473,398 Members | 2,525 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,398 software developers and data experts.

no empty form fields after submitting form

Hello, a stupid question but...

page_A.php is a page with a form.
The user inserts text in four fields, then he clicks a submit button.
The data goes to page_B.php:
this page controls the data submitted, then echoes a message.
If there were problems with the submitted data the message says:
"a problem occurred with your data. Click here to come back to the
form" (page_A.php).
When the user comes back, he finds the fields white.

How can I do to show him what he submitted?

Thanks!

Sep 14 '07 #1
26 3864
..oO(pe*************@gmail.com)
>page_A.php is a page with a form.
The user inserts text in four fields, then he clicks a submit button.
The data goes to page_B.php:
this page controls the data submitted, then echoes a message.
If there were problems with the submitted data the message says:
"a problem occurred with your data. Click here to come back to the
form" (page_A.php).
When the user comes back, he finds the fields white.
You don't need two pages. Let page_A show and handle the form
processing. Submit the form to the same page, check the values and show
the form again if there's an error.

To keep the form data while moving from one page to another you would
have to store the values in a session.

Micha
Sep 14 '07 #2
On Sep 14, 6:39 pm, Michael Fesser <neti...@gmx.dewrote:
To keep the form data while moving from one page to another you would
have to store the values in a session.

Micha


Ok, I'll use sessions, thanks!

Sep 14 '07 #3
pe*************@gmail.com wrote:
Hello, a stupid question but...

page_A.php is a page with a form.
The user inserts text in four fields, then he clicks a submit button.
The data goes to page_B.php:
this page controls the data submitted, then echoes a message.
If there were problems with the submitted data the message says:
"a problem occurred with your data. Click here to come back to the
form" (page_A.php).
When the user comes back, he finds the fields white.

How can I do to show him what he submitted?

Thanks!

Create a form on page B. Copy all of the $_POST variables into hidden
fields with a submit button that says, "Go Back."

--
*****************************
Chuck Anderson • Boulder, CO
http://www.CycleTourist.com
*****************************
Sep 14 '07 #4
If you put them in the same page, it will be better for you. It will
ease the process.

[PHP]

if (isset($_POST['submit'])) {

# Process the form

if ($number_of_errors_in_the_form != 0) {

# Show the errors
# Display the Form Again.
# Example: print "<input type='text' name='fieldname' value='".
$_POST['fieldname']."' />";

} else {

# Tell the user everything went fine.

}

} else {

# Display the form.

}
Sep 14 '07 #5
>
Create a form on page B. Copy all of the $_POST variables into hidden
fields with a submit button that says, "Go Back."


hi chuck, it sounds interesting (I imagine form on page B should point
page A), but what if the user clicks the back button of his browser?

Sep 15 '07 #6
pe*************@gmail.com wrote:
>Create a form on page B. Copy all of the $_POST variables into hidden
fields with a submit button that says, "Go Back."


hi chuck, it sounds interesting (I imagine form on page B should point
page A), but what if the user clicks the back button of his browser?

Yes, the form action on page B is to return to page A.

Clicking the Back button is fine. The browser loads the previous state
of page A, with the form fields still filled out.

I've even written a function that reads all of the elements in an array
(e.g., $_POST) and creates hidden form fields for each one. It can even
handle multi-dimensional arrays (e.g., $_POST variables that are
themselves, an array).

--
*****************************
Chuck Anderson • Boulder, CO
http://www.CycleTourist.com
The world is my country,
Science, my religion.
*****************************
Sep 15 '07 #7
Chuck Anderson wrote:
pe*************@gmail.com wrote:
>>Create a form on page B. Copy all of the $_POST variables into hidden
fields with a submit button that says, "Go Back."


hi chuck, it sounds interesting (I imagine form on page B should point
page A), but what if the user clicks the back button of his browser?


Yes, the form action on page B is to return to page A.

Clicking the Back button is fine. The browser loads the previous state
of page A, with the form fields still filled out.
It will if you have the browser caching the page and haven't needed to
flush the cache. But you shouldn't depend on that behavior.
I've even written a function that reads all of the elements in an array
(e.g., $_POST) and creates hidden form fields for each one. It can even
handle multi-dimensional arrays (e.g., $_POST variables that are
themselves, an array).
That's the best way to handle things.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Sep 15 '07 #8
I've even written a function that reads all of the elements in an array
(e.g., $_POST) and creates hidden form fields for each one. It can even
handle multi-dimensional arrays (e.g., $_POST variables that are
themselves, an array).


Chuck, this sound really interesting, simple and powerful too:
at the moment, page B converts every key in a variable of the same
name:

foreach($_POST as $k =$v){
if(in_array($k,$required_keys)&&(trim($_POST[$k]!=''))){
${$k}=$v;
$count++;
}
}

it would be quite easy to use this foreach to build my fields :-)

Thanks!

Sep 16 '07 #9

Little problem in page A, now:

I imagine I must verify if I have 'something' in $_POST
(I get an Undefined Variable notice when I directly write:

if($_POST[$k]!=''){
${$k}=$v;
}

and I access this page for the first time, that is when for sure there
is nothing in $_POST
)

I tried
if(array_key_exists(etc. but this way I must write code for any
possible key...

Is there a handy way to know if there is 'something' in $_POST?

Thanks!

Sep 16 '07 #10
On Sun, 16 Sep 2007 12:29:20 +0200, <pe*************@gmail.comwrote:
Is there a handy way to know if there is 'something' in $_POST?
if(isset($_POST['something'])){/* do your thing */}
--
Rik Wasmus
Sep 16 '07 #11
if(isset($_POST['something'])){/* do your thing */}

well, this presumes I must know what I'm receiving in page A...

Anyway, the issue has been caused by the fact that I have not
previously declared/initialized two variables, so when there's nothing
in $_POST they simply don't exist. I partially solved declaring an
undefined value before the $_POST verification code.

Sep 16 '07 #12
..oO(pe*************@gmail.com)
>Little problem in page A, now:

I imagine I must verify if I have 'something' in $_POST
if (!empty($_POST)) {
...
}
>(I get an Undefined Variable notice when I directly write:

if($_POST[$k]!=''){
${$k}=$v;
}
Even if the form was submitted and $_POST is not empty, you should check
every value if it exists before you use it. You could write a little
function for that.

You could also have a look at the extract() function, if you want to
convert the array into single variables. I don't consider that really
necessary, but anyway.

Micha
Sep 16 '07 #13
Even if the form was submitted and $_POST is not empty, you should check
every value if it exists before you use it.


why?

I'm using them this way: if I receive the values I put them in the
value field of the form, if I don't receive data, the field appears
empty.
You could also have a look at the extract() function, if you want to
convert the array into single variables. I don't consider that really
necessary, but anyway.


I considered not using it because the PHP manual says it is not a good
idea for $_GET, $_POST, etc.

Sep 16 '07 #14
..oO(pe*************@gmail.com)
>Even if the form was submitted and $_POST is not empty, you should check
every value if it exists before you use it.

why?
You can't be sure that you'll get all the values from the form you
expect. Every data coming in from the client (POST, GET, cookies) can be
incomplete or manipulated.
>I'm using them this way: if I receive the values I put them in the
value field of the form, if I don't receive data, the field appears
empty.
You just have to make sure that missing values don't lead to notices or
unexpected behaviour in your code.
>You could also have a look at the extract() function, if you want to
convert the array into single variables. I don't consider that really
necessary, but anyway.

I considered not using it because the PHP manual says it is not a good
idea for $_GET, $_POST, etc.
Currently you're doing nearly the same.

Micha
Sep 16 '07 #15
You can't be sure that you'll get all the values from the form you
expect. Every data coming in from the client (POST, GET, cookies) can be
incomplete or manipulated.


i'm in the classical little/medium site backend area sending data
thorugh $_POST: what could cause incompleteness? Who could manipulate
my data?
You just have to make sure that missing values don't lead to notices or
unexpected behaviour in your code.


it is what I try to do and I'm not receiving any unexpected behavior
at the moment :-)
I considered not using it because the PHP manual says it is not a good
idea for $_GET, $_POST, etc.

Currently you're doing nearly the same.


well, it's true... I couldn't find a better way, since I can't change
the overall structure (so I can't but send data from A to B and
viceversa)
Sep 16 '07 #16
pe*************@gmail.com wrote:
>Even if the form was submitted and $_POST is not empty, you should check
every value if it exists before you use it.

why?

I'm using them this way: if I receive the values I put them in the
value field of the form, if I don't receive data, the field appears
empty.
>You could also have a look at the extract() function, if you want to
convert the array into single variables. I don't consider that really
necessary, but anyway.

I considered not using it because the PHP manual says it is not a good
idea for $_GET, $_POST, etc.
No, instead you're just emulating the extract() function in your code.
Is that any smarter?

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Sep 16 '07 #17
pe*************@gmail.com wrote:
>You can't be sure that you'll get all the values from the form you
expect. Every data coming in from the client (POST, GET, cookies) can be
incomplete or manipulated.

i'm in the classical little/medium site backend area sending data
thorugh $_POST: what could cause incompleteness? Who could manipulate
my data?
Anyone. For instance, I could post a form to your site which has
anything I want on it. That's a very common way hackers get into systems.
>
>You just have to make sure that missing values don't lead to notices or
unexpected behaviour in your code.

it is what I try to do and I'm not receiving any unexpected behavior
at the moment :-)
And that means you'll never get it in the future? It's this very
thinking which leads to sites being hacked,
>
>>I considered not using it because the PHP manual says it is not a good
idea for $_GET, $_POST, etc.
Currently you're doing nearly the same.

well, it's true... I couldn't find a better way, since I can't change
the overall structure (so I can't but send data from A to B and
viceversa)

Always validate your data.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Sep 16 '07 #18
pe*************@gmail.com wrote:
Little problem in page A, now:

I imagine I must verify if I have 'something' in $_POST
(I get an Undefined Variable notice when I directly write:

if($_POST[$k]!=''){
${$k}=$v;
}

and I access this page for the first time, that is when for sure there
is nothing in $_POST
)

I tried
if(array_key_exists(etc. but this way I must write code for any
possible key...

Is there a handy way to know if there is 'something' in $_POST?

Thanks!
Sounds like you've got a handle on it.

--
*****************************
Chuck Anderson • Boulder, CO
http://www.CycleTourist.com
The world is my country,
Science, my religion. ... Huygens
*****************************
Sep 16 '07 #19
pe*************@gmail.com wrote:
>Is there a handy way to know if there is 'something' in $_POST?

$bExists = is_set($_POST);
Sep 16 '07 #20
Is that any smarter?
it isn't

Sep 17 '07 #21
Anyone. For instance, I could post a form to your site which has
anything I want on it. That's a very common way hackers get into systems.

But, sorry for my little experience, my forms only work if you logged
in (and you are a registered user and a session is active...). For
sure, I should understand how hackers do what they do...

And that means you'll never get it in the future?


absolutely not
Always validate your data.


ok, thanks

Sep 17 '07 #22
$bExists = is_set($_POST);


isset?


Sep 17 '07 #23
Sounds like you've got a handle on it.

:-)

Sep 17 '07 #24
pe*************@gmail.com wrote:
>Anyone. For instance, I could post a form to your site which has
anything I want on it. That's a very common way hackers get into systems.


But, sorry for my little experience, my forms only work if you logged
in (and you are a registered user and a session is active...). For
sure, I should understand how hackers do what they do...

And a hacker couldn't register and get a session active? Quite easy.
>
>And that means you'll never get it in the future?

absolutely not
>Always validate your data.

ok, thanks

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Sep 18 '07 #25
On 18 Set, 02:58, Jerry Stuckle <jstuck...@attglobal.netwrote:
>
And a hacker couldn't register and get a session active? Quite easy.


I don't know!
Could an hacker control the value of a specified session variable? I
hope not! :-)
How does the hacker know the name of a session variable and its right
value?

I define:

$_SESSION[$username][$randomValue] = $fixedValue;
How could the hacker infer:
- the name of the user;
- the random number (previously generated and only active when logged
in);
- the fixed value for test;

Sep 22 '07 #26
pe*************@gmail.com wrote:
On 18 Set, 02:58, Jerry Stuckle <jstuck...@attglobal.netwrote:
>And a hacker couldn't register and get a session active? Quite easy.

I don't know!
Could an hacker control the value of a specified session variable? I
hope not! :-)
How does the hacker know the name of a session variable and its right
value?

I define:

$_SESSION[$username][$randomValue] = $fixedValue;
How could the hacker infer:
- the name of the user;
- the random number (previously generated and only active when logged
in);
- the fixed value for test;
I didn't say the hacker could change the value of a session variable.
But that's not what your problem is.

What I'm referring to is someone hacker registering on your site. Then
at a later time, once he's been authorized, he hacks your site and
starts spamming. But the time you catch him, you've been shut off
because you're a spam relay.

The bottom line here is - NEVER, NEVER, EVER trust data from the user.
Always validate it server side. And always watch for hack attempts.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Sep 22 '07 #27

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
by: Eric | last post by:
Hey Everyone.. I have a form that has approximately 7 text fields and 1 checkbox. Generally when this form is submitted(to itself BTW) it works fine, however, when the checkbox is only field...
13
by: Dan R Brown | last post by:
I have a large form that is generated dynamically in a jsp using xml / xslt. So, to break up this form into several "tabbed" sections, I break up the form using <div> tags. Each <div...
4
by: Rick | last post by:
Hello, I'm having trouble with submitting my form when checking to see if data is present in the user-inputted fields. What I want to happen is for the user to input various pieces of data,...
4
by: Wysiwyg | last post by:
I need to validate a form to ensure that all of the fields add up correctly. I can't do this while the user is entering data since validation needs to be done after the entry is completed. What's...
2
by: Esa | last post by:
Hi, I'm having problems with one strange web system where submitting an application and making queries about its handling status require a series of form submits and response parsing - all in...
11
by: Rik | last post by:
Hello guys, now that I'm that I'm working on my first major 'open' forms (with uncontrolled users I mean, not a secure backend-interface), I'd like to add a lot of possibilities to check wether...
13
by: kev | last post by:
Hi all, I have created a database for equipments. I have a form to register the equipment meaning filling in all the particulars (ID, serial, type, location etc). I have two buttons at the end...
18
by: NavinM | last post by:
I have a couple of forms that are misbehaving in FireFox, but work fine in IE. when i do submit( with submit button) a javascript function validates all of the fields entered, and stops the...
10
flexsingh
by: flexsingh | last post by:
Hello there, I have a form and when data is inputted it goes into the table and I can get it out pefectly fine, the problem I have is that if the promary key is empty it will not submit, but if any...
0
BarryA
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
1
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
0
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
0
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
0
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
0
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
0
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
0
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.