I have a search form on my page.
<form action='' method='post'>
<input type='text' name='search' />
<input type='sumit' name='submit' value='submit'/>
</form>
When the user clicks the submit button on the form, it should run a mysql_query and create a link to the user page.
if(isset($_POST['search'])){
$add = "city = {'$_POST['search']'}";
}
$res = mysql_query("SELECT * FROM user WHERE {$add}");
while($rw=mysql_fetch_object($res)){
echo "<a href=user.php?id={$rw->user_id}?>{$rw->name}</a>";
}
When I click on the link user.php?id=3, it goes to the user page and everything is OK. But I have problem when I click the browser's back-button, on user.php page. Then i have problem back to previous page.
Confirm Form Resubmission.
Correct the following:
<input type='sumit' name='submit' value='submit'/>
You are writing type='sumit' instead of type='submit'
To not display the "Confirm Form Resubmission" alert, do you have to change your submission (method) to GET.
<form action='' method='GET'>
<input type='text' name='search' />
<input type='sumit' name='submit' value='submit'/>
</form>
...
if(isset($_GET['search'])){
$res = mysql_query(sprintf("SELECT * FROM user WHERE city='%s'", mysql_real_escape_string($_GET['search']) ));
while($rw=mysql_fetch_object($res)){
echo "<a href=user.php?id={$rw->user_id}?>{$rw->name}</a>";
}
}
You should use get method instead of post. Post resubmissions must be confirmed by most browsers.
P.s.: you shouldn't pass the user input into your sql query directly to prevent the risk of sql injections.
Related
I have the following code which is causing me problem. The code generates two buttons, one to remove the selected project and the other to cancel the deletion of the project. The remove function works well, however I haven't found a way to make my cancel button redirect to my url (when I click on it, nothing happens). Any clue?
...
echo "<form method='post'>";
echo "<input type='hidden' value='".$currentid."' name='project'/>";
echo "<b>".$project_name."</b>";
?>
<div class="btn_2"> <input type="submit" name="save" value="Remove"><input type="submit" onclick="window.location.replace('www.myurl.ca')" value="Cancel"></div>
</form>
You're using a submit button and tagging JS on to it. I'm expecting that you're actually submitting the form, but I could be wrong.
If nothing is happening with your JS, you may try doing window.location.href = "www.myurl.ca"; return false; where including the return false should avoid the submit.
The best solution would probably be to make it a plain button and wrap it in an A tag. You would avoid submitting your form, redirect, and all without requiring JS be active.
...
echo "<form method='post'>";
echo "<input type='hidden' value='".$currentid."' name='project'/>";
echo "<b>".$project_name."</b>";
?>
<div class="btn_2"> <input type="submit" name="save" value="Remove"><button type="button">Cancel</button></div>
</form>
Using the formaction button attribute works.
<input type="submit" name="save" value="Cancel" formaction="http://www.myurl.ca">
I created a form which asks for username and password for registration purposes and I sent the data to same page using action="" and checking for $_POST variables, but data is not being passed through this method. When I print $POST array by changing condition to true and reloading the page , the POST array is empty and also I can see the variables passed as POST in URL.Can somebody explain whats the problem?
Code:
<!DOCTYPE html>
<html>
<?php
if(isset($_POST['user']))
{
echo "Data coming";
die();
}
else {
?>
<form method="POST" enctype="multiform/form-data" action="">
<b> Username: </b><input type='text' name='user'> <br> <br><br>
<b> Password:</b> <input type='password' name='pass'><br> <br>
<input type='submit' value="Submit">
</form>
<?php
}
?>
</html>
You have to give the name to submit button also.
<input type='submit' name="Submit" value="Submit">
You are checking the index 'Submit' in $_POST and the submitted form is take the value with the name of input type. So you have to given the name to submit button also like above.
You are checking in your if isset for a post named:
$_POST['Submit']
Your submit button doesn't have
name=Submit
As a test to see what you are sending for debug purposes, try putting this in your code, it will help you self-debug:
print_r($_REQUEST);
"input type='submit' name="Submit" ...
Change to this.
$_POST['Submit']
looks for a resource with the name of Submit when you reload the page, as in your code there is no resource with the name of Submit, the if statement returns false and the control switches back to the else part.
Give a name to the submit button and use the same name in the post varibale option.
I have a form that contains two button
but when I press on one of them nothing happen
and I can't find the problem can you help me please !!
here my php code :
<?php
session_start();
include 'connection.php';
// in this section, I retrieve data from database and display them on table
// if agree button pressed do the following
if (isset($_POST['agree']))
{
$que="update project set status='submitted' ,projectstatus=1 where projectid=$id ";
$result3=mysql_query($que);
if ($result3)
{
echo(" <script>
alert('The project has been approved');
</script>");
header( "Location:unsubmited.php" );
}
else
{
echo "an error occur can't agree on this project";
}
}
?>
and this is the form :
<form action='' method='post'>
<input type='button' name='disagree' value='disagree ' class='styled-button-11'>
<input type='button' name='agree' value='agree' class='styled-button-11'>
</form>
thanx ^^
Change your code for this, as it says andrewsi:
<form action='' method='post'>
<input type='submit' name='disagree' value='disagree ' class='styled-button-11'>
<input type='submit' name='agree' value='agree' class='styled-button-11'>
</form>
I believe this is as simple as, filling in the action='' to the page to post back to and setting the type='submit' as andrewsi suggested.
I am busy making a new website, but I ran into a little problem today.
I will try to explain it as good as possible.
My website displays a random message every time you refresh the page, you can then click a button that says you like that message.
Now the problem is that when you click the button to like the message the page reloads (because of the form tag) and the like will go to the next message that is displayed.
I have no idea how to solve this so I hope you guys out there can help me with this.
I will post the code below here:
The bit that updates the database after you pressed the like button:
if(!empty($_POST["submit"]))
{
$id = $random['id'];
$query = "UPDATE `quotes` SET `likes` = likes + 1 WHERE `id` = $id";
$result = mysql_query($query);
if ((mysql_error()!=""))
{
$ANTW = mysql_error();
echo ("Cause of the error: " . $ANTW);
}
else
{
echo "It worked!";
}
}
The like button:
<form name='' method='post' action=''>
<input class='like' type='submit' name='submit' />
</form>
I hope that this if enough for you to solve the problem, if not let me know and I will post more code.
Dennis
UPDATE:
Hi guys, Thanks for all of the quick and good advice it worked the way you told me. Thanks
Save your id in a hidden input:
<form name='' method='post' action=''>
<input type="hidden" value="<?php echo $random[$id]; ?>" name="like" />
<input class='like' type='submit' name='submit' />
</form>
And in your PHP code assign:
$id = $_POST['like']; // your like id you passed by the form (input type hidden)
Send the id in submit form using a hidden field like
<input type="hidden" name="myid" value="YOURID">
and in the next page fetch the previous id using
$_POST['myid']
I have a pop up box which checks if the user is signed in or not. If he is, I'm echoing out a small form which the user will press a button and it will submit to the DB. The variables are displayed on the popup but when pressed submit, they do not pass to the submit php file.
$add_wish = "<form action='memWishList.php' method='post' id='memWishList'>
<h3>Add this item to your Wish List?</h3><br>
<input type='hidden' name='title' value='".$title."'>".$title."</input><br>
<input type='hidden' name='link' value='".$link."'></input><br>
<input type='submit' name='submit' value='Add'/><button id='cancel'>
Cancel</button>
</form>";
echo $add_wish;
I want to pass the values title and link to be submitted to the DB. Here's my memWishList.php file:
if (isset($_POST['submit'])){
//get member id
$title = mysqli_real_escape_string($_POST['title']);
$link = mysqli_real_escape_string($_POST['link']);
$mysql = "INSERT INTO wish_list (memNum, title, link, date) VALUES ('$memnum', \
'$title', '$link', now())";
$myquery = mysqli_query($mysqli_connect, $mysql);}
Doing it this way, I only get the member id and the date inserted, not the title and the link. What's the problem? The reason why I'm echoing out this form is there's an if/else statement for logged in users and non logged in. Would be much easier to do it in html but can't...
DB: memnum(varchar), title(longtext), link(longtext), date(date). I have other tables where long links and titles are inserted just fine as longtext. They're coming from rss feeds.
please check documentation: mysqli_real_escape_string function expect the string as 2nd parameter if you use a procedural approach. It could be i.e.:
$link = mysqli_real_escape_string($mysqli_connect, $_POST['link']);
You have some markup errors. Your hidden input tags should look like:
<input type='hidden' name='link' value="<?php echo $link ?>">
Update your HTML file to look like this and all of the values will be sent to the $_POST variable:
<form action='memWishList.php' method='post' id='memWishList'>
<h3>Add this item to your Wish List?</h3><br>
<input type='hidden' name='title' value="<?php echo $title ?>"><?php echo $title ?><br>
<input type='hidden' name='link' value="<?php echo $link ?>"><br>
<input type='submit' name='submit' value='Add'/><button id='cancel'>Cancel</button>
</form>