How to add values from <input> to $var in php file?
html
<input type="text" id="align" name="align"/>
php file
<?php
$align="center";
?>
You mean you want to post it and put it in a PHP variable?
Try this:
<form action="somephpfile.php" method="POST">
<input type="text" name="align" value="center" />
<input type="submit" value="Send!" />
</form>
somephpfile.php
$align = $_POST['align'];
echo $align;
It depends on the form action.
If your form that is holding your fields has an action="post" attribute then from the php side you have to use $_POST['align']. If you have set the action to action="get" then you have to use the $_GET['align'].
<?php
$align = $_POST['align'];
// OR
$align = $_GET['align'];
?>
Just output it into the regular HTML value attribute:
<input type="text" id="align" name="align" value="<?php echo htmlspecialchars($align); ?>" />
The htmlspecialchars() call is there to escape things like quotes, to avoid problems if your variable contains quotes, and to make your mark-up more standards-compliant.
Related
I'll try and explain this as best as I can. Basically, I'm using a form to receive a comment. Upon hitting submit, the action creates a link similar to this: http://localhost:8080/camagru/comment.php?comment=test&post=Post
I have a variable with the image name in it that I want to pass as well, so something like this: http://localhost:8080/camagru/comment.php?img=test.png&comment=test&post=Post
I've tried using <form action="<?php echo commentpost.php?img=$img?>"> But everytime the submit button is pressed, it erases the img variable from POST and only puts in the new variables from the form.
Any suggestions?
add new hidden field in form tag like that
<form action="commentpost.php" method="post">
<input type="hidden" value="<?php echo $img ?>" name="img" />
<input type="submit" value="Save" name="IsSubmit" />
</form>
Now you can able to use $_POST['img']
The img variable is in GET.
If you want it in POST, try <input type="hidden" name="img" value="test.png">
use quotes in your case:
<form action="<?php echo "commentpost.php?img=$img"; ?>">
the best practice is to insert hidden element into your form:
<input name="img1" type="hidden" value="test.png" />
<input name="img2" type="hidden" value="test2.png" />
I am trying want to ouput a string ,stored in a variabel, in a label on a page when i click on a button.
But i can't find out how. Still a beginner.
<form action="Test.php" method="post">
Output text: <input type="label" name="word" />
<input type="submit" method="submit" value="Print!" />
</form>
<?php
$word = "test";
if (isset($_POST['submit']))
{
//something that gives the label value $word//
}
?>
There are a few things wrong with your code.
Let me outline them.
Your submit input should have a name attribute, since your conditional statement is based on it if (isset($_POST['submit'])){...}, something I've modified to check if the input is not left empty, using PHP's empty() function.
The input type you have for your "Output text" is invalid, it should be type="text" and not type="label", there is no type="label".
method="submit" for your submit button is invalid for a few reasons. Method belongs in <form> and there is no method="submit".
You then need to assign a POST variable from the input:
such as:
$word = $_POST['word'];
Plus, from what looks to me that you're executing the entire code from within the same page, you can just do action="", unless your code is set in 2 seperate files.
In regards to what you want to achieve: You can then echo the input (if one was entered) using a ternary operator and giving it (the input) a value.
I.e.:
value="<?php echo isset($_POST['word']) ? $_POST['word']: '' ?>"
Here:
<form action="" method="post">
Output text: <input type="text" name="word" value="<?php echo isset($_POST['word']) ? $_POST['word']: '' ?>" />
<input type="submit" name="submit" value="Print!" />
</form>
<?php
if ( isset($_POST['submit']) && !empty($_POST['word']) )
{
$word = $_POST['word'];
echo $word;
}
?>
If you want to use a "label" for your input, then use:
<label for="word">Output text:
<input type="text" name="word" />
</label>
You should also guard against XSS attacks (Cross-side scripting) using:
http://php.net/strip_tags
http://php.net/htmlentities
http://php.net/manual/en/function.htmlspecialchars.php
I.e.:
$word = strip_tags($_POST['word']);
$word = htmlentities($_POST['word']);
$word = htmlspecialchars($_POST['word']);
A few articles you can read on XSS:
http://en.wikipedia.org/wiki/Cross-site_scripting
https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet
Your code should look like this
<form action="Test.php" method="post">
Output text: <input type="label" name="word" value ="<?php echo isset($label['data'])?$label['data']: '' ?>" />
<input type="submit" method="submit" value="Print!" />
</form>
<?php
$word = "test";
$label = array();
if (isset($_POST['submit']))
{
//something that gives the label value $word//
$label['data'] = $word;
}
?>
This should work
Regards
Ahmad rabbani
First of all your input element has type = label, it doesn't mean anything. Change it to type=text
And you are submitting value but not printing it. So in input field you have to print it also.
Look below code.
<?php
$word = "test";
if (isset($_POST['submit']))
{
// whatever you do with $word
}
?>
<form action="Test.php" method="post">
Output text: <input type="text" name="word" value="<?php echo $word; ?>"/>
<input type="submit" name="submit" value="Print!" />
</form>
UPDATE
One more thing I forgot to mention that you are submitting form to Test.php and printing this to file, if this file's name is Test.php then not an issue, other wise leave action property blank, so it submit data to itself.
method = submit there is nothing like this. you can set button name to submit, like name= "submit".
I'm using CodeIgniter and in a single PHP file with JavaScript inside, I want to pass a JavaScript variable to the body (PHP) and make it a hidden input. But whenever I use the controller to post the value (where the JavaScript variable is), it returns none. Here are some parts of the code:
JS:
function pass() {
//some code
document.getElementById('yes').innerHTML = yes; //where yes is a var
}
HTML (PHP):
<form action="search">
<input type="hidden" name="yes" value="<?php $yes= "<p id='yes'> </p>"; echo $yes;?>" />
<input type="submit" name="yes" value="Done" />
</form>
So whenever I post the yes in the controller $yes = $this->input->post('yes'); it returns nothing.
How can I pass the JavaScript variable so I can use it again in the next file? Thank you!
You did'nt set the form method so it defaults to GET
You should set
<form action="search" method="POST">
try
JS :
var yes = "<?php echo $_POST['yes']; ?>";
document.getElementById('yes').innerHTML = yes;
You have to set the value property of the <input>, not the innerHTML. You also need to give the <input> a different name than other fields or the "submit" button. Finally, you have to give your <input> an "id" property so that you can actually get it with getElementById().
You should be setting the value of the hidden input, not the innerHTML. This code should work:
function pass() {
//some code
document.getElementById('yes').value = yes; //where yes is a var
}
Another problem, as noted by Pointy, is that the hidden input doesn't actually have an id, so you should give it an id (in this case the id should be yes).
Something you should also do is escape the html you are inserting into the hidden input with PHP, so it doesn't accidentally get parsed. You can do this with htmlspecialchars():
<form action="search">
<input type="hidden" id="yes" name="yes" value="<?php $yes= htmlspecialchars("<p id='yes'> </p>"); echo $yes;?>" />
<input type="submit" value="Done" />
</form>
Your submit button and your hidden field have the same name
yes .
You try to access your hidden input by id yes , and your input
does not have this id , use getElementByName('yes') instead or give
your hidden field id='yes'.
You use innerHtml which only sets or returns the inner HTML of an element,it should be value.
HTML CODE:
<form action="search">
<input id='yes' type="hidden" name="yes" value="<?php $yes= "<p id='yes'> </p>"; echo $yes;?>" />
<input type="submit" name="yess" value="Done" />
</form>
JS :
document.getElementById('yes').value = yes;//yes is a variable
I need to pass some data with these 2 methods together ( GET AND POST ).
I write this method, but I don't know if it is safe:
<form method="post" action="profile.php?id=<?php echo $_SESSION['id']; ?>" enctype="multipart/form-data">
<input type="text" size="40" name="title" >
<textarea name="description" rows="2" cols="30"></textarea>
<input id="starit" name="submit" value="Create" type="submit" />
</form>
<?php
a= $_GET['id'];
b= $_POST['title'];
c= $_POST['description'];
?>
Is this code safe ? Or there are other ways to do that ?
This is not a combined GET and POST request; rather, it's a POST request with query parameters.
What you have written would be the right way. Always make sure that you get the expected fields:
if (isset($_GET['id'], $_POST['title'], $_POST['description']) {
// go ahead
}
Btw, make sure that you escape your output:
<form method="post" action="profile.php?id=<?php echo rawurlencode($_SESSION['id']); ?>">
And if you're not uploading files, you don't need to set the enctype of your <form>.
you can use both and get with REQUEST instead of GET or POST, with the same name of params it will get the "request-order" order GET and then POST by default.
http://php.net/request-order
it is in php.ini
This is better :
<form method="post" action="profile.php?id=<?php echo urlencode($_SESSION['id'])); ?>">
don't write method attribute in your form condition
and add formmethod=" " attribute in input...
for example:
<input type="submit" formmethod="get" name="inputGet" value="updateGet" >
<input type="submit" formmethod="post" name="inputPost" value="updatePost" >
I call a PHP script from my HTML form submit.
Then I process the values retrieved from this HTML form in the PHP script and now I want to display these values in another HTML form that I am calling from this PHP script.
How do I retrieve this variable?
Note: I tried echo but I think I actually want to display this value in the form (HTML) and not break it again in a PHP tag.
I'm not sure what you mean by "not breaking it again with a PHP tag". HTML on its own cannot access PHP variables. This is because PHP is a server-side language and HTML is a client side language. But here is the simplest way to print php variables retrieved from a form.
<form>
<p>Your name: <?php echo $_POST['name'] ?></p>
</form>
This is assuming that there was a form that submitted a field called 'name' using POST.
You can process the name in a php script at the top of the file and then simply echo it when you're printing the html. This way, you won't have too much php code mixed in with the HTML (which makes it look cleaner).
Once you got the values in the PHP script, are you calling a new script? If so, you might wanna save the values in $_SESSION["varible_name"]. If not, you just have to echo it.
It depends on how you are accessing your form data, either through $_POST or through $_GET. For simplicity, I'll assume your using $_GET and modify this example for more clarity.
So lets say you have a form hosted on welcome.php:
<form action="welcome.php" method="get">
Name: <input type="text" name="fname" />
Age: <input type="text" name="age" />
<input type="submit" />
</form>
Now the results will be returned back to the same page, so you want to modify the page to say:
<form action="welcome.php" method="get">
Name: <input type="text" name="fname" value="<?php echo $_GET["fname"]; ?>"/>
Age: <input type="text" name="age" value="<?php echo $_GET["age"]; ?>" />
<input type="submit" />
</form>
Though you'll notice that we're using the same page, and we can only have one version of the page, so we want to render if upon the condition that our variable has been set.
if (isset($_GET["fname"])){
//code to print second form
}
else{
//code to print first form
}
Or, in another way (using the ternary operator):
<form action="welcome.php" method="get">
Name: <input type="text" name="fname" value="<?php echo ((isset($_GET["fname"]))?$_GET["fname"]:""); ?>"/>
Age: <input type="text" name="age" value="<?php echo ((isset($_GET["age"]))?$_GET["age"]:""); ?>" />
<input type="submit" />
</form>