|
PHP - Why Add $_post At The End Of A Validation Function?
Hi,
I was going to through a PHP tutorial, and came across a form validation user defined function . Below is an example.. Code: [Select] function check_required_fields($fields){ $field_errors = array(); foreach ($fields as $requried_fields) { if (!isset($_POST[$requried_fields]) || (empty($_POST[$requried_fields]) && $_POST[$requried_fields] != 0)) if (!isset($_POST[$fieldname]) || (empty($_POST[$fieldname]) && $_POST[$fieldname] != 0)) { $errors[] = $requried_fields; } } return $field_errors; } When the user defined function was called they added an $_POST and the end of the user defined function. Here is a the code snipped of how it looks Code: [Select] $errors = array(); // perform validations on the form data $required_fields = array('username', 'password'); $errors = array_merge($errors, check_required_fields($required_fields, $_POST)); If the validation can be preformed with out the $_POST, why bother inserting it? Thanks! Similar TutorialsHi there. My problem is quite simple, but carries lots of questions of why the hell is this happening. I'm new at PHP but I'm familiar with the syntax, since It's been 3 years since I code in C, 1 in Java and half year in JS (with HTML and CSS of course). I was creating a page where I could validate a HTML form using PHP script, it was going everything allright, until I couldn't use the data that was going to the $_POST array. I tested it on some other file and It was like the server just didn't allowed me to do it so. I searched around on internet and I found the print_r() function, which shows the data as an associative array in $_POST, like this: array(KeyName => ValueName). Check the code and please, help me find why is this happening. I'm brazillian and all I know about english came from netflix, so i'm sorry if I wrote anything wrong. Thanks S&Z
<!DOCTYPE html> Hello, its a bit difficult to explain the issue that I have but I will try my best. I have this small code $message = $_POST['message1']; in my php code and message1 is the name of a textarea in my page. i also have another textarea called message2 in my page. what I need to do is to use the message1 and message2 in the $message = $_POST function. For example: $message = $_POST['message1'] + $_POST['message2'] or anything that is acceptable in PHP coding and works in PHP. I hope I havent confused you guys and you undersstood what I mean... Thanks I have a basic form for collecting data, I have a function for collecting the ip address of the visitors unfortunately I cannot get the ip collection working with the rest of the form once I put the if($_POST['emailaddress']) {.........} in. My aim is once the user has completed the form, data gone to MySQL database that the data will then be printed via the echo statements on to the form as the action sends it back to the same page. Currently my code is <?php /* This script is a form handler, each section is commented as to what it does. 1. connects to the database (see connect.php). 2. it gets the users ip address. 3. Strips tags from the data entered so that no malicious code can be entered and corrupt/cause problems with the database or site. 4. Inserts the relevant data into the database in this case it is the ip, haveemail, emailaddress, browser, otherbrowser, resolution, otherresolution. 5. Sends the data just entered by the user back to the screen so they can see what they entered */ // 1. connection to MySQL require ("php/connect.php"); // if this script is unavailable then the rest of the code is pointless as need a connection to the database. // if fields are completed if($_POST['emailaddress']) { // if this field has had data entered then process the data // 2. collect ip address //$ip = getRealIpAddr(); // 3. Strips tags and POST variables from the form $haveemail = strip_tags($_POST['haveemail']); $emailaddress = strip_tags($_POST['emailaddress']); $browser = strip_tags($_POST['browser']); $otherbrowser = strip_tags($_POST['otherbrowser']); $resolution = strip_tags($_POST['resolution']); $otherresolution = strip_tags($_POST['otherresolution']); // 4. insert data to dbase $query="INSERT INTO datacollection1 (id, ip, haveemail, emailaddress, browser, otherbrowser, resolution, otherresolution) VALUES ('Null', '$ip', '$haveemail', '$emailaddress', '$browser', '$otherbrowser', '$resolution', '$otherresolution')"; // Null is in the id field as this is added automatically in the database as it is set to auto increment upon an entry going in and is primary key. // message to say if database has been updated mysql_query($query) or die (mysql_error()); //echo "<b>Your IP address is: $ip</b> <br />"; /*function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet { $ip=$_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy { $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip=$_SERVER['REMOTE_ADDR']; } return $ip; } */ // 5. displays information on form to advise what the user just entered echo '<br/>'."The database has just been updated with the following information: ".'<br/><br/>'; // echo "Your ip address is ".$ip.'<br/>'; echo "You answered ".$haveemail." to having an email address.".'<br/>'; echo "Your email address is ".$emailaddress.'<br/>'; echo "You use ".$browser." to browse the internet".'<br/>'; echo $otherbrowser.'<br/>'; echo "Your screen resolution is set at ".$resolution.'<br/>'; echo $otherresolution.'<br/>'; echo "Now you have completed this form, please follow onto the main form, this form seeks to get your valuable opinion regarding your likes and dislikes of the websites researched."; } mysql_close($db); // closes the database, this is good practice but the database will close once stopped running. ?> I have tried moving the function outside of the if($_POST['emailaddress']) but it still didnt get the ip address. Just as a side note everything else works, the data is written into the database bar the ip address. I would appreciate some help Thanks in advance. Hello everyone, Can someone show me a way how to pass $_post variable from a form to a function? So, input username and input password to a function login($username, $password). I have a simple log in form. By debugging I found that isset post submit function is not responding. It remains on the same page after submitting form. I have googled all the possible solutions to this problem but none worked. Any help is greatly appreciated. The form is in multiplelogin.php file and the code is in multi.php file. After login redirection is to teachers.php file. <?php session_start(); $conn = mysqli_connect("localhost", "root", "", "signup");
if(isset($_SESSION['username'])) {
?>
<head> <link rel="stylesheet" type="text/css" href="bootstrap.css"> <title> Teachers Students Login </title> </head> <body class="bg-secondary"> <div class="container"> <div class="row justify-content-center"> <div class="col-log-5 bg-light mt-5 px-0"> <h3 class="text-center text-light bg-primary py-3 px-5"> Log In </h3>
<div class="form-group px-5"> <input type="email" name="email" class="form-control form-control-lg" placeholder="Email" required> </div> <div class="form-group px-5"> <input type="password" name="password" class="form-control form-control-lg" placeholder="Password" required> </div> <div class="form-group px-5"> <input type="submit" name="submit" value="Submit" class="btn btn-primary btn-block"> </div> </form> </div> </div> </div>
<?php
ini_set( 'display_errors', 1 );
$password = $_POST['password'];
$stmt = mysqli_stmt_init($conn); header("Location: multilogin.php?error=sqlerror"); exit();
} else { mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($pwdCheck == false) {
exit(); $_SESSION['username'] = $row['username']; $_SESSION['email'] = $row['email']; header("Location: teachers.php?login=success");
exit ();
exit();
exit();
else {
exit(); Hello i have a syntax issue in the code below, can anyone shed some light? Code: [Select] <?php if(isset($_POST['submit'])) { $drop = mysql_real_escape_string($_POST['drop_1']); $tier_two = mysql_real_escape_string($_POST['Subtype']); echo "You selected "; echo $drop." & ".$tier_two; $Name = mysql_real_escape_string($_POST["Name"]); $Phone = mysql_real_escape_string($_POST["Phone"]); $Email = mysql_real_escape_string($_POST["Email"]); $Postcode = mysql_real_escape_string($_POST["Postcode"]); $Website = mysql_real_escape_string($_POST["Website"]); if($Name == '' || $Phone == '' || $Email == '' else if (!preg_match('/^[A-Za-z0-9\-.]+$/', $domain)|| $Postcode == '' || $Website == '') { die('<br> but you did not complete all of the required fields correctly, please try again'); } } the code works fine without the " else if (!preg_match('/^[A-Za-z0-9\-.]+$/', $domain) " . As well as checking for blank fields i'd like to check for the correct email format. Many thanks. Hello, I have created a sing up form with email, password and captcha. I verify at submit all the possible errors and it works except one, for example you fill the email field with non existing email in db, the 2 password field with same pass and fill the captcha field wrong. In this example it will proceed inserting the data in the db, i cannot figure what is wrong please advise. register.php <?php session_start(); include('include/config.php'); include('include/validation.php'); include('include/header.php'); ?> <div id="register"> <h1>Inregistrare</h1> <?php if(isset($_POST['send']) && (!validateEmail($_POST['email']) || !validatePasswords($_POST['pass1'], $_POST['pass2']) || !validateRegister())): ?> <div id="error"> <ul> <?php if(!validateEmail($_POST['email'])): ?> <li><strong>E-mail invalid:</strong> Introduceti o adresa de email valida.</li> <?php endif ?> <?php if(!validatePasswords($_POST['pass1'], $_POST['pass2'])): ?> <li><strong>Parole invalide:</strong> Parolele nu se potrivesc sau sunt mai mici de 5 caractere!</li> <?php endif ?> <?php if(!validateCaptcha($_POST['code'])): ?> <li><strong>Cod invalid:</strong> Cod invalid.</li> <?php endif ?> <?php if(!validateRegister()): ?> <li><strong>Exista:</strong> exista.</li> <?php endif ?> </ul> </div> <form method="post" id="register" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>"> <div> <label for="email">E-mail</label> <input id="email" name="email" type="text" /> <span id="emailInfo">Adresa Dvs. de email va fi folosita pentru login.</span> </div> <div> <label for="pass1">Parola</label> <input id="pass1" name="pass1" type="password" /> <span id="pass1Info">Parola trebuie sa contina cel putin 5 caractere.</span> </div> <div> <label for="pass2">Confirma Parola</label> <input id="pass2" name="pass2" type="password" /> <span id="pass2Info">Confirma parola</span> </div> <div><img src="include/captcha.php" /></div> <div> <label for="code">Introduceti codul de mai sus</label> <input id="code" type="text" name="code" /> <span id="codeInfo">Sunteti om?</span> </div> <div> <input id="send" name="send" type="submit" value="Inregistrare" /> </div> </form> <?php elseif(isset($_POST['send'])):?> <div id="error" class="valid"> <ul> <li><strong>Felicitari!</strong> Datele de login au fost trimise la adresa <?php echo $_POST['email']; ?></li> </ul> </div> <?php $email=trim($_POST['email']); $password=md5($_POST['pass1']); $query="INSERT INTO users (email, password) VALUES ('$email', '$password')"; $result_query=mysql_query($query) or die('EROARE MYSQL'); ?> <?php endif ?> <?php if(!isset($_POST['send'])):?> <form method="post" id="register" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>"> <div> <label for="email">E-mail</label> <input id="email" name="email" type="text" /> <span id="emailInfo">Adresa Dvs. de email va fi folosita pentru login.</span> </div> <div> <label for="pass1">Parola</label> <input id="pass1" name="pass1" type="password" /> <span id="pass1Info">Parola trebuie sa contina cel putin 5 caractere.</span> </div> <div> <label for="pass2">Confirma Parola</label> <input id="pass2" name="pass2" type="password" /> <span id="pass2Info">Confirma parola</span> </div> <div><img src="include/captcha.php" /></div> <div> <label for="code">Introduceti codul de mai sus</label> <input id="code" type="text" name="code" /> <span id="codeInfo">Sunteti om?</span> </div> <div> <input id="send" name="send" type="submit" value="Inregistrare" /> </div> </form> <?php endif ?> </div> <?php include('include/footer.php'); ?> validation.php <?php function validateName($name){ //if it's NOT valid if(strlen($name) < 4) return false; //if it's valid else return true; } function validateEmail($email){ return ereg("^[a-zA-Z0-9]+[a-zA-Z0-9_-]+@[a-zA-Z0-9]+[a-zA-Z0-9.-]+[a-zA-Z0-9]+.[a-z]{2,4}$", $email); } function validatePasswords($pass1, $pass2) { //if DOESN'T MATCH if(strpos($pass1, ' ') !== false) return false; //if are valid return $pass1 == $pass2 && strlen($pass1) > 4; } function validateMessage($message){ //if it's NOT valid if(strlen($message) < 10) return false; //if it's valid else return true; } function validateCaptcha($code) { if($code == $_SESSION['rand_code']) //if it's valid return true; else //if it's NOT valid return false; } function validateRegister() { $query_check_login="SELECT email FROM users WHERE email='".$_POST['email']."' LIMIT 1"; $result_check_login=mysql_query($query_check_login) or die('MYSQL ERROR'); $row_check = mysql_num_rows($result_check_login); if($row_check == 1){ //if it's NOT valid return false; } else { //if it's valid return true; } } ?> hey guys I know this is html but I'm using the php $_POST to grab the information the user chooses, i can't figure out though how to grab the info i'm looking for in this select option form if they choose PasswordCracker v3.0 what is it i'm looking to set my $_post['']; to? <FORM action="buy.php" method="POST"> <select name="passwordcrakers"> <option value="v2.0">PasswordCracker V2.0</option> <option value="v3.0">PasswordCracker V3.0</option> <option value="v4.0">PasswordCracker V4.0</option> <option value="v5.0">PasswordCracker V5.0</option> <option value="v6.0">PasswordCracker V6.0</option> <option value="v7.0">PasswordCracker V7.0</option> <option value="v8.0">PasswordCracker V8.0</option> <option value="v9.0">PasswordCracker V9.0</option> <option value="v10">PasswordCracker V10</option> </select><br /> <input type="submit" value="Buy" name="submit" /> </FORM> ok am workin on this script its a points market for a text based game but my money is not taking the amount of the players i points on the market ... just say i post 10 points for $29.000.000 ... and when the player buys the points it takes the money from that user and give the user points but .... when the user buy the points it dont give the user the money it give $290 ?? not sure is its my SQL av post that to Code: [Select] <?php include 'header.php'; $_POST['buypoints'] = abs(intval($_POST['buypoints']));{ $result = mysql_query("SELECT * FROM `pointsmarket` WHERE `id`='".$_POST['points_id']."'"); $worked = mysql_fetch_array($result); $price = $worked['price']; $amount = $worked['amount']; $totalcost = $price * prettynum($_POST['amount']); $newpointsinmarket = $amount - prettynum($_POST['amount']); $user_points = new User($worked['owner']); if ($worked['owner'] == $user_class->id) { echo Message("You have taken ".$_POST['amount']." points off the market."); $newpoints = $user_class->points + $_POST['amount'];; $result = mysql_query("UPDATE `grpgusers` SET `points` = '".$newpoints."' WHERE `id`='".$user_class->id."'"); $user_class = new User($_SESSION['id']); if ($newpointsinmarket == 0){ $result = mysql_query("DELETE FROM `pointsmarket` WHERE `id`='".$worked['id']."'"); } else { $result = mysql_query("UPDATE `pointsmarket` SET `amount` = '".$newpointsinmarket."' WHERE `id`='".$worked['id']."'"); } include 'footer.php'; die(); } $_POST['amount'] = abs(intval($_POST['amount'])); $_POST['points_id'] = abs(intval($_POST['points_id']));{ } $_POST['amount'] = abs(intval($_POST['amount'])); $_POST['points_id'] = abs(intval($_POST['points_id']));{ } if ($totalcost > prettynum($user_class->money)){ echo Message("You don't have enough money."); } if($_POST['amount'] >= 1 && $_POST['amount'] <= $amount && $totalcost <= $user_class->money){ echo Message("You have bought ".$_POST['amount']." points for $".$totalcost); $newpoints = $user_class->points + $_POST['amount']; $newmoney = $user_class->money - $totalcost; $result = mysql_query("UPDATE `grpgusers` SET `money` = '".$newmoney."', `points` = '".$newpoints."' WHERE `id`='".$user_class->id."'"); $newmoney = $user_points->money + $totalcost; $result = mysql_query("UPDATE `grpgusers` SET `money` = '".$newmoney."' WHERE `id`='".$user_points->id."'"); $user_class = new User($_SESSION['id']); if ($newpointsinmarket == 0){ $result = mysql_query("DELETE FROM `pointsmarket` WHERE `id`='".$worked['id']."'"); } else { $result = mysql_query("UPDATE `pointsmarket` SET `amount` = '".$newpointsinmarket."' WHERE `id`='".$worked['id']."'"); } } } $_POST['addpoints'] = abs(intval($_POST['addpoints'])); $_POST['id'] = abs(intval($_POST['id']));{ } if($_POST['amount'] < 1){ } if($_POST['price'] < 1){ } if ($_POST['amount'] >= 1 && prettynum($_POST['amount']) <= $user_class->points && $_POST['price'] >= 1){ echo Message("You have added ".$_POST['amount']." points to the market a price of $".$_POST['price']." per point."); $result= mysql_query("INSERT INTO `pointsmarket` (owner, amount, price)"."VALUES ('$user_class->id', '$_POST[amount]', '$_POST[price]')"); $newpoints = $user_class->points - $_POST['amount']; $result = mysql_query("UPDATE `grpgusers` SET `points` = '".$newpoints."' WHERE `id`='".$user_class->id."'"); $user_class = new User($_SESSION['id']); } ?> <link href="style.css" rel="stylesheet" type="text/css" /> <tr><td class="contenthead">Point Market</td></tr> <tr><td align="center" class="contentcontent"> <p> </p> <p><strong>You need to be a Respected Warrior to add points to the market</strong><br> Use this form to add points to the points market.</p> <p><strong>Bank Account[<? echo prettynum($user_class->bank) ?>]</strong><strong></strong><br /> <strong><a href="pointmarket.php">[Refresh</a>]</strong></p> <form method='post'> <table align="center"> <tr> <td>Amount of points</td><td> <input name='amount' type='text' class="areatest" value='0' size='10' maxlength='20'></td> </tr> <tr> <td>Price per point</td><td>$<input name='price' type='text' class="areatest" value="0" size='10' maxlength='20'></td> <tr><td align="center" colspan="2"><input name='addpoints' type='submit' class="buttong" value='Add Points'></form></td> </tr></table> </td></tr> <tr><td class="contentcontent"> <?php $result = mysql_query("SELECT * FROM `pointsmarket` ORDER BY `price` DESC"); while($line = mysql_fetch_array($result, MYSQL_ASSOC)) { $user_points = new User($line['owner']); if ($user_points->id == $user_class->id){ $submittext = "Remove"; } else { $submittext = "Buy"; } echo "<form method='post'>"; echo $user_points->formattedname." - ".$line['amount']." points for ".prettynum($line['price'],1)." per point <input type='text' name='amount' size='3' maxlength='20' value='".prettynum($line['amount'])."'><input type='hidden' name='points_id' value='".$line['id']."'><input type='submit' name='buypoints' value='".$submittext."'></form><br>"; } ?> </td></tr> <?php include 'footer.php'; ?> SQL Code: [Select] CREATE TABLE IF NOT EXISTS `pointsmarket` ( `owner` int(10) NOT NULL default '0', `amount` text NOT NULL, `price` text NOT NULL, `id` int(10) NOT NULL auto_increment, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC AUTO_INCREMENT=81 ; I use a form to sent date and use php to display it . However , the code only can working on one page. I can not turn the page. I do not why . Please tell me reason . Thank you very much. <select name="kind"> <option >kind</option> <option value="Copier Toner">Copier Toner</option> <option value="Laser Toner">Laser Toner</option> <option value="MICR Toner">MICR Toner</option> <option value="Inkjet">Inkjet</option> php code if (isset($_GET["page"])) { $page = $_GET["page"]; } else { $page=1; }; $start_from = ($page-1) * 18; $select="select * from $chun where brand = '$_POST[brand]' or sort ='$_POST[kind]' or type='$_POST[type]' LIMIT $start_from, 18"; $result2=mysql_query($select, $connection) or die (mysql_error()); <?php $sql = "select count(*) from $chun where brand = '$_POST[brand]' or sort='$_POST[kind]' or type='$_POST[type]' "; $rs_result = mysql_query($sql,$connection); $row = mysql_fetch_row($rs_result); $total_records = $row[0]; $total_pages = ceil($total_records / 18); for ($i=1; $i<=$total_pages; $i++) { ?> <div class="trunpage"><a href='table2.php?page=<?php echo "$i" ; ?>&id=<?php echo "$_POST[brand]";?>&cd=<?php echo "$_POST[kind]";?>&td=<?php echo "$_POST[type]";?>' ><?php echo "$i" ; ?></a> </div> The first page is working fine. The second page I get error message. Undefined index: brand in C:\wamp\www\php1000\table2.php on line 234 Hi guys, running through this tutorial at the moment: http://www.tizag.com/phpT/forms.php I seem to keep having problems with the $_POST variable. Is that obsolete syntax now? Here's the part I get an error on: <html> <body> <?php $quantity=$_POST['quantity']; $item=$_POST['item']; echo "You ordered".$quantity."".$item.".<br/>."; echo "Thank you for ordering from Boombaby art supppplies!"; ?> </body> </html> Here's the error: ( ! ) Notice: Undefined index: quantity in C:\wamp\www\process.php on line 4 Call Stack # Time Memory Function Location 1 0.0009 363936 {main}( ) ..\process.php:0 ( ! ) Notice: Undefined index: item in C:\wamp\www\process.php on line 5 Call Stack # Time Memory Function Location 1 0.0009 363936 {main}( ) ..\process.php:0 You ordered. .Thank you for ordering from Boombaby art supppplies! Any help would be appreciated. I tried googling but everything didn't seem to answer my question or was too confusing. Thanks. Hi guys, I have a form using radio buttons. For the radio button, lets just say i have the id name as 'rim' + number eg; rim0, rim1, rim2.... When i post the data to another file to execute the data collected, naturally i would use the: Code: [Select] $rim0=$_POST['rim0']; $rim1=$_POST['rim1']; .... $rim10=$_POST['rim10']; i tried to shorten this process using this method: Code: [Select] //$q is part of the post variable. for($x = 0; $x < count($q); $x++){ $rim[]=$_POST['"rim"."$x"']; } But i get this error Code: [Select] Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Is there something wrong with my POST syntax? Hello, My script here is not sending POST vars from form to script. I can't figure it out. Form: Code: [Select] <form action="train2.php" method="POST"> <tr> <td colspan="4"><center><img src="pic/toppage16.gif" /></center></td> </tr> <TR> <TD><FONT COLOR="white">Reassign Miners</FONT></TD> <TD align=right><FONT COLOR="white">0 Naquadah</FONT></TD> <TD align=middle><FONT COLOR="white"><INPUT size="6" maxlength="8" value="0" name="miner>"</FONT></TD> </TR> <TR> <TD><FONT COLOR="white">Reassign Normal Attackers</FONT></TD> <TD align=right><FONT COLOR="white">0 Naquadah</FONT></TD> <TD align=middle><FONT COLOR="white"><INPUT size="6" maxlength="8" value="0" name="atsold"></FONT></TD> </TR> <TR> <TD><FONT COLOR="white">Reassign Normal Defenders</FONT></TD> <TD align=right><FONT COLOR="white">0 Naquadah</FONT></TD> <TD align=middle><FONT COLOR="white"><INPUT size=6 maxlength=8 value=0 name="defsold"></FONT></TD> </TR> <TR> <TD><FONT COLOR="white">Reassign Covert Agents</FONT></TD> <TD align=right><FONT COLOR="white">0 Naquadah</FONT></TD> <TD align=middle><FONT COLOR="white"><INPUT size=6 maxlength=8 value=0 name="spy"></FONT></TD> </TR> <TR> <TD><FONT COLOR="white">Anti Covert Agents</FONT></TD> <TD align=right><FONT COLOR="white">0 Naquadah</FONT></TD><TD align=middle><FONT COLOR="white"><INPUT size="6" maxlength=8 value=0 name="spykiller"></FONT></TD></TR> <TR> <TD align=middle colSpan=3><FONT COLOR="white"><INPUT type="submit" value="UnTrain!" name="untrain"> </FONT> </TD> </form> Code: [Select] <?php if(isset($_POST['untrain'])){ die($_POST['miner']); $miners = securevar($_POST['miner']); $nattackers = securevar($_POST['atsold']); $ndefenders = securevar($_POST['defsold']); $covertunits = securevar($_POST['spy']); $anticovertunits = securevar($_POST['spykiller']); $totalunits+=$miners; $totalunits+=$nattackers; $totalunits+=$ndefenders; $totalunits+=$covertunits; $totalunits+=$anticovertunits; if($totalunits>=1){ $q = "UPDATE `accountinfo_db` SET `miners_1` = `miners_1`-'$miner', `attackers_1` = `attackers_1`-'$natta', `defenders_1` = `defenders_1`-'$ndefe', `covertagents` = `covertagents`-'$cover', `anticovertagents` = `anticovertagents`+'$antic', `untrainedunits` = `untrainedunits`+'$totalunits' WHERE `id` = '$id'"; $res = mysql_query($q) or die(mysql_error()); if(isset($res)){ header("Location: train.php?strmsg=".$totalunits."Troops Untrained! For 0 Naquadah."); } }else{ header("Location: train.php?strmsg=You must enter atleast 1 troop to be un-trained!"); } } ?> when I die($_GET['miner'); nothing is outputed even tho I submited the data. Thank you, Brian I think this belongs here, but my $_POST['gender'] won't grab the gender that was submitted through a form. I am using AJAX so the page doesn't have to reload so it can go in a smooth transition, but the AJAX is grabbing the value perfectly fine. I have a feeling the $_POST isn't grabbing the value because the page isn't reloading.. but I don't want to reload it. These codes are all on the same page. Here is my Javascript: Code: [Select] <script> function chooseGender() { var gender = $('input[name=gender]:checked', '#submitgender').val(); if(gender) { $.ajax( { type: "POST", url: window.location.pathname, data: gender, success: function() { alert("You have chosen to be a " + gender); //It's grabbing it perfectly fine! $("#submitgender").hide(); //It hides the gender table so they can't choose a gender since they already have chosen one. $("#rest").fadeIn(); //Shows the other table that's labeled "rest" as it's ID so they can choose what base, eyes, etc for that specific gender they've chosen. } }); } else { alert('Select a gender.'); } } $(function tabs() { $( "#tabs" ).tabs(); }); </script> But here is the PHP inside the #rest table: Code: [Select] <?php $gender = $_POST['gender']; $sql = "SELECT * FROM habases WHERE gender='".$gender."'"; $result = mysqli_query($cxn, $sql) or die(mysqli_error($cxn)); print_r($sql); while ($row = mysqli_fetch_assoc($result)) { $baseimage = $row['image']; $baseskin = $row['skin']; echo "<img src=\"http://www.elvonica.com/".$baseimage."\" value=\"".$baseskin."\">"; } ?> And this is what I'm getting for the print_r: Quote SELECT * FROM habases WHERE gender='' This is really weird.below is the code <input type="radio" name="rd" onchange="getpost('test1')"> <input type="radio" name="rd" onchange="getpost('test2')"> here is the javascript function function getpost(x) { document.getElementById("fillthis").value=x; document.frm1.submit(); } here is frm1 <form name="frm1" method="post" action="<?php echo $_SERVER['PHP_SELF'];?>"> <input type="hidden" name="fillthis" id="fillthis"> </form> here is my php code: <?php if(!empty($_POST['fillthis'])) { echo $_POST['fillthis']; } ?> The problem i had is that i can only get the $_POST['fillthis'] result in FF and GOOGLE CHROME but not in IE can anyone help me with this? thanks How do I post data when a user clicks a link? I know that for a submit button you just use the name attribute, but I'm not sure how to do it with a link. Running into some problems with my code. I am having the user search the Database with either a UAID or the user's full name. It works fine when you input both the UAID and name; however, I want it to work if only one is give (i.e. just the name or just the UAID). I decided to use the isset($_POST) function of php but I am not getting it to work correctly. PHP believe it is set even though it is empty. Here is my html form. <?php @include 'accesscontrol.php'; echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">" ."<html xmlns=\"http://www.w3.org/1999/xhtml\">" ."<title> Hello </title>" ."<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />" ."<head>" ."<style type=\"text/css\">" ."h1{" ."border-bottom-style: double;" ."border-bottom-color: black;" ."border-bottom-width: 5px;" ."}" ."p{" ."background-color:#4682B4;" ."}" ."</style>" ."</head>" ."<body style=\"background-color:#B8B8B8\">" ."<table align=\"center\" style=\"background-color:#B8B8B8\" WIDTH=\"100%\" HEIGHT=\"100%\">" ."<tr valign=\"middle\">" ."<td align=\"center\">" ."<form method=\"post\" action=\"user.php\">" ."<table align=\"center\" cellpadding=\"10\" style=\"background-color:#5CADFF\" width=\"500\" height=\"400\">" ."<tr>" ."<th colspan=6 align=\"center\"><h1>Welcome: ".$uid."</h1></th>" ."</tr>" ."<tr>" ."<td colspan=3 width=40% align=center>" ."UAID:<br> <input type=\"text\" size=\"8\" name=\"UAID\" /></td>" ."<td colspan=3 width=60% align=center>" ."Name (Last, First):<br><input type=\"text\" size=\"8\" name=\"last\"/>, <input type=\"text\" size=\"8\" name=\"first\" />" ."</tr>" ."<tr>" ."<td colspan=6 align=\"center\"><input type=\"submit\" value=\"submit\" />" ."</td>" ."</tr>" ."</tr>" ."</table>" ."<tr>" ."</tr>" ."</td>" ."</tr>" ."</table>" ."</body>" ."</html>"; ?> Here is the PHP: <?php @include 'accesscontrol.php'; //include 'common.php'; include 'db.php'; $fname = $_POST['first']; $lname = $_POST['last']; $sql = "SELECT * FROM `user` WHERE UAID='$_POST[UAID]'"; $result = mysql_query($sql); $rows = mysql_fetch_array($result); if(isset($fname) && isset($lname)) { echo "Post first $fname <br>" ."Post last $lname"; $firstname = $rows['firstname']; $lastname = $rows['lastname']; if($fname != $firstname OR $lname != $lastname) { ?> <html> <head> <script language="JavaScript"> alert(" Hello this is crap" ); history.back(); </script>"; </head> </html> <? exit; } else { echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"URL\">" ."<html xmlns=URL>" ."<title> Hi </title>" ."<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />" ."<head>" ."<style type=\"text/css\">" ."h1{" ."border-bottom-style: double;" ."border-bottom-color: black;" ."border-bottom-width: 5px;" ."}" ."p{" ."background-color:#4682B4;" ."}" ."</style>" ."</head>" ."<body style=\"background-color:#B8B8B8\">" ."<table align=\"center\" style=\"background-color:#B8B8B8\" WIDTH=\"100%\" HEIGHT=\"100%\">" ."<tr valign=\"middle\">" ."<td align=\"center\">" ."<table align=\"center\" cellpadding=\"10\" style=\"background-color:#5CADFF\" width=\"600\" height=\"400\">" ."<tr>" ."<th colspan=6 align=\"center\"><h1>Welcome: ".$uid."</h1></th>" ."</tr>" ."<tr>" ."<form method=\"Post\" action=\"userview.php\">" ."<td colspan=3 width=40%>" ."UAID: <input type=\"text\" size=\"8\" name=\"UAID\" value= ".$_POST['UAID']." /></td>" ."<td colspan=3 width=60%>" ."Name (LAST, FIRST):<input type=\"text\" size=\"8\" name=\"last\" value= ".$_POST['last']." />, <input type=\"text\" size=\"8\" name=\"first\" value= ".$_POST['first']." />" ."</td>" ."</tr>" ."<tr>" ."<td colspan=3 width=40%>" ."Department:<input type=\"text\" size=\"8\" name=\"department\" value=" .$rows['BOG'].">" ."</td>" ."<td colspan=3 width=60%>" ."Employee ID:<input type=\"text\" size=\"8\" name=\"empID\" value=" .$rows['employeeID'].">" ."</td>" ."</tr>" ."<tr>" ."<td colspan=3 align=\"center\"><input type=\"submit\" value=\"View\">" ."</form>" ."</td>" ."<form method=\"Post\" action=\"homepage.php\">" ."<td colspan=3 align=\"center\"><input type=\"submit\" value=\"Back\">" ."</td>" ."</tr>" ."</tr>" ."</table>" ."<tr></tr></td></tr></table></body></html>"; }} mysql_free_result($result); ?> Hey guys i am using a global filter on my $_POST function filter($str){return htmlentities($str, ENT_QUOTES);} $_POST = array_map('filter', $_POST); It helps me encode the stuff into the database. It works great on all my fields exept my arrays ... Ex: fields like this <input type="text" name="name[]" size="20"> breaks Any sugestions on gething this global filter working? Hello,
I am quite new to the php and website scene and i am trying to find the best way to validate and sterilize my $_post the way i have come up with is
$id = filter_var(mysql_real_escape_string($_POST['id']),FILTER_SANITIZE_NUMBER_INT);or $id = mysql_real_escape_string($_POST['id']); $id1 = filter_var($id,FILTER_SANITIZE_NUMBER_INT);which will be the best way to do it or is there a better way. Thanks Edited by AdamHull12, 04 October 2014 - 11:15 AM. |
|||||||