Is it possible to read the value right on load?
I suspect not.
<!DOCTYPE html>
<html>
<head>
<title>Some test</title>
</head>
<body>
<form method="POST">
<input type="hidden" name="token" value="<?php echo sha1("text")?>" >
</form>
<?php
echo $_POST['token'];
?>
</body>
</html>
Let's say I want to send some values generated by php like so:
<a href="url + page?options=1&token=sasadasdasda878asd7as8d7a">
Is there an option to get the token without passing it by URL (using get)?
$_POST will be populated with the data sent by the browser.
If you have a form in the page, then the data submitted by the form will only be sent by the browser when the browser submits the form, it won't be submitted when the page is initially loaded since:
The page will probably be loaded via a GET request, not a POST request
The browser won't have the data in the form until after it receives the page, so it can't submit that data in the request for the page.
You can also use $_SESSION, since it's stored on server-side.
Related
I'm new to php and I am writing code to get form data using get method. Following is my code in index.php file.
<!DOCTYPE html>
<html>
<body>
<form method="GET" action="index.php">
<p>Enter Name</p>
<input type="text" name="fname" />
<input type="submit" />
</form>
<?php
if($_SERVER['REQUEST_METHOD'] === 'GET')
{
$name = $_GET['fname'];
print $name;
}
?>
</body>
</html>
when I run my code, it calls the php code before submitting form. How can I process the data using GET Method without creating a new php file.
it calls the php code before submitting form
Because when you load a page, that's a GET request. And the code explicitly states to execute on a GET request.
How can I process the data using GET Method without creating a new php file
You'd need to determine the difference between when the page is loaded and when the form is submitted. If the form must use GET then the request method isn't that difference. One option could be to check for the existance of a submitted value. For example:
if (isset($_GET['fname'])) {
// your code
}
A common approach would be to use the name of the submit button being clicked as well, which can also be used to distinguish between different buttons in the same form. But any submitted value will do.
Kind of confused.Let me explain an example situation.
I have a form at delete.php (plain PHP, no framework) that receives a parameter through http get
When I send the form I've always thought that GET values are going to be lost therefore, If I want to keep those values I must use input type="hidden" , sessions or any other mechanism.
But using PHP 7.0.8, Apache 2.4(for sure it's not a version issue just wanted to let you know) I've realized the following:
a) If the action of the form is set to delete.php (the same url) GET values are lost once the form is submitted. As expected
b) If the action of the form is NOT set then data are sent to delete.php (as expected) but GET values are kept.
I don't know why and I can't find an explanation in any docs or http espec.
Does anybody know where is this situation explained?
Here's the code
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>GET / POST TEST</title>
<link rel="stylesheet" type="text/css" href=" ">
</head>
<body>
<form method="post" action="get_post_test.php">
Name<input type="text" name="name" required><br>
LastName<input type="text" name="lastname" required><br>
<p>
<input type="submit">
</p>
</form>
<?php
if(isset($_GET['id'])) {
echo "TENGO GET";
var_dump($_GET);
}
if (isset($_POST['name'])) {
echo "TENGO POST";
var_dump($_POST);
}
?>
</body>
</html>
I'm getting $_GET['id'] through a link and if:
a) action="get_post_test.php" then $_GET['id'] is lost when form submitting (as I expected because get_post_test.php is the name of the current file)
b) If I don't set any action $_GET['id'] still is available when submitting ????????
Kind regards.
Lets take an example
Case 1: When action is defined
When an action is defined then the form is submitted to that page.
Ex: If your action is delete.php and the URL is delete.php then
form will send data as expected and the URL will become like this
delete.php?KEY=VALYE&... but the action of the form will be same
delete.php because you have defined it. Thats why previous data will be lost on resubmit
Case 2: When action is left blank.
When an action is left blank that means the action will be the same as
the url.
Ex: When your URL is delete.php then the action will be the same as URL
delete.php thats why form will send data as expected. After that the URL
will become like this delete.php?KEY=VALYE&.... When you resubmit
the form then the action will be the same as url which already has the same
get values.
Hope this will help you to understand
I want to make an HTML (or php maybe?) page that constructs a new HTML page based on input parameters the user gives to a drop-down box. I just don't know how you handle the input.
Here's my HTML:
<html>
<body>
<input type="number" min="1">
</body>
</html>
Yes I know it's not the full HTML page, but I just want to focus on the <input> tag. I know you probably have to set it equal to a PHP variable maybe?
I want it to generate a different HTML page that looks like this:
<html>
<body>
<p>You have chosen: $input </p>
</body>
</html>
I might be asking this all wrong, but I hope it makes sense what I'm looking for. I need to know how to handle the user input. I couldn't find a thread that discusses this. Do I need to generate a new HTML file? Or just override the current one and maybe have a reset button? I'm so confused.
In the simple case, you'll have two pages: your form and your result page. You can send data from the form page to the results page with one of two methods: GET or POST.
GET means that the data you're sending gets put in the page URL. This is useful because then you can link to a specific version of the results page, but potentially dangerous because you don't want to put sensitive data in the URL bar.
POST means that the data is sent with the HTTP request in the background. This is preferable for something like a password.
The GET and POST data can be read by nearly any server-side language and used to generate HTML on-the-fly. The example below uses PHP.
The form page doesn't necessarily need any server-side code, just basic HTML. Here's a simple example:
<!DOCTYPE html>
<html>
<form method="GET" action="my_result.php">
<input type="text" name="my_value">
<input type="submit">
</form>
</html>
Your second page (the results page) should bear the name that you specified in the form's action attribute. This is the page which will need server-side code. So here is an example my_result.php:
<!DOCTYPE html>
<html>
<p><?php echo $_GET['my_value']; ?></p>
</html>
Obviously, my_value can and should be replaced by whatever you want to call your data, as long as the name attribute of the input element matches the key in the PHP.
This example uses the GET method. You can use POST by changing the method attribute of the form and using $_POST instead of $_GET (if you are using PHP).
If you use $_REQUEST rather than $_GET or $_POST, it finds a value that was passed via either GET or POST. This is usually less safe than explicitly stating how your value was passed.
Addendum: Some servers are configured to disallow you from directly using the values of php superglobals such as $_GET, $_POST, and $_REQUEST for security purposes. That is because you really should always sanitize user input before using it in an application. The type of sanitization required depends on the type of input and how it is being used, and is well outside of the scope of this question. For this purpose, php provides the filter_input function.
The sanitization filter is an optional parameter for the filter_input function, so if you really want to use the data unfiltered, you can simply omit it (but know that this is dangerous). In this case, you can replace all instances of $_GET['my_value'] in the above code with filter_input(INPUT_GET, 'my_value').
This is not a tutorial, but I guide you to some important points:
You can get user input with html by using form element. read more about form and methods of form (GET and POST).
Then, how can you print user input when submitted by user? php supports both (GET and POST) using $_GET and $_POST with input name as key.
Dealing with user-input needs extra care because of security. user might submit malicious content that later attacks you or another user.
Try like below
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Document</title>
</head>
<body>
<?php
if ($_POST) {
echo "<h3>You have selected ".$_POST['number']."</h3>";
} else {
echo '
<form method="post" action="">
<select name="number" id="number">
<option value="1" >1</option>
<option value="2" >2</option>
<option value="3" >3</option>
</select>
<input type="submit" value="submit">
</form>
';
}
?>
</body>
</html>
To handle a user input you have to use forms
<form action="action_page.php">
<input type="number" min="1 name="my-number">
<input type="submit" value="Submit">
</form>
After user set number and press submit button, you will get the value in action_page.php in $_REQUEST['my-number']
How can I avoid the the browser form-resubmission alert?
This question seems to have been discussed a lot here on SO, for example:
Preventing form resubmission
Prevent Back button from showing POST confirmation alert
Never ever respond with a body to a POST-request
What I do not get from the previous discussion, is how I can use the posted data and incorporate it into the html. The previous links discuss how to use the php header function to send a get request to itself. But when sending this get request, the posted data will no longer be available to the new page, (since we cannot use the php post method..)
I would like to do this without using the php or javascript session storage technique (or saving the posted data to a temporary mySQL database).
For a simple example:
<html>
<body>
<form action="post.php" method="post">
User name: <input type="text" name="user"><br>
<input type="submit" value="Submit">
</form>
</body>
</html>
where post.php is:
<html>
<body>
<?php
echo "<p>".$_POST['user']."</p>";
?>
</body>
</html>
Pressing CTRL-R in google chrome on the second page brings up the alert.
Do a redirect from post.php. Save data in session or in database and retrieve from redirect page.
Example Scenario:
Submit the form
Save the user record to db, get the id of the new record e.g. in $id
redirect using header, something like:
header('Location: result.php?user_id='.$id);
get the user record from db, with the provided id and show it to the
user.
Use this:
<script>
if(window.history.replaceState)
{
window.history.replaceState(null,null,window.location.href);
}
</script>
you may rewrite the browser history object
history.replaceState("", "", "/the/result/page");
See this
I have an HTML page which has a text box and a button...
<html>
<head></head>
<body>
<form name = "inputdata" method ="get" action ="prc.php">
<input type="text" name="data">
<button id ="checkbox" type="buttton" name="submit" value="submit">Submit!</button>
</form>
</body>
</html>
The code for prc.php is...
<?php
$data=$_GET['data'];
echo "<html><head></head><body><div id=\"maindata\"> ";
echo $data;
echo "</div></body></html>";
?>
I have a PHP file which gets the contents of the previous page...
<?php
file_get_contents("index.html");
?>
However, I would like to add functionality to the above PHP script such that it gets the page contents in the background and uses some jQuery on it:
$('#inputdata').val('hello boss');
$('#checkButton').click();
This will enable me to fill out the text box in the background and submit the button. Then I need to get the result from prc.php using jQuery...
$('#maindata').html();
Does anybody know how to do this?
It sounds like you want to submit the form on the page. This should be possible by simply requesting the resource in the action field. In your example, requesting the url prc.php with a parameter called data which contains the data input data you wish to submit.
prc.php?data=mydata