I have string parameter with apostrophes that I need to pass it to another php page.
My code is:
echo '<form name="submitForm2" action="creatDocument.php?$formulation='.$formulation.'" method="POST">
<input type="submit" value="pass"/>
</form>';
The $fomulation parameter contain the string with hebrew characters that came from user.
if $fomulation = אבג"דה
creatDocument.php received just $fomulation = אבג .
How can I fix it?
What's happening is that the URL parser is breaking on the single quotes. Check out the URLEncode method, to encode your query string parameters.
http://us3.php.net/urlencode
echo '<form name="submitForm2" action="creatDocument.php?$formulation='.urlencode(utf8_encode($formulation)).'" method="POST">
<input type="submit" value="pass"/>
</form>';
Related
I have a form to get information and when i type just spaces with no any other character it gets posted, How could i avoid inserting just spaces in the form?
<form action="index.php" method="post">
<textarea name="textA"></textarea>
<input type="submit" name="sent" value="Send">
</form>
<?php
if(isset($_POST['sent']) && !empty($_POST['textA'])){
$insert=new Insert();
$insert->insertData($_POST['textA']);
}
?>
Just use trim() which will remove all leading and trailing spaces. If there are only spaces in the string then it will become an empty string and empty() will be true.
if(isset($_POST['sent']) && !empty(trim($_POST['textA']))){
You can also do things like str_replace() to replace spaces with and empty string or preg_replace() to do the same but this should do what you need.
If i upload file with single quotes that will cause empty name when i do print_r to $_FILE. for example, file named 2'.ogg that system would output .ogg. I think that windows causes this, but i'm not sure. here the code i'm using:
<?php
if(isset($_POST['submit'])) {
print_r($_FILES);
}
echo <<<Print
<form action='' method="POST" enctype="multipart/form-data">
<input type="file" name="t[]"> <input type="submit" name="submit">
</form>
Print;
?>
Use addslashes() to escape single quote and stripcslashes() to remove added slashes.
I'm creating a small application which allows potential employees to list references. The listed references receive an email containing a URL with a unique string at the end.
(Example: www.the-address.com?url=503241c65b8fe4_07914393). The reference then follows this unique URL to upload a letter in the employee's behalf.
But every time any form is submitted, the random string part of the URL disappears
(Example: www.the-address.com?url=).
I don't understand why this would happen, since I submit the form like this:
<form action="upload_letter.php?url="' . $url . '" id="form_id" method="POST">;
Where $url = $_GET['url'].
Any generic reasons this would happen? I can provide more code, if needed.
If you really have the code like you write, you're closing the action attribute prematurely with the second " character. Try this instead:
echo '<form action="upload_letter.php?url='.urlencode($url).'" id="form_id" method="POST">';
The way you have it would end up as HTML like:
<form action="upload_letter.php?url="google.de" id="form_id"...>
With google.de outside the attribute value.
<?php
$data = array('url' => $url);
?>
<form action="upload_letter.php?<?php echo http_build_query($data) ?>" id="form_id" method="POST">
Or you can just add the URL as a hidden <input>
<form action="upload_letter.php" id="form_id" method="POST">
<input type="hidden" name="url" value="<?php echo htmlentities($url); ?>">
.
.
.
</form>
Then you can access URL via $_POST['url'].
Change method="POST" to method="GET"
If your code is what you wrote on your PHP file: it is wrong. No ";" at the end of an HTML line, and you can't concatenate strings with "." in HTML. You must open the PHP tag and write PHP code inside. For example:
<form action="upload_letter.php?url=<?php echo $url; ?>" id="form_id" method="POST">
But you can also use echo like Wolfgang answer
Probably $url is empty or undefined.
Check the HTML code to see if its written into the form's action.
why you put single quotes around:
. $url .
?
EDIT: Another way to say this:
Are you sure you're on a <?php ?> tag?
I can't set a variable from a post array.
I have a simple form with a hidden field in it:
<input name="sid" type="hidden" id="sid" value="<?=$sid?>">
This hidden field gets sent off to a second file (exec.php) where I have the following code:
$sid = $_POST['sid'];
For some reason, when trying to set $sid, it gets a NULL value. For haha's, I ran the following:
foreach($_POST as $var => $value)
{
echo $var . ' : ' . $value . "<br>";
}
This provided a correct value of 1938 for sid. I've looked at this for 3 hours and can't find what is happening. I expect something extremely stupid...any thoughts?
Here is the form on enter.php
<form name="form1" method="post" action="exec.php">
<input name="sid" type="hidden" id="sid" value="<? echo($sid); ?>">
<input name="ticket_totals" type="hidden" id="ticket_totals" value="<?=$ticket_totals?>">
<input name="emp" type="hidden" id="emp" value="<?=$emp?>">
<input name="submit" type="submit" id="submit" value="Submit">
<input type="submit" name="submit" id="submit" value="Close">
</form>
Here is the POST output on exec.php:
type : Other
ticket_totals : 0
emp : 105
sid : 1939
submit : Submit
Okay - this was poor syntax on my part but now I'm curious as to why.
I left out quotation marks - the solution is as simple as this:
$sid = $_POST["sid"]
Now it works like a champ.
Any takers on why? I'd guess there is a setting in the php.ini that requires the quotes. Strangely enough, I have other variables called from the POST array that i'm not using quotes for and they're working fine...
Use Console in FireBug to inspect the POST request to see what is the sid value that is being sent.
If the sid value in request is ok, use var_dump($_POST["sid"]); to see the results on the server.
EDIT: it's considered good PHP style to use the quotes when accessing the associative array because quote-less keys are indistinguishable from constants:
define('myVar',3);
echo $array[myVar]; // retrieves $array[3], not $array['myVar'];
Try to echo the $sid instead of the <?=:
// Change that
<input name="sid" type="hidden" id="sid" value="<?=$sid?>">
// With that
<input name="sid" type="hidden" id="sid" value="<?php echo $sid; ?>">
also for the test time try to change the input type from hidden to text in order to be 100% sure the $sid contains a value.
Using quotes for associative array keys is mandatory, and while it may work without them, it's incorrect and erratic behavior is expected.
I had this same problem, trying to use $_POST[sid] as a variable. I'm am thinking that "sid" is a reserved or restricted variable name, because I changed my variable to $_POST[snid] and it worked just fine. This was my code
$sid = $_POST[sid];
$recipient = "($sid) ($_POST[sid])";
if ($_POST[sid] > 0)
{
$recipient = "It Worked";
}
print $recipient;
When I posted "&sid=15", the result was:
() (15)
Unbelievable. Impossible, right? All I did was change from using "sid" as the index to "snid", and it worked no problem.
So, don't ever use $_POST[sid].
I want to send a URL in a POST request in a variable called surl. How should I encode it in JavaScript and decode it in PHP? For example, the value of surl could be http://www.google.co.in/search?q=javascript+urlencode+w3schools.
EDIT
Sorry, I forgot to mention, it's not form submission but a ajax request.
You don't need to to anything. Send it as is. Browser and PHP will do all escaping and unescaping for you (if you use form.surl.value = surl; form.submit() and $_POST['surl']). Or you can just use the plain form without any JavaScript (if it fulfills your needs).
Replying henasraf's comment. Try this.
<form id="form" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post"
onsubmit="this.via_js.value=this.via_plain_form.value;">
<input type="hidden" name="via_js"/>
<input type="text" name="via_plain_form" value="Paste you url here"/>
<input type="submit" name="submit" value="Submit"/>
</form>
<?php
if (isset($_POST['submit'])) {
var_export($_POST);
}
?>
For http://www.google.co.in/search?q=javascript+urlencode+w3schools, it outputs
array (
'via_js' => 'http://www.google.co.in/search?q=javascript+urlencode+w3schools',
'via_plain_form' => 'http://www.google.co.in/search?q=javascript+urlencode+w3schools',
'submit' => 'Submit',
)
Use encodeURIComponent(uri) (for encoding) and decodeURIComponent(uri) for decoding,
E.g (encoding).
var uri="http://w3schools.com/my test.asp?name=ståle&car=saab";
document.write(encodeURIComponent(uri));
Output
http%3A%2F%2Fw3schools.com%2Fmy%20test.asp%3Fname%3Dst%C3%A5le%26car%3Dsaab
Decoding is left for the reader. :-)
Source: http://www.w3schools.com/jsref/jsref_encodeURIComponent.asp
As for PHP, it's urlencode() and urldecode().