I have a form, as such
<form action="search.php" method="get" id="search">
<input type="text" name="first_name"/>
<input type="text" name="last_name"/>
<input type="submit" value="Go" id="submit"/>
</form>
I want to make sure the data is valid, so I have a php file I can make an ajax request to access a database, which returns xml as such
<id="111111" first_name="Tom" last_name="Hanks" />
If there is a matching name. There should be no name conflicts. "HTTP/1.1 404 File Not Found" is printed otherwise. After this is done, I want to reach search.php with first_name, last_name, and id. That is, I want to be at:
search.php?first_name=Tom&last_name=Hanks&id=111111
How would I go about this ?
your scenario is similar to the followings, which im sure, you can churn to your own flavors.
[1] http://www.the-art-of-web.com/javascript/ajax-validate/
[2] http://www.dev102.com/2008/05/21/create-interactive-form-validation-using-ajax/
Related
This form submits url like that
http://www.website.com/page/search.php?search=demo&submit=Search
<form action="search.php?search=" method="GET" id="search-form">
<input id="search-text" name="search" type="text" maxlength="30" placeholder="type keyword"/>
<button type="submit" name="submit" value="Search" id="search-button">Search</button>
</form>
Where I want to post the form like that:
http://www.website.com/page/search/demo.html
How can I do this?
I know it is a small thing but help me..
Thanks
I am unclear what your question is.
If you mean that you want to be able to process the input client-side, that is not possible unless you override the behavior with javascript. For example with jQuery
$( "search-form" ).on( "submit", function( event ) {
// Do stuff here with the form data
event.preventDefault();
});
If you mean that you don't want .php to show up and want to hide the underlying server technology, then you can use something like Apache's mod_rewrite. But you probably don't want that in this case because .html implies that it's a page you visit (GET, not POST) rather than a script you submit variables to.
Save this code as form.html on your desktop then open it with your browser then add some values and click the button. Look at the url afterwards
<form method="get" action="#">
<input type="text" name="input1">
<input type="text" name="input2">
<input type="text" name="input3">
<input type="text" name="input4">
<button type="submit">Click me and look at the url</button>
</form>
After seeing your edited question, try this with the above steps( save on the desktop etc.etc)
<form method="post" onsubmit="this.action=window.location.href.replace('.html',inputurl )">
<input type="text" name="input1" onblur="inputurl='/'+this.value+'.html'">
<button type="submit">Click me and look at the url</button>
</form>
I have a problem in my php form :
isbn number is a GET variable .
Thus view.php opens in a URL like : localhost/../view.php?isbn=0810982463. Whereas I want the url structure to be like localhost/..../0810982463. I know it can be done by using the Post method, Can it be done using the GET method ?
<form action="view.php" method="get">
<p class="name">
<label for="isbn">ISBN No. </label>
<input type="text" name="isbn" id="isbn" value="0199555311">
</p>
<p class="submit">
<input type="submit" value="Search Book" />
</p>
</form>
No matter what, the GET form submission will be in a query string format, just look at Google's form submission, or even Stack Overflow's own searching. This is the way things have been standardized across browsers.
If you want it to look pretty, after the submission, you'll need to redirect the user to a pretty URL.
Let's say I have a form that looks like this:
<form action="/script.php" method="post">
<input name="my_input" length="80" />
<input type="submit" value="submit" />
</form>
Now I also want to include a numeric identifier - call it a ticket id. "Here's the ticket history, do you want to add something?" The user can't modify that.
My question is...what is the safest way to get that ticket id in the form submission?
No problem accomplishing it, but my question is around security. So here are the ways to get a variable back that I can think of:
<form action="/script.php" method="post">
<input name="my_input" length="80" />
<input type="hidden" name="ticket_id" value="12345" />
<input type="submit" value="submit" />
</form>
or
<form action="/script.php?ticket_id=12345" method="post">
<input name="my_input" length="80" />
<input type="submit" value="submit" />
</form>
I'm concerned that someone could craft a malicious POST and submit it and append their comments to a different ticket. i.e., compose a POST from their own server/browser/tool. If I was doing this with GET then they certainly could do that just by changing the url vars - it's possible to do that also with POST too, right?
I can check that the user owns that ticket of course and do some other validation, but fundamentally, how do you present data to a user and safely get it back again in an HTML form?
Is there something other than creating a unique serial number ("FORM 12345 should present ticket id 6789") record on the server side and then checking it back?
I'm using PHP & MySQL on the backend though I'm not sure my question is specific to those technologies.
use session
form.php
<?
session_start();
$_SESSION['ticket_id'] = '1234';
?>
script.php
<?
session_start();
$ticket_id = $_SESSION['ticket_id'];
?>
I have a webpage with a form has 3 parameters, like
http://www.likeforex.com/currency-converter/fxconverter.php?f=euro-eur&t=usd-us-dollar&amt=1
I used .htaccess to rewrite the page to: f_t.htm/amt as:
http://www.likeforex.com/currency-converter/euro-eur_usd-us-dollar.htm/1
However, my question is when user change the value of amt(middle of the page), then the form is re-sumbited, and the re-sumbited page is still in parameter format. How to make the url in after rewrite format?
Anything wrong with the submit button, or anything else?
the form:
<form name="e" method="get" action="fxconverter.php">
the amt parameter:
<input type="text" id="amt" name="amt" size="16" maxlength="16" value="'.$amt.'" onclick="this.focus();this.select();" />'
the submit button:
<input type="submit" value="Convert" class="bt" />
the .htaccess line:
RewriteRule ^(.*)_([^_]+)\.htm/([^/]+)$ fxconverter.php?f=$1&t=$2&amt=$3 [NC]
Thank you very very much.
You cant use a form, regardless of POST/GET and expect the parameters to output like a url eg http://www.likeforex.com/currency-converter/euro-eur_usd-us-dollar.htm/1
What you need todo is change the form slightly and use javascript to build the url and then redirect.
<script>
function goForm(form){
f = form.elements["f"].value;
t = form.elements["t"].value;
amt = form.elements["amt"].value;
window.location.href = 'http://www.likeforex.com/currency-converter/'+f+'_'+t+'.htm/'+amt;
}
</script>
<form name="currencyForm" method="GET" action="">
<input id="f" name="f" value="euro-eur" type="hidden">
<input id="t" name="t" value="usd-us-dollar" type="hidden">
<input id="amt" name="amt" size="16" maxlength="16" value="1" onclick="this.focus();this.select();" type="text">
<input type="button" name="button" value="Click" onClick="goForm(this.form)">
</form>
Then you can take advantage of the mod_rewrite.
Tho personally I would scrap the GET(for the fancy url) and just use POST. search engines wont query your form so there is no advantage in using GET only that it may make it easier for someone thinking to scrape your content to digest its workings. Also remember anyone without javascript enabled wont be able to use the form with my solution.
For example, I have a user system that displays a each user's IP address. I want to place a small link on the page next to each IP that will send me to http://www.whatismyip.com/tools/ip-address-lookup.asp but POST the IP address, so that I can view it without inputting the IP myself (I'm lazy, what?)
Is this possible with javascript/PHP/HTML?
Not sure if I 100% understand what you want here but let me give it a try.
You have a list of your users IP-adresses, but want to link them so they're posted to the webpage for a check?
In that case make a form for each IP adress, set the form's action to the whatsmyip-site and make sure you got the IP in a field named the same as the field used for searching the ip on the external site.
So basicly:
<form action="http://www.whatismyip.com/tools/ip-address-lookup.asp" method="post">
<input type="hidden" name="name_from_site" value="100.0.0.10" />
<input type="submit" value="Check IP" />
</form>
You can simply make a form that POSTs to the given URL.
<form action="http://whatsit.com" method="post">
<input type="hidden" name="ip" value="1.2.3.4">
<input type="submit" value="Go!">
</form>
You can use JavaScript to POST the data (using AJAX techniques) and let the link behave normally. It'd probably be easiest to attach your JavaScript to the link's onclick event.
Or, you could use the header function from PHP: http://www.php.net/manual/function.header.php
You can use this:
<form action="http://www.whatismyip.com/tools/ip-address-lookup.asp" method="post" name="ip_lookup_form">
<input type="hidden" name="IP" value="100.0.0.10" />
Check out on IP Lookup
</form>