I have a php page with a form which I want to search the user database from for a username match. This is my code:
<form id="searchuser" name="searchuser" method="post" action="">
Enter a username to search for:
<label>
<input type="text" name="uname" id="uname" />
</label>
<label>
<input type="submit" name="submit" id="submit" value="Search" />
</label>
<p> </p>
</form>
Do I need to put setcookie() in the action?
The action field of a form should contain URL (relative or absolute) of the php script which the browser will navigate into while passing the form fields as a POST request.
For example, you can create a php script named search.php, set action="search.php" in the form and then access the fields of the form in that script using $_POST['uname'] for example.
Not sure what you need to set the cookies for in this form but to set a cookie you need to put the setcookie() call somewhere in your php script, NOT in the HTML code. Also you need to call the setcookie() before any HTML output in your php script.
Related
i have input field for emails and i need the data that was entered by the user to be shown on another page
<input style="width:456px; height:30px;" class="adv_onus_fields" name="adv_onus_email" autocomplete="off" type="email" placeholder="'.__("Email","Advinim").'"/>
You simply have to wrap the input into a form and specifiy a target like this.
<form action="/destination.php" method="get">
<input style="width:456px; height:30px;" class="adv_onus_fields" name="adv_onus_email" autocomplete="off" type="email" placeholder="'.__("Email","Advinim").'"/>>
<input type="submit" value="Submit">
</form>
On the page you want to use the variable write $_GET['adv_onus_email'] to access it.
Another way of doing it is starting a session with session_start() and saving the variable in the $_SESSION array.
I have a smarty project, and in the .tpl file, there is a form:
<form method="get" action="{$smarty.server.PHP_SELF}?action=func1">
<input type="text" name="username"/>
<input type="submit">
</form>
there is a question, if the php file have many function for different action requests, so in the template if have many forms, I want to through the action for distinguish.
but in my practice, see upper code, I write like this, this can not delivery the action to my php file.
I want to write the action in the form action, because this can be more standard. so I don't want to write it in a hidden input. why write in the action can not pass into the php file?
You could use submit button with specified name and value:
<form method="get" action="{$smarty.server.PHP_SELF}">
<input type="text" name="username" />
<input type="submit" name="action" value="func1" />
</form>
and then you'll get a global variable $_POST['action'] with value func1. But the value will be showing on your button title, so I offer you to find forms only by submit name, for example name='submit_form1'.
I have this form:
<form name="form2" method="post" action="http://1.1.101.1/reg.php">
<input id="field12" type="text" value="{$username}" name="username" maxlength="32" placeholder="Username" required="required" />
<input id="field22" type="text" value="{$password}" name="password" maxlength="32" placeholder="Password" required="required" />
<input name="checkbox" type="hidden" id="checkbox" value="checkbox" />
<input type="hidden" name="url" value=""/><br/>
<input type="submit" value="Connect to WiFi" name="button1" /><br/>
</form>
the action is a external url.
How can i check in my php when the button submit is posted (name = button1) before it goes to that url.
Right now i have this but its not working becasuse it goes directly to the action url from the form.
if ($_SERVER['REQUEST_METHOD'] == "post") {
var_dump($_POST);
exit;
}
You can't.
The only way to validate it without using client side code is to submit the form to your own server side code.
You then won't be able to reliably redirect the request while maintaining POST.
You have basically two options the way I see it.
If it's not necessary for the user to see the output of the external script, you could do the posting yourself from your backend. I.e. change the action of your form to your own script and do something like the following:
Validation the fields
If validation OK, POST the data to the external URL via CURL (or similar)
If POST to external URL went OK, redirect to wherever the user should end up in the end
If the user must end up at this external URL, you could do it in two steps. First have your form action set to your own server side validation. If it passes, give the user a confirmation page with a form containing the same data which would then post it to the external URL. The fields should probably be hidden/read-only on this page to prevent them from being changed before the final submit.
This last method is definitely possible to mess with since it's easy to first use valid values, and then change the data in the HTML before doing the final submit. So if security is important here, you're stuck with the first option.
Try this
<?php
if(isset($_POST['button1'])){
//action
header('Refresh:3; url=http://1.1.101.1/reg.php');
}
?>
I want to read cookies when page loads and I want to be able to save them when user presses the submit button on the form.
As the server side script is runing before the html loads I don't know how to send user info from the form into the setcookie()
For example:
<form id="loginForm" name="loginForm" method="post" action="login-exec.php">
<div><input name="login" type="text" class="textfield" id="login" /></div>
<div><input name="password" type="password" class="textfield" id="password" /></div>
<div><input type="checkbox" name="checkbox" value="true" id="checkbox" /> Remember me</td></div>
</form>
this is then function that is made to set cookies:
setcookie(name, value, expire, path, domain);
How to put my info from the form into the $value variable when checkbox is checked?
Do I need to check checkbox value in html or php?
You must do that in login-exec.php using the $_POST variable which will contain your form's data:
<?php
if (isset($_POST['checkbox'])) {
// guessing how to retrieve the other fields is left as an exercise
// setcookie('name', 'value');
}
?>
But, as others have said, you should really read some articles about how to make a safe remember-me system (or ask on SO!).
i am using php and this is my form
<form method="POST" action="www.welcome.php"style="clear:both">
<legend>Login</legend>
Username: <input type="text" name="username" size="20" id="username" class="content" /><br>
Password: <input type="text" name="password" size="20" id="password" class="content" /><br>
<input type="submit" value="Login" name="submit" class="content" />
<input type="reset" value="Reset" class="content" />
<div id="login_response"></div>
</form>
however, i want the redirected page url to be
www.welcome.php?username=xxxx
provided i logged in with xxxx
i want the redirected page url to be www.welcome.php?username=xxxx
for the form's action you don't need it. Just leave your form as is.
if you want to redirect a user after the form processing (as you have to anyway), just add an entered username to the URL in the Location header:
header("Location: welcome.php?username=".$_POST['username']);
exit;
As posted in the second comment, form method="GET" will send the user over to this URL: www.welcome.com/?username=xxxx&password=yyyyyy
However, assuming you do not want the URL to have the password in the querystring (bad idea!) then you will have to submit the form with Javascript, in order to pass the username in the querystring and the password in the post variables. Specifically, your submit button should have an onclick event that calls a Javascript function, which then reads the value of the username and appends it to the action URL, then submits the whole form with the POST method.
I can't think of a reason why you would want the username to be in the querystring instead of the post variables though.
In MB The Developer's answer, the www.welcome.com?username=xxxx URL is hardcoded, which doesn't seem that useful, but if you are talking about a failed login going back to the login page ("redirected?") then MB's example could be extended with something like this:
<form method="POST" action="www.welcome.com?username=<?php print($_GET['username']); ?>"style="clear:both">
Also I think you will want your password field to be type="password" instead of type="text".