I have a php page with a form in it.
The main idea here is to have a list of picture that you can select with a checkbox. Client will select the picture he want and submit the form.
I want the information of this form to be save in a file.(a .txt file would do it. I don't want a single table in mysql for each client if possible)
Then when the admin will log in the same page(or client let's say because he is not happy with his choice), I want the form to be filled exactly as it was saved previously.
Honestly, I don't know how to proceed to do that and the way it's gonna be loaded.
I could easily write in a .txt file with php variable but how to load these data and not getting any error if(only example) I remove a file in the folder?
Here's my form with the php code:
<form method="post" action="Exec.php">
<?php
$counter = 0;
foreach (glob("preview/*.jpg") as $file)
{
?>
<div class="photoscontainer">
<a class="big" href="<?php echo $file; ?>"><img src="<?php echo $file; ?>" width="100%" height="auto" alt="Photo <?php echo $file; ?>" /></a>
<br />
<input class="checkbox" type="checkbox" name="Photo <?php echo $counter; ?>" id="<?php echo pathinfo($file,PATHINFO_BASENAME) ; ?>" />
</div>
<?php
$counter++;
}
?>
</form>
You can save users answers as a custom field in the database (by JSONing the form inputs, for example), or even several new fields (one for each form field)... so definitely not using a separate table for each user. That's what databases are for.
If you still wish to use plain text, you can use a CSV (comma-separated values) file, .ini file, or whatever custom structure you want.
So, worthwhile Google searches:
JavaScript serialize form into JSON object
PHP CSV operations (like this and this)
PHP .ini file operations (parse_ini_file should work fine)
PHP file read (file_get_contents will do)
And to avoid file missing errors - simply check if file_exists.
It really doesn't change much either way using a file to store data or a database. A database is generally the preferred method, but you'd only need 1 table with 1 field for each client.
You will want to store the form data in an array/object that you hold in your database or file using serialize or json_encode.
For example:
<?php
if(!empty($_GET)){
$client_form_data = json_encode($_GET);
echo $client_form_data;
}
?>
Then build your form using your stored values.
As far as errors go - you'll need to develop a method to catch potential errors using conditional statements.
Related
I currently use wkhtmltopdf where I am attempting to generate a .pdf file after a user submits a form on our website. The form data gets submitted to post.php, where it displays nicely as a formatted web page. I want to generate a .pdf file of this exact page.
But the problem begins when trying to execute wkhtmltopdf. I get a continuous loop because I'm trying to generate the .pdf from inside of this post.php file, which is also the target.
I have also tried to include() a separate PHP file to handle the exec() function, but I still get a continous loop.
Maybe a visual below helps:
form.php which contains something like below...
<form id="ecard" action="post.php" method="post">
<input type="text" name="ecard_message" />
<input type="submit" />
</form>
post.php which holds the posted data and contains HTML like so...
<div class="content">
<?php echo $_POST['ecard_message']; ?>
</div>
<?php exec("wkhtmltopdf http://example.com/post.php ecard.pdf"); ?>
My code DOES work when the exec() function is runs separately from these files, but how would I accomplish the exec() within this same process, automatically?
Any insight is very much appreciated.
calling wkhtmltopdf http://example.com/post.php ecard.pdf will lose the post data, so even if it worked, the pdf will be empty.
Rather generate the pdf as html and then pass it to wkhtmltopdf. Eg: (untested)
<?php
$html = '<div class="content">' . $_POST['ecard_message'] . '</div>';
exec("echo $html | wkhtmltopdf - ecard.pdf");
?>
See Is there any wkhtmltopdf option to convert html text rather than file? for explanation of using text instead of files.
I´ve a multipart form with a mixture of default inputs (text, select etc.) and a file upload (<input type="file">).
I´m using a combination of form validation class and upload library of Codeigniter for form submission. That works great.
I´ve only one problem for what I haven´t found a solution yet: If the user selects an image but misses to fill another required field (like "name"), then the form validation class blocks the request and shows an error message to the customer.
But now I´ve the problem, that the image was already submitted successfully and I don´t want to let the user add the file again. So I want to pre-fill the file input with this data.
I´ve tried different things like:
<input type="file" name="image" value="<?php echo set_value('image','');?>" />
and also spent time on finding a solution on the web but without success.
On the server side, you do not get any information about where the file is located on the client's computer, so in the scenario of a user uploading an image successfully but the user hasn't filled out the rest of the fields properly, you have to simply omit the input type="file" field entirely but keep a store of where the file is located on your server. There's a few ways to go about this, but it all involves taking the absolute location of the uploaded file and:
Inserting it back as a hidden value using <input type="hidden" name="uploadedFile" value="<?php echo $absPath; ?>" /> then checking for the existence of $_POST['uploadedFile'] and utilizing it appropriately. But this isn't a solid idea as you're now exposing server paths to the end-user (opens yourself up to malicious attack.)
Starting a session and saving the absolute path in the $_SESSION variable while presenting the user with a simple token in their re-attempt form.
I'd stick with method 2, so assuming you've done all the work to validate the form and upload the file and your file is located in $absFilePath, you could do the following:
session_start(); // This needs to be at the very top of you PHP file
// ...
$formToken = md5(time());
$_SESSION['uploadedFile'][$formToken] = $absFilePath;
Then render the token as a hidden variable using:
if (!empty($_SESSION['uploadedFile'][$formToken]))
echo '<input type="hidden" name="formToken" value="'.$formToken.'" />';
and hide the file upload portion using
if (empty($_SESSION['uploadedFile'][$formToken]))
echo // <input type="file" output here...
finally inside of your form submission code check for the existence of a formToken value before attempting to load $_FILES['image'] using isset($_POST['formToken']), and handle it using:
$absFilePath = $_SESSION['uploadedFile'][$_POST['formToken']];
Bam! Now you have your absolute file path as if the file had been uploaded just like before.
Since you haven't given enough code, I can only given you enough instruction to get you started, but this should be more than enough.
I'm new to PHP and seem to have ran into a problem I can't seem to get around.
I have a form on a secure page that creates a PHP file to store a text value. I named this variable $text.
The Form HTML Code:
<form action="upload_title.php" method="post">
<label for="text">Title 1:</label>
<input type="text" name="text" id="text"><br>
<input type="submit" name="submit" value="Submit">
</form>
The upload_title.php then seems to store the text input as $text in filename.php:
<?php
$var_str = var_export($_POST['text'], true);
$var = "<?php\n\n\$text = $var_str;\n\n?>";
file_put_contents('filename.php', $var);
?>
This seems to be functional as the form will generate filename.php, below is an example if I typed Store into the form input and submitted on the webpage.
<?php
$text = 'Store';
?>
Now the issue I'm encountering is not being able to retrieve this stored as a attribute in separate html document, the index.html in my case.
This was my best approach to changing the title attribute of an image:
<a href="upload/1.jpg">
<img src="upload/thumb.jpg" title="<?php include 'filename.php'; echo htmlspecialchars($text); ?>" alt="" class="image0">
</a>
This does not work, but I can see my JQuery detects that this is trying to be populated but does not extract the data from filename.php on the `index.htm' page.
Thank those in advance for your advice and insight, it is sincerely appreciated.
Your issue is probably the fact that you are using an html file instead of a php file, in this case index.html.
Your server is likely not set up by default to process .html files as php so the php does not get executed.
Apart from that it is not a very good way to store your value as when the php does get executed, you introduce a security risk and you use a lot more storage than necessary. You'd better store the value in a database or text file.
I am needing a GET value to be placed display in a forum option, however I do not know how to do this, as the get value can not have quotes in it. The xxx is where I want to display the get value.
<input type="text" name="test" value="xxx">
This is really basic stuff. Should not be any problems to find by Google.
<input type="text" name="test" value="<?php echo $_GET['your_parameter']; ?>" />
You should escape the GET parameter before echoing it, unlike the other answer. This will prevent someone from injecting extraneous tags into your code.
<?php
$parameter = (isset($_GET["your_parameter"])) ? htmlspecialchars($_GET["your_parameter"]) : '';
?>
<input type="text" name="test" value="<?= $parameter ?>" />
If you have short tags disabled, you'll need to use <?php echo in place of <?=. Many (most?) PHP developers will argue that you shouldn't use short tags at all. I personally never use them because I don't write my templates in PHP.
As Jimmie Johansson mentioned before this is really basic stuff and easy to search for.
Hi <?php echo htmlspecialchars($_POST['name']); ?>.
You are <?php echo (int)$_POST['age']; ?> years old.
Source: http://www.php.net/manual/en/tutorial.forms.php
If you transmit data via a FORM to php there are to ways to transmit the data. The first one ist via GET the other way is via POST.
If you choose GET your information will be stored as URL-Parameters
An associative array of variables passed to the current script via the
URL parameters.
Source: http://www.php.net/manual/en/reserved.variables.get.php
Post instead just sends the data to the PHP-Script so you can use this data like GET but you do not have any URL-Parameters here.
An associative array of variables passed to the current script via the
HTTP POST method.
Source: http://www.php.net/manual/en/reserved.variables.post.php
To choose one of this two Methods you have to edit your HTML-Form
Now that we transmitted the data either with GET or POST we can access them in PHP via the global variables
$_GET
and
$_POST
They are Arrays and you can access specific data with a key which represents the name of the input field or other form constructs. In your example the input fields name is "test" so we would access it like this
<?php $_GET["test"]; ?>
You can use
<?php ... ?>
Wherever you want in your HTML-Code as long it's an PHP File. So if you want to output something via PHP just use the and put you statements between them.
<input type="text" name="test" value="<?php echo $_GET['your_parameter']; ?>" />
Documentation
Arrays:
http://php.net/manual/de/language.types.array.php
Forms:
http://www.php.net/manual/en/tutorial.forms.php
http://www.w3schools.com/php/php_forms.asp
PHP and HTML:
http://www.php.net/manual/en/faq.html.php
POST and GET:
http://php.net/manual/de/reserved.variables.post.php
http://php.net/manual/de/reserved.variables.get.php
Further Reading
Further reading
http://en.wikipedia.org/wiki/Separation_of_presentation_and_content
http://wp.tutsplus.com/tutorials/creative-coding/improving-your-work-flow-separate-your-mark-up-from-your-logic/
http://www.w3schools.com/tags/ref_httpmethods.asp
And the important things at the end. For security you should check what was entered into the input field
http://www.w3schools.com/php/php_form_validation.asp
If you have problems to follow my answer feel free to ask me. Check the links!
I have been trying to test this out. I put in the code below in the database.
<?php
$test = "Whats up";
print $test;
?>
And then on a page i do select and then i try to echo but it won't do it unless i rid the entry of the start and end tags. So if i wanted to execute this php by calling it from the db, how would i do it? Thanks.
Use eval to treat a string as runnable PHP code, for example:
<?php
$string = 'echo "hello";';
eval($string);
?>
As Pekka suggests, this is bad practice and you should probably rethink your solution. There's hardly ever motivated to store code in the database (the database is for data).
you could use serialize - unserialize function to save object or variable. and you can use eval function to run code
Hi This is exactly what I was looking for. We have CMS deployed accross multiple servers and in order to maintain the base functions (without the need to make a url based include of our main functions file) it was easier to store and call these functions from our group=wide single database. We use medium blob and store a serialized base_64 encoded text file there.
So to serialize the code we use this script without the php tags:
<form name="serialise_script" action="" method="post" >
<p>Put Script in here (without php tags???)</p>
<textarea cols="100" rows="25" name="serializeme" ></textarea>
<input type="submit" name="go" value="go" />
</form>
<?php if(isset($_POST['serializeme'])){
echo "<p>Your Code</p><textarea style='border:3px solid black;padding:0.5em;' cols='100' rows='25' >" . base64_encode(serialize($_POST['serializeme'])) . "</textarea>";
} ?>
Then copy the script and paste the output code into a text file.
Upload that to the medium blob table
Then to output again from the database and set to a session variable... I just did this:
eval(unserialize(base64_decode($_SESSION['functions'])));
But it was the eval bit I needed to make it work. By serializing and encoding means we shouldn't have any problems.
Now all I need to do is manage 1 base code for many sites across certain servers. AKA One bug fix would solve all issues across all deployments.
Thanks
Andi