One of my pages (video.php) is opened using form action as follows:
<?php
//Lots of code, including a WHILE loop
echo "<form action=\"video.php?id=".$row['id']."\" method=\"post\" target=\"_top\">
<input type=\"image\" src=\"".$image."\" style=\"width:180px;height:120px\"
alt=\"Submit\"></form>";
?>
On the page video.php?id, I get the id as follows and declare other global scope vars. However, why is the $_GET variable not seen in my echoed alert when I submit a form as in the following simplified code?
//video.php?id page
<?php session_start();
include 'connect.php';
$Vid = mysqli_real_escape_string($_GET['id']);
$login_id = mysqli_real_escape_string($_SESSION['login_id']);
if (isset($_POST['sample'])) {
echo "<script>
alert('$Vid');
</script>";
}
else//etc.
?>
<html><head></head><body>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post" id="Form">
<button name="button" type="submit">Click</button>
<input type="hidden" name="hidden" value="sample">
</form>
</body></html>
When I alert $Vid, nothing is alerted (blank alert box). Obviously, I see the SESSION variable when I alert $login_id. Am I missing something with the $_GET? Is there any way for the global var $Vid to be recognized? If I could use $Vid it would save me 5 or 6 queries based on how my code is currently written.
This how you can correct
Put $row['id'] inside a hidden text box with name as "id"
Your form method is POST, so use $_POST to grab the data in the POST file.
I think you escaped wrongly and thus the id is not appended (notice the backslash after $row['id']?), try the following:
echo '<form action="video.php?id='.$row['id'] . '" method="get" target="_top">
<input type="image" src="' . $image . '" style="width:180px;height:120px"
alt="Submit"></form>";
Imho your coding style is very unreadable with all those backslashes. It's okay to mix single/double quotes where needed…
[edit] and you obviously need to change the method to "get". ;-)
Changed action from $_SERVER['PHP_SELF'] to action="" and now the GET variables are seen.
Related
My website involves a user submitting data over several pages of forms. I can pass data submitted on one page straight to the next page, but how do I go about sending it to pages after that? Here's a very simplified version of what I'm doing.
Page 1:
<?php
echo "<form action='page2.php' method='post'>
Please enter your name: <input type='text' name='Name'/>
<input type='submit' value='Submit'/></form>";
?>
Page 2:
<?php
$name=$_POST["Name"];
echo "Hello $name!<br/>
<form action='page3.php' method='post'>
Please enter your request: <input type='text' name='Req'/>
<input type='submit' value='Submit'/></form>";
?>
Page 3:
<?php
echo "Thank you for your request, $name!";
?>
The final page is supposed to display the user's name, but obviously it won't work because I haven't passed that variable to the page. I can't have all data submitted on the same page for complicated reasons so I need to have everything split up. So how can I get this variable and others to carry over?
Use sessions:
session_start(); on every page
$_SESSION['name'] = $_POST['name'];
then on page3 you can echo $_SESSION['name']
You could store the data in a cookie on the user's client, which is abstracted into the concept of a session. See PHP session management.
if you don't want cookies or sessions:
use a hidden input field in second page and initialize the variable by posting it like:
page2----
$name=$_POST['name']; /// from page one
<form method="post" action="page3.php">
<input type="text" name="req">
<input type="hidden" name="holdname" value="<? echo "$name"?>">
////////you can start by making the field visible and see if it holds the value
</form>
page3----
$name=$_POST['holdname']; ////post the form in page 2
$req=$_POST['req']; ///// and the other field
echo "$name, Your name was successfully passed through 3 pages";
As mentioned by others, saving the data in SESSION is probably your best bet.
Alternatly you could add the data to a hidden field, to post it along:
page2:
<input type="hidden" name="username" value="<?php echo $name;?>"/>
page3
echo "hello $_POST['username'};
You can create sessions, and use posts. You could also use $_GET to get variables from the URL.
Remember, if you aren't using prepared statements, make sure you escape all user input...
Use SESSION variable or hidden input field
This is my workaround of this problem: instead of manually typing in hidden input fields, I just go foreach over $_POST:
foreach ($_POST as $key => $value) {
echo '<input type="hidden" name="' . $key . '" value="' . $value . '" />';
}
Hope this helps those with lots of fields in $_POST :)
I am trying to pass a value that I have received from my database to another php page to use within another SQL statement.
I have tried using sessions and also passing using the $_POST method on the other page but have had no luck.
Here is a snippet of my code looping through to display all records:
while($row = mysqli_fetch_array($sql)){
echo '<td>
<img src='.'"'.$row['image'].'"'.'><br/>
<form method="post" action="edit-record.php">
<input type="text" name="imgID" value='.'"'.$row['id'].'"'.'>
<input type="submit" value="Edit" id="edit_btn" class="admin_btn"></form>
</td>';
}
The value that I need is the ID for each specific image - $row['id'].
When the user clicks the EDIT button, they should be redirected to another page which displays only the specific record. This is why I need the ID received passed to the next page to insert into a query statement.
I hope this made sense and any help will be greatly appreciated.
UPDATE: Thanks for all of your help. I solved the problem by playing around with a few of your suggestions to pass the id via GET in the action of the form.
<form method="post" action="edit-record.php?id='. $row['id'].'">
No idea why that hadn't occurred to me! Thanks again.
while($row = mysqli_fetch_array($sql)){
echo '<td>
<img src="'.$row['image'].'"><br/>
<form method="post" action="edit-record.php">
<input type="text" name="imgID" value="'.$row['id'].'">
<input type="submit" value="Edit" id="edit_btn" class="admin_btn">
</form>
</td>';
}
in edit-record.php...
<?php
echo $_POST['imgID'];
?>
There is no reason your code technically wouldn't work but instead you could just eliminate the form and use a simple link...
while($row = mysqli_fetch_array($sql)){
echo '<td>
<img src="'.$row['image'].'"><br/>
edit
</td>';
}
and in edit-record.php...
<?php
echo $_GET['id'];
?>
4 Ways to do this...
1) Use a cookie
2) Use a session (which by default uses a cookie but in a different way)
3) Use cURL
4) add it to the GET parameters... ie. somepage.com/page.php?id=1
Strange concatenation
<input type="text" name="imgID" value="'.$row['id'].'">
Sure you select id on the mysql query???
If you make
echo $_POST['imgID'];
what is the result???
You can pass the id via get in the action form:
<form method="post" action="edit-record.php?id='. $row['id'].' ">
On the other page you recive the form in $_POST and the id in $_GET['id']
~Aha, I think the problem is your quotes. Single quotes don't allow variables to be interpreted.~
Nevermind, thats not your problem, but I already wrote it out, so I'll leave it. Look how much cleaner those quotes are :)
Switch up your quotes like so:
echo "<td>
<img src='{$row['image']}'><br/>
<form method='post' action='edit-record.php'>
<input type='text' name='imgID' value='{$row['id']'}'>
<input type='submit' value='Edit' id='edit_btn' class='admin_btn'></form>
</td>";
Need curly braces around array element (e.g {$row['id']})
I'm sorry to repeat this question, but the thing is that I have done everything and nothing works. My problem is that I'm trying to pass variables to a second page and it won't work.
Page 1:
<form method="post" name="form1" id="form1" enctype="multipart/form-data" action="editempresas3.php?name=<?php echo $name;?>&descr=<?php echo $descr;?>&dir=<?php echo $dir;?>&pais=<?php echo $pais;?>&tel=<?php echo $tel;?>&fax=<?php echo $fax;?>&email=<?php echo $email;?>&url=<?php echo $url;?>">
<?php
$name = $_POST['empname'];
.....etc
?>
<input name="empname" type="text" required id="empname" form="form1">
.....etc
<input name="submit" type="submit" id="submit" form="form1" value="Crear">
Page 2:
The link will come without the variables
http://www.sample.org/editempresas3.php?name=&descr=&dir=&pais=&tel=&fax=&email=&url=
you should use GET method to achieve this.
change
<form method="post" name="form1" id="form1" enctype="multipart/form-data" action="editempresas3.php">
to
<form method="GET" name="form1" id="form1" enctype="multipart/form-data" action="editempresas3.php">
P.S: if you're form is not uploading anything you can't even miss enctype="multipart/form-data"
Possibilities, from most to least desirable:
Use sessions:
Page 1
session_start();
$_SESSION['var_for_other_page'] = 'foo';
Page 2
session_start();
$myvar = $_SESSION['var_for_other_page']
Use hidden fields:
<form action="secondpage.php" method="post>
<input type="hidden" name="var_for_other_page" value="foo" />
</form>
Put the get vars into the action URL:
<form action="secondpage.php?var_for_other_page=foo" method="post>
<input ... />
</form>
In this case you will have variables in both $_POST and $_GET.
Do not use either 2 or 3 to pass sensitive information.
If you want to send data from a form to a new page, firstly I think your should always use POST. The reason it is not working is you are attempting to send form data via POST but in your action you are trying to build a GET using PHP variables echoed in the there.
e.g.
action="editempresas3.php?name=<?php echo $name;?>&descr=<?php echo $descr;?>&dir=<?php echo $dir;?>&pais=<?php echo $pais;?>&tel=<?php echo $tel;?>&fax=<?php echo $fax;?>&email=<?php echo $email;?>&url=<?php echo $url;?>"
This can't work because PHP needs to process it before the HTML is rendered to print the variables you have chosen.
If you change your action to
action="editempresas3.php"
You will be successfully sent to the next page and if you then use
var_dump($_POST);
On your next page editempresas3.php you will get an output of all fields completed in the page 1 form.
I am using a get method to select options with years and months. The URL after submitting this selection looks as follows:
www.mywebsite.com/transactions/?yr=2013&mo=6
I can reload this page and the selection is still there. However, when i submit a form to add a record, the page reloads as follows:
www.mywebsite.com/transactions/?#
And the selection is gone. How can I keep the seletion and reload the exact same url after submitting the form?
I am using the following code:
<form action="?" method="post">
<SELECT options with different inputs>
<input type="submit" value="Add">
</form>
In my PHP it looks the following:
header('Location: ?yr='. $GLOBALS['yearselect'] .'&mo=' . $GLOBALS['monthselect']);
It creates the right URL after submit, only the global variables are not updated. I defined those as follows:
$GLOBALS['monthselect'] = date('m');
$GLOBALS['yearselect'] = date('Y');
And they are changed when I select an option.
You could traverse through submitted variables and add them to the HTML code.
<form action="target.php?var1=<?= $_GET["value2"]; ?>&var2=value2" method="get">
Or just use $_SERVER['REQUEST_URI'] inside action="".
Your form element probably has an attribute action="#".
You could replace this with the original request uri (assuming you use the POST method, if you use GET the query parameters in the form's action attribute will be overridden in most browsers.
<form method="POST" action="<?= $_SERVER['REQUEST_URI'] ?>">your form</form>
In your PHP code, after you get the values by GET method, use the header() function as :
header("Location: www.mywebsite.com/transactions/?yr=2013&mo=6");
It will redirect to the page with the form.
EDITED:
This is a sample code for your need:
<?php
$years=array(1999,2000,2001,2002,2003,2004);
if(isset($_POST['year']))
{
/*
Do your coding here
*/
echo <<<EOT
<form action='{$_SERVER['PHP_SELF']}' method='POST'>
<select name='year'>
EOT;
for($i=0;$i<6;$i++)
{
if($years[$i]==$_POST['year'])
echo "<option value='{$years[$i]}' selected='selected' >{$years[$i]}</option>";
else
echo "<option value='{$years[$i]}'>{$years[$i]}</option>";
}
echo <<<EOT
</select>
<input type='submit' value='Add'>
</form>
EOT;
}
else
{
echo <<<EOT
<form action='{$_SERVER['PHP_SELF']}' method='POST'>
<select name='year'>
EOT;
for($i=0;$i<6;$i++)
{
echo "<option value='{$years[$i]}'>{$years[$i]}</option>";
}
echo <<<EOT
</select>
<input type='submit' value='Add'>
</form>
EOT;
}
?>
It will print the first value of the drop-down list on the first time, and after that it'll save the values.
Inside form tag action attribute should b set to the page which handles your request,i think u have set action='#' .
Please specify more detail.so that i can help u
I'm creating a small application which allows potential employees to list references. The listed references receive an email containing a URL with a unique string at the end.
(Example: www.the-address.com?url=503241c65b8fe4_07914393). The reference then follows this unique URL to upload a letter in the employee's behalf.
But every time any form is submitted, the random string part of the URL disappears
(Example: www.the-address.com?url=).
I don't understand why this would happen, since I submit the form like this:
<form action="upload_letter.php?url="' . $url . '" id="form_id" method="POST">;
Where $url = $_GET['url'].
Any generic reasons this would happen? I can provide more code, if needed.
If you really have the code like you write, you're closing the action attribute prematurely with the second " character. Try this instead:
echo '<form action="upload_letter.php?url='.urlencode($url).'" id="form_id" method="POST">';
The way you have it would end up as HTML like:
<form action="upload_letter.php?url="google.de" id="form_id"...>
With google.de outside the attribute value.
<?php
$data = array('url' => $url);
?>
<form action="upload_letter.php?<?php echo http_build_query($data) ?>" id="form_id" method="POST">
Or you can just add the URL as a hidden <input>
<form action="upload_letter.php" id="form_id" method="POST">
<input type="hidden" name="url" value="<?php echo htmlentities($url); ?>">
.
.
.
</form>
Then you can access URL via $_POST['url'].
Change method="POST" to method="GET"
If your code is what you wrote on your PHP file: it is wrong. No ";" at the end of an HTML line, and you can't concatenate strings with "." in HTML. You must open the PHP tag and write PHP code inside. For example:
<form action="upload_letter.php?url=<?php echo $url; ?>" id="form_id" method="POST">
But you can also use echo like Wolfgang answer
Probably $url is empty or undefined.
Check the HTML code to see if its written into the form's action.
why you put single quotes around:
. $url .
?
EDIT: Another way to say this:
Are you sure you're on a <?php ?> tag?