PHP if(isset($_POST...)) condition FAIL

PHP if(isset($_POST...)) condition FAIL - php

PHP problem here, I've made a login/logout kind code, with a insert and delete function that stand by login and logout.
So the problem is that after I insert the the text I simply cannot delete it, cause the delete button is like a simple
turn back botton, and doesn't make his work, nothing
in the if(isset($_POST['delete'])) condition seems to work.
May the problem be that I'm using two void action
that refer to the same page? cause the first button
work and the second not.
Anyone can understand why?
<html>
<header></header>
<body>
<!-- START PHP -->
<?php
//If not submit i put the submit form
if(!isset($_POST['send'])){
echo "<form name='send' action='' method='POST'>
<input type='text' name='text' value=''/>
<input type='submit' name='send' value='send' />
</form>";
}<!-- IF END -->
//If submit was set I insert $text into the db and I render
//the delete button
else {
$conn= mysql_connect('localhost','root','');
mysql_select_db('db_try',$conn ) or die(mysql_error());
$dato=$_POST['dato'];
mysql_query(" INSERT INTO test (value) VALUES ('$text') ") or die(mysql_error());
echo "Operation complete";
//Now i render the delete submit button...
echo "<form name='delete' action='' method='POST'>
<input type='submit' name='delete' value='delete' />
</form>";
//...and if i push it NOTHING, like it's only
//a return to the first form button
if(isset($_POST['delete'])){
mysql_query(" DELETE FROM test WHERE value='$text' ") or die(mysql_error());
echo "<br>Text'".$text."' deleted";
}
}<!-- ELSE END-->
?><!-- END PHP -->
</body>
</html>

There is a logic problem with your code. When the delete button is clicked, the script runs again. The first condition you have - if(!isset($_POST['send'])) will now pass, since the send button is no longer set, and so it goes into the if statement and never runs your delete code.
Your script also appears to be vulnerable to SQL injection.

Here is the right way to do this, it is a quick tip, you need to work a little more on mysql insert security etc.
<html>
<header>
<body>
<?php
$conn= mysql_connect('localhost','root','');
mysql_select_db('db_try',$conn ) or die(mysql_error());
if(isset($_POST['send'])){
$text = $_REQUEST['text'];
mysql_query(" INSERT INTO test (value) VALUES ('$text') ") or die(mysql_error());
$answer = "Operation complete";
$form = "<form name='delete' action='' method='POST'>
<input type='submit' name='delete' value='delete' />
</form>";
}
else if(isset($_POST['delete'])){
mysql_query(" DELETE FROM test WHERE value='$text' ") or die(mysql_error());
$answer = "Text'".$text."' deleted";
}
else {
$form = "<form name='send' action='' method='POST'>
<input type='text' name='text' value=''/>
<input type='submit' name='send' value='send' />
</form>";
}
print "<h1>" . $answer . "</h1>";
print $form;
?>
</body>
</header>
</html>

I think it may also work...
if (!isset($_POST['submit']) || isa($_POST['submit'] != 'login'))

Related

Get data not pulling through

This is my HTML form:
<form action='buddy_update.php'>
<input type='text' name='buddy1' required='' placeholder='Player ID / E-mail'>
<input type='hidden' name='id' value=''%".$id."%''>
<input type='submit' value='Request Buddy #1!'>
</form>
This is my PHP on buddy_update
<?php
include 'credentials.php';
$id=$_GET['id'];
$buddy1=$_GET['buddy1'];
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$id=$_GET['id'];
$buddy1=$_GET['buddy1'];
$sql = "UPDATE buddy SET buddy1_id = '".$buddy1."' WHERE main_player = '".$id."'";
if (mysqli_query($conn, $sql)) {
echo $id;
echo $buddy1;
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
?>
$buddy1 comes through absolutely fine but $id doesn't.
For what it's worth I have also changed the value='' to a plain text input on the HTML form and it still doesn't work. The output in the PHP form is still blank.
EDIT
No idea why I've defined variables twice! Took the one out but still same problem

There are few things to consider:
Your html form should be in .php file
Your form needs to have method='get', <form action='buddy_update.php' method='GET'>
<input type='hidden' name='id' value="<?php if(isset($_GET['id'])){echo $_GET['id'];}?>"> in case you are getting this GET variable`

Your code can't access the $id value.
Why don't you try this
<input type='hidden' name='id' value='<?php echo $id ?>'>
assuming you define $id above this statement

You have to ensure that the input (hidden) always has a value.
Else it will throw invalid index error.
$id is not getting any value here:

It seems you have defined form in php.Since $id states that variable is defined in php.
so you can try to replace your code with some thing like below code
echo "<form action='buddy_update.php'>
<input type='text' name='buddy1' required='' placeholder='Player ID / E-mail'>
<input type='hidden' name='id' value='".$id."'>
<input type='submit' value='Request Buddy #1!'>
</form>";

Delete button not working in PHP/MySQL

My query is not working in deleteartikel.php, it doesn't delete anything out of the database.
In form.php I made a delete button but it doesn't delete the row itself. I can't find the mistake.
form.php
<?php
include 'dbconnect.php';
$sql = "SELECT * FROM artikel";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<tr>";
echo "<td>".$row['Productcode']."</td>";
echo "<td>".$row['Product']."</td>";
echo "<td>".$row['Type']."</td>";
echo "<td>".$row['Fabriekcode']."</td>";
echo "<td>".$row['Inkoopprijs']."</td>";
echo "<td>".$row['Verkoopprijs']."</td>";
echo "<td><form action='deleteartikel.php' method='post'>
<input type='submit' name='delete' value='delete'>
</form></td>";
}
} else {
echo "0 results";
}
$conn->close();
?>
</tbody>
</table>
</div>
<!-- Footer navigatie -->
<footer>©ToolsForEver 2017 alle rechten voorbehouden.</footer>
</body>
</html>
deleteartikel.php
<?php
if(isset($_POST['delete'])) {
include('dbconnect.php');
$productcode = $_POST['Productcode'];
$conn->query("DELETE FROM artikel WHERE Productcode = '$productcode'");
header('Location: artikel.php');
}
?>

You never post the product code so the query fails, there is no value sent. You have to add a hidden field to your form:
echo "<form action='deleteartikel.php' method='post'>
<input type='hidden' name='Productcode' value='". $row['Productcode'] ."'>
<input type='submit' name='delete' value='delete'>
</form>";
Little Bobby says your script is at risk for SQL Injection Attacks. Learn about prepared statements for MySQLi. Even escaping the string is not safe! Don't believe it?
In addition, as Fred pointed out above, a form cannot be the child of a table cell, so you need to refactor your code such that you have a form containing a table for each row.
Error checking in deleteartikel.php would have revealed the issue with the missing value for your query. Without error checking in the script you can find the errors in your web server's error logs.

How to use string from condition1 into condition2?

I have the following code:
<form action='' method='POST' id='form1'>
imdbcode : <input type='text' id='imdbcode' name='imdbcode' /><br/>
<input type='submit' name='submit' value='Get'/>
</form>
<?php
if(isset($_POST['submit'])){
.
.
.
$title = ... ;
echo "
<form action='' method='POST' id='form2'>
<input type='submit' name='Send' value='Send'/>
</form>";
}
if(isset($_POST['Send'])){
//I WANT TO USE $Title from condition1
} ?>
I want to use $title in second condition.
It prints $title in first condition! But doesn't print after closing condition!
How can I do that?

You can't.
Before you can enter the if(isset($_POST['Send']))
you need submit this one:
echo "
<form action='' method='POST' id='form2'>
<input type='submit' name='Send' value='Send'/>
</form>";
but the moment you submit this, the page will be refreshed and $_POST['submit'] will be deleted, without this variable the $title will not exist.
to fix this or make the $title value alive until the next refresh of the page. you must include the $title value along with the form2.
echo "
<form action='' method='POST' id='form2'>
<input type='hidden' name='title' value="$title"/>
<input type='submit' name='Send' value='Send'/>
</form>";
and when the user send that form2 you can access the title by using
$_POST['title']

As two your forms are different - there's no connection between them unless you explicitly provide it.
Simple solution can be just echo your $title as a hidden field in a form:
if(isset($_POST['submit'])){
$title = ... ;
echo "
<form action='' method='POST' id='form2'>
<input type='hidden' name='title' value='" . $title . "'/>
<input type='submit' name='Send' value='Send'/>
</form>";
}
if(isset($_POST['Send'])){
echo $_POST['title'];
// do other stuff
}
Another solution is to use sessions:
if(isset($_POST['submit'])){
$title = ... ;
$_SESSION['title'] = $title;
echo "
<form action='' method='POST' id='form2'>
<input type='submit' name='Send' value='Send'/>
</form>";
}
if(isset($_POST['Send'])){
echo $_SESSION['title'];
// do other stuff
}
In case of using sessions don't forget to use session_start and probably to unset $_SESSION['title'] in the end of second submit.

<form action='' method='POST' id='form2'>
<input type='hidden' name='text' value='<?php echo $title; ?>
<input type='submit' name='Send' value='Send'/>
</form>
Try to add a hidden input before the Send button.

how to use two form's post value together

I have a form on a page like:
<form action='search.php' method='POST'>
<input type='text' name='specialist' />
<input type='submit' name='submit' />
</form>
on search page there is another form like
<form action='' method='POST'>
<input type='submit' name='anygender' />
</form>
then i am using
if(isset($_POST['anygender'])){
$speciality = $_POST['speciality'];
echo $speciality;
$a = mysql_query("SELECT * FROM find_doctor WHERE doctor_type LIKE '%$speciality%'");
while ($b = mysql_fetch_array($a)){
echo "<img src='$b[image]' height='150px' width='300px'>"."</br>";
echo $b['name']."</br>";
echo $b['doctor_type']."</br>";
echo $b['location']."</br>";
echo $b['insurance']."</br>";
echo $b['comments']."</br>";
echo $b['address']."</br>";
}
}
then $specialist is showing blank and sql query not working..I want to use both form's post value together.Please tell me how to use first form post value in this. Thanks in advance

Why you need two forms?
<form action='index.php' method='POST'>
<input type='text' name='specialist' />
<input type='submit' name='anygender' />
<input type='submit' name='submit' />
</form>
Maybe you can use one form and check buttom?

Use this code. Check $_POST['submit'] in if condition.
if(isset($_POST['submit'])){
$speciality = $_POST['speciality'];
echo $speciality;
$a = mysql_query("SELECT * FROM find_doctor WHERE doctor_type LIKE '%$speciality%'");
while ($b = mysql_fetch_array($a)){
echo "<img src='$b[image]' height='150px' width='300px'>"."</br>";
echo $b['name']."</br>";
echo $b['doctor_type']."</br>";
echo $b['location']."</br>";
echo $b['insurance']."</br>";
echo $b['comments']."</br>";
echo $b['address']."</br>";
}
}

how to update values into database on submit?

I am tring to do a script for update user info from database. For this I have used textboxex to fetch userinfo from db for any userID entered and to edit the same to update. My code is
<form method="POST" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
ENTER USER ID TO UPDATE DATA:<br/>
<input type="text" name="userid" value="<?php if(isset($_POST['userid']))echo $_POST['userid'];?>">
<input type="submit" name="submit" value="Find Details"/>
</form>
<?php
if(isset($_POST["submit"])){
$userID=$_POST['userid'];
if(!$userID){
echo "<script>alert('Please fill all the details.')</script>";
exit(0);
}
global $conn; // Create connection
$conn = mysqli_connect('localhost', 'root','root','test');// Check connection
if (!$conn){
die("Connection failed: " . mysqli_connect_error());
}
$query="SELECT * FROM user WHERE ID='$userID'";
$result=$conn->query($query);
$row=$result->fetch_array();
if($row!=null){
$id=$row['ID'];
$name=$row['name'];
$username=$row['username'];
$type=$row['type'];
//$action=echo "<?php echo htmlspecialchars($_SERVER['PHP_SELF']);";
echo "<div id='item'>";
echo "<form action='' method='post'>";
echo"Existing Data is as:<br><br>";
echo "User ID:<input type='text' name='idval' value='$id' wrap='physical'><br><br>";
echo "Name:<input type='text' name='nameval' value='$name' wrap='physical'><br><br>";
echo "User Name:<input type='text' name='userval' value='$username' wrap='physical'><br><br>";
echo "User Type:<input type='text' name='typeval' value='$type' wrap='physical'><br><br>";
// echo "<input type='submit' name='update' value='UPDATE'>";
echo "</form>";
echo "</div>";
}?>
This is working fine and as expected. Now what I want is that as soon as when I hit that update button values changed/edited/updated values should be get updated and then displayed back to user. I have my update query and it is working fine on DB when tested. How can implement the same in php?

Redirect again to the URL you are using to get reflected changes, OR put your update query before select query so you can get updated value in select query.

We Keep Coding

PHP, A popular general-purpose scripting language that is especially suited to web development.

PHP if(isset($_POST...)) condition FAIL - php

I think it may also work... if (!isset($_POST['submit']) || isa($_POST['submit'] != 'login'))

Related

Get data not pulling through

Delete button not working in PHP/MySQL

How to use string from condition1 into condition2?

how to use two form's post value together

how to update values into database on submit?

Categories

Resources