I have a simple php test page as follows
<?php
if(isset($_POST['hitme']))
{
echo "hello world";
}
?>
I'm hitting this page as, http://www.abc.com/page.php?hitme=true but this is not echo'ing anything. Is something wrong with this?
Use $_GET['hitme'], not $_POST, since you passed the value in the query string. $_POST would hold values sent via a <form action='post'>, but not values passed in the query string.
if(isset($_GET['hitme'])) {...}
It's recommended to read about the differences between PHP's superglobal arrays.
$_POST only contains variables which are posted to the page as part of an HTTP POST request. If you are typing the address into your browsers address bar, you're issuing a GET request, not a POST request, and no variables will be set in $_POST. Even if you are issuing a POST request, variables specified on the query string will still only be available inside $_GET, so for this example your using the wrong array either way.
You must use $_GET instead of $_POST when it's in the URL
If it's in the URL, e.g. http://example.com/index.php?hitme=true, it's in $_GET.
However, if you want it to be in $_POST, you'd have to do something like this (very basic example):
<form method="post" action="page.php">
<input type="checkbox" name="hitme" value="true" />
<input type="submit" value="Post data!" />
</form>
This script will allow the user to check it if wanted, and then click "Post data!".
However, it won't be in $_POST as long the user didn't click the button.
As for $_GET, it will be there as long as it's in the URL.
Or you can use $_REQUEST['hitme'], this one will check both $_POST['hitme'] and $_GET['hitme']
Related
I am writing PHP code for my hosting web page.
I create a search domain filled on page with $_GET to check if domain was available. I need to protect my $GET function in code.
The $GET code to process searching of a domain:
if(isset($_GET['search'])){
$domena = ($_GET['search']);
}
HTML CODE
I have a submit button with FORM POST ACTION and I get the URL:
www.domain.com/index.php?search=domain.com
I need know if I can hide the URL search=domain.com
Note - I don't want to use AJAX or other language, just PHP.
If you want to hide search parameter, then send it by POST method and accept it by $_POST instead of $_GET.
if(isset($_POST['search'])){
$domena = ($_POST['search']);
}
Have you thought about using the $_POST method? The data sent from the user will be in the HTTP request and not in the url. The $_GET method would be posted in the url.
Mozilla does a good job explaining this.
Make sure to specify method $_POST in your form. For example:
<form action="http://foo.com" method="post">
<input name="say" value="Hi">
<input name="to" value="Mom">
<button>Send my greetings</button>
</form>
Then to retrieve your data, use the same code you posted in your question but change $_GET to $_POST
I want to POST values coming from a url .
My url is xxx.com/aa.php?name=RAM
On aa.php page I have written like this
<?php $NAME=$_POST["name"]; ?>
but its value is getting null .
but when using GET Method its values is getting as 'RAM'.
How can I retrieve values using POST from a url ? or is it not possible?
Use $_GET instead of $_POST
<?php $NAME=$_GET["name"]; ?>
If you are not sure about $_GET & $_POST method then you can try $_REQUEST also.
$NAME=$_GET["name"]; //work in get method
$NAME=$_POST["name"]; //work in post method
$NAME=$_REQUEST["name"]; //work in both method
When the parameter is in the URL it is a GET parameter.
You can not fetch a GET parameter from the $_POST array, but the $_GET array.
You can also use the $_REQUEST Array to get both POST and GET variables.
In your case, the GET variable with the key name is RAM, as it should be.
edit:
Worth to mention is that the $_REQUEST array pretty much is a concatenation of $_POST, $_GET and $_COOKIE, so it might behave unexpected if any of the others (than the one you are after) are using the same key names.
I would recommend using the type you are actually wanting, in this case, the $_GET list.
The only solution to pass the data with hidden method is either you should use curl or using form submission with post method like
<form name="" action="aa.php" method="post">
<input typ="hidden" name="name" value="RAM">
<input type="submit" name="submit" value="submit">
</form>
then you can get this as
$_POST['name']
on aa.php page
if you are not sure about your method i.e. $_GET or $_POST.you should use $_REQUEST.
$NAME=$_REQUEST["name"];
for more information:http://www.tutorialspoint.com/php/php_get_post.htm
I have a https page named user.php that gets data and posts it to another receiving.php https page. My problems is whenever I submit my data for posting the receiving.php displays server error. I have read articles about cURL but I don't have a clear picture of the syntax.
user.php
<form action="https://www.mydomain.com/ssl/receiving.php">
<input type="text" name="variable" />
<input type="submit" name="buttonName" />
</form>
receving.php
if(isset($_POST["buttonName"]))
{
$variable=$_POST['variable'];
}
You want to add method="POST" to your form tag. By default it'll submit through GET. If that doesn't work, try var_dump($_POST) in receiving.php to see exactly what's coming through. cURL is mainly for when you want a script to make a request to a server on its own. A form submit shouldn't need to worry about cURL.
What error are you receiving though? This shouldn't display an error as your isset() should just return false.
you need to use the $_GET method instead of $_POST because $_GET is a method that displays your request in the form in URL. while $_POST for security reason is just getting data from the form and not displaying the actions you've requested.
<form action="https://www.mydomain.com/ssl/receiving.php">
if you want to use $_POST you need to make your form method set to method="POST" or by default your method form is using "GET".
So you instead of using $_POST , you need to use $_GET in your case.
I have my index.php page that sends values over to edit.php via $_GET/html link. I can see the values go, including the table ID I want to use using echo statements. The problem is that I need the specific ID value used in another form using a submit form($_POST). I've tried different approaches including SESSION, making the $ID = $_GET.... I'm pulling my hair out.
Here is the order of things:
//Edit link on index.php sends the id='summary_id', which works
<td align="center">Edit</td>
//Edit.php grabs the variable and I set it to that variable
if(isset($_GET['id']))
echo "<pre>Value of GET \$_GET:</br>";print_r($_GET);echo"</pre>";
{
$summary_id = $_GET['id'];
$summary_id = $_POST['summary_id'];
But, when I try to use $summary_id in a form (using $_POST this time), I get no value. I'm not sure if what I'm trying to do is "legal". I've tried sending the summary_id as a hidden value in the form, but again, nothing is going through. I'm losing it after that initial $_GET.
You are doing wrong.You are overwriting the variable that is not available $_POST['summary_id']
if you really want to use post method use this
<form action="edit.php" method="POST">
<input type="hidden" value="<?php echo $row['summary_id'];?>" name="summary_id"/>
<input type="submit" value="EDIT"/>
</form>
or you can use header() to post the value
You are overwriting your own variable. Also, it's clear from this that you don't actually have PHP errors turned on.
You could use $_REQUEST instead as it contains both $_GET and $_POST.
I am reading a script but am stuck on understanding this:
$redirect = base64_decode($_REQUEST['redirect']);
header("Location:$redirect");exit;
because the redirect variable in REQUEST isn't defined anywhere in the script. Prior to this a POST form has been filled in, but there is NO mention of the redirect variable anywhere in the script so I am confused how it is not empty...
EDIT:
here's the form code below. btw like I said, the word 'redirect' doesn't appear ANYWHERE in the script, which is what is confusing me.
<form name="login" action="{$baseurl}/login" method="post">
{$lang12}
<input type="text" name="username" />
{$lang11}
<input type="password" name="password" />
<input type="submit" value="{$lang18}" />
<div class="test"><b>{$lang30}</b> - {$lang19}</div>
<input type="hidden" name="authenticate" value="1" />
</form>
</div>
The $lang stuff is commonly appearing words from an array, e.g login, etc.
I don't think this is possible to answer for certain without seeing the actual code but $_REQUEST holds all the variables in $_GET, $_POST and $_COOKIE.
A form can actually populate both $_GET and $_POST if its method is set to 'post' and its action is a url with url encoded variables. Thus the form might be posting all of its data to a url and then adding get variables to the end of that url. For example:
<form method='post' action='example.php?var=test'>
<input name='var2' id='var2' />
</form>
If that form were submitted, the following would be defined: $_POST['var2'], $_GET['var'], $_REQUEST['var2'], $_REQUEST['var'].
$_COOKIE could also be putting hidden variables in $_REQUEST.
$_REQUEST
An associative array that by default
contains the contents of $_GET, $_POST
and $_COOKIE.
So if you have $_POST['redirect'], $_GET['redirect'] or $_COOKIE['redirect'], $_REQUEST['redirect'] will be defined. Try to put:
var_dump($_POST['redirect']);
var_dump($_GET['redirect']);
var_dump($_COOKIE['redirect']);
To find out where it's coming from.
it have so much possibility that the redirect variable is a cookies. if you cannot find it at the form.
var_dump($_REGISTER);
that will list all your input variable associated with POST, GET and COOKIES.
If it's not empty what's the content of it?
I think it should be something like this...
$redirect = base64_decode($_GET['redirect']);
if(!empty($redirect){
header("Location: $redirect");
exit;
}
It doesn't matter that it's not in the script, you can set it via GET,
eg /yourform.php?redirect=index.php
Is it causing unwanted redirection?