In my HTML form I need the URL output like this:
"example.com/mycontroller/action/mike/apple"
When I submit form with "post" my form values are not visible and can be get through "_POST". I don't prefer this because it makes output like this: "example.com/mycontroller/action/"
When I submit with "get" my form becomes "example.com/mycontroller/action?type=mike&key=apple"
I also don't prefer to change form action with javascript, like: "onSubmit take value of select and append it to form action" Because I don't want this snippet be javascript dependent.
I can submit form with "get" or "post" parse system variables of POST or GET and make a redirection. Like this:
Redirect this "example.com/mycontroller/action?type=mike&key=apple" to this "example.com/mycontroller/action/mike/apple"
But I didn't find this solution well designed.
Is it possible to pass form values with slashes (other than questiın marks)
< form class="well form-horizontal" id="myform"
method="get" action="/mycontroller/action" >
<select name="type" id="type">
<option value="mike" selected="selected">
mickey bricks</option>
<option value="albie">albert</option>
</select>
<input type="text" name="key" class="input-xlarge"
id="key" required="required">
<button type="submit" class="btn btn-primary" id="submit">
submit
</button>
</form>
If you make a POST form, it doesn't really matter where does it post to, what matters is where does it redirect. Many site searches redirect you to www.domain.com/search/search_terms so if this is a search form, there is nothing wrong with redirecting to ../action/mike/apple.
Additionally, if it is a POST form, it will not be filled in by the search crawlers (or at least not to my knowledge), so again it shouldn't matter where does the form post to, what matters is the return value and where does it redirect.
It all really depends on what are you trying to accomplish.
Related
So I'm trying to submit a page to itself while retaining the current query string of the page.
So the page is sb.local/sb/cat.php?brandcode=JM&t=cat_items I pull off the query string and stick it back into the html form to preserve the parameters. This is the resulting form:
<form id="brand-select" method="get" action="?brandcode=JM&t=cat_items" name="brand-select">
Brand:
<select id="brandcode" style="width:207px" tabindex="3" name="brandcode" required="">
<option value=""></option>
<option class="brand-option" value="AX" data-brandid="110"> Aetrex </option>
<option class="brand-option" value="AL" data-brandid="12"> Alden </option>
<option class="brand-option" value="ETC" data-brandid="11"> Etc </option>
</select>
<input type="submit" value="go">
</form>
When I submit the form by choosing the dropdown for Aetrex (value AX), however, it goes to a url of:
sb.local/sb/cat.php?brandcode=AX
in other words, it cuts out the "t=cat_items" that is in the action. It also cuts out the "brandcode=JM" but I would almost expect that since they're duplicates.
That's not what I expected, I expected that if there is a query string in the action attribute, it would append form values to that query string (e.g. sb.local/sb/cat.php?brandcode=JM&t=cat_items&brandcode=AX. Instead it seems to be replacing the query string entirely with only those elements that are in the form.
Is the form action attribute not usable for storing query parameters, only more basic url info?
Edit: Note that I can work around this by parsing every parameter and then putting each parameter into its own hidden field manually, except for any parameters that I want to allow to change, I was just hoping that there was some kind of simpler way.
I tested with a non-conflicting query string and that was replaced in whole even when there wasn't a conflict (in Firefox), so based on that it seems that query strings are useless in the action attribute of get forms? Or am I missing something.
I know this is an old question, but the solution is actually pretty simple (and neat!).
All you have to do is sending the querystring with hidden input fields in the format name="key" and value="value".
?brandcode=JM&t=cat_items would "translate" into:
<input type="hidden" name="brandcode" value="JM" />
<input type="hidden" name="t" value="cat_items" />
Completely remove the querystring from your action.
Change your code to:
<div>
<form action="?brandcode=&t=" method="get">
....
</form>
You can use "POST" method instead of "GET" method for form submission, if the method doesn't matter.
So im trying to create a search for a name but when i click the sumbit button it goes to websitelink.com?=name=Nighel but i want it to go like this websitelink.com/Nighel/
Yes i'm already using htacces thats why the ?= doesnt work for me
I cant seem to figure out how to sort this out.
This is for searching based on name in my logs
What i use for grabbing the name
$name = isset($_GET['playername']) ? $_GET['playername'] : "";
<div class="ironman-nav">
<form>
<span class="ironman-nav__option">Search for username</span>
<input class="ironman-nav__option" type="text" name="playername" placeholder="Username..." autocomplete="off">
<input class="ironman-nav__option" type="submit" value="Submit">
</form>
</div>
You can solve this with javascript changing dynamically the form action attribute with the input value when a key is pressed over it or before submit the form.
The client side is not aware of your server rewrite rule
For the client test in website.com/test/ is just part of the URL, so if you want the browser to submit the form to website.com/test/ then set the action attribute of the form as website.com/test/
if you want the test part to be variable then you have to build the URL of the form dynamically. something like this
<div class="ironman-nav">
<form action="https://website.com/<?=$name?>">
<span>Search for username</span>
<input type="text" name="playername">
<input type="submit" value="Submit">
</form>
</div>
I'll break down my response into two parts, the first explaining the behavior of the original code, and the second will contain possible implementation routes.
HTML forms, by default, will take collate all the input tags (<input>, <textarea>, <select>, etc) as a dictionary, where the key is the node's name (the attribute) and the value is the node's value (also the attribute).
So in your case,
$name = isset($_GET['playername']) ? $_GET['playername'] : "";
<div class="ironman-nav">
<form>
<span class="ironman-nav__option">Search for username</span>
<input class="ironman-nav__option" type="text" name="playername" placeholder="Username..." autocomplete="off">
<input class="ironman-nav__option" type="submit" value="Submit">
</form>
</div>
Will do the following, on submit:
Create a dictionary containing the following key-value pairs: playername=VALUE_FROM_PLAYERNAME_INPUT
Make a GET request to the current page with the above parameters: GET /thispage?playername=VALUE_FROM_PLAYERNAME_INPUT
Since you wanted the request to go to /thispage/VALUE_FROM_PLAYERNAME_INPUT instead, you will need to modify the submission event handler for that form. Unfortuneatly it appears that Accountant م's won't worry for you since you don't have the target username at the time the search page is loaded (so the action attribute of the form tag cannot be pre-populated with the target user).
var searchForm = document.querySelector('.ironman-nav form');
searchForm.addEventListener('submit', function(evt) {
searchForm.action = '' + searchForm.querySelector('input[name="playername"]').value;
});
The reason I put an empty string in the search form action is in case you needed to prefix the action URL with anything. For example, if your search page and results page was called search.html, then searchForm.action = 'search.html' + searchForm.querySelector('input[name="playername"]').value;. You have to do this because it is a relative URL (action URL does not begin with a protocol or slash), and as such the browser will search for that resource starting from the parent of the current page.
I want to send the text inside the input field to the URL and trigger the $GET function.
<form action="" method="get">
URL:<input type="text" name="url" size="100px" placeholder="URL"/>
<select name="url">
<option value="<?php filter_var($_GET['url'],FILTER_VALIDATE_URL); ?>">testdomain1.de</option>
<option value="test2">testdomain2</option>
<option value="test3">testdomain</option>
</select>
<input type="submit" value="Send"/>
</form>
It works but link is malformed:
I want this:
http://127.0.0.1/title/index.php?url=http://www.tech.de/news/google-will-kein-eigenes-auto-mehr-bauen-10092492.html
but I get this
http://127.0.0.1/title/index.php?url=http%3A%2F%2F127.0.0.1%2Ftitle%2Findex.php%3Furl%3Dhttp%3A%2F%2Fwww.tech.de%2Fnews%2Fgoogle-will-kein-eigenes-auto-mehr-bauen-10092492.html&url=%3Cbr+%2F%3E%0D%0A%3Cb%3ENotice%3C%2Fb%3E%3A++Use+of+undefined+constant+url+-+assumed+%27url%27+in+%3Cb%3EC%3A%5Cxampp%5Chtdocs%5Ctitle%5Cindex.php%3C%2Fb%3E+on+line+%3Cb%3E22%3C%2Fb%3E%3Cbr+%2F%3E%0D%0A
could you help me?
ok i read the comments, and changed to this:
<?php filter_var($_GET['url'],FILTER_VALIDATE_URL); ?>
but it doesn't working, there is no way to paste the plain text to the url?
There is the way to get plain text to url, but it's not secure, because you must not use sanitizing like filter_var or htmlspecialchars.
Also, $_GET['url'] is not set before submitting the form so first send will lead to errors.
Option here is to include javascript to set action in form on keyup and then, when you press submit, you will be redirected to this url. If this is not what you want, please, tell us what your script need to do to get the correct answer.
I have a drop down list in a html document, the options in the drop down are obtained via a PHP GET request, with Ajax populating the HTML document (Done on page load). The purpose of the drop down is to select an option, click the button, where the map will zoom to the extent. However the POST request for the selected option doesn't return anything.
Is there any reason for this?
HTML
<form id="form" method="post" action="php/zoom.php">
<select id="selectProp" name="selectProp">
<optgroup class="zoomProp_OG" id ="zoom">
</optgroup>
</select>
<input type="button" value="Zoom to property" onClick="zoomToProp()">
</form>
PHP
$attribute = $_POST['selectProp'];
<input type="button"> is for a button that doesn't do anything (unless you hang JavaScript off it). Your form isn't being submitted so there is no POST request and the PHP doesn't run..
You need <input type="submit"> (or Ajax).
Kinda strange...
I'm building a shopping cart. When the user types the quantity he wants and hits "add to cart", the <form> action should redirect them with a PHP $_SERVER['QUERY_STRING'] AND some other information (i.e. the product id, fetched in MySQL).
Here's my form, all in a PHP echo...
<?php
echo '<form method="GET" action="cart.php?'.$_SERVER['QUERY_STRING'].'&action=add&item_id='.$data->item_id.'">
<small>Quantity </small><input type="text" size="2" placeholder="1" name="add_quantity">
<input type="submit" name="add_clicked" class="button" value="Add to Cart">
</form>';
?>
Upon submission, the URL redirects to cart.php but only includes the query string, but leaves out the item id and the action=add.
Supposing I typed '2' in the quantity box, the URL looks like this cart.php?add_quantity=2 and nothing after that.
Would appreciate help!
Thanks!
When you submit a form via GET, the form data submission process will overwrite any existing query string that might be set in the address you put into the action attribute.
Use hidden form fields instead to transport your additional values.
(And as #Simon already said in his comment, go read up on what you have to do to prevent XSS when outputting data that was send from the client before.)
Submitting a form with GET will overwrite any query string you'd put in the url (I'm not sure what you wanted to do with your $_SERVER['QUERY_STRING'] though as that would give the query string used to access the page where your form is.
What you'll want to do is to use hidden input fields in your form for your action and item_id attributes.
<form method="GET" action="cart.php">
<input type="hidden" name="action" value="add"/>
<input type="hidden" name="item_id" value="<?=$data->item_id?>"/>
<small>Quantity </small><input type="text" size="2" placeholder="1" name="add_quantity">
<input type="submit" name="add_clicked" class="button" value="Add to Cart">
</form>
Upon submission this will go to the url cart.php?action=add&item_id=1234&add_quantity=2
Alternatively you could (and most likely should) submit the form via POST; then any data in the form will be sent as POST parameters and the query string parameters defined in your action will be kept.
Pass the info in the query strings via a hidden field. So let's assume you're passing the account number in the query string, it would look like this:
<input type="hidden" name="account_number" value="$account_number">