I'm trying to create a form where the user can input their id (username) and it will be appended as a variable in a url that is used in my php script. This is what I have.
<?php
if(isset($_POST['submit']))
{
$id = $_POST['id'];
echo 'http://example.com/default.asp?action=data&id=$id';
}
?>
<form method="post" action="<? echo $_SERVER['PHP_SELF']; ?>">
<input type="text" name="id"><br>
<input type="submit" name="submit" value="Submit Form"><br>
</form>
It collects the user's id properly, and if i just echo $id, it outputs the proper value, but when I try to echo the url, it just outputs $id instead of the actual value of the $id variable. What am I doing wrong?
echo "http://example.com/default.asp?action=data&id=$id";
^---wrong quotes ^--- ditto
single-quoted strings do not interpolate variables.
Single quotes won't interpolate the variable, either use double quotes or use string concatenation.... Three options:
echo "http://example.com/default.asp?action=data&id=".$id;
or
echo "http://example.com/default.asp?action=data&id=$id";
or
echo 'http://example.com/default.asp?action=data&id='.$id;
This line:
echo 'http://example.com/default.asp?action=data&id=$id';
Should be
echo 'http://example.com/default.asp?action=data&id='.$id;
If you are using single quotes in PHP with a string it will print whatever is inside the string without evaluating anything (ie no variables are evaluated). So you can either use double quotes or append the variable like I did above.
Related
I get the variable in echo $id; and the hyperlink can pass the value.
In third line's id=$id it is not displaying the value It is directly displaying $id.
$id= $_GET['id'];
echo $id;
echo '<input type="text" value="localhost/anews/singleeng.php?id=$id" id="myInput">
echo "<a href='generateeng.php?id=$id'> Link </a>";
That's because in the third line you are using a single quote.
In php single quoted strings will display things almost completely "as is." Variables and most escape sequences will not be interpreted.
This should work.
$id = $_GET['id'];
echo '<input type="text" value="localhost/anews/singleeng.php?id='.$id.'" id="myInput">';
For more details on single vs double quoted string have a look at this answer
I'm trying to build a comment system, each comment has a unique id, many comments can be associated with a post, and each post has a unique id. I want to pass the post id to a submit.php file (where comments are update to the database), but no matter what I tried I just can't pass the data. Currently I have something like this:
$sql="SELECT postid,post,pdate FROM posts";
$result = mysql_query($sql);
while($row = mysql_fetch_array($result)) {
echo '$row["post"]';
echo '<form action="submit.php" method="POST">';
echo '<input name="comment" type="text" id="comments"></input>';
echo '<input type="hidden" name="id" value="$row["postid"]" />';
echo '<input type="submit" value="enter comments" />';
}
?>
for testing purpose I have submit.php as follows,
<?php
$ha=$_POST['id'];
echo $ha;
?>
data of postid is not passed, and I just got "$row[" as output.
inside the while loop if I say $haha=$row["postid"]; echo "$haha"; then each individual post id will be printed correctly, but I just cannot pass the data to submit.php file.
update: I just changed my code to :
echo '<input type="hidden" name="id" value="' . $row["postid"] . '" />';
Now a number is succesfully passed to submit.php, the problem is ,it's always "3". My post id ranges from 3 to 13, post with id=3 is at the bottom of the page and post with id=13 is at the top.However,if I write a comment at the post with id=13(same issue occur to other posts as well), after clicking submit, the data passed to submit.php is always 3. Is there something wrong with the while loop?
Another update: it's always 3 because i forget to close the form tag, now everything worked perfectly
you're using single quote, so you cannot insert variables inside of string, use
echo '<input type="hidden" name="id" value="' . $row["postid"] . '" />';
In PHP, you can wrap a string in single-quotes ('), or double quotes (").
When you use single quotes, the string is not interpreted - this means that all the characters are left intact, and no variables are parsed.
When you use double quotes, any variables in the string will be replaced with their value.
In your case, you're using single quotes, so your variable is not being interpreted and converted. Instead, use double quotes:
$sql="SELECT postid,post,pdate FROM posts";
$result = mysql_query($sql);
while ($row = mysql_fetch_array($result)) {
echo $row["post"];
echo '<form action="submit.php" method="POST">';
echo '<input name="comment" type="text" id="comments"></input>';
echo "<input type=\"hidden\" name=\"id\" value=\"{$row["postid"]}\" />";
//Alternatively, keep the single quotes and use the concatenation method:
//echo '<input type="hidden" name="id" value="' . $row["postid"] . '" />';
echo '<input type="submit" value="enter comments" />';
//Also, if you're opening a form tag in this loop, be sure to close it
echo '</form>';
}
Some other things to note:
When you use double quotes to wrap your string, and you have double quotes inside your string, you must escape them (using a \). Notice name="id" became name=\"id\"; and
When referencing an item in an array within a string, you can either use string concatenation to ensure the full variable is interpreted correctly (value=\"" . $row["postid"] . "\"), or you can leave the variable in place and wrap it in curly brackets - which is my preference and is what is used above. If you're going to use the concatenation method, then you can keep the single quotes wrapping everything else - there are no variables to parse.
When echoing a variable value, you don't need to wrap it in anything - notice I removed the quotes from the first echo.
Here is PHP's documentation on strings, including single and double quoted strings: http://php.net/manual/en/language.types.string.php.
And here is PHP's documentation on string operators: http://php.net/manual/en/language.operators.string.php.
Try adding a conditional at the start of your file like this just to be sure the form is actually submitted properly:
<?php
if(isset($_POST['submit_form'])) {
$ha=$_POST['id'];
echo $ha;
}
with your button like this
<input type="submit" value="enter comments" name="submit_form"/>
and please close your form tag.
You can pass value as follow,
echo '<input type="hidden" name="id" value="' . $row["postid"] . '" >';
Is it possible to add a value to a dynamically created input field?
Im trying something like this: echo "<input value="$row['test']">" but that gives me a syntax error. It has to be in my php file since im calling it via ajax and want to keep my html and php seperate.
Im getting content via ajax and I need to set many field names as there are records in the database.
You can do it like this:
echo '<input value="' . $row['test'] . '">';
Alternatively escape the " (not recommended if not needed, because it is hardly readable):
echo "<input value=\"" . $row['test'] . "\">";
Otherwise you’re mixing quotation marks, which is a syntax error. The . is to combine strings with variables (in this case).
You can also Use:
<input value="<?php echo htmlspecialchars($row['test']); ?>" >
OR
echo "<input name='test' value=".$row['test'].">";
OR
echo "<input name='fred' value='{$row['test']}'>";
Reference
When using certain php values within a quoted string, such as the array syntax in the question, you should either escape from the quotes or encapsulate the variable in curly braces. Also, as the string was quoted with double quotes you should use single quotes around attributes and values.
echo "<input name='fred' value='{$row['test']}'>";
<input type="text" name="post_title" class="form-control" value="<?php
if(isset($post_title))echo $post_title;
?>">
If you want to add it into the HTML
This is my php code. For an example:
<?php
while($row=sqlsrv_fetch_array($result))
{
$ItmName = $row['ItemName'];
}
?>
This is my html:
<input type="text" id="ItmName" name="ItmName" value="<?php echo $ItmName; ?>" />
If the data is as such 3" FILE which have double quotes, in the textbox field it will only be displayed as:
3
which it supposed to be
3" FILE
but IF the data is 3' FILE which is a single quote, it will be displayed as 3' FILE. So there's no problem. So my question is, how to display the data with the double quotes in a HTML input's value.
Always always always escape output that you don't trust.
Use htmlspecialchars (or htmlentities) to escape strings so they are safe to use in HTML.
I understand how a PHP URL works - I think ... but I'm having problems getting the actual value of the variable to be passed in the example below.
Example
Note: I am adding the below form into a data cell (as part of a table being read via PHP).
$currentrowid = 1;
echo '<td>
<div class="editdelete">
<form action="phpindex.php?page=edit&thisrow=<?php echo $currentrowid;?>" method="post">
<input type="submit" value="Edit" >
</form>
</div>
</td>';
... Some other section of code to read the URL output by the form above:
$val = $_POST['thisrow'];
echo "the value is: " .$val; //Outputs "$currentrowid"
So, as you can see the code returns the actual name of the variable being passed, NOT the value of the variable being passed.
Any ideas here?
Since you are already within a PHP block, you should not wrap your variable within <?php ... ?>. This will give you an error.
To make this work, you can choose 1 of 2 options:
1) String Concatenation:
echo '... <form action="phpindex.php?page=edit&thisrow='.$currentrowid.'" method="post"> ...';
2) Wrap your string in " (double quotes) instead of ' (single quotes):
echo "... <form action=\"phpindex.php?page=edit&thisrow=$currentrowid\" method=\"post\"> ...";
Note that the second method forces you to escape all the double quotes inside of your string.
2 point.
<form action="index.php?thisrow=<?php echo $currentrowid ?>"
method="post">
You should use $_POST not $_GET to get the post value.
As what was answered above,
<form action="index.php?thisrow=<?php echo $currentrowid; ?>" method="post">
is correct.
The reason behind this is you are passing HTML and you have to use an echo from php to output to the html. Otherwise you just get exactly what you put, which is $currentrowid.
Not the easiest, but a quick way to solve your problem. Change your form method to get method="get">, then
$val = $_GET['thisrow'];