I have some forms, and am currently using an implementation as described below:
<form action="/formpost.php" method="post" name="form1" id="form1">
<input type="hidden" name="to" id="to" value="__COMMENT1" />
<!-- rest of form -->
</form>
__COMMENT1 refers to the page where I want the user to be redirected after the form posts.
Pretty much what happens is that the form is posted to formpost.php, the $_POST array is converted to $_SESSION['POST'], the $_POST is unset, and then the user is redirected to the location referenced in the value of the hidden input field ([id = to] always the same ID/name.) I can then continue to use the user's form submitted values (referenced from the $_SESSION array) regardless of whether they go 'back', refresh, etc.
Is there anything wrong with this?
Are there any benefits to using the POST/REDIRECT/GET pattern instead?
Nothing wrong with your method, it's more convenient than PRG.
though, I see no point in keeping POST variables unless in case of error.
and there is no point in unsetting $_POST, of course.
Well, after some explanation it seems that your setup is quite wrong.
there is no point in making single action for all forms as well as in unnecessary redirect.
make your form action the actual script that validates the form.
on success, redirect wherever you want.
on error:
save POST data and error messages into session and redirect to the same URL
populate the form and unset POST data and errors
show the form
Related
loaded page from javascript. tested for GET & POST. Only GET set as expected;
window.location.href = "medications_edit_revised.html?recordId="+id ;
Retrieved and used the data from the GET[]
Reloaded page from SUBMIT as shown below.
<form method="post" action="">
<table id="detailsDivTable">
<?php
$editClass->selectTheRecord();
?>
</table>
<fieldset name="Group1">
<legend>Group box</legend>
<input name="saveButton" type="submit" value="Save" />
<input name="deleteButton" type="submit" value="Delete" />
<input name="cancelButton" type="submit" value="Cancel" />
</fieldset>
</form>`
Tested GET[] & SET[]
if (isset($_GET['recordId']) ) {
$recordId = $_GET['recordId'];
require_once "medications_edit_revised.class.php";
$editClass = new editRevisedClass($DBH, $recordId);
}
if(isset($_POST['saveButton'])) {
Both tested TRUE. Is this normal behavior. I expected the GET[] would have been cleared when the form was POSTed
If yes is there a way to clear the GET before sending the SUBMIT
Thanks
When you set the URL like this:
window.location.href = "medications_edit_revised.html?recordId="+id ;
You have set URL params. Then when you do this:
Reloaded page from SUBMIT as shown below.
<form method="post" action="">
Because the action is empty it'll retain the URL parameters, because that's what empty and (eg) $_SERVER['PHP_SELF'] do - they send to the current URL, params and all.
You already know the URL so just set it as needed:
action="medications_edit_revised.html"
You seem to be confusing POST/GET requests and the PHP $_POST and $_GET superglobal variables.
PHP will populate $_GET with data in the query string of the URL the request was made to.
PHP will populate $_POST with data in the request body of a POST request if that data is encoded using a supported encoding.
It doesn't matter if the request was caused by JavaScript, a form submission, or something else.
Is this normal behavior.
Yes
If yes is there a way to clear the GET before sending the SUBMIT
Submit the form to a URL which does not have a query string.
The URL the form is submitted to will be specified by the action attribute.
If you don't have an action attribute, it will be submitted to the URL of the current page. If that URL has a query string, then so will be the URL that the form is submitted to (and thus $_GET will be populated).
If you want to avoid that, then specify the action explicitly.
Can you please past some of your code?
If you use GET to revice your variable, it gets it from the URL: example.com?name=jesper&lastname=kaae
The differences is:
GET requests a representation of the specified resource. Note that GET should not be used for operations that cause side-effects, such as using it for taking actions in web applications. One reason for this is that GET may be used arbitrarily by robots or crawlers, which should not need to consider the side effects that a request should cause.
And
POST submits data to be processed (e.g., from an HTML form) to the identified resource. The data is included in the body of the request. This may result in the creation of a new resource or the updates of existing resources or both.
You can read more about them here
Suppose my Form codes look like this
URL : localhost/my-url.php
<form action="hello.php">
...bla bla bla
</form>
I will process the data in hello.php and i want to redirect to user to same url after processing (according to above example)
localhost/my-url.php
I know we can use header but i don't know how to get that url from which form was submited :(
Googled but didn't found any use full.
Thanks.
Add a hidden value in your form:
<input type="hidden" name="lastUrl" value="<?php echo $_SERVER['REQUEST_URI'] ?>" />
You now have the URL in $_POST['lastUrl'] data. You need to do it that complicated because $_SERVER["HTTP_REFERER"]; is send by the browser, and not all of them do this reliable.
You should put a hidden field in your form and set its value to current page url.
Then you submit the form and get the value of hidden field.
Then you can redirect user to hidden field (which is actually a URL of the page where you are submitting form) by using javascript or php.
You can use the
$_SERVER["HTTP_REFERER"];
to get the original URL where the form was posted from.
Remember to escape it, if you use it however. ]
Alternatively, you can process the form using AJAX, send process things (redirection) client-side.
Note that form data can be changed and intercepted if you wish to send the URL of the page as form data.
I have a https page named user.php that gets data and posts it to another receiving.php https page. My problems is whenever I submit my data for posting the receiving.php displays server error. I have read articles about cURL but I don't have a clear picture of the syntax.
user.php
<form action="https://www.mydomain.com/ssl/receiving.php">
<input type="text" name="variable" />
<input type="submit" name="buttonName" />
</form>
receving.php
if(isset($_POST["buttonName"]))
{
$variable=$_POST['variable'];
}
You want to add method="POST" to your form tag. By default it'll submit through GET. If that doesn't work, try var_dump($_POST) in receiving.php to see exactly what's coming through. cURL is mainly for when you want a script to make a request to a server on its own. A form submit shouldn't need to worry about cURL.
What error are you receiving though? This shouldn't display an error as your isset() should just return false.
you need to use the $_GET method instead of $_POST because $_GET is a method that displays your request in the form in URL. while $_POST for security reason is just getting data from the form and not displaying the actions you've requested.
<form action="https://www.mydomain.com/ssl/receiving.php">
if you want to use $_POST you need to make your form method set to method="POST" or by default your method form is using "GET".
So you instead of using $_POST , you need to use $_GET in your case.
I have a <form> with an action attribute.
I would like to change the value of action based on the value of an <input>.
The value is provided by the user. If the value is page1.php, the form will be submitted to page1.php. If the value is page2.php, the form will be submitted to page2.php, and so on.
Right now I'm achieving this using JavaScript, however it doesn't work on a browser with JavaScript disabled.
Is there any way to make the action non-static without JavaScript?
You can do this without invoking any javascript at all.
PHP example;
<?php
/*if no destination was set previously the form will post back to itself*/
$action=isset($_Request['destination'])?$_Request['destination']:'';
?>
<form name='a-form-name' action="<?php echo $action;?>">
/*include other inputs etc as required.
Include a 'destination' input in _all_ forms involved.
You can of course name it whatever you like. But should always be the same name in all forms involved.
*/
<input type='hidden' name='destination' value='the-desired-destination-of-next-action'>
<input type='submit' name='whatever' value='Click here'>
</form>
When you press the submit button it will go to whatever destination you set in the previous submission or 'destination' in the url query string.
You can even make the destination hidden input's value dynamic by using a variable instead if need be. Branching can be quite easy and extensive using this method.
HTH
If you just want to receive the value on the server side, than using get as the form's method will work (you end up with page.php?my_var_name=my_var_value).
If, however, you want to direct the form to a completely different page based on the value of your input, you'll either have to use JS, or have a "catchall" page on the server side that gets the form and redirects to the final page based on the value.
After filling the form when submit, accidentally due to some filling error ,the form is not submit and return to back,in this condition the value of all text box is blank. i want to stable value of all fields in this condition . I'm using php with smarty framework. Please reply with solution as soon as possible.
Thanks.
If the form is submitted to the page that contains it then you will have access to the submitted values, and can use them to populate your form. For example, if you are submitting the form via POST:
<input name="something" value="<?=$_POST['something']?>" />
If you are submitting the form to a different script, you could send the values back to the page with the form as URL parameters, or you could use temporary session variables, and unset them when the input passes whatever validation you are using:
$_SESSION["temp_something"] = $_POST["something"]; //In form processing script
Then in your form:
<input name="something" value="<?=$_SESSION['temp_something']?>" /> <!--In form-->
You can fill the form fields, on the second round, by filling the content inside the value attributes of html tags, like so:
<input type="text" value="<?php echo $_REQUEST['test']; ?>" name="test">
Pay attention: this is a fast and simple solution. It gives you an idea. In good web programming practice you should sanitize the form data received by client in order to avoid security issues.