="submit">Sign In</button>
</form>
I want to take the value entered here...
<input type="email" name="user_name" placeholder="Username" required autofocus>
...and add an extension like "#myemail.com" to it, then post it.
Any idea? Thanks in advance for your help.
I could do something like this?
PAGE 1 - Enter username and password...
<input type="text" name="send_email" placeholder="Username" required autofocus>
<input type="password" name="send_password" placeholder="Password" required>
<label for="remember"><input type="checkbox" name="remember">Remember my info</label>
<button type="submit">Sign In</button>
</form>
PAGE 2 - PHP takes username and adds "#myemail.com" and sends form...
<?php
$form_email = $form_password = "";
if (!empty($_POST['send_email']) && !empty($_POST['send_password'])) {
$form_email = $test($_POST['send_email']) . '#fountaincreations.ca';
$form_password = $test($_POST['send_password']);
echo '<form name="loginForm" action="http://webmail.emailsrvr.com/login.php" method="POST" target="_blank">';
echo '<input type="hidden" name="js_autodetect_results" value="SMPREF_JS_OFF">';
echo '<input type="hidden" name="just_logged_in" value="1">';
echo '<input type="hidden" name="type" value="v3">';
echo '<input type="hidden" name="useSSL" id="useSSL" value="">';
echo '<input type="hidden" name="user_name" value="' . $form_email . '">';
echo '<input type="hidden" name="form_password" value="' . $form_password . '">';
echo '</form>';
} else {
echo '<p style="text-align:center;padding:40px 20px;">Please go back and try again.</p>';
}
function test($data) {
$data = strtolower(data);
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
How do I tell PHP to automatically submit the form though?
Here's what I have if I were to use jQuery:
It doesn't currently work though.
HTML:
<div class="box top">
<form name="loginForm" action="http://webmail.emailsrvr.com/login.php" method="POST" target="_blank">
<input type="hidden" name="js_autodetect_results" value="SMPREF_JS_OFF">
<input type="hidden" name="just_logged_in" value="1">
<input type="hidden" name="type" value="v3">
<input type="hidden" name="useSSL" id="useSSL" value="">
<div class="inner">
<div class="inner-row"><input type="text" name="user_name" placeholder="First Name" required autofocus></div>
<div class="inner-row"><input type="password" name="password" placeholder="Password" required></div>
<div class="inner-row">
<div class="inner-col col-2-4"><label for="remember"><input type="checkbox" name="remember">Remember my info</label></div>
<div class="inner-col col-2-4"><button type="submit">Sign In</button></div>
</div>
</div>
</form>
</div>
<div class="box bottom">
<div class="inner">
<div class="inner-row"><p>Already signed in? <b>Go to your inbox.</b></p>
</div>
</div>
JS:
<script type="text/javascript">
$(document).ready(function(){
$("button[type='submit']").on('click', function(e){
e.preventDefault();
var userEmail = $.trim($("input[name='user_name']").val());
$("input[name='user_name']").val(userEmail+"#fountaincreations.ca");
$("form[name='loginForm']").submit();
});
});
</script>
I think if you want to attach username + "#mymail.com" to useremail field, here is my suggestion:
1# create input user_email (just hide this field)
<input type="hidden" name="user_email" id="user_email" placeholder="User Email">
2# add js below
$('#user_name').on('input', function() {
username = this.value+'#myemail.com';
$('#user_email').val(username);
});
here example
I think this will go like this, hope this will help you. What i am doing in this code is, first I stop the form from being submitted through e.preventDefault(); and then i am taking the value of the required input and assigning it back value by attaching "#mymail.com".
$(document).ready(function(){
$("button[type='submit']").on('click', function(e){
e.preventDefault();
var userEmail = $.trim($("input[type='email']").val());
$("input[type='email']").val(userEmail+"#mymail.com");
$("form[name='loginForm']").submit();
});
});
haven't programmed PHP in a while but I
have to assemble something for a client really fast.
I've set up 2 forms with POST but when I go to the next file it's just blank space, for some reason POST isn't being registered but is set cause I'm not getting an error echo.
Hese's the forms:
<form action="Funkcije.php" method="post" name="AddFromDB">
<input type="text" placeholder="Šifra Art" name="ArtNo">
<input type="submit" value="Dodaj">
</form>
<br>
<div id="newItem">
<form action="Funkcije.php" method="post" name="AddNew">
<input type="text" placeholder="Šifra" name="Art">
<input type="text" placeholder="Ime Proizvoda" name="ImeProizvoda">
<input type="text" placeholder="Dobavljač" name="Dobava">
<input type="text" placeholder="Cijena" name="Cijena">
<input type="submit" value="Dodaj">
</form>
</div>
And here's the 2nd file:
if(isset($_POST["AddFromDB"], $_POST["ArtNo"])){
addExisting ($_POST["ArtNo"]);
}
else if(isset($_POST["AddNew"], $_POST["Art"], $_POST["ImeProizvoda"], $_POST["Dobava"], $_POST["Cijena"])){
newItem ($_POST["Art"] && $_POST["ImeProizvoda"] && $_POST["Dobava"] && $_POST["Cijena"]);
}
else if (!isset ($_POST)){
echo "error";
}
So, by code I should be getting an error if POST is not set but I get nothing. Just a blank space.
here, you must be give a name to the submit button to check which form is POST like this...
<form method="post" name="AddFromDB">
<input type="text" placeholder="Šifra Art" name="ArtNo">
<input type="submit" value="Dodaj" name="form1">
</form>
<br>
<div id="newItem">
<form method="post" name="AddNew">
<input type="text" placeholder="Šifra" name="Art">
<input type="text" placeholder="Ime Proizvoda" name="ImeProizvoda">
<input type="text" placeholder="Dobavljač" name="Dobava">
<input type="text" placeholder="Cijena" name="Cijena">
<input type="submit" value="Dodaj" name="form2">
</form>
</div>
<?php
if(isset($_POST["form1"], $_POST["ArtNo"])){
echo "1";
}
else if(isset($_POST["form2"], $_POST["Art"], $_POST["ImeProizvoda"], $_POST["Dobava"], $_POST["Cijena"])){
echo "2";
}
else{
echo "error";
}
?>
now, this work fine..
thank you.. enjoy coding...
I have a form in a file index.php that posts to a second page like this:
<form method="post" id="signupform" name="signupform" action="functions.php">
<label for="user_id">Username:</label><span id="asterix">*</span> <br>
<input name="user_id" type="text" id="user_id" required><br><br>
<label for="new_password">Password:</label><span id="asterix">*</span> <br>
<input name="new_password" type="password" id="new_password" required><br><br>
<label for="confirm_password">Confirm password:</label><span id="asterix">*</span> <br>
<input name="confirm_password" id="confirm_password" type="password" required><br><br>
<label for="new_email">Email:</label><span id="asterix">*</span> <br>
<input name="new_email" id="new_email" type="email" required>
<input hidden="hidden" name="action" value="signup">
<br><br>
<input id="createaccount" type="submit" value="Create account">
</form>
The submit is done through jQuery submitHandler like this:
submitHandler: function(signupform) {
$(signupform).ajaxSubmit({
target:'#result',
success: function(){
$("#result").css("display","block");
$('#box').animate({'top':'-800px'},500,function(){
$('#overlay').fadeOut('fast');
$('#loginmain').hide();
});
}
})
}
The result is shown in a div in the same page as follows:
<div id="result" class="success_message" style="display: none"></div>
On the second page, functions.php, I have what needs to be displayed in the div.
Now the problem is that I created a third file called db.php to do database operations.
if (isset($_POST['action']) && $_POST['action'] == "signup") {
$user_id = mysql_real_escape_string($_POST["user_id"]);
$new_password = md5(mysql_real_escape_string($_POST["new_password"]));
$new_email = mysql_real_escape_string($_POST["new_email"]);
$create_account = "INSERT INTO users(username, email, password ) VALUES ('" . $user_id . "','" . $new_password . "','" . $new_email . "')";
if($create_account){echo "done";}else echo "failed";
if(mysqli_query($str, $create_account)){
echo "successful insert";
}
}
Although I have included db.php in the index.php, the queries do not get executed because in fact, it seems that the form does not postcorrectly because if I put an echo "test" after the if statement, it does not show, but if I replace the action="functions.php" by action="", things work, but then the submithandler does not behave correctly.
Shouldn't you specify type=hidden instead of hidden=hidden in your input declaration as:
<input type="hidden" name="action" value="signup">
instead of
<input hidden="hidden" name="action" value="signup">
Did you check the posted values in your php scripts before the if statement?
You should include db.php in functions.php as well in order to have these functions work there as well.
I am trying to POST to a page that has two forms with duplicate name elements. The problem is that one form gets the password value and the other form gets the login value. (I can see this by printing out curl_exec($ch);) I will include my code for the target URL and the formdata. How do I fix this?
// my target url and form data
$target = "http://www.example.com/login";
$formdata = "id=$login&password=$password&Submit=Log In";
Forms:
<form id="login" name="login" method="post" action="login">
<label for="id">LOGIN ID</label> <input type="text" value="" name="id" maxlength="50" size="30"><br>
<label for="password">Password ID</label> <input type="password" name="password" maxlength="12" size="30">
<div align="center"><button class="siteSprite signInSm" value="Log In" name="Submit" type="submit"></button></div>
</form>
<form section="login" id="loginform" name="loginform" action="http://www.example.com/login" method="post">
<input type="text" size="20" value=" Log-in" onfocus="this.value=''" name="id"></td>
<input type="password" value="Password" maxlength="15" size="12" onfocus="this.value=''" name="password">
<input type="submit" class="siteSprite signInSm" value="Sign-In">
</form>
You'll have to do something to indicate which of the two forms got submitted. You can either submit a field with the same name but different values in each one, or use the submit button:
<form ...>
<input type="hidden" name="whichform" value="1" />
<input type="submit" name="Submit" value="form 1" />
</form>
<form ...>
<input type="hidden" name="whichform" value="2" />
<input type="submit" name="Submit" value="form 2" />
</form>
and then
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (($_POST['Submit'] == 'form 1') || ($_POST['whichform'] == '1')) {
.... handle form #1 ....
}
if (($_POST['Submit'] == 'form 2') || ($_POST['whichform'] == '2')) {
.... handle form #1 ....
}
using either method works the same, just pick the one that makes most sense/is easiest and go from there.
$formdata = "id=$login&password=$password&Submit=Sign-In"; might do the trick; note the fact that the second form has a submit button with a value, and the first form has a <button> which won't send a value (or, maybe, sends a different value via script or something)
I just noticed that the submit button doesn't have a name; try passing it with NO submit parameter, i.e.:
$formdata = "id=$login&password=$password
I'm trying to create a BMI calculator. This should allow people to use either metric or imperial measurements.
I realise that I could use hidden tags to solve my problem, but this has bugged me before so I thought I'd ask: I can use $_POST['variableName'] to find the submitted variableName field-value; but...I don't know, or see, how to verify which form was used to submit the variables.
My code's below (though I'm not sure it's strictly relevant to the question):
<?php
$bmiSubmitted = $_POST['bmiSubmitted'];
if (isset($bmiSubmitted)) {
$height = $_POST['height'];
$weight = $_POST['weight'];
$bmi = floor($weight/($height*$height));
?>
<ul id="bmi">
<li>Weight (in kilograms) is: <span><?php echo "$weight"; ?></span></li>
<li>Height (in metres) is: <span><?php echo "$height"; ?></span></li>
<li>Body mass index (BMI) is: <span><?php echo "$bmi"; ?></span></li>
</ul>
<?php
}
else {
?>
<div id="formSelector">
<ul>
<li>Metric</li>
<li>Imperial</li>
</ul>
<form name="met" id="metric" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="form/multipart">
<fieldset>
<label for="weight">Weight (<abbr title="Kilograms">kg</abbr>):</label>
<input type="text" name="weight" id="weight" />
<label for="height">Height (<abbr title="metres">m</abbr>):</label>
<input type="text" name="height" id="height" />
<input type="hidden" name="bmiSubmitted" id="bmiSubmitted" value="1" />
</fieldset>
<fieldset>
<input type="reset" id="reset" value="Clear" />
<input type="submit" id="submit" value="Submit" />
</fieldset>
</form>
<form name="imp" id="imperial" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="form/multipart">
<fieldset>
<label for="weight">Weight (<abbr title="Pounds">lbs</abbr>):</label>
<input type="text" name="weight" id="weight" />
<label for="height">Height (Inches):</label>
<input type="text" name="height" id="height" /
<input type="hidden" name="bmiSubmitted" id="bmiSubmitted" value="1" />
</fieldset>
<fieldset>
<input type="reset" id="reset" value="Clear" />
<input type="submit" id="submit" value="Submit" />
</fieldset>
</form>
<?php
}
?>
I verified that it worked (though without validation at the moment -I didn't want to crowd my question too much) with metric; I've added the form but not the processing for the imperial yet.
To identify the submitted form, you can use:
A hidden input field.
The name or value of the submit button.
The name of the form is not sent to the server as part of the POST data.
You can use code as follows:
<form name="myform" method="post" action="" enctype="multipart/form-data">
<input type="hidden" name="frmname" value=""/>
</form>
You can do it like this:
<input type="text" name="myform[login]">
<input type="password" name="myform[password]">
Check the posted values
if (isset($_POST['myform'])) {
$values = $_POST['myform'];
// $login = $values['login'];
// ...
}
The form name is not submitted. You should just add a hidden field to each form and call it a day.
In the form submitting button (id method of form is post):
<input type="submit" value="save" name="commentData">
In the PHP file:
if (isset($_POST['commentData'])){
// Code
}
For some reason, the name of the submit button is not passed to the superglobal $_POST when submitted with Ajax/jQuery.
Use a unique value on the submit button for each form like so
File index.html
<form method="post" action="bat/email.php">
<input type="text" name="firstName" placeholder="First name" required>
<input type="text" name="lastName" placeholder="Last name" required>
<button name="submit" type="submit" value="contact">Send Message</button>
</form>
<form method="post" action="bat/email.php">
<input type="text" name="firstName" placeholder="First name" required>
<input type="text" name="lastName" placeholder="Last name" required>
<button name="submit" type="submit" value="support">Send Message</button>
</form>
File email.php
<?php
if (isset($_POST["submit"])) {
switch ($_POST["submit"]) {
case "contact":
break;
case "support":
break;
default:
break;
}
}
?>
As petervandijck.com pointed out, this code may be susceptible to XSS attacks if you have it behind some kind of log-in system or have it embedded in other code.
To prevent an XSS attack, where you have written:
<?php echo "$weight"; ?>
You should write instead:
<?php echo htmlentities($weight); ?>
Which could even be better written as:
<?=htmlentities($weight); ?>
You can use GET in the form's action parameter, which I use whenever I make a login/register combined page.
For example: action="loginregister.php?whichform=loginform"
I had a similar problem which brought me to this question. I reviewed all the preceding answers, but ultimately I ending up figuring out my own solution:
<form name="ctc_form" id="ctc_form" action='' method='get'>
<input type="hidden" name="form_nm" id="form_nm">
<button type="submit" name="submit" id="submit" onclick="document.getElementById('form_nm').value=this.closest('form').name;">Submit</button>
</form>
It seamlessly and efficiently accomplishes the following:
Passes the form name attribute via a hidden input field, without using the fallible value attribute of the submit button.
Works with both GET and POST methods.
Requires no additional, independent JavaScript.
You could just give a name to the submit button and do what needs to be done based on that. I have several forms on a page and do just that. Pass the button name and then if button name = button name do something.
Only the names of the form fields are submitted, but the name of the form itself is not. But you can set a hidden field with the name in it.