I created form, when i submit it, i made that it just go to the same form page. When i changed value of variable( to the m=files&a=addedit) it keeps creating new one / symbol. Here is the code, and bellow the code there is the link to the picture.
$referrer = "m=files&a=addedit";
?>
<form name="uploadFrm" action="?m=files" enctype="multipart/form-data" method="post">
<input type="hidden" name="redirect" value="<?php echo $referrer; ?>" />
http://i.stack.imgur.com/CFmXo.jpg
What should i do to fix this from / creation.
Using full path (with http) should fix this issue. Try change the action attribute to:
action="http://www.your-domain.com?m=files"
It's pretty unusual to want to put a ? in the URL in a form action attribute. I'm not sure why you're doing that.
I'd suggest replacing it with a hidden field for m:
<form name="uploadFrm" action="." enctype="multipart/form-data" method="post">
<input type="hidden" name="m" value="files" />
<input type="hidden" name="redirect" value="<?php echo $referrer; ?>" />
Try that, and let us know if it works.
If you still have problems, then it's likely that the issue is actually somewhere else, not in the HTML form code you've given.
Possible places you should look:
A badly configured mod_rewrite can be prone to doing this kind of thing.
The input field on the form is called redirect; maybe the problem is happening when you do the redirect?
Related
Have searched around but not found an answer to this. Might be an indicator that this is a silly question, but:
I'm trying to echo some information from the page URL into a form action so that information is carried to the next page. The form and PHP looks like this:
<form method="link" action="surveymaker.php?title=<?php echo $_GET['title'];?>">
The information that the user enters into the form gets added to the url on the next page, but not the "title" that I'm trying to add by echo. I'm fully prepared to accept that I'm going at this the totally wrong way if that's how it is. Can anyone point me in the right direction?
Thanks
You can use a hidden input field to do this. Just add this to your form:
<input type="hidden" name="title" value="<?php echo htmlspecialchars($_GET['title']);?>">
Note the use of htmlspecialchars to sanitize the value from the URL.
This is not a good idea of archiving what you want ,You should use hidden inputs instead.
example place this anywhere inside your <form>:
<input type="hidden" value="<?= $_GET['title']; ?>" name="title"/>
try this. worked for me..
<?php $title = $_GET['title'];?>
<form method="link" action="surveymaker.php?title=<?php echo $title;?>">
Im try to Programm some php.
i have a site : /index.php?go=newstep&callid=2
Where i put:
<form method="post" action="addnew.php"> <input type="text" name="user" /> <input type="text" name="text" /> <input type="hidden" value="<?php echo($_GET["callid"]); ?>" name="test" />
This is because the next site "addnew.php" Needs the value "callid" from the link to ?go=newstep&callid=2
Why isn't it working?
Is there another way?
Thank you
If You want to use GET method, You can simply put Your variable as part of the link in action attribute. You don't have to use hidden input. Something like that:
action="addnew.php?callid=<?php echo $_GET['callid']; ?>"
Additionally, '"' char in attribute "value" may cause problems, because HTML may interpret it as end of the attribute value.
EDIT:
Exactly, You are using POST method in form, thus You are sending You variable, callid, by POST method now and it will be available in $_POST global array in addnew.php script, not in $_GET global array.
I have a problem with creating a simple search form, used to search my database.
I started using the POST-method and everything worked fine, but switched to using GET-method instead to be able to bookmark my search results. But now I have trouble with the "action-url" when posting.
<form action="index.php?page=searchresult'" method="post">
This worked fine, I got my var's sent to the stated URL, but
<form action="index.php?page=searchresult" method="get">
Doesn't work. When I check my HTML code everything looks great, but I end up going to the URL
site.com/index.php?ALL THE GET-variables linedup here.
I am loosing the "?page=searchresult" part when using the GET-method?!
Am I missing something here, please help?!
Humble regards :)
Try changing this to
<form action="index.php?page=searchresult" method="get">
Put the page element as a hidden tag.
<form action="index.php" method="get">
<input type="hidden" name="page" value="searchresult"/>
<!-- Rest of the input elements -->
<input type="submit" />
</form>
This should fix your issue.
If you are using GET methood then you can pass page parameter in hidden field
like
<input type="hidden" name="page" value="searchresult">
GET sends data in the query string. If the URL in the action has a query string, it will be overwritten by the new one generated by the form.
Store your data in hidden inputs instead.
Well, this is interesting, but you can fix it using an hidden <input>, such as this:
<form action="index.php" method="get">
<input type="hidden" name="page" value="searchresult" />
<input type="submit" value="submit" />
</form>
Just compile the "value" of the hidden input with what you need to pass.
Tried it and it actually works.
Edit:
obviously, from php, use this:
<?php $page = ((isset($_GET['page'])?($_GET['page']):("nope")); ?>
Add a hidden page data in the form.
<form action="index.php" method="get">
<input type="hidden" name="page" value="searchresult" />
Simply because "page=searchresult" is a get data.
You have a quote too much, try removing it.
|
\|/
<form action="index.php?page=searchresult'" method="post">
I would like to understand why the below is not working. It is code that I have inherited and it did work on the previous webmaster's hosting.
The page has a $service variable in the URL hence the echo $_GET['service'] below in order to display the value of the variable on the page. However, we want to use that same variable value on the next page also.
At the moment I cannot use echo $_POST or I even tried echo $_GET on the next page to display this
value. There must be something out of date or wrong with <input type="hidden" name="service" value="<? echo $service; ?>" />.
I tried value= echo $_GET['service']; but this did not appear to change anything,
Grateful for all help.
Thanks.
<?php echo $_GET['service']; ?>
<form action="send-order.php" method="post">
Email<br /><input name="email" value="<?echo $email;?>" type="text" style="width: 350px;" />
<input type="hidden" name="service" value="<? echo $service; ?>" />
<input type="submit" value="Order now" /></p>
</form>
Uhm, first of all I'm seeing your form action is POST (instead of GET), so it's natural you don't appen the service input to the url...
Another thing, you're saying that the code worked previously: it might be for the use of register_globals (turned ON; in darker times that was the usual setting, now it's disabled by default) on the previous server's settings, which automatically made available to the var $service what should have been called with $_GET['service'] (or $_POST['service'], for what that matters).
I still don't understand where the "p" param comes in the URL from your comment, though. If you change the form action to action="get", you will have something like "email=something&service=somethig", but 'p' ?
$service is a variable.
http://example.com?service=foo is a GET parameter.
$service is not the same as $_GET['service']
$_POST['service'] is not the same as $_GET['service']
That said, the form's method is "post". If you're posting to the same page where the form is located, then use $_POST['service'] instead. Or change the form method to "get" and use $_GET['service'].
How do I make a self-posting/self-submitting form, i.e. a form that submits the results to itself, instead of submitting to another form?
The proper way would be to use $_SERVER["PHP_SELF"] (in conjunction with htmlspecialchars to avoid possible exploits). You can also just skip the action= part empty, which is not W3C valid, but currently works in most (all?) browsers - the default is to submit to self if it's empty.
Here is an example form that takes a name and email, and then displays the values you have entered upon submit:
<?php if (!empty($_POST)): ?>
Welcome, <?php echo htmlspecialchars($_POST["name"]); ?>!<br>
Your email is <?php echo htmlspecialchars($_POST["email"]); ?>.<br>
<?php else: ?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
Name: <input type="text" name="name"><br>
Email: <input type="text" name="email"><br>
<input type="submit">
</form>
<?php endif; ?>
I guess , you means $_SERVER['PHP_SELF']. And if so , you really shouldn't use it without sanitizing it first. This leaves you open to XSS attacks.
The if(isset($_POST['submit'])) condition should be above all the HTML output, and should contain a header() function with a redirect to current page again (only now , with some nice notice that "emails has been sent" .. or something ). For that you will have to use $_SESSION or $_COOKIE.
And please. Stop using $_REQUEST. It too poses a security threat.
That will only work if register_globals is on, and it should never be on (unless of course you are defining that variable somewhere else).
Try setting the form's action attribute to ?...
<form method="post" action="?">
...
</form>
You can also set it to be blank (""), but older WebKit versions had a bug.
Try this
<form method="post" id="reg" name="reg" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>"
Works well :)
Your submit button doesn't have a name. Add name="submit" to your submit button.
If you view source on the form in the browser, you'll see how it submits to self - the form's action attribute will contain the name of the current script - therefore when the form submits, it submits to itself. Edit for vanity sake!
change
<input type="submit" value="Submit" />
to
<input type="submit" value="Submit" name='submit'/>
change
<form method="post" action="<?php echo $PHP_SELF;?>">
to
<form method="post" action="">
It will perform the code in if only when it is submitted.
It will always show the form (html code).
what exactly is your question?