I'm a beginner in HTML and PHP. I made an HTML file include a form that sends variables with POST format to a PHP file for process and validation. In addition this form sends a picture file.
But really I confused that this PHP file how send back acknowledge for show to user.
For more description I want design an HTML form that send values to PHP and finally show user "thank you message" if the image size and format is valid or show "unable to upload your image" in first html form. Is it possible??
Regards...
HTML is static stuff. It sends nor validates anything. The HTML describes what a page should look like and if there are special elements, like your form. It is the blueprint that a browser uses to render a page.
The browser can communicate with a server. The browser can send a request to the server, and the server sends a response in return.
The request consists of a URL and optionally extra data, like POSTed form data.
The server normally always sends a reponse, unless something goes wrong (in terms of connection loss or a time-out). Even in case of a server error, you will often still get a response).
So, since you got a php script that processes the form data, it is its reponsibility to send a reponse that tells you, the user of the browser, whether posting has failed or succeeded.
The response is loaded and displayed by the browser as a new page, so after sending the form, the browser will render the response it got, which might contain an error message or a thank you message, and if you like, a new form to upload another file.
After that, there's also the possibility to post forms using AJAX. Then, you can get the response in the background (asynchonously) and add it to the existing page. But that's a whole new chapter, and I think you should try the normal way first.
After process your Post data use
use this code on that page :-
header('Location: http://www.example.com?msg="success"');
and on that side use that code
if(isset($_GET['msg'])){echo $_GET['msg']//or show what ever you want like you message in echo ;})
Related
I have a submission form, and I wrote a PHP script to make form send an email with input data that the user inserts it in the fields of the form
Now I put the PHP code in the same file of HTML and CSS, I mean that the HTML, CSS and PHP in the same file
When I put the file in the CMS, that what happened to the page, you could see what happen from here: https://www.hochikiamerica.com/acd-landing-2
PHP Script and HTML code of the form
https://github.com/Mstava/FreelancerProject/blob/master/formScript.php
Now, I need to know where to put the PHP code in the HTML file to avoid this
and How to ensure that code is working and it sends the Email
When you click on submit your form action takes you to action_page.php That's where you should read your post variables and send the email. Take a look at this post I wrote several years ago blue host email
A common misconception is that additional PHP can be run upon the user doing something (i.e. clicking submit button). Not the case. When the page has been rendered, no further PHP on that page can be executed.
So, what to do?
You have two options:
(1) You can create a second page (action_page.php or some name), that is specified on the action= attribute of the form tag. That additional page will receive the data the user typed in, via PHP variables $_POST (if method="post") or via $_GET if method=get, and you can then use that data to send the contact form, and either display new data to the user or send the user back to the original page. Of course, you may need additional PHP to acknowledge the form has been sent, etc - and this additional code will need to handle both the case where the user is visiting the page for the first time, and when the contact form has been sent and the user is seeing the page for the second time.
(2) You can use AJAX (javascript/jQuery) to grab the form data, send it to a secondary PHP file, which will receive the data via the $_POST/$_GET variables, send the email, and return a response back to the first page.
These days, mostly we use the second method, because it is much more powerful. For one, the user remains on the same page. For another, there is no page refresh. For another, your javascript can do other things after the form has been sent.
AJAX is actually pretty simple - just do a google search for YouTube videos on creating a login system with PHP and AJAX. You should be able to find one of around 10 mins or less that explains all you need to know to send your contact form, and send feedback back to the calling page.
Here is a 5-minute YouTube tutorial that will show you the basics:
Install a simple PHP and Ajax login system
I am having a very hard time understanding the exact process of "post/redirect/get".
I have combed through this site and the web for several hours and cannot find anything other than "here's the concept".
How to understand the post/redirect/get pattern?
Wikipedia explains this so well!
The Problem
The Solution
As you may know from your research, POST-redirect-GET looks like this:
The client gets a page with a form.
The form POSTs to the server.
The server performs the action, and then redirects to another page.
The client follows the redirect.
For example, say we have this structure of the website:
/posts (shows a list of posts and a link to "add post")
/<id> (view a particular post)
/create (if requested with the GET method, returns a form posting to itself; if it's a POST request, creates the post and redirects to the /<id> endpoint)
/posts itself isn't really relevant to this particular pattern, so I'll leave it out.
/posts/<id> might be implemented like this:
Find the post with that ID in the database.
Render a template with the content of that post.
/posts/create might be implemented like this:
If the request is a GET request:
Show an empty form with the target set to itself and the method set to POST.
If the request is a POST request:
Validate the fields.
If there are invalid fields, show the form again with errors indicated.
Otherwise, if all fields are valid:
Add the post to the database.
Redirect to /posts/<id> (where <id> is returned from the call to the database)
I'll try explaining it. Maybe the different perspective does the trick for you.
With PRG the browser ends up making two requests. The first request is a POST request and is typically used to modify data. The server responds with a Location header in the response and no HTML in the body. This causes the browser to be redirected to a new URL. The browser then makes a GET request to the new URL which responds with HTML content which the browser renders.
I'll try to explain why PRG should be used. The GET method is never supposed to modify data. When a user clicks a link the browser or proxy server may return a cached response and not send the request to the server; this means the data wasn't modified when you wanted it to be modified. Also, a POST request shouldn't be used to return data because if the user wants to just get a fresh copy of the data they're forced to re-execute the request which will make the server modify the data again. This is why the browser will give you that vague dialog asking you if you are sure you want to re-send the request and possibly modify data a second time or send an e-mail a second time.
PRG is a combination of POST and GET that uses each for what they are intended to be used for.
Just so people can see a code example (this is using express):
app.post('/data', function(req, res) {
data = req.body; //do stuff with data
res.redirect('public/db.html');
});
So to clarify, it instantly refreshes the webpage and so on refresh of that webpage (e.g. if you updated an element on it) it won't repost the form data.
My code used to look like this:
app.post('/data', function(req, res) {
data = req.body;
res.sendFile('public/db.html');
});
So here the response is sending the html file at the /data address. So in the address bar, after pressing the submit button it would say for me: localhost:8080/data.
But this means that on refresh of that page, if you have just submitted the form, it will submit it again. And you don't want the same form submitted twice in your database. So redirecting it to the webpage (res.redirect) instead of sending the file (res.sendFile) , stops the resubmission of that form.
It is all a matter of concept, there is no much more to understand :
POST is for the client to send data to the server
GET is for the client to request data from the server
So, conceptually, there is no sense for the server to answer with a resource data on a POST request, that's why there is a redirection to the (usually) same resource that has been created/updated. So, if POST is successful, the server opiniates that the client would want to fetch the fresh data, thus informing it to make a GET on it.
i have a form with userdata, such as name, address, email etc. and i wanna do a action to a page on a foreign domain which i can not manipulate. Normally i would say that the form should do action="www.notmydomain.com/externalscript.php" to send the data via POST, but now i first wanna save this data an then submit the formdata to this target. This isn´t possible in this case so I tried to send my formdata to another script on MY server which saves the data an then reuses the POSTvars and send it with curl. This works so far but i need to redirect to www.notmydomain.com/theforeignscript.php so that the user ends at this domain. curl doesn´t do that because it only can do request, right?!
The first page shows the form:
<form id="newsletter" action="myscript.php" method="post">....</form>
..which is used by myscript.php to save the data in a csv and then again should submit the data to www.notmydomain.com/externalscript.php (which cannot be edited)...
Has anybody a hint how this could be done?
Thanks in advance.
You can use header("Location: http://domain.com/script.php"); to redirect the user to another address. This needs to be executed before anything is printed by your script, so make sure you catch all curl errors etc. properly to avoid ugly PHP error messages.
I have a form which submits to a external url and the url returns a xml result whether the action did go well or not. I want the form to be posted and the xml result to returned so the user can see the xml result instead of the external url being opened in blank window without any formatting.
I'm not sure how to make this.
Instead of posting the form directly to the external script, you will need to wrap it in your own PHP code to be able to deliver the XML back to your user to view.
To do this, you can:
Make the form post to itself instead of directly to the external resource
Capture the $_POST
Transfer it to a cURL request that posts to the external form
Retrieve the output from the cURL request and display it for your user, wrapped in <pre></pre> to preserve XML formatting.
Note however, that some web browsers will correctly display the returned XML as it already is, provided it is correctly identified as XML by the server sending it. You don't have control over that on either the external server or your end user clients though.
i have create a form (so it's PHP and HTML hybrid-code). it has ability to send '$_POST'. And when i click it, it work perfectly on sending and displaying input.
But there's something happening when i click Ctrl+R in firefox for represhing the page. I got this confim dialog : "To display this page, Firefox must send information that will repeat any action (such as a search or order confirmation) that was performed earlier"
my question
what is it, (this confirm dialog ?)
what i have to do on my code so it able to suppress this dialog ?
You probably have created an HTML page that contains a <form>. The form is used to send data to the HTTP server (that is, the webserver that hosts your site).
The HTTP protocol defines different request types used to send data to the server and to retrieve data from the server. The most used are GET and POST. You must learn about all this if you want to be anything more than a very bad PHP programmer, which is unfortunately (or fortunately, if you are on the hacker side) very common.
Your problem is that Firefox has arrived on the page you are talking about after sending a POST request. If you reload the page, it has to send the same data again in the form of a POST. Due to the conventions on what a POST request should be used for (usually to modify data on a database), the browser asks the user if he is sure about what he wants to do.
There are mainly two options to circumvent this:
Change the form method to GET; or
Use a redirection after the POST.
To use the first method, you could simply add a method="get" parameter to your form tag:
<form action="senddata.php" method="get"> ... </form>
To use the second method, you simply redirect the user after the POST request, using something like
header("Location: blahblahblah")
The most used pattern is the POST-Redirect, that is, the second method I told you about. There are many security implications on using GET to change data on a database (if you are interested on that, and you should be, as every PHP programmer should, read about XSRF).
Submitting a form (sending a POST request) is commonly used to confirm an order on eCommerce sites. Therefore, submitting it twice would submit the order, twice. Therefore browsers, tend to ask for confirmation that a user wants to send the POST request again.
In order to prevent this, you need to make the refresh do a GET request instead of a POST request. To do this, simply redirect to the same page after processing the form.
header("Location: /path/to/self");
This will make it so when the user hits refresh, it will be sending a GET request instead of a POST request, and it won't prompt for confirmation.
To clairify, it goes like this:
Form gets sent via POST (User clicks on form)
Form gets processed
User gets redirected to the same page (via GET)
User now will be refreshing a GET request instead of a POST request.
I guess whenever your form (php, asps, static html etc) contains post information that may either form field infor or other, is sent to the server via firefox, it displays such a message before sending the data again to server. it serves as a security protection from Mozilla developers. I guess it can be disabled via about:config but it is not recommended to so.
Also it is a normal behaviour. It should be like this and have been like this for a fairly long time in firefox.
You may like to have a look here:
http://forums.mozillazine.org/viewtopic.php?f=38&t=682835&st=0&sk=t&sd=a&hilit=Firefox+must+send
alternatively use GET instead of POST to send your data...
Regards
If the form was submitted successfully, answer with the status code 303:
header('Location: http://www.example.com/', TRUE, 303);
This forces the browser to use a GET request for the resulting page. A reload won’t send any POST data, and no pop up is shown.