this is my form, my input reset don't reset all my input and submit don't send my form,
when I press input reset it doesn't work and dont know why and the same happening with submit
what should i do??
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Agregar Publicidad</title>
<link rel="stylesheet" type="text/css" href="../css/EstiloLocales.css"/>
<link rel="stylesheet" type="text/css" href="../libs/css/ui-lightness/jquery-ui-1.8.18.custom.css"/>
<script src="../libs/js/jquery-ui-1.8.18.custom.min.js" type="application/javascript"></script>
<script src="../libs/js/jquery-1.7.1.min.js" type="application/javascript"></script>
<script type="text/javascript">
$(document).ready(function(){
$('.checkin').click(function(){
var labelId = $(this).attr('name');
var colorActual = $('#'+labelId).css('color');
var checkeo = $(this).attr('checked');
$('#COLOSH').val(checkeo);
if(checkeo == 'checked'){
$('#'+labelId).css('color','#f00');
}else{
$('#'+labelId).css('color','#000');
}
var n = $("input:checkbox").length;
var str = '';
for(var cj=1; cj < n; cj++){
var check = document.getElementById(cj+'1').checked;
if(check == true){
str += cj+' ';
}
}
$('#myArr').val(str);
});
});
function cargarCategorias(cadena){
var ar= cadena.split(" ");
if(ar.length < 3){
$('#'+ar+'1').prop("checked", true);
$('#label'+ar).css("color", "#f00");
}else{
ar = ar.split(' ');
for(var i=0;i < ar.length; i++){
$('#'+ar[i]+'1').prop("checked", true);
$('#label'+ar[i]).css("color", "#f00");
}
}
}
function porDefecto(){
$('.label').css('color','#000');
//$(':input').attr('value','');
//$('#descripcion').attr('value','');
}
function loaddefimages(Id)
{
//this.src='../Info/Fotos/fotogenerica.jpg
document.getElementById(Id).src="../Info/Fotos/fotogenerica.jpg";
}
</script>
</head>
<body>
<?php
include "../src/defines.php";
$numero = $_GET['numero'];
$doc = new DOMDocument;
$doc->load(DIR_LOCALES);
$xpath = new DOMXPath($doc);
$elements = $xpath->query('//item[#numero="'.$numero.'"]');
//if ($elements->length >= 1) {
$element = $elements->item(0);
$ar = buscar_categorias( $element->getAttribute('nombre'),DIR_PUBLICIDADES);
if($ar != ''){
$t= implode(' ',$ar);
?>
<script language="javascript">
var cadena = <?php echo $t;?>
cargarCategorias(cadena);
</script>
<?php
}
// }
?>
<form id="form1" name="form1" enctype="multipart/form-data" method="post" action="add_local.php">
<input type="hidden" id="myArr" name="myArr" value="">
<input type="hidden" id="oldvalue" name="oldvalue" value="">
<input type="hidden" id="accion" name="accion" value="1">
<input type="hidden" id="oldName" name="oldName" value="">
<div class="div_principal">
<div class="contenido">
<div class="contenido-uno">
<div class="datos"><!--BEGIN DATOS -->
<div class="datos-uno"><!--BEGIN DATOS UNO -->
<div>
<label for="nombre">Nombre</label>
<input name="nombre" type="text" id="nombre" maxlength="21" style="margin-left:15px;" value="<?php if($element->getAttribute('nombre') == ''){ echo "NO ASIGNADO";}else{echo $element->getAttribute('nombre');} ?>" />
</div>
<div>
<label for="telefono">Teléfono</label>
<input type="text" name="telefono" id="telefono" style="margin-left:10px;" value="<?php if($element->getAttribute('telefono') == ''){ echo "NO ASIGNADO";}else{echo $element->getAttribute('telefono');} ?>"/>
</div>
<div>
<label for="web">Web</label>
<input type="text" name="web" id="web" value="<?php if($element->getAttribute('web') == ''){ echo "NO ASIGNADO";}else{echo $element->getAttribute('web');} ?>" />
</div>
<div>
<label for="correo">Correo:</label>
<input type="text" name="correo" id="correo" value="<?php if($element->getAttribute('correo') == ''){ echo "NO ASIGNADO";}else{echo $element->getAttribute('correo');} ?>"/>
</div>
<div>
<label for="encargado">Encargado</label>
<input type="text" name="encargado" id="encargado" value="<?php if($element->getAttribute('encargado') == ''){ echo "NO ASIGNADO";}else{echo $element->getAttribute('encargado');} ?>"/>
</div>
</div><!--END DATOS UNO -->
<div class="datos-dos"><!--BEGIN DATOS DOS -->
<div>
<label for="numero">Número</label>
<input type="text" disabled="disabled" style="margin-left:30px;" name="numero" id="numero" value="<?php echo $element->getAttribute('numero') ?>" />
</div>
<div>
<div>
<label for="descripcion"> Descripción</label>
</div>
<div style=" position:relative; top:-20px; left:100px;">
<textarea name="descripcion" id="descripcion" style="width:240px; height:100px;" ><?php if($element->getAttribute('descripcion') == ''){ echo "NO ASIGNADO";}else{echo $element->getAttribute('descripcion');} ?></textarea>
</div>
</div>
<div>
<label for="promocion">Promoción</label>
<input type="text" name="promocion" id="promocion" value="<?php if($element->getAttribute('promocion') == ''){ echo "NO ASIGNADO";}else{echo $element->getAttribute('promocion');} ?>" style="margin-left:15px;" />
</div>
</div>
</div><!-- FIN DATOS -->
<div class="imagenes"><!-- BEGIN IMAGENES -->
<div class="ima-uno">
<div class="div-foto">
<img id="foto" onerror="javascript:loaddefimages(this.id);" src="../Info/Fotos/Localimg/<?php echo strtolower($element->getAttribute('numero').'jpg'); ?>" alt="Foto" name="foto" width="310" height="115" />Imagen 297 x 110 px
</div>
<div class="div-btn">
<img src="../src/Img/paneldecontrol-15.png" width="23" height="23" style="position:absolute;" />
<input style="width:67px; z-index:2; opacity:0;" type="file" name="dir_foto" />
</div>
</div>
<div class="ima-dos">
<div class="div-logo">
<img id="logo" src="../Info/Fotos/logos/<?php echo strtolower($element->getAttribute('numero').'png'); ?>" onerror="javascript:loaddefimages(this.id);" alt="logo" width="150" height="115" /></div>
<div class="div-btn-logo">
<img src="../src/Img/paneldecontrol-15.png" width="23" height="23" style="position:absolute;" />
<input style="width:67px; z-index:2; opacity:0;" type="file" name="dir_logo" />
</div>
</div>
</div>
</div>
<div class="contenido-dos">
<div class="div_cat">
<?php
$docCat = new DomDocument;
$docCat->preserveWhiteSpace = FALSE;
$docCat->load(DIR_CATEGORIAS);
$parCat = $docCat->getElementsByTagName('categoria'); // Find Sections
$contador=0;
foreach($parCat as $parametro){
?>
<div>
<input id="<?php echo $parCat->item($contador)->getAttribute('id'); ?>1" class="checkin" type="checkbox" name="label<?php echo $parCat->item($contador)->getAttribute('id'); ?>" />
<label id="label<?php echo $parCat->item($contador)->getAttribute('id'); ?>" class="label" for="a"><?php echo $parCat->item($contador)->getAttribute('nombre'); ?></label>
</div>
<?php
$contador++;
}
?>
</div>
<div class="form-buttons">
<img src="../src/Img/paneldecontrol-17.png" width="23" height="23" style="position:absolute; left: 2px; top: 1px;" />
<input type="reset" onclick="javascript:porDefecto();" style=" z-index:2; width:25px; margin-right:7px; height:23px; opacity:0; " value="Limpiar" />Limpiar campos
<input type="submit" value="Guardar" style="margin-left:30px; margin-right:7px; width:27px; height:23px; z-index:3; opacity:0; " />Guardar
<img src="../src/Img/paneldecontrol-16.png" width="23" height="23" style="position:absolute; left: 152px; top: 1px;" />
</div>
</div>
</div>
</div>
</form>
</body>
</html>
div form-buttons has the input that doesn't work
Your 'reset' has an 'onclick' event, which is wrong. I bet that prevents the reset..
Some of the input elements are disabled, and I doubt wether disabled elements are posted.
For the generated elements, I think it's best to load your page and check the output (the generated source). I will tell you more easily if there's any error in the PHP code, than staring at the PHP source.
Related
I have a script for the forum. By default, users can only post if it has opened the site to determine the parent first.
For example domain.com/new.php?parent=3
Here I am trying to modify using the dropdown.
For example:
OPTION 1 (value1)
OPTION 2 (value2)
OPTION 3 (value3)
I add $parent=$_POST['parent']; following the example of the $title=$_POST['title']; But always failed.
Is there a solution?
CODE:
<?php
//This page let users create new topics
include('config.php');
if(isset($_GET['parent']))
{
$id = intval($_GET['parent']);
if(isset($_SESSION['username']))
{
$dn1 = mysql_fetch_array(mysql_query('select count(c.id) as nb1, c.name from categories as c where c.id="'.$id.'"'));
if($dn1['nb1']>0)
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" />
<title>New Topic - <?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?> - Forum</title>
<script type="text/javascript" src="functions.js"></script>
</head>
<body>
<div class="header">
<img src="<?php echo $design; ?>/images/logo.png" alt="Forum" />
</div>
<div class="content">
<?php
$nb_new_pm = mysql_fetch_array(mysql_query('select count(*) as nb_new_pm from pm where ((user1="'.$_SESSION['userid'].'" and user1read="no") or (user2="'.$_SESSION['userid'].'" and user2read="no")) and id2="1"'));
$nb_new_pm = $nb_new_pm['nb_new_pm'];
?>
<div class="box">
<div class="box_left">
Forum Index > <?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?> > New Topic
</div>
<div class="box_right">
Your messages(<?php echo $nb_new_pm; ?>) - <?php echo htmlentities($_SESSION['username'], ENT_QUOTES, 'UTF-8'); ?> (Logout)
</div>
<div class="clean"></div>
</div>
<?php
if(isset($_POST['message'], $_POST['title']) and $_POST['message']!='' and $_POST['title']!='')
{
include('bbcode_function.php');
$title = $_POST['title'];
$message = $_POST['message'];
if(get_magic_quotes_gpc())
{
$title = stripslashes($title);
$message = stripslashes($message);
}
$title = mysql_real_escape_string($title);
$message = mysql_real_escape_string(bbcode_to_html($message));
if(mysql_query('insert into topics (parent, id, id2, title, message, authorid, timestamp, timestamp2) select "'.$id.'", ifnull(max(id), 0)+1, "1", "'.$title.'", "'.$message.'", "'.$_SESSION['userid'].'", "'.time().'", "'.time().'" from topics'))
{
?>
<div class="message">The topic have successfully been created.<br />
Go to the forum</div>
<?php
}
else
{
echo 'An error occurred while creating the topic.';
}
}
else
{
?>
<form action="new_topic.php?parent=<?php echo $id; ?>" method="post">
<label for="title">Title</label><input type="text" name="title" id="title" /><br />
<label for="message">Message</label><br />
<div class="message_buttons">
<input type="button" value="Bold" onclick="javascript:insert('[b]', '[/b]', 'message');" /><!--
--><input type="button" value="Italic" onclick="javascript:insert('[i]', '[/i]', 'message');" /><!--
--><input type="button" value="Underlined" onclick="javascript:insert('[u]', '[/u]', 'message');" /><!--
--><input type="button" value="Image" onclick="javascript:insert('[img]', '[/img]', 'message');" /><!--
--><input type="button" value="Link" onclick="javascript:insert('[url]', '[/url]', 'message');" /><!--
--><input type="button" value="Left" onclick="javascript:insert('[left]', '[/left]', 'message');" /><!--
--><input type="button" value="Center" onclick="javascript:insert('[center]', '[/center]', 'message');" /><!--
--><input type="button" value="Right" onclick="javascript:insert('[right]', '[/right]', 'message');" />
</div>
<textarea name="message" id="message" cols="70" rows="6"></textarea><br />
<input type="submit" value="Send" />
</form>
<?php
}
?>
</div>
<div class="foot">Simple PHP Forum Script - Webestools</div>
</body>
</html>
<?php
}
else
{
echo '<h2>The category you want to add a topic doesn\'t exist.</h2>';
}
}
else
{
?>
<h2>You must be logged to access this page.</h2>
<div class="box_login">
<form action="login.php" method="post">
<label for="username">Username</label><input type="text" name="username" id="username" /><br />
<label for="password">Password</label><input type="password" name="password" id="password" /><br />
<label for="memorize">Remember</label><input type="checkbox" name="memorize" id="memorize" value="yes" />
<div class="center">
<input type="submit" value="Login" /> <input type="button" onclick="javascript:document.location='signup.php';" value="Sign Up" />
</div>
</form>
</div>
<?php
}
}
else
{
echo '<h2>The ID of the category you want to add a topic is not defined.</h2>';
}
?>
There is no input element with the name parent in the
form, therefore $_POST['parent'] will not be set. Verify by dumping $_POST after submit: var_dump($_POST).
You could reuse the $id variable which holds the $_GET['parent'] value.
As it has been mentioned in the comments:
Make sure to sanitize all input values before stating SQL queries to prevent SQL injection attacks!
im having a problem when trying to implement a edit page in php.
Getting items from the database doesent pose any problem, yet trying to update it tells me that i have missed a field and trying to skip the check just leaves me with a unedited table.
To explain more, there is a page that directs to this one while passing on a id (propertyID) veriable and from that we use it to grab the desired variables.
Can anyone look at the code and tell me what i have done wrong, i have prevously got a similar page working and am getting quite flustered trying to figure out why this one isent.
<?php
// Start sessions
include('includes/security.inc.php');
authorise();
if (!isset($_GET['propertyID']) || !is_numeric($_GET['propertyID']))
{
header('Location:./houselist.php');
}
else
{
// Include connection file
include('includes/connection.inc.php');
// Get details
connect();
$propertyID = $_GET['propertyID'];
$sql = "SELECT * FROM Properties WHERE propertyID='$propertyID' LIMIT 1";
$result = #mysql_query($sql) or die('Unable to run query');
$record = mysql_fetch_object($result);
mysql_close();
// Check to see if the form has been submitted
if (isset($_POST['submit']))
{
// Check to see all fields have been completed
$address = $_POST['address'];
$categoryID = $_POST['categoryID'];
$price = $_POST['price'];
$landlordName = $_POST['landlordName'];
$img = $_POST['img'];
$description= $_POST['description'];
if (!empty($address) && !empty($categoryID) && !empty($price) && !empty($landlordName) && !empty($img) && !empty($description))
{
// Create an SQL query to add the comment
$sql = "UPDATE property SET propertyID = '$propertyID', img = '$img', address = '$address', price = '$price', landlordName = '$landlordName', description = '$description' WHERE propertyID = $propertyID";
// Connect to the database
connect();
// Run the query and store the result in a variable
$result = mysql_query($sql) or die("Could not run query1");
// Close connection to the database
mysql_close();
// Check if query was successful
if ($result)
{
$message = '<div class="success"><p>You have successfully edited Article details.</p><p>Please Click Here to view the Animal list.</p></div>';
}
else
{
$message = '<div class="error"><p>There was an error editing details, please try again</p></div>';
}
}
else
{
$message = '<div class="error"><p>Please make sure you fill all fields in before submitting the form.</p></div>';
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="css/960.css"/>
<link rel="stylesheet" type="text/css" href="css/demo.css"/>
<link rel="stylesheet" type="text/css" href="css/960_24_col.css"/>
<link rel="stylesheet" type="text/css" href="css/reset.css"/>
<link rel="stylesheet" type="text/css" href="css/text.css"/>
<link rel="stylesheet" type="text/css" href="css/style.css"/>
<title>Complete Property Solutions</title>
<title>Homescreen - Complete Property Solutions</title>
</head>
<body>
<div class="container_24" id="container">
<div class="grid_24" id="banner">
<img src="img/banner.png" width="960" height="92" />
</div>
<div class="grid_18" id="nav" align="right">
<ul id="topnav">
<li>Home</li>
<li>Properties</li>
<li>Landlords</li>
<li>Tenants</li>
<li>Logout</li>
</ul>
</div>
<div class="grid_6" id="search" align="right">
<form action="search.php" method="GET">
<input type="text" name="term" size="15">
<input type="submit" value="Search">
</form>
</div>
</div>
<div class="container_24" id="container" align="center">
<div id="container">
<form id="PropertyEdit" name="PropertyEdit" method="post" action="<? echo $_SERVER['PHP_SELF'] . "?propertyID=" . $propertyID; ?>">
<input type="hidden" name="propertyID" id="propertyID" value="<?php echo $propertyID; ?>" />
<?php
if (isset($message))
{
echo $message;
}
else
{
?>
<div class="label"><label for="propertyID"></label></div>
<div class="input"><input type="hidden" name="propertyID" id="propertyID" tabindex="1" value="<? echo $record->propertyID; ?>" /></div>
<br />
<div class="label"><label for="categoryID">Category</label></div>
<div class="input"><input type="text" name="categoryID" id="categoryID" tabindex="1" value="<? echo $record->categoryID; ?>" /></div>
<br />
<div class="label">
<label for="address">Address:</label></div>
<div class="input"><input type="text" name="address" id="address" tabindex="1" value="<? echo $record->address; ?>" /></div>
<br />
<div class="label"><label for="price">Price:</label></div>
<div class="input"><input type="text" name="Price" id="price" tabindex="3" value="<? echo $record->price; ?>" /></div>
<div class="label"><label for="landlordName">Landlord</label></div>
<div class="input"><input type="text" name="landlordName" id="landlordName" tabindex="1" value="<? echo $record->landlordName; ?>" /></div>
<br />
<div class="label"><label for="img">Image</label></div>
<div class="input"><input type="text" name="img" id="img" tabindex="1" value="<? echo $record->img; ?>" /></div>
<br />
<div class="label"><label for="description">Description:</label></div>
<div class="input"><textarea name="description" id="description" cols="50" rows="10" tabindex="5"><? echo $record->description; ?></textarea></div>
<br />
<div class="label"> </div>
<div class="input">
<input type="reset" name="reset" id="reset" value="Reset" tabindex="6" />
<input type="submit" name="submit" id="submit" value="Submit" tabindex="7" />
</div>
<p class="normal">Click Here to Return to the Home page</p>
<?php
}
?>
</form> </div>
</div>
</body>
</html>
<?php
}
?>
my best guess for the problem would revolve around
// Check to see if the form has been submitted
if (isset($_POST['submit']))
{
// Check to see all fields have been completed
$address = $_POST['address'];
$categoryID = $_POST['categoryID'];
$price = $_POST['price'];
$landlordName = $_POST['landlordName'];
$img = $_POST['img'];
$description= $_POST['description'];
if (!empty($address) && !empty($categoryID) && !empty($price) && !empty($landlordName) && !empty($img) && !empty($description))
{
// Create an SQL query to add the comment
$sql = "UPDATE property SET propertyID = '$propertyID', img = '$img', address = '$address', price = '$price', landlordName = '$landlordName', description = '$description' WHERE propertyID = $propertyID";
// Connect to the database
connect();
// Run the query and store the result in a variable
$result = mysql_query($sql) or die("Could not run query1");
// Close connection to the database
mysql_close();
// Check if query was successful
if ($result)
{
$message = '<div class="success"><p>You have successfully edited Article details.</p><p>Please Click Here to view the Animal list.</p></div>';
}
else
{
$message = '<div class="error"><p>There was an error editing details, please try again</p></div>';
}
}
else
{
$message = '<div class="error"><p>Please make sure you fill all fields in before submitting the form.</p></div>';
}
}
And the below section, my problem is that im not sure where exactly
<div class="container_24" id="container" align="center">
<div id="container">
<form id="PropertyEdit" name="PropertyEdit" method="post" action="<? echo $_SERVER['PHP_SELF'] . "?propertyID=" . $propertyID; ?>">
<input type="hidden" name="propertyID" id="propertyID" value="<?php echo $propertyID; ?>" />
<?php
if (isset($message))
{
echo $message;
}
else
{
?>
<div class="label"><label for="propertyID"></label></div>
<div class="input"><input type="hidden" name="propertyID" id="propertyID" tabindex="1" value="<? echo $record->propertyID; ?>" /></div>
<br />
<div class="label"><label for="categoryID">Category</label></div>
<div class="input"><input type="text" name="categoryID" id="categoryID" tabindex="1" value="<? echo $record->categoryID; ?>" /></div>
<br />
<div class="label">
<label for="address">Address:</label></div>
<div class="input"><input type="text" name="address" id="address" tabindex="1" value="<? echo $record->address; ?>" /></div>
<br />
<div class="label"><label for="price">Price:</label></div>
<div class="input"><input type="text" name="Price" id="price" tabindex="3" value="<? echo $record->price; ?>" /></div>
<div class="label"><label for="landlordName">Landlord</label></div>
<div class="input"><input type="text" name="landlordName" id="landlordName" tabindex="1" value="<? echo $record->landlordName; ?>" /></div>
<br />
<div class="label"><label for="img">Image</label></div>
<div class="input"><input type="text" name="img" id="img" tabindex="1" value="<? echo $record->img; ?>" /></div>
<br />
<div class="label"><label for="description">Description:</label></div>
<div class="input"><textarea name="description" id="description" cols="50" rows="10" tabindex="5"><? echo $record->description; ?></textarea></div>
<br />
<div class="label"> </div>
<div class="input">
<input type="reset" name="reset" id="reset" value="Reset" tabindex="6" />
<input type="submit" name="submit" id="submit" value="Submit" tabindex="7" />
I'm trying to create an update form. When I send the form it shows me that the variable person has not been defined. It's important to say that this variable contains the information obtained in the first query that is used to fill out the first table.
So far everything works well. However, when the user presses the button modify, a message saying that the variable person has not been defined. When i try to re-use the variable serial in the last query it tells me that isn't defined either. I don't really know why if i did at the beginning of the script.
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>CTE Modificar Registro</title>
<?php
include "conexiondblocal.php";
if(!isset($_POST['submit'])){
$serial = mysqli_real_escape_string($con,$_GET['numeroorden']);
$qry= "SELECT * FROM producto WHERE numeroorden = $serial";
$muestra = mysqli_query($con,$qry);
$person=$muestra->fetch_array();
}
?>
<style type="text/css">
#cuerpo form table {
text-align: center;
}
</style>
<link href="../CTE/estilospaginas.css" rel="stylesheet" type="text/css">
<style type="text/css">
body {
background-color: #FFF;
}
</style>
</head>
<body>
<div id="cuerpo">
<script>
$( "#entregaacliente,#fecharecepcion").datepicker();
</script>
<div id="formulario">
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<div> <label for="inputproducto">Producto</label> <input name="inputproducto"type="text" class="tabla" id="producto" value = "<?php echo $person['producto']; ?>" />
</div>
<div> <label for="inputproducto">Orden número</label> <input name="inputcedula"type="text" class="tabla" id="inputcedula" value = "<?php echo $person['cedula']; ?>" />
</div>
<div> <label for="inputtipodeservicio">Cedula</label> <input name="inputtipodeservicio"type="text" id="inputtipodeservicio" value = "<?php echo $person['tipodeservicio']; ?>" />
</div>
<div> <label for="inputnumeromarca">Numero de Marca</label> <input name="inputnumeromarca"type="text" id="inputnumeromarca" value = "<?php echo $person['numeromarca']; ?>" />
</div>
<div> <label for="inputmarca">Marca</label> <input name="inputmarca"type="text" id="inputmarca" value = "<?php echo $person['marca']; ?>" />
</div>
<div> <label for="inputtelefono">Modelo</label> <input name="inputmodelo"type="text" id="inputmodelo" value = "<?php echo $person['modelo']; ?>" /> </div>
<div> <label for="inputproducto">Almacen</label> <input name="inputalmacen"type="text" id="inputalmacen" value = "<?php echo $person['almacen']; ?>" /> </div>
<div> <label for="inputmarca">Dano</label> <input name="inputdano"type="text" id="inputdano" value = "<?php echo $person['dano']; ?>" /> </div>
<div> <label for="inputfecharecepcion">Fecha de Recepción</label> <input name="inputfecharecepcion"type="text" id="inputfecharecepcion" value = "<?php echo $person['fecharecepcion']; ?>" />
</div>
<div> <label for="inputfecharecepcion">Técnico</label>
<textarea name="inputtecnico" cols="30" id="inputtecnico" /><?php echo $person['tecnico']; ?>
</textarea> </div>
<div> <label for="inputestado">Estado</label> <select name="inputestado"type="text"value = "<?php echo $person['estado']; ?>" id="inputestado"> <option>Reparado </option>
<option>Pendiente </option>
<option>Entregado</option>
</select> </div>
<div> <label for="inputsede">Sede</label> <select name="inputsede"value = "<?php echo $person['sede']; ?>"type="text" id="inputsede"> <option>Centro </option>
<option>Calipso </option>
</select> </div>
<div> <label for="inputentregaacliente">Entrega a Cliente</label> <input name="inputentregaacliente"type="text" id="inputentregaacliente" value = "<?php echo $person['entregaacliente']; ?>" /> </div>
<div id="enviarboton">
<input type = "submit" name = "submit" value= "Modificar"/>
</div>
<input type="hidden" name="numeroorden" value="<?php echo $serial;?>"/>
</form>
</div>
<?php
if (isset($_POST['submit'])){
$producto=
"UPDATE producto
SET producto = '$_POST[inputproducto]',
cedula = '$_POST[inputcedula]',
tipodeservicio = '$_POST[inputtipodeservicio]',
numeromarca = '$_POST[inputnumeromarca]',
marca = '$_POST[inputmarca]',
modelo = '$_POST[inputmodelo]',
almacen = '$_POST[inputalmacen]',
dano = '$_POST[inputdano]',
fecharecepcion = '$_POST[inputfecharecepcion]',
tecnico = '$_POST[inputtecnico]',
estado = '$_POST[inputestado]',
sede = '$_POST[inputsede]',
entregaacliente = '$_POST[inputentregaacliente]',
numeroorden = '$_POST[numeroorden]'
WHERE numeroorden = $serial";
mysqli_query($con,$producto);
echo "El usuario ha sido modificado";
}
?>
</body>
</html>
Hello i have the following code, it works i mean it validates captcha good but it doesnt POST values in the sign_form.php
<script>
$(document).ready(function() {
$('#Send').click(function() {
$.post("sign_form.php?"+$("#sign_form").serialize(), {
}, function(response){
if(response==1)
{
$("#after_submit").html('');
$("#Send").after('<div id="after_submit">Your message has been submitted.</div>');
change_captcha();
clear_form();
}
else
{
$("#after_submit").html('');
$("#Send").after('<div id="after_submit">Error ! invalid captcha code .</div>');
}
});
return false;
});
// refresh captcha
$('img#refresh').click(function() {
change_captcha();
});
function change_captcha()
{
document.getElementById('captcha').src="get_captcha.php?rnd=" + Math.random();
}
function clear_form()
{
$("#name").val('');
$("#email").val('');
$("#message").val('');
}
});
form code
<form id="sign_form" name="sign_form" method="POST" action="#">
<fieldset class="step">
<legend>Podepsat tuto petici</legend>
<p>
<label for="first_name">Křestní jméno:</label>
<input type="text" name="first_name" id="first_name">
</p>
<p>
<label for="last_name">Příjmení:</label>
<input type="text" name="last_name" id="last_name">
</p>
<p>
<label for="email">Email:</label>
<input type="text" name="email" id="email">
</p>
<p>
<label for="email">Mesto:</label>
<input type="text" name="city" id="city">
</p>
<p>
<div id="wrap" align="center">
<img src="get_captcha.php" alt="" id="captcha" />
<br clear="all" />
<input name="code" type="text" id="code">
</div>
<img src="refresh.jpg" width="25" alt="" id="refresh" />
</p>
<p>
<input type="hidden" value="'.$id.'" name="id" id="id">
</p>
<p>
Emailová adresa nebude zveřejněna a nebude <br>předána žádné třetí straně.
</p>
<p>
<button type="submit" value="send" id="Send"></button>
<div id="status"></div>
</p>
</form>
sign_form.php code
session_start();
require_once('engine/db.php');
mysql_query("SET NAMES utf8");
if(($_REQUEST['code'] == $_SESSION['random_number']) || #strtolower($_REQUEST['code']) == strtolower($_SESSION['random_number']) )
{
$first_name=$_POST['first_name'];
$last_name=$_POST['last_name'];
$email=$_POST['email'];
$city=$_POST['city'];
$id=$_POST['id'];
$insert = "INSERT INTO petition_vote
(id_petition,first_name,last_name,email,city)
VALUES ('".$id."','".mysql_real_escape_string($first_name)."','".mysql_real_escape_string($last_name)."','".mysql_real_escape_string($email)."','".mysql_real_escape_string($city)."')";
//$add_member = mysql_query($insert);
$result = mysql_query($insert)
or die("query failed: " . mysql_error());
echo 1;
}
else
{
echo 0;
}
I came with an update to the code but then it refreshes my page
if(response==1)
{
submitform();
}
else
…
function submitform()
{
document.forms.sign_form.submit();
}
Replace your index.php to
<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<script type="text/javascript" src="jquery-1.6.2.min.js"></script>
<script>
$(document).ready(function() {
$('#Send').click(function() {
serializedData=$("#MYFORM").serialize();
$.ajax({
url: "post.php",
type: "post",
data: serializedData,
// callback handler that will be called on success
success: function(response){
alert(response);
if(response==1)
{
$("#after_submit").html('');
$("#Send").after('<label class="success" id="after_submit">Your message has been submitted.</label>');
change_captcha();
clear_form();
}
else
{
$("#after_submit").html('');
$("#Send").after('<label class="error" id="after_submit">Error ! invalid captcha code .</label>');
}
}
});
return false;
});
// refresh captcha
$('img#refresh').click(function() {
change_captcha();
});
function change_captcha()
{
document.getElementById('captcha').src="get_captcha.php?rnd=" + Math.random();
}
function clear_form()
{
$("#name").val('');
$("#email").val('');
$("#message").val('');
}
});
</script>
<style>
body{ font-family:Georgia, "Times New Roman", Times, serif; font-size:14px}
#wrap{
border:solid #CCCCCC 1px;
width:203px;
-webkit-border-radius: 10px;
float:left;
-moz-border-radius: 10px;
border-radius: 10px;
padding:3px;
margin-top:3px;
margin-left:80px;
}
.error{ color:#CC0000; font-size:12px; margin:4px; font-style:italic; width:200px;}
.success{ color:#009900; font-size:12px; margin:4px; font-style:italic; width:200px;}
img#refresh{
float:left;
margin-top:30px;
margin-left:4px;
cursor:pointer;
}
#name,#email{float:left;margin-bottom:3px; height:20px; border:#CCCCCC 1px solid;}
#message{ width:260px; height:100px;float:left;margin-bottom:3px; border:#CCCCCC 1px solid;}
label{ float:left; color:#666666; width:80px;}
#Send{ border:#CC0000 solid 1px; float:left; background:#CC0000; color:#FFFFFF; padding:5px;}
</style>
</head>
<body>
<br clear="all" />
<br clear="all" />
<br clear="all" />
<div align="left" style="padding:30px;">
<form action="#" name="MYFORM" id="MYFORM">
<label>Name</label>
<input name="name" size="30" type="text" id="name">
<br clear="all" />
<label>Email</label>
<input name="email" size="30" type="text" id="email">
<br clear="all" />
<label>Message</label>
<textarea id="message" name="message"></textarea>
<br clear="all" />
<div id="wrap" align="center">
<img src="get_captcha.php" alt="" id="captcha" />
<br clear="all" />
<input name="code" type="text" id="code">
</div>
<img src="refresh.jpg" width="25" alt="" id="refresh" />
<br clear="all" /><br clear="all" />
<label> </label>
<input value="Send" type="submit" id="Send">
</form>
</div>
<br clear="all" /><br clear="all" /><br clear="all" /><br clear="all" />
<br clear="all" /><br clear="all" /><br clear="all" /><br clear="all" />
<br clear="all" /><br clear="all" />
</body>
</html>
and post.php as
<?php
session_start();
//print_r($_SESSION);
if(($_REQUEST['code'] == $_SESSION['random_number']) || #strtolower($_REQUEST['code']) == strtolower($_SESSION['random_number']) )
{
//$email=$_REQUEST['email'];
$first_name=$_POST['first_name'];
$last_name=$_POST['last_name'];
$email=$_POST['email'];
$city=$_POST['city'];
$id=$_POST['id'];
echo $insert = "INSERT INTO petition_vote
(id_petition,first_name,last_name,email,city)
VALUES ('".$id."','".mysql_real_escape_string($first_name)."','".mysql_real_escape_string($last_name)."','".mysql_real_escape_string($email)."','".mysql_real_escape_string($city)."')";
//$add_member = mysql_query($insert);
$result = mysql_query($insert)or die("query failed: " . mysql_error());
echo 1;
echo 1;// submitted
//echo''.$email.'';
}
else
{
echo 0; // invalid code
}
?>
I have tested it as:
form page as:
<?php
session_start();
?>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js" type="text/javascript"></script>
<script>
$(document).ready(function() {
$('#Send').click(function() {
$.post("sign_form.php?"+$("#sign_form").serialize(), {
}, function(response){
alert(response);
if(response==1)
{
$("#after_submit").html('');
$("#Send").after('<div id="after_submit">Your message has been submitted.</div>');
change_captcha();
clear_form();
}
else
{
$("#after_submit").html('');
$("#Send").after('<div id="after_submit">Error ! invalid captcha code .</div>');
}
});
return false;
});
// refresh captcha
$('img#refresh').click(function() {
change_captcha();
});
function change_captcha()
{
document.getElementById('captcha').src="get_captcha.php?rnd=" + Math.random();
}
function clear_form()
{
$("#name").val('');
$("#email").val('');
$("#message").val('');
}
});
</script>
<form id="sign_form" name="sign_form" method="POST" action="#">
<fieldset class="step">
<legend>Podepsat tuto petici</legend>
<p>
<label for="first_name">K?estní jméno:</label>
<input type="text" name="first_name" id="first_name">
</p>
<p>
<label for="last_name">P?íjmení:</label>
<input type="text" name="last_name" id="last_name">
</p>
<p>
<label for="email">Email:</label>
<input type="text" name="email" id="email">
</p>
<p>
<label for="email">Mesto:</label>
<input type="text" name="city" id="city">
</p>
<p>
<div id="wrap" align="center">
<img src="get_captcha.php" alt="" id="captcha" />
<br clear="all" />
<input name="code" type="text" id="code">
</div>
<img src="refresh.jpg" width="25" alt="" id="refresh" />
</p>
<p>
<input type="hidden" value="'.$id.'" name="id" id="id">
</p>
<p>
Emailová adresa nebude zve?ejn?na a nebude <br>p?edána žádné t?etí stran?.
</p>
<p>
<button type="submit" value="send" id="Send"></button>
<div id="status"></div>
</p>
</form>
php page sign_form.php
<?php
session_start();
//require_once('engine/db.php');
//mysql_query("SET NAMES utf8");
echo print_r($_REQUEST);
if(($_REQUEST['code'] == $_SESSION['random_number']) || #strtolower($_REQUEST['code']) == strtolower($_SESSION['random_number']) )
{
$first_name=$_POST['first_name'];
$last_name=$_POST['last_name'];
$email=$_POST['email'];
$city=$_POST['city'];
$id=$_POST['id'];
$insert = "INSERT INTO petition_vote
(id_petition,first_name,last_name,email,city)
VALUES ('".$id."','".mysql_real_escape_string($first_name)."','".mysql_real_escape_string($last_name)."','".mysql_real_escape_string($email)."','".mysql_real_escape_string($city)."')";
//$add_member = mysql_query($insert);
$result = mysql_query($insert)
or die("query failed: " . mysql_error());
echo 1;
}
else
{
echo 0;
}
?>
On submit it is alerting all the values.then what is your problem?
<?php
function VerifyForm(&$values, &$errors)
{
if (strlen($values['fname']) == 0)
$errors['fname'] = 'Enter First Name';
if (strlen($values['lname']) == 0)
$errors['lname'] = 'Enter Last Name';
if (strlen($values['mname']) == 0)
$errors['mname'] = 'Enter Middle Name';
if (strlen($values['address']) == 0)
$errors['address'] = 'Enter Address';
if (strlen($values['terms']) == 0)
$errors['terms'] = 'Please Read Terms and Agreement and Check the box.';
if (!ereg('.*#.*\..{2,4}', $values['email']))
$errors['email'] = 'Email address invalid';
else if (strlen($values['email']) < 0)
$errors['email'] = 'Enter Email Address';
return (count($errors) == 0);
}
function DisplayForm($values, $errors)
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>GIA Soap » Products » Customer Informations</title>
<link href="stylesheet/style.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="js_files/jquery.js"></script>
<script type="text/javascript" src="js_files/sliding_effect.js"></script>
<script type="text/javascript" src="js_files/slideshow.js"></script>
</head>
<body>
<div class="bg_top">
<div class="bg_bottom">
<div class="wrapper">
<div class="header">
<div class="logo">
</div>
<div class="logo_text">
<div class="logo_head_text">Gia Soap Making</div>
<div class="logo_sub_text">Sub text here</div>
</div>
</div>
<div class="h_nav">
<div class="h_nav_dash">
</div>
</div>
<div class="container">
<div class="content_term">
<div class="content_terms">
<br />
<h1><p>Customer Information</p></h1><br />
<p>Please the following correctly.</p>
<div class="customer_info">
<?php
if (count($errors) > 0)
echo "<p>There were some errors in your submitted form, please correct them and try again.</p>";
?>
<form method="post" action="<?= $_SERVER['PHP_SELF'] ?>">
<!-- hidden values -->
<input type="hidden" value="<?php echo $papaya; ?>" name="papaya" />
<input type="hidden" value="<?php echo $carrot; ?>" name="carrot" />
<input type="hidden" value="<?php echo $guava; ?>" name="guava" />
<label for="customer_fname">First Name (<i>Required</i>)</label>
<input type="text" class="textbox" id="customer_fname" name="customer_fname" value="<?= htmlentities($values['fname']) ?>" />
<span class="error_msg"><?= $errors['fname'] ?></span>
<label for="customer_lname">Last Name (<i>Required</i>)</label>
<input type="text" class="textbox" id="customer_fname" name="customer_fname" value="<?= htmlentities($values['lname']) ?>" />
<span class="error_msg"><?= $errors['lname'] ?></span>
<label for="customer_mname">Middle Name (<i>Required</i>)</label>
<input type="text" class="textbox" id="customer_fname" name="customer_fname" value="<?= htmlentities($values['mname']) ?>" />
<span class="error_msg"><?= $errors['mname'] ?></span>
<label for="customer_add">Address (<i>Required : Complete Address Please</i>)</label>
<input type="text" class="textbox" id="customer_add" name="customer_add1" value="<?= htmlentities($values['address']) ?>" /><br />
<input type="text" class="textbox" id="customer_add" name="customer_add2" /><br />
<input type="text" class="textbox" id="customer_add" name="customer_add3" />
<span class="error_msg"><?= $errors['address'] ?></span>
<label for="customer_email">Email Address (<i>Required</i>)</label>
<input type="text" class="textbox" id="customer_email" name="customer_email" value="<?= htmlentities($values['email']) ?>" />
<span class="error_msg"><?= $errors['email'] ?></span>
<label for="customer_phone">Phone Number </label>
<input type="text" class="textbox" id="customer_phone" name="customer_phone" />
<label for="customer_mobile">Mobile Number </label>
<input type="text" class="textbox" id="customer_mobile" name="customer_mobile" />
<br /><br />
<div class="terms">
<center>
<h1>Terms and Agreement</h1><br />
<p>Please read the following.</p><br />
</div>
<br />
<input type="checkbox" name="terms" value="<?= htmlentities($values['terms']) ?>" /> I Read the Terms and Agreement<br /><br />
<span class="error_msg"><?= $errors['terms'] ?></span>
<input type="submit" value="Send Order" class="prod_subbtn" />
</center>
</form>
</div>
</div>
</div>
<div class="clear"></div>
</div>
<?php include ('includes/footer.php'); ?>
</div>
</div>
</div>
</body>
</html>
<?php
}
function ProcessForm($values)
{
$papaya = $_POST['papaya'];
$carrot = $_POST['carrot'];
$guava = $_POST['guava'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$mname = $_POST['mname'];
$address = $_POST['address'];
}
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$formValues = $_POST;
$formErrors = array();
if (!VerifyForm($formValues, $formErrors))
DisplayForm($formValues, $formErrors);
else
ProcessForm($formValues);
}
else
DisplayForm(null, null);
?>
The output is:
Problem
The PHP code that is supposed to put in the field values can be seen by users.
Chances are short_open_tags is off. Use <?php echo ...; ?> instead of <?=... ?>, like this:
<?php echo htmlentities($values['lname']); ?>
<?= $errors['fname'] ?> is equal to <?php echo $errors['fname'] ?>.
<?= are called 'short tags', which were removed (deprecated) from php.
Use <?php echo $errors['fname']; ?> to see the actual variable value.
The directive short tags is set to off in the php.ini. That disallows <? $phpcode ?> and <?=$monkey?>
The only one allowed is <?php $monkeybusiness ?>
either change <?= to <?php echo or turn short_open_tags = on in the php.ini