I am reading a script but am stuck on understanding this:
$redirect = base64_decode($_REQUEST['redirect']);
header("Location:$redirect");exit;
because the redirect variable in REQUEST isn't defined anywhere in the script. Prior to this a POST form has been filled in, but there is NO mention of the redirect variable anywhere in the script so I am confused how it is not empty...
EDIT:
here's the form code below. btw like I said, the word 'redirect' doesn't appear ANYWHERE in the script, which is what is confusing me.
<form name="login" action="{$baseurl}/login" method="post">
{$lang12}
<input type="text" name="username" />
{$lang11}
<input type="password" name="password" />
<input type="submit" value="{$lang18}" />
<div class="test"><b>{$lang30}</b> - {$lang19}</div>
<input type="hidden" name="authenticate" value="1" />
</form>
</div>
The $lang stuff is commonly appearing words from an array, e.g login, etc.
I don't think this is possible to answer for certain without seeing the actual code but $_REQUEST holds all the variables in $_GET, $_POST and $_COOKIE.
A form can actually populate both $_GET and $_POST if its method is set to 'post' and its action is a url with url encoded variables. Thus the form might be posting all of its data to a url and then adding get variables to the end of that url. For example:
<form method='post' action='example.php?var=test'>
<input name='var2' id='var2' />
</form>
If that form were submitted, the following would be defined: $_POST['var2'], $_GET['var'], $_REQUEST['var2'], $_REQUEST['var'].
$_COOKIE could also be putting hidden variables in $_REQUEST.
$_REQUEST
An associative array that by default
contains the contents of $_GET, $_POST
and $_COOKIE.
So if you have $_POST['redirect'], $_GET['redirect'] or $_COOKIE['redirect'], $_REQUEST['redirect'] will be defined. Try to put:
var_dump($_POST['redirect']);
var_dump($_GET['redirect']);
var_dump($_COOKIE['redirect']);
To find out where it's coming from.
it have so much possibility that the redirect variable is a cookies. if you cannot find it at the form.
var_dump($_REGISTER);
that will list all your input variable associated with POST, GET and COOKIES.
If it's not empty what's the content of it?
I think it should be something like this...
$redirect = base64_decode($_GET['redirect']);
if(!empty($redirect){
header("Location: $redirect");
exit;
}
It doesn't matter that it's not in the script, you can set it via GET,
eg /yourform.php?redirect=index.php
Is it causing unwanted redirection?
Related
Is it possible for a user to enter a value into a form and then, on submit, have the page redirect to a new one with the value entered into the form stored in a PHP variable?
This if my form code;
<form id="loc-search" method="post">
<input type="text" id="search-by-location" name="custom-location" value="" placeholder="Sheffield, UK"/>
<input type="submit" id="submit" value=""/>
</form>
Once the user has entered a value in #search-by-location the page needs to redirect to weather.php with the value stored in a PHP variable called $location
AJAX / JS aren't my strong suits so if someone could point me in the right direction that would be great
Add the argument action="weather.php" to your form tag. Then, when clicked on the submit button, you will get redirected to that page. Depending on your method, in your case POST, the input values will be available in the superglobal $_POST array in PHP.
In your example, $location = $_POST["custom-location"]; will suffice. Note that the name, not the ID, determines the array key in the target PHP document.
Javascript or AJAX are not needed to achieve this.
This is just a normal form so why not just use $_POST after the redirect on the weather.php page:
$location = $_POST["custom-location"];
As #Tacticus pointed out you also need to have the form redirect (if you did not already do this in JS). By adding action="weather.php" in the form:
<form id="loc-search" method="post" action="weather.php" >
...
</form>
As stated in other answers you should modify your form to look like this:
<form id="loc-search" method="post" action="weather.php">
<input type="text" id="search-by-location" name="custom-location" value="" placeholder="Sheffield, UK"/>
<input type="submit" id="submit" value=""/>
</form>
In your weather.php file, you can get the value from the $_POST global variable, just like this:
<?php
$location = $_POST["custom-location"];
//Interpret data
?>
Note that you can access the value of an input tag from your form witch was passed, with the input's name. In html you specify the following:
<input name="yourname" />
And when you want to access that value, you simply refer to his name.
$_POST['yourname']
If you use GET method for the form to pass the values, then you do the same, only the value will be stored in the $_GET global variable, so in your case with a GET method the variable initialization would look like this:
<?php
$location = $_GET["custom-location"];
//Interpret data
?>
I have a simple php test page as follows
<?php
if(isset($_POST['hitme']))
{
echo "hello world";
}
?>
I'm hitting this page as, http://www.abc.com/page.php?hitme=true but this is not echo'ing anything. Is something wrong with this?
Use $_GET['hitme'], not $_POST, since you passed the value in the query string. $_POST would hold values sent via a <form action='post'>, but not values passed in the query string.
if(isset($_GET['hitme'])) {...}
It's recommended to read about the differences between PHP's superglobal arrays.
$_POST only contains variables which are posted to the page as part of an HTTP POST request. If you are typing the address into your browsers address bar, you're issuing a GET request, not a POST request, and no variables will be set in $_POST. Even if you are issuing a POST request, variables specified on the query string will still only be available inside $_GET, so for this example your using the wrong array either way.
You must use $_GET instead of $_POST when it's in the URL
If it's in the URL, e.g. http://example.com/index.php?hitme=true, it's in $_GET.
However, if you want it to be in $_POST, you'd have to do something like this (very basic example):
<form method="post" action="page.php">
<input type="checkbox" name="hitme" value="true" />
<input type="submit" value="Post data!" />
</form>
This script will allow the user to check it if wanted, and then click "Post data!".
However, it won't be in $_POST as long the user didn't click the button.
As for $_GET, it will be there as long as it's in the URL.
Or you can use $_REQUEST['hitme'], this one will check both $_POST['hitme'] and $_GET['hitme']
What is this code doing? If Isset, and what are the variables doing, whats the $_POST doing? Can someone explain please?
if (isset($_POST['Submit'])) {
$title=$_POST['title'];
$forename = $_POST['forename'];
$surname=$_POST ['surname'];
$dateofbirth=$_POST ['dateofbirth'];
$gender=$_POST ['gender'];
$email=$_POST['email'];
$phone=$_POST['phone'];
$passcode1=$_POST ['passcode1'];
$passcode2=$_POST ['passcode2'];
$_POST contains the data from the form the user submitted.
if(isset($_POST['Submit']))
is checking to see if a form was submitted. There is likely a hidden element with this name, or the submit button was created to include this value.
The remainder of the lines copy*1 the information out of the POST super global into easier to use variables.
(*1 not actually copied, PHP is copy on write)
If a form is being submitted, then it assigns variables.
It will check If the form is submitted set the value of html elements in to the PHP variables that's it.
These variable can be used for further processing and later to store in database.
So here is an attempt to answer your amorphous question.
if (isset($_POST['Submit']))
This line is checking to see if an entry called 'Submit' is present in the $_POST array.
isset is a function that checks the existence of variables in PHP.
$_POST is a global variable in PHP that captures the key-value pairs sent in an HTTP POST request. $_POST will contain the result of an HTML form submission in 99% of the use cases.
$title=$_POST['title'];
is setting the title variable in the PHP script to the title field in the post array. title was probably a text field submitted by a form.
Looking at the use of $_POST in your example code, the request to the php script probably comes from a form that looks like:
<form method="post" name="someForm" action="thatScript.php">
<input type="text" name="title"/>
<input type="text" name="forename"/>
<input type="text" name="surname"/>
... other inputs that correspond to $_POST entries...
<input type="submit" value="Submit" name="Submit"/> <!-- the submit field that is checked in the isset -->
</form>
Notice: <form method="post"
This tells the browse to submit the key-value pairs for the form in a post request. If that line read <form metho="get" then the browse would submit the key-value pairs as a get request and the php script would check and use $_GET instead of $_POST.
It checks if the form has been submitted and if its true then values from post array (that are sent by the sending page) are assigned to variables.
for example value for this $_POST['title'] is assigned to variable $title.
I have a html-form which looks like this:
<form action="lib/AdminPage.php" method="post" id="adminLogin">
Admin-Login: <input type="password" name="pw" value="" class="pw">
<input type="submit" value="Login">
AdminPage.php contains the following lines:
<?php
echo($_GET['pw']);
echo($_GET['adminLogin']);
echo($_GET['Login']);
echo($_GET['id']);
echo($_GET['value']);
echo($_GET['name']);
echo($pw);
echo($_GET["pw"]);
echo($_GET["adminLogin"]);
echo($_GET["Login"]);
echo($_GET["id"]);
echo($_GET["value"]);
echo($_GET["name"]);
?>
None of the echoes works, it's always an "Undefined index" or "Undefined variable" with echo($pw)
How can I retrieve the entered string from the from?
Regards
Use $_POST instead of $_GET, because you have method="post" in your form.
You are sending the form using POST but looking for GET variables. Replace $_GET with $_POST.
Since you have method="post" in your form <form action="lib/AdminPage.php" method="post" id="adminLogin">, variables are accessed as _POST variables. So, you should do
echo $_POST['pw'];
All you need to do is this:
echo $_POST['pw'];
Your HTML form has method="post" in it so you get all information from inputs via $_POST instead of $_GET.
use the $_POST array, not $_GET
Your form uses the POST HTTP method, hence this should work.
echo($_POST['pw']);
echo($_POST['adminLogin']);
echo($_POST['Login']);
echo($_POST['id']);
echo($_POST['value']);
echo($_POST['name']);
You need to post the values. But, you are trying to get those through $_GET.
Try changing everywhere $_GET by $_POST
Change like this :
echo($_POST['pw']);
echo($_POST['adminLogin']);
echo($_POST['Login']);
echo($_POST['id']);
echo($_POST['value']);
echo($_POST['name']);
I know it is php global variable but I'm not sure, what it do?
I also read from official php site, but did not understand.
You may want to read up on the basics of PHP. Try reading some starter tutorials.
$_POST is a variable used to grab data sent through a web form.
Here's a simple page describing $_POST and how to use it from W3Schools: PHP $_POST Function
Basically:
Use HTML like this on your first page:
<form action="submit.php" method="post">
Email: <input type="text" name="emailaddress" /> <input type="submit" value="Subscribe" />
</form>
Then on submit.php use something like this:
<?
echo "You subscribed with the email address:";
echo $_POST['emailaddress'];
?>
There are generally 2 ways of sending an HTTP request to a server:
GET
POST
Say you have a <form> on a page.
<form method="post">
<input type="text" name="yourName" />
<input type="submit" />
</form>
Notice the "method" attribute of the form is set to "post". So in the PHP script that receives this HTTP request, $_POST[ 'yourName' ] will have the value when this form is submitted.
If you had used the GET method in your form:
<form method="get">
<input type="text" name="yourName" />
<input type="submit" />
</form>
Then $_GET['yourName'] will have the value sent in by the form.
$_REQUEST['yourName'] contains all the variables that were posted, whether they were sent by GET or POST.
It's used to store CGI input via a POST sent to your page.
Example:
Your page contains:
<form action="welcome.php" method="post">
Name: <input type="text" name="fname" />
Age: <input type="text" name="age" />
<input type="submit" />
</form>
One the user submits the values input into the form, you can access those variables through $_POST using the names you provided for the input tags.
Welcome <?php echo $_POST["fname"]; ?>!<br />
You are <?php echo $_POST["age"]; ?> years old.
You can capture post values from forms:
Example:
<form method="POST">
<input type="text" name="txtName" value="Test" />
</form>
To get this you'll use:
$_POST["txtName"];
It contains data sent by HTTP post, this is most often from a HTML FORM.
<form action="page.php" method="post">
<input type="text" name="email" ...>
...
</form>
Will be accessible by
$_POST["email"]
It contains the data submitted via the POST method, and only the POST method, versus data submitted via the GET method. The $_REQUEST superglobal variable contains both $_POST and $_GET data.
When data is posted through a form to the server, you access it through the $_POST array:
<form method="post">
<p><input type="text" name="firstname" /></p>
<p><input type="submit" /></p>
</form>
--
<?php
if ($_POST)
print $_POST["name"];
?>
Not all data is sent through $_POST through. File uploads are done through $_FILES.
As defined by the Hypertext Transfer Protocol specifications, there are several types of requests that a client (web browser) can make to a resource (web server).
The two most common types of web requests are GET and POST. PHP automatically loads any client request data into the global arrays, $_GET and $_POST, based on the type of web request received. The type of request is transparent to the user of the web browser, and is simply based on what is going on in the page. In general however, any regular link you click produces a GET request, and any form you submit produces as POST request.
If you click a link that goes to "http://example.com/index.php?x=123&y=789", then index.php will have it's $_GET array populated with $_GET['x'] = '123' and $_GET['y'] = '789'.
If you submit a form that has the following structure:
<form action="http://example.com/index.php" method="post">
<input type="text" name="x">
</form>
Then the receiving script, index.php, will have it's $_POST array populated with $_POST['x'] = 'whatever you typed into the textbox named x';
There are two ways of sending data from a form to a web app, GET and POST.
GET sends the data as part of the URL string: http://www.example.com/get.html?fred=1&sam=2 is an example of what that would look like. There are some problems with using it for all processing, one of the biggest is that every browser has a different maximum length for the query string, so you may have your data truncated.
POST sends them separately from the URL. You avoid the short length limit, plus you can send binary or encrypted data with POST.
In the first example above, PHP can retrieve the values sent by $_GET['fred'] and $_GET['sam']. You would use $_POST instead if the form was POSTed.
If you're wondering which method you should use, start here
$_POST is used to retrieve values passed to your page via a POST request.
For example, your page uses a form to pass data to another page in your application. Your form would have
<form method="post">
to pass those values via POST.
It is matched by $_GET which perform the same function for GET requests.
If you want to be able to reference either GET/POST values, you can use $_REQUEST
It contains any values posted from a HTML form to this script.