I am building an iframe based - facebook application. My problem is, whenever I redirect user to any page, I can see pages are loaded twice. (first, it shows the page without css and then again page is loaded with css). Same is happening when I post any form.
So, every form is posted twice. Data is added twice for each and every action. Moreover, I can see all my POST data in url... facebook is passing all session data in URL. Is it normal?
Am I missing something? Please help me. Below is my code.
foreach($records as $product_list)
{
?>
<tr>
<td width="250">
<form name="frm_product_<?php echo $product_list->product_id; ?>" id="frm_product_<?php echo $product_list-> product_id; ?>" action="cart.php">
<?php echo $product_list->product_name; ?><br />
Price : <?php echo $product_list->price; ?> SGD<br />
<input type="hidden" name="product_id" value="<?php echo $product_list->product_id; ?>" />
<input type="submit" name="btn_submit_<?php echo $product_list->product_id; ?>" id="btn_submit_<?php echo $product_list->product_id; ?>" value="Add to Cart" />
<input type="hidden" name="action" value="add" />
</form>
</td>
</tr>
<tr>
<td> </td>
</tr>
<?php
}
?>
if(isset($_REQUEST['action']) && $_REQUEST['action']=='add')
{
$cart = new Cart($db);
$cart->user_id = 1;
$cart->product_id = $_REQUEST['product_id'];
$cart->qty = 1;
$cart->add_to_cart1(); //this is adding items two times
}
Thanks in advance.
For double post problems always check you do not have somewhere an image href set to '' (empty string).
It colud be an or an url() in a css.
This is not an issue but a design decision in HTTP, empty GET url (like an empty image src) means redio the request that get you on the page (that could be a POST).
It's maybe not your case, but last time I was it by that it took me 3 days to find :-)
Related
how can I pass this value which data is in database. I want to pass the value from another page by textbox. how can I do it?
here is my database
and I want to pass the Value on the textbox from another page how can I do that?
here is my code
include("topupcard.php";)
<td>
<?php echo htmlentities($row['value']);?>
</td>
<button class="btn btn-success mr-4">Generate QR Code</button>
and to pass the data to another page.
<input type="text" value="$row['value']" name="id">
right now, it is not working nothing is being passed.
also, i dont know if I'll use Session or not, help thanks.
so the output should be 200 or 1000 is displayed on the other page when i click the button.
Using #danblack's explanation you can
Option 1 (not a safe method if this involves transactions):
<a href="generatecode.php?value=<?php echo htmlentities($row['value']); ?>">
then on the other page
<input type="text" value="<?php echo $_GET['value']; ?>" name="id">
Option 2 :
session_start();
$_SESSION['value'] = $row['value'];
then on the other page
session_start();
$value = $_SESSION['value'];
<input type="text" value="<?php echo $value; ?>" name="id">
At the bottom of this code you'll see an 'Accept Offer' button, when I click on that another piece of code gets executed as you can see on the bottom of this post.
For example this project has 3 bidders, so 3 times bidder_id and writer_bid so I use 'foreach' and load it in divs, works fine, but now I need to store those variables in a database, which technically works but it doesn't store the bids from the row I pull them from, it just takes the data from the last row, that is if I place the code at the bottom of this thread in my header.
However when I put it inside the loop it executes three times, I saw that when I got an error message that I had to close 3 times cause there are 3 rows in the database table that I pull the data from.
How can I prevent this, and either have it load once when the code is inside the foreach loop, or have it pull the correct writer_bid and bidder_id to store.
<div class="WB-Bottom-block lefts">
<?php $getBidders=" AND project_id=$project_id"; $bidders=getBidder($getBidders); foreach($bidders as $bidder) {
$bidder_id=$bidder['writer_id'];
$writer_bid=$bidder['writer_bid'];
?>
<div class="findwriters_boxes">
<div class="findwriters_right">
<div style="float:right;margin-top:6px;width:170px;">
<input type="hidden" name="writer_bid" id="writer_bid" value="<?php echo $writer_bid; ?>" />
<input type="hidden" name="bidder_id" id="bidder_id" value="<?php echo $bidder_id; ?>" />
<input type="submit" class="homebtn11" name="submit" id="submit" value="Accept Offer"/>
</div>
</div>
</div><?php } ?>
Below the code that needs to be executed and that results in issues, whether I place it inside the foreach loop, or inside the header instead.
As you can see I tried to store it in input fields so that it stays there so the header can pull it on refresh of the page / click of the button.
<?php if(isset($_POST['todo']) && $_POST['todo']=='submit_project') {
$balance=get_client_balance_info($current_user->ID);
$writer_bid=$_POST['writer_bid'];
$bidder_id=$_POST['bidder_id'];
if($balance >= $_POST['writer_bid']) {
global $wpdb;
$sql3="UPDATE `wp_project` SET `writer_id` = '".$bidder_id."' WHERE `id` =". $project_id;
$wpdb->query($sql3);
$sql4="UPDATE `wp_project` SET `price` = '".$writer_bid."' WHERE `id` =". $project_id;
$wpdb->query($sql4);
$sql5="UPDATE `wp_project` SET `status` = '2' WHERE `id` =". $project_id;
$wpdb->query($sql5);
$success_msg="You accepted a bid, the money will be deducted from your account.";
}
else $fail_msg="Your balance is not sufficient.";
I think you should make a form for each div that you are adding right now you are putting the bidder_id in the different inputs but the same name.
So it will get the last inputs, maybe it's better to specify the inputs with the row id or to separate the forms or make the input names as array.
I hope this helps you.
I fixed it with the help of Diar Selimi like this:
<div style="float:right;margin-top:6px;width:170px;">
<form action="" name="frmeditor" method="post" id="frmeditor" >
<input type="hidden" name="todo" id="todo" value="submit_project" />
<input type="hidden" name="writer_bid" id="writer_bid" value="<?php echo $writer_bid; ?>" />
<input type="hidden" name="writer_id" id="writer_id" value="<?php echo $writer_id; ?>" />
<input type="submit" class="homebtn11" name="submit" id="submit" value="Accept Offer"/>
</form>
Before that my form and value="submit_project" tags were scattered all over the place!
i was always curious about how many websites have a delete button on their user panels.
For example, if a user can submit a post and this must be available on his user control panel to delete it if he wants how would you code this button without any frameworks in php?
What i've dont now its creatre a form with a hiden value, you can see a piece of the code below:
<?php foreach ($results as $result): ?>
<tr>
<td> <?php echo $result['id'] ?> </td>
<td> <?php echo $result['message'] ?> </td>
<td> <?php echo $result['name'] ?> </td>
<td>
<form method="POST" action="">
<input type="checkbox"
name="delete_action"
value="<?= $result['id'] ?>"
style="display:none; visibility:hidden;"
checked>
<input class="" type="submit" value="Delete">
</form>
</td>
</tr>
Time for the php action:
if (isset($_POST['delete_action'])) {
$get_id_to_delete = $_POST['delete_action'];
$delete_action = $pdo_testimonials->prepare("DELETE FROM testimonials WHERE id = :id");
$delete_action->bindParam(':id', $get_id_to_delete);
$delete_action->execute();
}
So, as you can see the methond is so insecure and easy to mess up. However i've used it only for a control panel which only i have access. I know that i should never use a similar way of adding a delete button on a production website.
Is there any better, more secure and reliable way to do it?
Simple link (GET) showing only when it's content that current user can remove is ok, as long as you check that in PHP again. So:
Check if current user can remove element.
If so, display (image) link to for example /delete.php?id=2.
On page delete.php check if current user can remove element with id = 2.
If so, remove element and get back to page. Otherwise display warning.
It can be done with AJAX too, with same steps.
Suppose I have a form. After I submit my form, the data is submitted to dataprocess.php file.
The dataprocess.php file processes the variable sent via form and echoes desirable output.
It seems impossible to echo to a specified div in specified page only using PHP (without using AJAX/JavaScript as well). I do not want to use these because some browsers might have these disabled.
My concern is that I want to maintain the same formatting of the page that contained the form element. I want the form element to be there as well. I want the query result to be displayed below the form.
I could echo exact html code with some modification but that's memory expensive and I want it systematic.
Is it possible to process the form within the same page? Instead of asking another .php file to process it? How does one implement it?
The above is just for knowledge. It will be long and messy to include the PHP script within the same HTML file. Also, that method might not be efficient if I have same process.php file being used by several forms.
I am actually looking for efficient methods. How do web developers display query result in same page? Do the echo all the html formatting? also, does disabling JavaScript disable jQuery/AJAX?
Yes it is possible to process the form on the same page.
<?php
if (isset($POST))
{
//write your insert query
}
?>
<html>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<!-- Your form elements and submit button -->
</form>
<table>
<?php
//your select query in a while loop
?>
</table>
</body>
</html>
But if you choose this technique instead of ajax, you have to refresh all the page for each insert action.
An example
<div id="dialog-form">
<form action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="post">
<table>
<tr>
<td>Job</td>
<td>
<input type="text" name="job" />
</td>
</tr
</table>
<input type="submit" value="Insert" />
</fieldset>
<input type="hidden" name="doProcess" value="Yes" />
</form>
</div>
<?php
$myQuery= $db->prepare("INSERT INTO Jobs (job) VALUES (:p1)");
if (isset($_POST['doProcess']) && $_POST['doProcess'] == 'Yes')
{
$myQuery->bindValue(":p1", $_POST['job'], PDO::PARAM_STR);
$myQuery->execute();
}
?>
if you really dont want to use ajax (which i think you should). You can do something like this.
<form action="" method="POST">
<input type="text" value="something" name="something_name"/>
<?php
if(isset($_POST['something_name'])){
echo '<div id="display_something_name_if_exists">';
echo $_POST['something_name'];
echo '</div>';
}
?>
</form>
Basically what it does is submits to itself and then if there is a submission (tested with isset), it will echo a div with the correct information.
I've created a registration form that successfully passes its variables from the registration page (go-gold.php) to a summary/verfication page (go-gold-summary.php). The data appears correctly on the second page.
However, I want to able to use an image button to return back to the registration page, in case the user made an entry error. Going back, the original form should now be populated with the data that was first entered.
The problem is that I cannot re-send/return the data from the second page, back to the first. My text fields appear blank. I do NOT want to use Session variables.
The code is truncated from the entire page.
Registration Page (go-gold.php):
<?php
$customer_name = $_POST['customer_name'];
?>
<form action="go-gold-summary.php" method="post">
Name: <input type="text" name="customer_name" id="customer_name" value= "<?php echo $customer_name ?>" />
<input name="<?php echo $customer_name ?>" type="hidden" id="<?php echo $customer_name ?>">
</form>
Summary Page (go-gold-summary.php)
<?php
$customer_name = $_POST['customer_name'];
?>
<form action="go-gold.php" method="post">
Name: <?php echo $customer_name ?> <input type="hidden" id="<?php echo $customer_name ?>" name="<?php echo $customer_name ?>">
<INPUT TYPE="image" src="images/arrow_back.png" id="arrow" alt="Back to Registration"> (Button to go back to Registration Page)
</form>
Thanks!
go-gold-summary.php should be changed like this.
<?php
$customer_name = $_POST['customer_name'];
?>
<form action="go-gold.php" method="post">
Name: <?php echo $customer_name ?> <input type="hidden" value="<?php echo $customer_name ?>" name="customer_name">
<INPUT TYPE="submit" src="images/arrow_back.png" id="arrow" alt="Back to Registration"> (Button to go back to Registration Page)
</form>
notice how I've changed this line
<input type="hidden" id="<?php echo $customer_name ?>" name="<?php echo $customer_name ?>">
into this
<input type="hidden" value="<?php echo $customer_name ?>" name="customer_name">
$_POST is an associative array and as you submit the form it will be populated like this:
$_POST["index"] = value;
where "index" is the text field "name" and value is the text field value.
You've missed that one in your code. Just update it with my code and it will work
Why you would not want to use the php session? Please give any reason for not to use it. I am asking this way since my reputation does not allow me to comment questions or answers any other than my own. Plese do not -1 for this.
Another way could be using cookies to store the data temporarily, but that and posting the data back and forth in the post request is really insecure compared to session.
there are very few ways to maintain variables across pages. The alternative is to have separate form on the second page with hidden text fields containing the $_POST data, and the submit button calls the previous page. No way of getting around the "back button" on a browser though unfortunately.
I missed the bold text about the session variables - disregard if this does not apply:
one way to maintain variables across pages on the server side is to use $_SESSION
first include the following at the top of your PHP pages to keep a session active:
session_start();
once you submit the for and move to page 2, add the following:
$_SESSION['customer_name'] = $_POST['customer_name'];
As well, on the first page, you could change the form element as such:
<input type="text" name="customer_name" value="<?PHP if isset($_SESSION['customer_name'] || !empty($_SESSION['customer_name'])) { echo $_SESSION['customer_name']; } ?>">
this will keep the filled in data and display it when the user returns tot he page, and if they put in something different it will be updated when they hit page 2 again.