I am just finishing up my university assignment and it is working perfectly in google chrome, unfortunately when I went to test it in firefox and IE there are a few mysql querys that just aren't working. The one below is for adding a song to a database, it does this in Chrome, but when trying to do the same in firefox/IE the page just refreshes and nothing happens. I've tried searching for the past hour but haven't been able to come up with a solution. Any help would be appreciated.
The form and inputs
if (!$edit) {
?>
<form class="inline" method="post" action="dataGridAdmin.php">
<td><input type="text" name="song" size="20"></td>
<td><input type="text" name="artist" size="20"></td>
<td>
<?php
if (isset($_POST["sort"]) && $_POST["sort"]=="yes") {
echo "<input type=\"hidden\" name=\"sort\" value=\"yes\">".
"<input type=\"hidden\" name=\"sortField\" value=\"".$_POST["sortField"]."\">".
"<input type=\"hidden\" name=\"sortDirection\" value=\"".$_POST["sortDirection"]."\">";
}
?>
<input type="image" src="add.png" name="addTrack" value="yes"></td>
<td><input type="image" src="search.png" name="searchMusic" value="yes"></td>
</form>
<?php
}
?>
</table>
The php and mysql
// do we want to add a new track?
if (isset($_POST["addTrack"]) && $_POST["addTrack"]=="yes") {
$dbQuery="insert into music values (NULL, '".$_POST["song"]."','".$_POST["artist"]."', 'Y')";
$dbResult=mysql_query($dbQuery);
}
FULL FILE:
<html>
<head>
<title>Music Database Editor</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<?php
include "dbConnect.php";
session_start();
if (!(isset($_SESSION["currentUser"]))) header ("Location: adminLogin.php");
$currentUser=$_SESSION["currentUser"];
$currentUserID=$_SESSION["currentUserID"];
$dbQuery="select * from users where id='$currentUserID'";
$dbResult=mysql_query($dbQuery);
$dbRow=mysql_fetch_array($dbResult);
$adminPriv=$dbRow["admin"];
if ($adminPriv=='N') {
header ("Location: adminLogin.php");
}
// print_r($_POST); // this line can be removed after debugging
// set up page size and current page
$pageSize=10;
if (isset($_POST["thisPage"])) $thisPage=$_POST["thisPage"];
else if (isset($_GET["page"])) $thisPage=$_GET["page"];
else $thisPage=1;
// now check for database activity
// do we want to add a new track?
if (isset($_POST["addTrack"]) && $_POST["addTrack"]=="yes") {
$dbQuery="insert into music values (NULL, '".$_POST["song"]."','".$_POST["artist"]."', 'Y')";
$dbResult=mysql_query($dbQuery);
}
// do we want to modify an existing track?
if (isset($_POST["updateData"]) && $_POST["updateData"]=="yes") {
$dbQuery="update music set ".
"song='".$_POST["newSong"]."', ".
"artist='".$_POST["newArtist"]."' ".
"where id=".$_POST["id"];
$dbResult=mysql_query($dbQuery);
}
// do we want to delete a track?
if (isset($_POST["deleteTrack"]) && $_POST["deleteTrack"]=="yes") {
$dbQuery="delete from music where id=".$_POST["id"];
$dbResult=mysql_query($dbQuery);
}
// have we clicked on the edit icon?
if (isset($_POST["editTrack"]) && $_POST["editTrack"]=="yes") {
$edit=true;
$dbQuery="select * from music where id=".$_POST["id"];
$dbResult=mysql_query($dbQuery);
$dbRow=mysql_fetch_array($dbResult);
// set up the values that will appear in the edit form
$editId=$dbRow["id"];
$editSong=$dbRow["song"];
$editArtist=$dbRow["artist"];
}
else $edit=false;
// how many tracks are in the table?
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes")
$dbQuery="select count(id) from music where song like '%".$_POST["song"]."%' and got='Y'";
else
$dbQuery="select count(id) from music where got='Y'";
$dbResult=mysql_query($dbQuery);
$dbRow=mysql_fetch_array($dbResult);
$totalRows=$dbRow[0];
// adjust $thisPage if we have just deleted the only track on the previous page
if (($thisPage*$pageSize)-($pageSize-1)>$totalRows) $thisPage--;
// do we want to search for a track? track name
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes") {
if (isset($_POST["song"]) && $_POST["song"]!="")
$likeStr="where song like '%".$_POST["song"]."%'";
if (isset($_POST["artist"]) && $_POST["artist"]!="")
$likeStr="where artist like '%".$_POST["artist"]."%'";
if (isset($_POST["song"]) && $_POST["song"]!="" && isset($_POST["artist"]) && $_POST["artist"]!="")
$likeStr="where song like '%".$_POST["song"]."%' and artist like '%".$_POST["artist"]."%'";
} else $likeStr="";
if (isset($_POST["sort"]) && $_POST["sort"]=="yes") { // are the tracks sorted?
$dbQuery="select * from music $likeStr " .
" order by ".$_POST["sortField"]." ".$_POST["sortDirection"].
" limit $pageSize offset " . ($thisPage-1)*$pageSize;
} else $dbQuery="select * from music $likeStr where got='Y' limit $pageSize offset ".($thisPage-1)*$pageSize;
$dbResult=mysql_query($dbQuery);
$numResults=mysql_num_rows($dbResult);
// which tracks are we currently displaying?
if ($numResults==0) {
$first=0; $last=0;
} else {
$first=(($thisPage-1)*$pageSize)+1;
if ($thisPage<$totalRows/$pageSize) $last=$first+($pageSize-1); else $last=$totalRows;
}
$prevPage=$thisPage-1;
$nextPage=$thisPage+1;
echo "<hr width='1300'>";
echo "<br>";
echo "<h3>Music Database Editor</h3>";
// echo "<p>$dbQuery</p>";
// display button link to previous page
if ($thisPage>1) {
echo "<form class=\"inline\" method=\"post\" action=\"dataGridAdmin.php\">".
"<input type=\"hidden\" name=\"thisPage\" value=\"$prevPage\">";
if (isset($_POST["sort"]) && $_POST["sort"]=="yes") {
echo "<input type=\"hidden\" name=\"sort\" value=\"yes\">".
"<input type=\"hidden\" name=\"sortField\" value=\"".$_POST["sortField"]."\">".
"<input type=\"hidden\" name=\"sortDirection\" value=\"".$_POST["sortDirection"]."\">";
}
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes") {
echo "<input type=\"hidden\" name=\"searchMusic\" value=\"yes\">".
"<input type=\"hidden\" name=\"song\" value=\"".$_POST["song"]."\">";
}
echo "<input type=\"image\" src=\"previous.png\" alt=\"Previous page\">".
"</form> ";
} else echo "<img src=\"previous.png\"> ";
echo "Displaying tracks $first-$last of $totalRows ";
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes")
echo "containing '".$_POST["song"]."".$_POST["artist"]."' ";
// display button link to next page
if ($thisPage<$totalRows/$pageSize) {
echo "<form class=\"inline\" method=\"post\" action=\"dataGridAdmin.php\">".
"<input type=\"hidden\" name=\"thisPage\" value=\"$nextPage\">";
if (isset($_POST["sort"]) && $_POST["sort"]=="yes") {
echo "<input type=\"hidden\" name=\"sort\" value=\"yes\">".
"<input type=\"hidden\" name=\"sortField\" value=\"".$_POST["sortField"]."\">".
"<input type=\"hidden\" name=\"sortDirection\" value=\"".$_POST["sortDirection"]."\">";
}
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes") {
echo "<input type=\"hidden\" name=\"searchMusic\" value=\"yes\">".
"<input type=\"hidden\" name=\"song\" value=\"".$_POST["song"]."\">";
}
echo "<input type=\"image\" src=\"next.png\" alt=\"Next page\">".
"</form> ";
} else echo "<img src=\"next.png\"> ";
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes") {
echo "<form class=\"inline\" method=\"post\" action=\"dataGridAdmin.php\">";
if (isset($_POST["sort"]) && $_POST["sort"]=="yes") {
echo "<input type=\"hidden\" name=\"sort\" value=\"yes\">".
"<input type=\"hidden\" name=\"sortField\" value=\"".$_POST["sortField"]."\">".
"<input type=\"hidden\" name=\"sortDirection\" value=\"".$_POST["sortDirection"]."\">";
}
echo "<input type=\"image\" src=\"showAll.png\" alt=\"Show All\">".
"</form> ";
}
?>
<!-- now the current page of tracks -->
<table cellspacing="5">
<tr>
<!-- Sort song name -->
<th><form class="inline" method="post" action="dataGridAdmin.php">
<input type="hidden" name="sort" value="yes">
<input type="hidden" name="sortField" value="song">
<input type="hidden" name="sortDirection" value="asc">
<input type="hidden" name="thisPage" value="<?php echo $thisPage; ?>">
<?php
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes") {
echo "<input type=\"hidden\" name=\"searchMusic\" value=\"yes\">".
"<input type=\"hidden\" name=\"song\" value=\"".$_POST["song"]."\">";
}
?>
<input type="image" src="sort_ascend.png" alt="Sort A-Z">
</form>
Song
<form class="inline" method="post" action="dataGridAdmin.php">
<input type="hidden" name="sort" value="yes">
<input type="hidden" name="sortField" value="song">
<input type="hidden" name="sortDirection" value="desc">
<input type="hidden" name="thisPage" value="<?php echo $thisPage; ?>">
<?php
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes") {
echo "<input type=\"hidden\" name=\"searchMusic\" value=\"yes\">".
"<input type=\"hidden\" name=\"song\" value=\"".$_POST["song"]."\">";
}
?>
<input type="image" src="sort_descend.png" alt="Sort Z-A">
</form></th>
<!-- Sort artist name -->
<th><form class="inline" method="post" action="dataGridAdmin.php">
<input type="hidden" name="sort" value="yes">
<input type="hidden" name="sortField" value="artist">
<input type="hidden" name="sortDirection" value="asc">
<input type="hidden" name="thisPage" value="<?php echo $thisPage; ?>">
<?php
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes") {
echo "<input type=\"hidden\" name=\"searchMusic\" value=\"yes\">".
"<input type=\"hidden\" name=\"artist\" value=\"".$_POST["artist"]."\">";
}
?>
<input type="image" src="sort_ascend.png" alt="Sort A-Z">
</form>
Artist
<form class="inline" method="post" action="dataGridAdmin.php">
<input type="hidden" name="sort" value="yes">
<input type="hidden" name="sortField" value="artist">
<input type="hidden" name="sortDirection" value="desc">
<input type="hidden" name="thisPage" value="<?php echo $thisPage; ?>">
<?php
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes") {
echo "<input type=\"hidden\" name=\"searchMusic\" value=\"yes\">".
"<input type=\"hidden\" name=\"artist\" value=\"".$_POST["artist"]."\">";
}
?>
<input type="image" src="sort_descend.png" alt="Sort Z-A">
</form></th><th></th><th></th></tr>
<?php
while ($dbRow=mysql_fetch_array($dbResult)) {
$id=$dbRow["id"];
$song=$dbRow["song"];
$artist=$dbRow["artist"];
// are we editing a track? If so, display the form
if ($edit) {
if ($id==$_POST["id"]) {
echo "<tr><form class=\"inline\" method=\"post\" action=\"dataGridAdmin.php\">".
"<input type=\"hidden\" name=\"updateData\" value=\"yes\">".
"<input type=\"hidden\" name=\"id\" value=\"$editId\">".
"<td><input type=\"text\" name=\"newSong\" value=\"$editSong\"></td>".
"<td><input type=\"text\" name=\"newArtist\" value=\"$editArtist\"></td>".
" <input type=\"hidden\" name=\"thisPage\" value=\"$thisPage\">";
if (isset($_POST["sort"]) && $_POST["sort"]=="yes") {
echo "<input type=\"hidden\" name=\"sort\" value=\"yes\">".
"<input type=\"hidden\" name=\"sortField\" value=\"".$_POST["sortField"]."\">".
"<input type=\"hidden\" name=\"sortDirection\" value=\"".$_POST["sortDirection"]."\">";
}
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes") {
echo "<input type=\"hidden\" name=\"searchMusic\" value=\"yes\">".
"<input type=\"hidden\" name=\"song\" value=\"".$_POST["song"]."\">";
}
echo "<input type=\"image\" src=\"edit.png\"></td>".
"<td></td></form></tr>";
} else {
echo "<tr><td>$song</td><td>$artist</td><td></td><td></td>";
}
}
// not editing, so display the tracks as text
else {
echo "<tr><td width='300'>$song</td><td width='300'>$artist</td>";
echo "<td><form class=\"inline\" method=\"post\" action=\"dataGridAdmin.php\">".
" <input type=\"hidden\" name=\"editTrack\" value=\"yes\">".
" <input type=\"hidden\" name=\"id\" value=\"$id\">".
" <input type=\"hidden\" name=\"thisPage\" value=\"$thisPage\">";
if (isset($_POST["sort"]) && $_POST["sort"]=="yes") {
echo "<input type=\"hidden\" name=\"sort\" value=\"yes\">".
"<input type=\"hidden\" name=\"sortField\" value=\"".$_POST["sortField"]."\">".
"<input type=\"hidden\" name=\"sortDirection\" value=\"".$_POST["sortDirection"]."\">";
}
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes") {
echo "<input type=\"hidden\" name=\"searchMusic\" value=\"yes\">".
"<input type=\"hidden\" name=\"song\" value=\"".$_POST["song"]."\">";
}
echo " <input type=\"image\" src=\"edit.png\" alt=\"Edit track\">".
" </form></td>".
"<td><form class=\"inline\" method=\"post\" action=\"dataGridAdmin.php\">".
" <input type=\"hidden\" name=\"deleteTrack\" value=\"yes\">".
" <input type=\"hidden\" name=\"id\" value=\"$id\">".
" <input type=\"hidden\" name=\"thisPage\" value=\"$thisPage\">";
if (isset($_POST["sort"]) && $_POST["sort"]=="yes") {
echo "<input type=\"hidden\" name=\"sort\" value=\"yes\">".
"<input type=\"hidden\" name=\"sortField\" value=\"".$_POST["sortField"]."\">".
"<input type=\"hidden\" name=\"sortDirection\" value=\"".$_POST["sortDirection"]."\">";
}
if (isset($_POST["searchMusic"]) && $_POST["searchMusic"]=="yes") {
echo "<input type=\"hidden\" name=\"searchMusic\" value=\"yes\">".
"<input type=\"hidden\" name=\"song\" value=\"".$_POST["song"]."\">";
}
echo " <input type=\"image\" src=\"delete.png\" alt=\"Delete track\">".
" </form></td>".
"</tr>";
}
}
// only display the "add track" form if we are NOT currently editing
if (!$edit) {
?>
<tr>
<form class="inline" method="post" action="dataGridAdmin.php">
<td><input type="text" name="song" size="20"></td>
<td><input type="text" name="artist" size="20"></td>
<td>
<?php
if (isset($_POST["sort"]) && $_POST["sort"]=="yes") {
echo "<input type=\"hidden\" name=\"sort\" value=\"yes\">".
"<input type=\"hidden\" name=\"sortField\" value=\"".$_POST["sortField"]."\">".
"<input type=\"hidden\" name=\"sortDirection\" value=\"".$_POST["sortDirection"]."\">";
}
?>
<input type="image" src="add.png" name="addTrack" value="yes"></td>
<td><input type="image" src="search.png" name="searchMusic" value="yes"></td>
</form>
</tr>
<?php
}
?>
</table>
<p></br>  Logout
</body>
</html>
If it helps, this is what it looks like:
http://i57.tinypic.com/2hpmzbt.jpg
First off, your insert has absolutely no protection against SQL injection. There's a running joke thanks to XKCD about Bobby Tables you can see that explains the whole problem in detail.
Second, I can't tell where the problem is because you're not showing the code that does the output, just the code that does the submission. Is your PHP block on the same page you're submitting to or a separate page? Are you using a redirect?
Try upgrading you php and mysql version. As Abhik Chakraborty said PHP Mysql has nothing to do with the browser !! .
The input type 'image' does not support a value field.
See: http://www.w3.org/TR/html4/interact/forms.html#h-17.4.1
Instead the value of an 'image' input is the coordinates where the user clicked on the image.
Try to check if addTrack.x is set instead:
// do we want to add a new track?
if (isset($_POST["addTrack"]) && isset($_POST["addTrack.x"])) {
$dbQuery="insert into music values (NULL, '".$_POST["song"]."','".$_POST["artist"]."', 'Y')";
$dbResult=mysql_query($dbQuery);
}
As other people states you should also read up on SQL injections.
I see a couple things that could cause issues.
First thing, like the guy before me said you have this open for SQL injection, the least you want to do is filter the $_POST data. Also you have no database provided for your query
<?php
// do we want to add a new track?
if (isset($_POST["addTrack"]) && $_POST["addTrack"]=="yes") {
$db_connection = mysqli_connect("myhost","myuser","mypassw","mydb") or die("Error " . mysqli_error($link));
//Clean the data and get it ready
$addTrack=mysqli_real_escape_string(strip_tags($db_connection,$_POST['addTrack']));
$song=mysqli_real_escape_string($db_connection,strip_tags($_POST['song']));
$artist=mysqli_real_escape_string($db_connection,strip_tags($_POST['artist']));
$dbQuery="insert into music (NULL, '$song','$artist', 'Y')";
$dbResult=mysqli_query($db_connection,$dbQuery);
if($dbResult){
//Your query worked!!
}
}
?>
Related
The label tag has the right syntax however the form structure is not aligned well the way I want it.I also put id as well
echo "<form action='getregister.php' method='post'>";
echo "<fieldset >";
echo "<legend>Register</legend>";
echo "<input type='hidden' name='submitted' id='submitted' value='1'/>";
echo "<label for='First_name'>First Name: </label>";
echo "<input type='text' name='U_fname' id='First_name' value=''><br>";
echo "<label for='Last_name'>Last Name: </label>";
echo "<input type='text' name='U_sname' id='Last_name' value=''><br>";
echo "<label for='Address' >Address: </label>";
echo "<input type='text' name='U_address' id='Address' value=''><br>";
echo "<label for='Postcode' >Postcode: </label>";
echo "<input type='text' name='U_postcode' id='Postcode' value=''><br>";
echo "<label for='Telno' >Tel No: </label>";
echo "<input type='text' name='U_telNo' id='Telno' value=''><br>";
echo "<label for='Email' >Email Address: </label>";
echo "<input type='email' name='U_email' id='Email' value=''><br>";
echo "<label for='password' >Password:</label>";
echo "<input type='password' name='U_password' id='password' value=''><br>";
echo "<label for='passwords' >Confirm Password:</label>";
echo "<input type='password' name='U_confirmPassword' id='passwords' value=''><br>";
echo "<input type='submit' name='Submit' value='Register' />";
echo "<button type='reset' value='Reset'>Clear form</button>";
echo "</fieldset>";
echo "</form>";
Try like this:
echo "<form action='getregister.php' method='post'>";
echo "<fieldset >";
echo "<legend>Register</legend>";
echo "<input type='hidden' name='submitted' id='submitted' value='1'/>";
echo "<table>";
echo "<tr>";
echo "<td><label for='First_name' >First Name: </label></td>";
echo "<td><input type='text' name='U_fname' value=''></td>";
echo "</tr>";
echo "<tr>";
echo "<td><label for='Last_name'>Last Name: </label></td>";
echo "<td><input type='text' name='U_sname' id='Last_name' value=''>";
echo "</tr>";
echo "<table>";
echo "</fieldset>";
echo "</form>";
This code gets some data from the database and displays it with a group of radio buttons. How do I get the value for every group of radio buttons??
<form name="functional" method="post" action="funcsub.php">
<?php
$n=0;
$con=mysqli_connect('localhost','Sanjana','sanjana');
mysqli_select_db($con,'mydatabase');
$sql = mysqli_query($con,"select * from functional") or die("Failed");
while($result = mysqli_fetch_array($sql)){
?>
<br/>
<?php
echo $result["Skill"];
echo "</br>";
echo"<input type='radio' name='tech[.$n.]' value='0'>0";
echo"<input type='radio' name='tech[.$n.]' value='1'>1";
echo"<input type='radio' name='tech[.$n.]' value='2'>2";
echo"<input type='radio' name='tech[.$n.]' value='3'>3";
echo"<input type='radio' name='tech[.$n.]' value='4'>4";
echo"<input type='radio' name='tech[.$n.]' value='5'>5";
$n=$n+1;
}
?>
<br/>
<input type="submit" name="submit" value="Submit">
</form>
Those dots are not needed in these. Perhaps you meant?:
echo "<input type='radio' name='tech[".$n."]' value='0'>0";
echo "<input type='radio' name='tech[".$n."]' value='1'>1";
echo "<input type='radio' name='tech[".$n."]' value='2'>2";
echo "<input type='radio' name='tech[".$n."]' value='3'>3";
echo "<input type='radio' name='tech[".$n."]' value='4'>4";
echo "<input type='radio' name='tech[".$n."]' value='5'>5";
Assuming that's what you wanted, you can get values like this (I prefer writing above the printing part (or your form, in this case)):
if (!empty($_POST)) {
$tech = $_POST['tech'];
echo 'Value of the second row: '.$tech[1];
}
I can submit a form without echoing that form. But how can the form be submitted after 5 minutes with the form being echoed?
Here is my code:
echo "<form name=myfm id=myfm1 method=post action=ats_exam.php>";
echo "<table width=100%> <tr> <td width=30> <td> <table border=0>";
$n=$_SESSION[qn]+1;
echo "<tR><td><span class=style2>Que ". $n .": $row[2]</style>";
echo "<tr><td class=style6><input type=radio name=ans value=1>$row[3]";
echo "<tr><td class=style6> <input type=radio name=ans value=2>$row[4]";
echo "<tr><td class=style6><input type=radio name=ans value=3>$row[5]";
echo "<tr><td class=style6><input type=radio name=ans value=4>$row[6]";
if($_SESSION[qn]<mysql_num_rows($rs)-1)
echo "<tr><td><input type=submit name=submit1 value='Next Question'> </form>";
echo "<tr><td><input type=submit name=submit value='Get Result'>
</form>";
echo "</table></table>";`
Do the following:
echo "<form name=myfm id=myfm1 method=post action=ats_exam.php>";
echo "<table width=100%> <tr> <td width=30> <td> <table border=0>";
$n=$_SESSION[qn]+1;
echo "<tR><td><span class=style2>Que ". $n .": $row[2]</style>";
echo "<tr><td class=style6><input type=radio name=ans value=1>$row[3]";
echo "<tr><td class=style6> <input type=radio name=ans value=2>$row[4]";
echo "<tr><td class=style6><input type=radio name=ans value=3>$row[5]";
echo "<tr><td class=style6><input type=radio name=ans value=4>$row[6]";
if($_SESSION[qn]<mysql_num_rows($rs)-1)
echo "<tr><td><input type=submit name=submit1 value='Next Question'> </form>";
echo "<tr><td><input type=submit name=submit value='Get Result'>
</form>";
echo "</table></table>";`
echo "<script>setInterval(function(){ myform.submit(); }, 3000);</script>";
Please check a simple example of how I achieved it here: https://jsfiddle.net/redmutex/4kgde4o4/
You can use jquery/ajax .get function for this.
$.get( "insertdata.php", { page: "add", username: "username" } )
.done(function( data ) {
alert( "Data Loaded: " + data );
});
Hi I have this and works fine except the following issue.
echo "<form method='post' action=''>";
echo " <input type='text' name='txt1' id='txt1' value=".$_SESSION['txt1'].">";
echo " <input type='submit' name='sendtwo' id='sendtwo' value='TwoClick'>";
echo "</form>";
<A submit button here to send the form data>
The issue is if I have a value in the text box like John when I submit the form I retain the original user typed word Jonn in the text box. However if the user type John Carter, when the form is submitted it retains only John. In other words texts only up to first space between the texts. How do I retain entire text?
EDIT
<?php
if(isset($_POST['sendone']))
{
echo "Hello";
echo "<form method='post' action=''>";
echo " <input type='text' name='txt1' id='txt1'>";
echo " <input type='submit' name='sendtwo' id='sendtwo' value='TwoClick'>";
echo "</form>";
}
if(isset($_POST['sendtwo']))
{
if($_POST['txt1']=='')
{
echo "Hello";
echo "<form method='post' action=''>";
echo " <input type='text' name='txt1' id='txt1'>";
echo " <input type='submit' name='sendtwo' id='sendtwo' value='TwoClick'>";
echo "</form>";
echo "Empty";
}
else
{
$_SESSION['txt1'] = $_POST['txt1'];
echo "Hello";
echo "<form method='post' action=''>";
echo " <input type='text' name='txt1' id='txt1' value=".$_SESSION['txt1'].">";
echo " <input type='submit' name='sendtwo' id='sendtwo' value='TwoClick'>";
echo "</form>";
echo "Hit success!";
}
}
?>
You need to include the single quotes around the value for the value= attribue when echoing the _SESSION["txt1"], otherwise the resulting HTML isn't valid .. like this:
<?php
if(isset($_POST['sendone']))
{
echo "Hello";
echo "<form method='post' action=''>";
echo " <input type='text' name='txt1' id='txt1'>";
echo " <input type='submit' name='sendtwo' id='sendtwo' value='TwoClick'>";
echo "</form>";
}
if(isset($_POST['sendtwo']))
{
if($_POST['txt1']=='')
{
echo "Hello";
echo "<form method='post' action=''>";
echo " <input type='text' name='txt1' id='txt1'>";
echo " <input type='submit' name='sendtwo' id='sendtwo' value='TwoClick'>";
echo "</form>";
echo "Empty";
}
else
{
$_SESSION['txt1'] = $_POST['txt1'];
echo "Hello";
echo "<form method='post' action=''>";
// check out this line here:
echo " <input type='text' name='txt1' id='txt1' value='" . htmlspecialchars($_SESSION['txt1']) . "'>";
echo " <input type='submit' name='sendtwo' id='sendtwo' value='TwoClick'>";
echo "</form>";
echo "Hit success!";
}
}
?>
Though, it's worth nothing that it is much more performant (and readable!) to use plain HTML where possible, and just use echo for the variables you wish to include.
Check this code.
<form name="" method="post">
<input type="text" name="txt1">
<input type="submit" name="sendtwo">
<input type="submit" name="sendone">
</form>
<?php
if(isset($_POST['sendone']))
{
echo "Hello";
echo "<form method='post' action=''>";
echo " <input type='text' name='txt1' id='txt1'>";
echo " <input type='submit' name='sendtwo' id='sendtwo' value='TwoClick'>";
echo "</form>";
}
if(isset($_POST['sendtwo']))
{
if($_POST['txt1']=='')
{
echo "Hello";
echo "<form method='post' action=''>";
echo " <input type='text' name='txt1' id='txt1'>";
echo " <input type='submit' name='sendtwo' id='sendtwo' value='TwoClick'>";
echo "</form>";
echo "Empty";
}
else
{
$_SESSION['txt1'] = $_POST['txt1'];
echo "Hello";
echo "<form method='post' action=''>";
// check out this line here:
echo " <input type='text' name='txt1' id='txt1' value='" . $_SESSION['txt1'] . "'>";
echo " <input type='submit' name='sendtwo' id='sendtwo' value='TwoClick'>";
echo "</form>";
echo "Hit success!";
}
}
?>
I have an array of variables that I passing to Paypal via . The problem I have is when the Paypal screen loads the items, qty, price section is empty. Here is the code snippet for the passing:- (arrays cart_stock and cart_price hold the data to pass, $tmp_cart_count hold the total number of items to pass)
<?php
echo "<form target='PayPal' action='https://www.sandbox.paypal.com/cgi-bin/webscr' method='post'>";
echo "<input name='cmd' value='_xclick' type='hidden' />";
echo "<input name='upload' value='1' type='hidden' />";
echo "<input name='business' value='sales#danskvintage.com.au' type='hidden' />";
// other irrelevant variables are passed here //
$i=0;$count=1;
while ($i < $tmp_cart_count)
{
echo "<input name='custom' value='".$_SESSION['cart_stock'][$i]."' type='hidden' >";
echo "<input name='item_name_".($count)."' value='".$_SESSION['cart_title'][$i]."' type='hidden' >";
echo "<input name='quantity_".($count)."' value='1' type='hidden' >";
echo "<input name='amount_".($count)."' value='".$_SESSION['cart_price'][$i]."' type='hidden' >";
echo "<input name='shipping_".($count)."' value='0' type='hidden' >";
$i++;
$count++;
}
echo "<input type='submit' value='PayPal'>";
echo "</form>";
?>
Any help would be much appreciated, as it has me stumped.
Try changing
echo "<input name='cmd' value='_xclick' type='hidden' />";
into
echo "<input name='cmd' value='_cart' type='hidden' />";
I believe that might help.