I'm looking to send my session variable: $_SESSION['steamid']
to another webpage by using a form. I also want to have a disabled text form with the variable in it.
Currently, this is the code I have:
$variable = $_SESSION['steamid'];
and
<input type="hidden" name="b64id" value="'$variable'"/></br>
<p>Your 64 ID: <input type="text" name="b64id" value="'$variable'" disabled="disabled"/></br>
But I am just recieving "$variable" on the other end. I would like to avoid using POST and Cookies but if it's needed I'm happy to use it. I can ensure that $variable has a value.
Two issues:
You forgot your PHP tags and echo statement
The single quotes are unnecessary if even if you did #1 would cause the same issue to occur
This should do what you need (assuming PHP 5.4+ or short tags enabled):
<p>Your 64 ID: <input type="text" name="b64id" value="<?= $variable ?>" disabled="disabled"/></br>
when you want to use PHP variable you should open PHP tag
NOT CORRECT
<input type="hidden" name="b64id" value="'$variable'"/></br>
<p>Your 64 ID: <input type="text" name="b64id" value="'$variable'" disabled="disabled"/></br>
CORRECT
<input type="hidden" name="b64id" value="<?php echo $variable ?>"/></br>
<p>Your 64 ID: <input type="text" name="b64id" value="<?php echo $variable ?>" disabled="disabled"/></br>
there is a short form <?= $variable ?>
it means <?php echo $variable ?>
WELCOME ON PHP WORD !!!
Enjoy :)
Use following code having php tags:
<input type="hidden" name="b64id" value="<?php echo $variable ?>"/></br>
<p>Your 64 ID:
<input type="text" name="b64id" value="<?php echo $variable ?>" disabled="disabled"/>
</br>
You should also check if session having value or not.
like:
$variable = (isset($_SESSION['steamid']))?$_SESSION['steamid']):'';
Related
I was wondering if it was possible to take HTML user input using PHP (preferably the ID or something I can use numbers in) and to save confusion just echo it back.
So I have some example code here:
<input type="number" maxlength="3" name="test" id="1">
<input type="number" maxlength="3" name="test" id="2">
<input type="number" maxlength="3" name="test" id="2">
What I was looking for is a way where I could use their input and well.... echo it back for now.
if you already know how to submit a form you can use php on the other side like this to echo it out
<form method="POST" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>">
<input type="text" name="name"><br>
<input type="submit" name="submit" value="Submit Form"><br>
</form>
<?php
if (isset($_POST['name'])){
$userinput = $_POST['name'];
echo $userinput;}
?>
in your example all three inputs are named "test" so youll need a different name for each one. My example above uses the "name" of the input to capture it. If your using "GET" change my $_POST['name'] to $_GET['name']
Which method did you use for these inputs? Name them differently, then retrieve the data with:
<?php echo $_GET['test1']; ?>
<?php echo $_GET['test2']; ?>
<?php echo $_GET['test3']; ?>
If you used POST type in the input method, then switch for:
<?php echo $_POST['test1']; ?>
<?php echo $_POST['test2']; ?>
<?php echo $_post['test3']; ?>
I have something like this (code simplified):
<?php
$var = 'Read "The Book"';
?>
<input type="text" value="<?php echo $var; ?>" />
The problem is that in the input looks like if it prints read and when you look at the source code you see it has <input type="text" value="Read "The Book"" /> and it doesn't work.
I can't simply replace value="<?php echo $var; ?>" for value='<?php echo $var; ?>' because $var could has any value and if I do it that way and its value is D'Artagnan it is going to try to print <input type="text" value='D'Artagnan' />.
=(
Any suggestion?
You should sanitize all your output by escaping characters with special meaning into their respective HTML entities. You can do that in the html context with htmlspecialchars.
<input type="text" value="<?php echo htmlspecialchars($var); ?>" />
So, with that, you can avoid XSS attack.
I call a PHP script from my HTML form submit.
Then I process the values retrieved from this HTML form in the PHP script and now I want to display these values in another HTML form that I am calling from this PHP script.
How do I retrieve this variable?
Note: I tried echo but I think I actually want to display this value in the form (HTML) and not break it again in a PHP tag.
I'm not sure what you mean by "not breaking it again with a PHP tag". HTML on its own cannot access PHP variables. This is because PHP is a server-side language and HTML is a client side language. But here is the simplest way to print php variables retrieved from a form.
<form>
<p>Your name: <?php echo $_POST['name'] ?></p>
</form>
This is assuming that there was a form that submitted a field called 'name' using POST.
You can process the name in a php script at the top of the file and then simply echo it when you're printing the html. This way, you won't have too much php code mixed in with the HTML (which makes it look cleaner).
Once you got the values in the PHP script, are you calling a new script? If so, you might wanna save the values in $_SESSION["varible_name"]. If not, you just have to echo it.
It depends on how you are accessing your form data, either through $_POST or through $_GET. For simplicity, I'll assume your using $_GET and modify this example for more clarity.
So lets say you have a form hosted on welcome.php:
<form action="welcome.php" method="get">
Name: <input type="text" name="fname" />
Age: <input type="text" name="age" />
<input type="submit" />
</form>
Now the results will be returned back to the same page, so you want to modify the page to say:
<form action="welcome.php" method="get">
Name: <input type="text" name="fname" value="<?php echo $_GET["fname"]; ?>"/>
Age: <input type="text" name="age" value="<?php echo $_GET["age"]; ?>" />
<input type="submit" />
</form>
Though you'll notice that we're using the same page, and we can only have one version of the page, so we want to render if upon the condition that our variable has been set.
if (isset($_GET["fname"])){
//code to print second form
}
else{
//code to print first form
}
Or, in another way (using the ternary operator):
<form action="welcome.php" method="get">
Name: <input type="text" name="fname" value="<?php echo ((isset($_GET["fname"]))?$_GET["fname"]:""); ?>"/>
Age: <input type="text" name="age" value="<?php echo ((isset($_GET["age"]))?$_GET["age"]:""); ?>" />
<input type="submit" />
</form>
How could I pass a query string value such as domain.com/register?invite=MR5OMxTyjYmTjcwNTyQjTZMyY5YY into a input box on a page?
For example say I had this: <input type="text" name="invite" value="" />
I'm using PHP
To clarify what I mean, if a person loaded that URL, then the value would be automatically filled in with the query string of invite.
Simple:
<?php $invite = (array_key_exists('invite', $_GET)) ? htmlspecialchars($_GET['invite']) : ''; ?>
<input type="text" name="invite" value="<?php echo $invite; ?>" />
Try this:
<input type="text" name="invite" value='<?php echo $_GET["invite"]; ?>' />
<input type="text" name="invite" value="<?php if(isset($_GET['register'])) echo $_GET['register']; ?>" />
This isn't secure at all, but it gives you a start.
Try fetching the invite key with $_GET['invite'] from the address bar (validate it first of course to prevent XSS attacks ;) ) and then place it in your input field within that value part as $invite for example so you end up with value="$invite"
Hope that helps!
<input type="text" name="invite" value="<?php echo $_REQUEST['invite']; ?>" />
So I have this empty textboxes in a registrationg page. The user enters some data, hits continue and then there's a confirmation page. If the data is incorrect, the user hits go back to go correct whatever was wrong. However, when he goes back, all the textboxes are empty. So the first thing that comes to my mind is to store the user data in a Session (I have a User class that holds all this data so I store the class in the session). When the user goes back I am able to retrieve the data.
I do something like this:
if($_SESSION['UserInfo'])
{
$user = $_SESSION['UserInfo'];
$firstName = $user->FirstName;
$lastName = $user->LastName;
}
How would I put these variables in a textbox?
To set the value, you can just echo out the content inside the value attribute:
<input type="text" name="firstname" value="<?php echo htmlentities($firstName); ?>" />
<input type="text" name="lastname" value="<?php echo htmlentities($lastName); ?>" />
Of course you will want to escape it but...
<input type="text" value="<?php echo $firstName ?>" />
or if the form is posted, it would be easier to do:
<input type="text" name="firstName" value="<?php echo $_POST['firstName'] ?>" />
fine... even though it was out of the scope of the question here is the escaped version:
<input type="text" name="firstName" value="<?php echo htmlentities($_POST['firstName']) ?>" />
smth like
<input type="text" value="<?php echo $first_name;?>">
Don't forget to escape with htmlentities() or smth similar. If you don't know why - google XSS.