I am posting a form to a remote server and have to send over an XML formatted string as a hidden field, containing the entered info. Im struggling to append the input values entered to the XML string, E.g.:
<input type="text" name="firstname" id="fname" />
<input type="text" name="lastname" id="sname" />
The XML is as such:
<input type="hidden" name="parameters" value="<request><first_name>Test User</first_name> <surname>XXXX</surname></request>"/>
How can I with PHP ideally, on POST, apply the values entered in the inputs to the XML string, so firstname and surname are posted as entered by the user?
I tried Jquery but it broke the XML string.
Many Thanks in advance!
I think you need to use java script to manipulate parameters value.
Sample example
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<script language="javascript">
function callme()
{
document.getElementById('parameters').value="<request><first_name>"+document.getElementById('fname').value+"</first_name> <surname>"+document.getElementById('sname').value+"</surname></request>";
document.getElementById('loginForm').submit();
}
</script>
</head>
<body>
<form id="loginForm">
<input type="text" name="firstname" id="fname" />
<input type="text" name="lastname" id="sname" />
<input type="hidden" id="parameters" name="parameters" value=""/>
<input type="button" onclick="javascript:callme()" />
</form>
</body>
</html>
html -
<input type="text" name="firstname" id="fname" />
<input type="text" name="lastname" id="sname" />
<input type="hidden" id="parameters" />
<input type="button" name="click" id="button" value="button" />
Script - Use a parameter and set before submit e.g.
$(document).ready(function() {
var parameters = "<request><first_name>YYYY</first_name> <surname>XXXX</surname></request>";
$('#button').click(function(){
parameters = parameters.replace('YYYY',$('#fname').val());
parameters = parameters.replace('XXXX',$('#sname').val())
$('#parameters').val(parameters);
alert($('#parameters').val());
});
});
I think you should do this server-side as malicious users could post anything. Having to escape your first and last name values is a lot easier than validating the correctness of your xml.
$first = htmlspecialchars($_GET['firstname']);
$last = htmlspecialchars($_GET['lastname']);
$xml = sprintf
( '<request>
<first_name>%s</first_name>
<last_name>%s</last_name>
</request>',
$first, $last
);
There is no reason to do this in javascript unless you need that xml to be sent of to a different url by ajax.
EDIT This solution also works for people having javascript turned off (e.g no-script users).
Related
I am having some difficulty feeding variables from my html form into my php. Would someone mind helping me, I have been at this for hours.
HTML CODE:
<head>
<link rel="stylesheet" type="text/css" href="style.css" />
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Welcome to Chorelistings - Log in Here</title>
<!--[if lt IE 9]><script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script><![endif]-->
</head>
<body>
<form action="test.php" class="login">
<h1>Chore Listings </h1>
<input type = "email" id="email" name = "email" class = "login-input" placeholder = "Username (Email)">
<input type="password" name="password " id ="password" class="login-input" placeholder="Password">
<input type="submit" value="Login" class="login-submit">
<p class="create-account">Create Account</p>
<p class="login-help">Forgot password?</p>
</form>
</body>
</html>
My VERY SIMPLE php script:
<?php
$email=$_POST['email'];
echo "hi";
?>
Firstly, try adding method="post" to the <form> tag:
<form action="test.php" class="login" method="post">
Secondly, inside your test.php file, try debugging what was actually sent:
<?php
print_r($_POST);
// or
var_dump($_POST);
// or for more info
print_r($_REQUEST);
?>
Thirdly, try to remove whitespaces when defining your input fields in html:
<input type="email" id="email" name="email" class="login-input" placeholder="Username (Email)">
And finally, add <submit> before closing </form> to your form to actually post the data.
Currently, I see you have links (<a href>) but that won't submit the form.
So your final html should look (simplified) like that:
<form method="post" action="test.php">
<input type="text" name="email">
<submit>
</form>
You have no method on your form, so it's defaulting to GET, which doesn't send $_POST values.
Add method="post" to your <form> tag.
A few things here. Your form does not specify a request method. Add a method attribute to your form tag like so:
<form method="post" action="test.php" class="login">
Next, just a side-note, there's no need for spaces when specifying your attributes, eg:
<input type = "email" id="email" name = "email" class = "login-input" placeholder = "Username (Email)" />
You'll be good to go with:
<input type="email" id="email" name="email" class="login-input" placeholder="Username (Email)" />
A few (less common) things to think about -- make sure your .htaccess is not rewriting any post requests in an unwanted way. If you happen to have any file uploads within your form(s), make sure you specify the enctype attribute on your form eg:
enctype="multipart/form-data"
Best of luck!
I am working on oops based project in php when I upload an image it is not uploade with information that I want to upload with this image. Here i connect the controller page I create object for uploading the image and information in database.
Code for html page
<?php
include('include/control.php');
include('include/connect.php');
error_reporting(0);
if(count($_FILES) > 0){
if(is_uploaded_file($_FILES['image']['tmp_name'])){
$i=addslashes(file_get_contents($_FILES['image']['tmp_name']));
$j=getimagesize($_FILES['image']['tmp_name']);
$objectNew=new add;
if(isset($_POST['submit'])){
$info1=$_POST['info1'];
$info2=$_POST['info2'];
$info3=$_POST['info3'];
$info4=$_POST['info4'];
$info5=$_POST['info5'];
$imagetype=$i;
$imageData=$j;
$ob=$objectNew->addInfo($imagetype,$imagedata,$info1,$info2,$info3,$info4,$info5);
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
add info<br />
<form name="form" enctype="multipart/form-data" action="" method="post">
<input type="text" name="info1" /><br />
<input type="text" name="info2" /><br />
<input type="text" name="info3" /><br />
<input type="text" name="info4" /><br />
<input type="text" name="info5" /><br />
<input type="file" name="image"/><br />
<input type="submit" name="submit" />
</form>
</body>
</html>
Code for controller
function addInfo($imagetype,$imagedata,$info1,$info2,$info3,$info4,$info5)
{
$addI=$this->conn->prepare('insert into `addinfo` (imagetype,image,info1,info2,info3,info4,info5) VALUES (?,?,?,?,?,?,?) ');
$addI->bind_param("sbsssss",$imagetype,$imagedata,$info1,$info2,$info3,$info4,$info5) ;
$addI->execute();
}
This is just a suggestion.
You could add "required" attribute to your inputs so it won't be submitted if its empty.
This works on latest browser
your code
<input type="text" name="info1" /><br />
<input type="text" name="info2" /><br />
can be
<input type="text" name="info1" required /><br />
<input type="text" name="info2" required /><br />
Exact problem: Trying to pass a param from the url to a search box destination page.
The param is "subid" this way:
http://www.domain.com/?subid=3456
and the current (non working) search form code in php:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
</head>
<body>
<form action="http://search.yahoo.com/search?subid=<?php print $_GET['subid'];?>&" target="_blank" id="search-box">
<input type="text" name="p" size="31" />
<input type="submit" value="Search" />
</form>
</body>
</html>
I can see with firebug that the subid is in the form action when I go here:
http://www.domain.com/?subid=3456
but when I run a query in the form, is not passing to yahoo.
so where is the problem?
You should post subid as a parameter also, and specify method as get.
<form action="http://search.yahoo.com/search" target="_blank" method="get" id="search-box">
<input type="hidden" name="subid" value="<?php print $_GET['subid'];?>" />
<input type="text" name="p" size="31" />
<input type="submit" value="Search" />
</form>
As was asked by the author, added some filtering for GET parameter:
<form action="http://search.yahoo.com/search" target="_blank" method="get" id="search-box">
<input type="hidden" name="subid" value="<?=(int)$_GET['subid']?>" />
<input type="text" name="p" size="31" />
<input type="submit" value="Search" />
</form>
Or you can use strip_tags + htmlentities functions, before output.
Ok my first time asking question here. This as been very helpful in the past but now i'm lost.
I'm trying to understand how php work with the help of a book. So i did the exercise as it was shown in the book and the result if not what it should be.
Here's the code:
<div id="content">
<p>Here's a record of everything in the REQUEST array:</p>
<?php
foreach($_REQUEST as $value) {
echo "<p>" . $value . "</p>";
}
?>
</div>
<div id="footer"></div>
</body>
And here's the result:
Here's a record of everything in the REQUEST array:
" . $value . "
"; } ?>
Why is not showing the info it is suppose to? Thanks.
Ok here's all the code:
showRequestInfo.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html
> xmlns="http://www.w3.org/1999/xhtml"> <head> <meta
> http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link
> href="/wamp/www/livrephp/css/phpMM.css" type="text/css"
> rel="stylesheet" />
>
> <title>Untitled Document</title> </head>
>
> <body> <div id="header"><h1>PHP & MySQL: The Missing
> manual</h1></div>
> <div id="example">Example 3-2</div>
>
> <div id="content">
> <p>Here's a record of everything in the REQUEST array:</p>
> <?php foreach($_REQUEST as $value) { echo "<p>" . $value . "</p>"; } ?>
>
>
> </div>
> <div id="footer"></div> </body> </html>
And this goes with this file called "socialEntryForm.php"
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="/wamp/www/livrephp/css/phpMM.css" rel="stylesheet" type="text/css" />
<title>Untitled Document</title>
</head>
<body>
<div id="header"><h1>PHP & MySQL: The misiing manual</h1></div>
<div id="example">Example -1</div>
<div id="content">
<h1>Join the missing manual (Digital) Social Club</h1>
<p>Please enter your online connections below:</p>
<form action="../showRequestInfo.php" method="post">
<fieldset>
<label for="first_name">First Name:</label>
<input type="text" name="first_name" size="20" /><br />
<label for="last_name">Last Name:</label>
<input type="text" name="last_name" size="20" /><br />
<label for="email">Email Address:</label>
<input type="text" name="email" size="50" /><br />
<label for="facebook_url">Facebook URL:</label>
<input type="text" name="facebook_url" size="50" /><br />
<label for="twitter_handle">Twitter Handle:</label>
<input type="text" name="twitter_handle" size="50" /><br />
</fieldset>
<br />
<fieldset class="center">
<input type="submit" value="Join The Club" />
<input type="reset" value="Clear and Restart" />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>
Are you sure your file is a PHP file and it's being run on a PHP enabled server? The browser seems to be receiving the code unparsed, thinking that there's a tag starting at <?php and ending at the first <p> tag. If you look at the source, you'll probably see your PHP code, untouched by the server.
In other words: Your code is correct and the problem is your file type or server configuration. If you are indeed using a server on your machine, make sure you're running the file right, e.g. if it's in the root, open http://localhost/your_file.php, and not C:\xampp\htdocs\your_file.php.
EDIT: Just for the heck of it, I replicated your issue with a fiddle. I got the exact same output as you, meaning it's not getting parsed by the server. Who said JSFiddle was only good for JavaScript?
$_REQUEST Contains data which is gathered from cookies, $_POST and $_GET .. Are you sure that your data is properly assigned?
Take this example.
print_r($_REQUEST); just doing that without no <form method="get/post"> will produce a blank array, that might be why you are getting nothing
Your snippet is correct.. you are lacking a html form to go with that..
Example:
<form method="POST">
<input type="submit" name="test" value="ThisIsCorrect">
</form>
With your code you have shown your question.. your $_REQUEST array will return the value of the button. In this case "ThisIsCorrect"
Moral Of this?
Ensure that you are using using post/get/cookies before calling the $_REQUEST, and for future reference, just using $_POST & $_GET is cleaner to use.. But that is down to my personal preference.
How is the $_REQUEST Array constructed?
Consider this:
the array will contain the name as the array key and the value as the value..
So taking this into account:
<form method="POST">
<input type="text" name="username">
<input type="submit" name="test" value="ThisIsCorrect">
</form>
For your text box & Submit button the array will be:
array ("username" => "UserInputData",
"test" => "ThisIsCorrect");
I've started learning PHP. Managed to setup things.
I'm using php version 5.3.13.
I'm trying to post some info to a html form and receive it in a php file.
For the purpose i'm using $_Post variable and the ouput at the php file is blank.
Below is the html code.
<body>
<form action="report.php" method="POST" >
<label for="firstname">First name:</label>
<input type="text" id="firstname" name="firstname" /><br />
<input type="submit" value="Report Abduction" name="submit" />
</form>
</body>
And below is the report.php code
<html>
<head>
<title></title>
</head>
<body>
<?php
$name = $_POST['firstname'] ;
print($name);
?>
</body>
</html>
Can any one advise what i'm missing ?
Thanks
Here is a super simple example, I suggest you begin to look for example tutorials # your favorite search engine, or buy a book.
Edit: Do you even have PHP installed? you mention inetpub which is a IIS path.
<?php
error_reporting(E_ALL);
if($_SERVER['REQUEST_METHOD']=='POST' && !empty($_POST['firstname'])){
//Do something with posted data
$out = htmlentities($_POST['firstname']).' has been abducted!';
}else{
//Form has not been posted so show form
$out = <<<FORM
<form action="" method="POST" >
<label for="firstname">First name:</label>
<input type="text" id="firstname" name="firstname" /><br />
<input type="submit" value="Report Abduction" name="submit" />
</form>
FORM;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>My first test Script</title>
</head>
<body>
<h1>My first test Script</h1>
<?php echo(isset($out))?$out:null; ?>
</body>
</html>