How do I make a self-posting/self-submitting form, i.e. a form that submits the results to itself, instead of submitting to another form?
The proper way would be to use $_SERVER["PHP_SELF"] (in conjunction with htmlspecialchars to avoid possible exploits). You can also just skip the action= part empty, which is not W3C valid, but currently works in most (all?) browsers - the default is to submit to self if it's empty.
Here is an example form that takes a name and email, and then displays the values you have entered upon submit:
<?php if (!empty($_POST)): ?>
Welcome, <?php echo htmlspecialchars($_POST["name"]); ?>!<br>
Your email is <?php echo htmlspecialchars($_POST["email"]); ?>.<br>
<?php else: ?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
Name: <input type="text" name="name"><br>
Email: <input type="text" name="email"><br>
<input type="submit">
</form>
<?php endif; ?>
I guess , you means $_SERVER['PHP_SELF']. And if so , you really shouldn't use it without sanitizing it first. This leaves you open to XSS attacks.
The if(isset($_POST['submit'])) condition should be above all the HTML output, and should contain a header() function with a redirect to current page again (only now , with some nice notice that "emails has been sent" .. or something ). For that you will have to use $_SESSION or $_COOKIE.
And please. Stop using $_REQUEST. It too poses a security threat.
That will only work if register_globals is on, and it should never be on (unless of course you are defining that variable somewhere else).
Try setting the form's action attribute to ?...
<form method="post" action="?">
...
</form>
You can also set it to be blank (""), but older WebKit versions had a bug.
Try this
<form method="post" id="reg" name="reg" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>"
Works well :)
Your submit button doesn't have a name. Add name="submit" to your submit button.
If you view source on the form in the browser, you'll see how it submits to self - the form's action attribute will contain the name of the current script - therefore when the form submits, it submits to itself. Edit for vanity sake!
change
<input type="submit" value="Submit" />
to
<input type="submit" value="Submit" name='submit'/>
change
<form method="post" action="<?php echo $PHP_SELF;?>">
to
<form method="post" action="">
It will perform the code in if only when it is submitted.
It will always show the form (html code).
what exactly is your question?
Related
What I'm trying to do is get simple input from the user an print it out using echo within my php tags but not working for some reason. I'm still a beginner to php so if anyone could assist me, that be dope.
Here's my code :
<p>
<form method="GET">
<input type="text" name="firstname">
<input type="submit" value="sub">
</form>
</p>
<?php
echo $_GET['firstname'];
?>
The file is saved with a .php extension and at the moment, I'm running it locally on my computer using apache. The HTML for the form appears but when I click the submit button, it does not echo what was inputted. I know its not going to the code within the php tag but I'm unsure on how to make it go there.
To finish this you will need a action which means this:
<p>
<form method="GET" action="index.php">
<input type="text" name="firstname">
<input type="submit" name="submit" value="sub">
</form>
</p>
Also if you would like to get the result from the form whenever you hit that submit button, you will have to "tell" php that you would like whenever you hit that submit button to print the result. The simpliest way is this:
<?php
if(isset($_GET['submit']))
{
echo $_GET['firstname'];
}
?>
There are two things that you might wanna do:
In the form action write <?php echo $_SERVER['PHP_SELF']; ?>
The PHP_SELF redirect you to the same .php file with the form data
To avoid any exception, use isset function in the last part of your code, which would check if the POST variable exist or not.
<?php
if(isset($_GET['firstname'])){
echo $_GET['firstname'];
}
?>
I have my page as follows:
<form id="filterQuery" action="#" method="post">
...
<input type="submit">
</form>
<?php
// use $_POST to determine query restrictions and conditions
?>
Now my problem is with the action of the form, because if I make it "#" self, nothing happens when clicking submit.
I'm using a template which shows subpages as include in <div>s. In other words, my page is not a standard HTML page which contain <head> and <body> etc, but is in the following format: basic.php#!/my_sub_page.
Trying to make action "basic.php#!/my_sub_page" results in an empty _POST
I tried your example and everything works fine with /index.php#!/smth in action and post variables.
<form action="#!/something" method="post">
<input type="text" name="var1" value="123">
<input type="submit"></form>
<?php
print_r($_POST);
?>
This is how I check it.
Are you sure you didn't forget name attributes in inputs?
Do you see their values in url after ? if you change method to get?
<html>
<script>
function changeText()
{
document.getElementById("input1").value = <?php echo '"'.$_POST['input'].'"'; ?>;
return true;
}
</script>
<form name="mainform" action="" method="post">
<input type="text" name="input" id="input1" />
<input type="submit" onclick = "changeText()" name="Submit" value="Submit!" />
</form>
<html>
i have this code here. can you make it work as intended ?
everytime i click Submit! i want to change the value of the textarea to the last input the user inserted.
PHP code is parsed by a PHP interpreter before any HTML output is sent to the browser.
If your form action is the same page and the same form will be shown before and after submission, then you can let PHP print the value of the input field directly into it.
<input type="text" name="input" id="input1" value="<?php echo htmlspecialchars($_POST['input']);" />
If you're trying to revert the value of this input field whenever a user clicks the submit button, then your code (even if it's prone to code injection) should work but this is useless since the page will be requested again when submit is clicked.
I assume you need to fill in
action=""
By the name of your file, like
action="myFile.php"
Few tips :
NEVER trust the user. The user can manually change the value of the input and send some dangerous values in your $_POST variable. You need to check it using filter_input() by example.
Like #Charles said this is pretty simple problem, use google next time.Here for example
what I am trying to do is to create a from, and execute a php script after the submit has been pressed. the problem seems to be that the page of wprdpress with the form and the code gets executed all at once.
If I put the code below into a regular test.php file on my server, it does what it is supposed to do (echo "Form Submitted!") after I click submit. However if I put the same code in a page template or a wp page it spits it out all at once (the form, and the "form submitted).
<html>
<head>
<title>Notify on Submit</title>
</head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<label>Name: <input type="text" name="name" /></label>
<input type="submit" value="Submit" />
</form>
<?php if (count($_POST)>0) echo "Form Submitted!"; ?>
</body>
</html>
I have no idea why this is like that, and would really need some help on this.
What I have also done is to create two different wp pages(one goes to the other). It works, but will create a bit of a mess. I would like to do this in one page.
page 1
<form action="page2" method="POST">
Your form input.
<input type="submit" name="submit" />
</form>
Page 2
<?php
if (count($_POST)>0)
{
echo "Form Submitted!";
unset($_POST);
$_POST = array();
}
else echo "Form has been reset!";
?>
Probably there is another form on the Wordpress page using the POST method. Instead of checking for $_POST > 0 (which will only tell you that something was posted) add some identifier to your form, and check for that so you can tell if your form was posted.
A simple way to do this is with a hidden input:
<html>
<head>
<title>Notify on Submit</title>
</head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<label>Name: <input type="text" name="name" /></label>
<input type="hidden" name="whatform" value="myform" />
<input type="submit" value="Submit" />
</form>
<?php if (isset($_POST['whatform']) && $_POST['whatform'] == 'myform') echo "My Form Submitted!"; ?>
</body>
</html>
I think you just need to remove the php from your action. The action defaults to the current url on any form.
PHP_SELF refers to the file path - thats why it works when you do it on just a solo file. As part of the wordpress application, you can't run files directly - you have to reach that url.
Remember that WP uses actions and hooks, and so if you put code "in a WP page" or "in a template" it may fire at various times. You might get an echo statement that fires something to the screen before the content comes out. Consider putting all your output within filters, actions and hooks.
Your logic seems to depend on the post count. Consider using a unique name, i.e. the name of the submit button on your form. Check for if(isset($_POST['my-unique-submit-button'])). Is anything else in WP submitting via post? You might not know!
I've been working for several hours trying to get this to work properly. The page I have a form on is /index.php?action=pagename. I have a form that needs to get a variable from the following /index.php?action=pagename&thing=something. My HTML form going like this:
<form role="form" action="pagename" method="get">
<input type="text" name="thing">
</form>
This form is located on /index.php?action=pagename and I want to get &thing from that URL.
Any ideas?
The problem I'm having is that when the form is submitted, the URL redirects to index.php?thing instead of staying on index.php?action=pagename.
It looks like you might be having some trouble with <forms> in general and not just PHP so here is an overview:
<!-- the action is where you want to send the form data -->
<!-- assuming THIS code is the index.php file then we want to send the data to ourselves -->
<!-- the method is GET so it will be directly accessible from the URL later -->
<form action="index.php" method="GET">
<!-- add a hidden value for pagename -->
<input type="hidden" name="action" value="pagename">
<!-- the name called "thing" will be appended to the URL and it's value as well -->
<input type="text" name="thing" value="<?php echo (isset($_GET['thing']) ? $_GET['thing'] : ''); ?>">
<br>
<!-- click this button to submit the form to itself -->
<!-- once this has been submitted then you can retrieve the URL value with $_GET as you can see above -->
<input type="submit" value="submit" />
</form>
You can simply use the PHP-variable $_GET['thing'] to get the value.
The action attribute of the form element is the target script which will be called on submit. If blank it will be the current script which is showing the form. You also can only give url parameters beginning with ?.
<form role="form" action="?action=pagename" method="get">
<input type="text" name="thing">
</form>
Exerpt from php.net: http://www.php.net/manual/de/tutorial.forms.php
One of the most powerful features of PHP is the way it handles HTML
forms. The basic concept that is important to understand is that any
form element will automatically be available to your PHP scripts.
Please read the manual section on Variables from external sources for
more information and examples on using forms with PHP. Here is an
example HTML form:
Example #1 A simple HTML form
<form action="action.php" method="post">
<p>Your name: <input type="text" name="name" /></p>
<p>Your age: <input type="text" name="age" /></p>
<p><input type="submit" /></p>
</form>
There is nothing special about this form. It is a straight HTML form
with no special tags of any kind. When the user fills in this form and
hits the submit button, the action.php page is called. In this file
you would write something like this:
Example #2 Printing data from our form
Hi <?php echo htmlspecialchars($_POST['name']); ?>.
You are <?php echo (int)$_POST['age']; ?> years old.
A sample output of this script may be:
Hi Joe. You are 22 years old.
Basic script I made to get the variables from the URL:
<?php
if (isset($_GET["action"]) && isset($_GET["thing"])) {
$action = $_GET["action"];
$thing = $_GET["thing"];
echo $action .PHP_EOL . $thing;
}
?>
This will output the following for the URL /index.php?action=pagename&thing=something
pagename
something
Though you should probably learn how to use forms properly first.