I have written a small php (test.php) that reads and displays the data passed to it.
<?php $name = $_GET['name'];
echo $name;?>
When I execute the following URL
http://localhost/test.php?name=Géo
The text that gets displayed is: G�o
However, when I submit "Géo" from another webpage:
<form method="get" action="test.php">
<input type="test" name="name">
<input type="Submit">
</form>
the URL changes to http://localhost/test.php?name=G%C3%A9o
and now the correct text is displayed:Géo
In the first scenario, only when I add utf8_encode( $_GET['name']), the correct text (Géo) gets displayed.
My question:
Is it possible to know how the data was passed, submitting via a form or directly from the URL. If not then what changes should I make to the webpage so that both the scenarios are handled correctly i.e. display Géo in both the cases.
Thanks for your help.
You can add a reg. expression that will check if the parameter contain %. Because that the encoded parameter probably contains a %.
But, if you'll execute url that for some reason contains a %, the problem will comeback...
Related
I am trying to input submit value and want to pass the value to another page through GET but for that I have to use two Clicks button.
I want the same in a single click. Help required.
Code:-
<form method="post">
<input name="inwardid" type="text" id="inwardid" />
<?php $inwardid = $_POST['inwardid']; ?>
<input type="submit" value="Next" />
</form>
<a href="addbook.php?up=<?php echo $inwardid; ?>"><button>Proceed</button>
You want to send the value the user typed in to the other page. So use this for your <form>:
<form method="POST" action="addbook.php">
<input name="up" type="text" id="up">
<input type="submit" value="Proceed">
</form>
To access the value in addbook.php, use $_POST['up'].
This will send the value the user typed in the input label (type="text") to the addbook.php page, using a $_POST. No need for a $_GET, $_POST will do just fine.
As you deliberately asked for method GET, my solution shows you GET!
You must know there is no security issue when using GET. It depends what you want to do. GET is useful if you want to use a dynamic code in multiple ways depending on some some variables that you do not want to hard-code in your script, or simply do not want to send files or other huge data.
Lets admit a newspaper has a site called breaking_news.php and you want to access the breaking news of November 8, 2016you could use this as :
breaking_news.php?y=2018&m=11&d=08
The fact that one can see your GET vars means nothing. Even by using POST one can see your variables by looking at your code. And one way or the other you must protect against code injection and brute force.
But if your not in the mood to show this vars to your visitor you can use URL rewriting to rewrite the url above in the browser as
RewriteRule ^breaking/(.*)/(.*)/(.*)/news\.html$ breaking_news.php?y=$1&m=$2&d=$3 [NC,L]
so you send your visitor to see the (rewritten)URL
breaking/2018/11/08/news.html
but what the web-server is showing him is:
breaking_news.php?y=2018&m=11&d=08
A reason to use this if for example when you want your dynamic site to be taken into consideration by some searching engine as a static site, and get indexed. But this is again another battle field.
Second, you want to send the variable to "addbook.php", and not to itself.
Your question sounded like you want to send to "another page" not to the same page.
Third, I can see in your code snippet you want to submit the variable "up" and not "inwardid", as you did in your code.
And also I can see you want the "submit" button to be called "Proceed".
Your code would look like this:
<form method="GET" enctype="application/x-www-form-urlencoded" action="addbook.php" target="_blank">
<input name="up" type="text" id="inwardid" />
<input type="submit" value="Proceed" />
</form>
As I said you must protect against injection, and this means for example, that in the "addbook.php",to whom you are sending the variables you must write some code that protects you against this issues. As your question is not in this direction I will not enter this subject.
To avoid problems with special chars you must "url-encode" your variable specially when sending them per POST method. In this case you must use this enctype if your handling text. Because this enc-type is transforming special chars into the corresponding ASCII HEX-Values.
Using GET your safe, because GET cant send in another enc-type. So your variable will automatically be url-encoded and you receive a string that is compliant to RFC 3986 similar by using:
rawurlencode($str)
Lets admit someone smart guy fills in a your input box the following code, in the desire to break your site. (This here is not exactly a dangerous code but it looks like those who are.)
<?php echo "\"?> sample code in c# and c++"; ?>
using enctype="application/x-www-form-urlencoded" this will become something like this:
%3C%3Fphp%20echo%20%22%5C%22%3F%3E%20sample%20code%20in%20c%23%20and%20c%2B%2B%22%3B%20%3F%3E
what makes it safe to be transported in a URL, and after receiving and cleaning it using
strip_tags(rawurldecode($_GET['str']))
it would output something like this, what is a harmless string.
sample code in c# and c++
So I have a form that requires a user to submit their website to a form. Here is the html line:
<input type='url' name='link'>
And I'm using <input type="submit" value="submit" formmethod="post"> to submit the form to a php
And I'm trying to retrieve the values in my php file with:
$link = $_POST['link'];
Why isn't this working? At first I thought it was because I had htmlspecialchars() but it's not coming through without it either. I can't find anything in any google search that even mentions anything related to this kind of problem (with a type="url" form)
What do I need to do to process form data with type of "url" in PHP with a $_POST?
Get your form method to be set to post e.g
<form method=post>,
if you submit the form and in the url in your browser u can see some more inf then be sure 2 check your form method
I think this is wrong,
method="post"
Its only method, not formmethod
Also make sure, you dont have one more for element name with link.
I have a search form on my site,
and I want to pass the text in the form to the URL,
like: mysite.com/search.php?q=apples (if search word was apples).
I figure that way people can bookmark their searches.
One solution I thought would be to catch the searchword in search.php and then reload into a new made URL. But it's not very elegant to reload like that. So how can I do it - I mean, how is it normally done? Do I need to use jQuery?
Clarification: I know how to get the vars from the URL in php. What I need is to control the URL that will be opened when the user presses SUBMIT, and the URL needs to contain the user's search word! Just like Google or DuckDuckGo, I put "apples" and the URL becomes ...?q=apples. But - how?! (Then I'll pick that up in the search.php, of course, but I know how to do that.) This is what I have now:
<div id="topnav">
<form action="search.php" method="post">
<input name="searchword" type="text">
<input type="submit">
</form>
Thank you so much.
Upon reading the clarification. What you need is a search form that submits to your search.php for example:
<form action="search.php" method="get">
<input type="text" value="search word" name="q" />
<input type="submit" value="submit" />
</form>
This will pass whatever value entered in the input named q to the search.php script.
If you post a HTML form which includes a text field with name 'q' and value 'apples' then the URL you want is automatically created by the browser. You definitely don't need JQuery for that.
how about using the POST-Redirect-GET pattern? [http://en.wikipedia.org/wiki/Post/Redirect/Get] also http://blog.andreloker.de/post/2008/06/Post-Redirect-Get.aspx
This would allow you to keep the url in the browser:
yoursite.com/search.php?q=apples
Alternatively, you can use javascript to set the location.hash of the url in the browser w/ the query information after the postback; I suspect this is actually what Google does.
eg,
yoursite.com/search.php#apples
So the form action would be search.php, the field would be called q and the method would be Get?
You should be able to handle all this from the html form if I'm understanding what it is you're trying to achieve.
if you have a form then must have declared form methoed POST/GET
in you search.php you can simply do this $_POST['name of the input field'] to get the word string,
and if you want to pass variable in url then you need to make a link through Link
I'm newbie in PHP.I want to know that,I taking data by html form and a .php file.
like:
<form id="form1" name="form1" method="post" action="show.php">
<strong>Please Enter the Unique id</strong><br/><br/>
Unique id:
<!-- name of this text field is "tel" -->
<input name="id" type="text" id="id" />
<p>
<input type="submit" name="Submit" value="Submit" />
</p>
</form>
</html>
Then,I used show.php file to get the 'id'.like:
$id=$_POST['id'];
Is there any way to take input by php code???
Update:
In "C" we take ant input by this way
scanf("%d",a);
is there any way to do so in PHP.I think now all you may be clear what I'm trying to say??
Thanks
Yasir Adnan.
What you are you trying to get is wrong!
HTML:- It is the communicator between the user and the browser. It displays the contents according to the user input or html code.It gets data from user or from html code.
Php :- It is the communicator between server and the browser. It has the capability of collecting from some where else other than the code like mysql data base and then uses html to display the content!
Here you are asking php to do html work which is not correct!!
the html
<input name="sb_id" type="text" id="sb_id" />
php
$id=$_POST['sb_id'];
Well, you do take the input by your php code. Your variable $id took the value of $_POST['id'] which contains the input of the textfield.
After this step you can work with the variable like any other
$id = $_POST["sb_id"]; ?
Remember that $_POST["field_name"] where field_name must be match the name attribute of your <input /> tag.
the id attribute of input tag is not sent to server inside the $_POST array. It`s typically used in client-side.
You can get data in your PHP code through GET and POST parameters. Those parameters are part of the HTTP request.
The GET parameters are in the url :
http://mywebsite.com/id=3&name=test
Then you get them using:
$id = $_GET['id'];
$name = $_GET['name'];
So you can get input data through this way when people visit the URL, call it in AJAX, or call the URL in another application (like a webservice). But no matter how it's called, it's the same for you on the PHP side.
The POST parameters are in the HTTP request, you can't pass them through the URL. You can do that by using an HTML form, or by creating the HTTP request yourself. If you are using Javascript to call your PHP code (and pass data to it), you can use AJAX to do that for example. You, in your PHP code, can get the variables this way:
$id = $_POST['id'];
$name = $_POST['name'];
If you want console-style I/O, you should probably check JavaScript/AJAX. The second one will allow you to write your own wrapper that will help you to process the input by your server "on air".
The problem is, you still need to use $_POST for AJAX. And, which is more important, it's easier (and cheaper for the server) to validate and process input by JS (and to validate and process it further on the server-side after submit).
And if the question is "how can I get the variable from the needed format?", the answer is: try using regexps/parsing the string.
Oh, btw: there IS scanf() in php, and it's called 'sscanf' ('fscanf' for files).
I have a index.html where I would like to submit some coordinates that can be passed upon to separate PHP file; where it could perform a query. I am new to this.
HTML:
Xmax<input type="text" name="Xmax" size="15">
Ymax<input type="text" name="Ymax" size="15">
<input type=SUBMIT name="submit" VALUE="Submit">
PHP query:
$query = "SELECT * FROM state WHERE LONG_HI<$_POST["Ymax"] AND LAT_HI<$_POST["Xmax"];
$result = mysql_query($query);
So is there a way to perform remote action from this HTML file to the specified PHP file?
Well, Forms can do the job. Is'nt it?
Yes
Either make an HTML form to accept the Xmax and Ymax parameters, and set the form action to the PHP file;
Or use AJAX to pass the data in the background and receive a response.
If both of these concepts are foreign to you, and you don't know JavaScript, get comfortable with the first option first.
Would you please describe in detail what you are about to do?
do you have a html form?
What kind of request do you do, clicking a link, sending the form?
The query does not contain any of the variables...
could you please post excerpts of the code? single lines are useless in most cases.
Regards,
Mario
use action attribute in FORM element to specify where the request will be sent to.
<form action="another.php" method="POST">
Xmax<input type="text" name="Xmax" size="15">
Ymax<input type="text" name="Ymax" size="15">
<input type=SUBMIT name="submit" VALUE="Submit">
</form>
You just add few line with your code because to transfer any variable value from one form to another page we have to use 'form' method. So, we have to add form tag with your code. Transferring of data from one page to another page (any type of page like php, jsp, aspx etc) is done by two methods mainly - one of them is Post and another one is Get.
Difference between both the method is quite simple. In Post method, data from one page to another page travels in hidden form whereas Get is basically used to transfer value by displaying it at url. Post method example: user-name and password, and Get Method: any query fired at Search Engine.
<form name="form" action="filename.php" method="POST" >
//Your Code
</form>