Hello, a stupid question but...
page_A.php is a page with a form.
The user inserts text in four fields, then he clicks a submit button.
The data goes to page_B.php:
this page controls the data submitted, then echoes a message.
If there were problems with the submitted data the message says:
"a problem occurred with your data. Click here to come back to the
form" (page_A.php).
When the user comes back, he finds the fields white.
How can I do to show him what he submitted?
Thanks!
26  3865 
..oO(pe*************@gmail.com)
>page_A.php is a page with a form.
The user inserts text in four fields, then he clicks a submit button.
The data goes to page_B.php:
this page controls the data submitted, then echoes a message.
If there were problems with the submitted data the message says:
"a problem occurred with your data. Click here to come back to the
form" (page_A.php).
When the user comes back, he finds the fields white.
You don't need two pages. Let page_A show and handle the form
processing. Submit the form to the same page, check the values and show
the form again if there's an error.
To keep the form data while moving from one page to another you would
have to store the values in a session.
Micha
On Sep 14, 6:39 pm, Michael Fesser <neti...@gmx.dewrote:
To keep the form data while moving from one page to another you would
have to store the values in a session.
Micha
Ok, I'll use sessions, thanks! pe*************@gmail.com wrote:
Hello, a stupid question but...
page_A.php is a page with a form.
The user inserts text in four fields, then he clicks a submit button.
The data goes to page_B.php:
this page controls the data submitted, then echoes a message.
If there were problems with the submitted data the message says:
"a problem occurred with your data. Click here to come back to the
form" (page_A.php).
When the user comes back, he finds the fields white.
How can I do to show him what he submitted?
Thanks!
Create a form on page B. Copy all of the $_POST variables into hidden
fields with a submit button that says, "Go Back."
--
*****************************
Chuck Anderson • Boulder, CO http://www.CycleTourist.com
*****************************
If you put them in the same page, it will be better for you. It will
ease the process.
[PHP]
if (isset($_POST['submit'])) {
# Process the form
if ($number_of_errors_in_the_form != 0) {
# Show the errors
# Display the Form Again.
# Example: print "<input type='text' name='fieldname' value='".
$_POST['fieldname']."' />";
} else {
# Tell the user everything went fine.
}
} else {
# Display the form.
}
>
Create a form on page B. Copy all of the $_POST variables into hidden
fields with a submit button that says, "Go Back."
hi chuck, it sounds interesting (I imagine form on page B should point
page A), but what if the user clicks the back button of his browser? pe*************@gmail.com wrote:
>Create a form on page B. Copy all of the $_POST variables into hidden
fields with a submit button that says, "Go Back."
hi chuck, it sounds interesting (I imagine form on page B should point
page A), but what if the user clicks the back button of his browser?
Yes, the form action on page B is to return to page A.
Clicking the Back button is fine. The browser loads the previous state
of page A, with the form fields still filled out.
I've even written a function that reads all of the elements in an array
(e.g., $_POST) and creates hidden form fields for each one. It can even
handle multi-dimensional arrays (e.g., $_POST variables that are
themselves, an array).
--
*****************************
Chuck Anderson • Boulder, CO http://www.CycleTourist.com
The world is my country,
Science, my religion.
*****************************
Chuck Anderson wrote:
pe*************@gmail.com wrote:
>>Create a form on page B. Copy all of the $_POST variables into hidden
fields with a submit button that says, "Go Back."
hi chuck, it sounds interesting (I imagine form on page B should point
page A), but what if the user clicks the back button of his browser?
Yes, the form action on page B is to return to page A.
Clicking the Back button is fine. The browser loads the previous state
of page A, with the form fields still filled out.
It will if you have the browser caching the page and haven't needed to
flush the cache. But you shouldn't depend on that behavior.
I've even written a function that reads all of the elements in an array
(e.g., $_POST) and creates hidden form fields for each one. It can even
handle multi-dimensional arrays (e.g., $_POST variables that are
themselves, an array).
That's the best way to handle things.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
==================
I've even written a function that reads all of the elements in an array
(e.g., $_POST) and creates hidden form fields for each one. It can even
handle multi-dimensional arrays (e.g., $_POST variables that are
themselves, an array).
Chuck, this sound really interesting, simple and powerful too:
at the moment, page B converts every key in a variable of the same
name:
foreach($_POST as $k =$v){
if(in_array($k,$required_keys)&&(trim($_POST[$k]!=''))){
${$k}=$v;
$count++;
}
}
it would be quite easy to use this foreach to build my fields :-)
Thanks!
Little problem in page A, now:
I imagine I must verify if I have 'something' in $_POST
(I get an Undefined Variable notice when I directly write:
if($_POST[$k]!=''){
${$k}=$v;
}
and I access this page for the first time, that is when for sure there
is nothing in $_POST
)
I tried
if(array_key_exists(etc. but this way I must write code for any
possible key...
Is there a handy way to know if there is 'something' in $_POST?
Thanks!
On Sun, 16 Sep 2007 12:29:20 +0200, <pe*************@gmail.comwrote:
Is there a handy way to know if there is 'something' in $_POST?
if(isset($_POST['something'])){/* do your thing */}
--
Rik Wasmus
if(isset($_POST['something'])){/* do your thing */}
well, this presumes I must know what I'm receiving in page A...
Anyway, the issue has been caused by the fact that I have not
previously declared/initialized two variables, so when there's nothing
in $_POST they simply don't exist. I partially solved declaring an
undefined value before the $_POST verification code.
..oO(pe*************@gmail.com)
>Little problem in page A, now:
I imagine I must verify if I have 'something' in $_POST
if (!empty($_POST)) {
...
}
>(I get an Undefined Variable notice when I directly write:
if($_POST[$k]!=''){
${$k}=$v;
}
Even if the form was submitted and $_POST is not empty, you should check
every value if it exists before you use it. You could write a little
function for that.
You could also have a look at the extract() function, if you want to
convert the array into single variables. I don't consider that really
necessary, but anyway.
Micha
Even if the form was submitted and $_POST is not empty, you should check
every value if it exists before you use it.
why?
I'm using them this way: if I receive the values I put them in the
value field of the form, if I don't receive data, the field appears
empty.
You could also have a look at the extract() function, if you want to
convert the array into single variables. I don't consider that really
necessary, but anyway.
I considered not using it because the PHP manual says it is not a good
idea for $_GET, $_POST, etc.
..oO(pe*************@gmail.com)
>Even if the form was submitted and $_POST is not empty, you should check
every value if it exists before you use it.
why?
You can't be sure that you'll get all the values from the form you
expect. Every data coming in from the client (POST, GET, cookies) can be
incomplete or manipulated.
>I'm using them this way: if I receive the values I put them in the
value field of the form, if I don't receive data, the field appears
empty.
You just have to make sure that missing values don't lead to notices or
unexpected behaviour in your code.
>You could also have a look at the extract() function, if you want to
convert the array into single variables. I don't consider that really
necessary, but anyway.
I considered not using it because the PHP manual says it is not a good
idea for $_GET, $_POST, etc.
Currently you're doing nearly the same.
Micha
You can't be sure that you'll get all the values from the form you
expect. Every data coming in from the client (POST, GET, cookies) can be
incomplete or manipulated.
i'm in the classical little/medium site backend area sending data
thorugh $_POST: what could cause incompleteness? Who could manipulate
my data?
You just have to make sure that missing values don't lead to notices or
unexpected behaviour in your code.
it is what I try to do and I'm not receiving any unexpected behavior
at the moment :-)
I considered not using it because the PHP manual says it is not a good
idea for $_GET, $_POST, etc.
Currently you're doing nearly the same.
well, it's true... I couldn't find a better way, since I can't change
the overall structure (so I can't but send data from A to B and
viceversa) pe*************@gmail.com wrote:
>Even if the form was submitted and $_POST is not empty, you should check
every value if it exists before you use it.
why?
I'm using them this way: if I receive the values I put them in the
value field of the form, if I don't receive data, the field appears
empty.
>You could also have a look at the extract() function, if you want to
convert the array into single variables. I don't consider that really
necessary, but anyway.
I considered not using it because the PHP manual says it is not a good
idea for $_GET, $_POST, etc.
No, instead you're just emulating the extract() function in your code.
Is that any smarter?
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
================== pe*************@gmail.com wrote:
>You can't be sure that you'll get all the values from the form you
expect. Every data coming in from the client (POST, GET, cookies) can be
incomplete or manipulated.
i'm in the classical little/medium site backend area sending data
thorugh $_POST: what could cause incompleteness? Who could manipulate
my data?
Anyone. For instance, I could post a form to your site which has
anything I want on it. That's a very common way hackers get into systems.
>
>You just have to make sure that missing values don't lead to notices or
unexpected behaviour in your code.
it is what I try to do and I'm not receiving any unexpected behavior
at the moment :-)
And that means you'll never get it in the future? It's this very
thinking which leads to sites being hacked,
>
>>I considered not using it because the PHP manual says it is not a good
idea for $_GET, $_POST, etc.
Currently you're doing nearly the same.
well, it's true... I couldn't find a better way, since I can't change
the overall structure (so I can't but send data from A to B and
viceversa)
Always validate your data.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
================== pe*************@gmail.com wrote:
Little problem in page A, now:
I imagine I must verify if I have 'something' in $_POST
(I get an Undefined Variable notice when I directly write:
if($_POST[$k]!=''){
${$k}=$v;
}
and I access this page for the first time, that is when for sure there
is nothing in $_POST
)
I tried
if(array_key_exists(etc. but this way I must write code for any
possible key...
Is there a handy way to know if there is 'something' in $_POST?
Thanks!
Sounds like you've got a handle on it.
--
*****************************
Chuck Anderson • Boulder, CO http://www.CycleTourist.com
The world is my country,
Science, my religion. ... Huygens
*****************************
Is that any smarter?
it isn't
Anyone. For instance, I could post a form to your site which has
anything I want on it. That's a very common way hackers get into systems.
But, sorry for my little experience, my forms only work if you logged
in (and you are a registered user and a session is active...). For
sure, I should understand how hackers do what they do...
And that means you'll never get it in the future?
absolutely not
Always validate your data.
ok, thanks
$bExists = is_set($_POST);
isset?
Sounds like you've got a handle on it.
:-) pe*************@gmail.com wrote:
>Anyone. For instance, I could post a form to your site which has
anything I want on it. That's a very common way hackers get into systems.
But, sorry for my little experience, my forms only work if you logged
in (and you are a registered user and a session is active...). For
sure, I should understand how hackers do what they do...
And a hacker couldn't register and get a session active? Quite easy.
>
>And that means you'll never get it in the future?
absolutely not
>Always validate your data.
ok, thanks
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
==================
On 18 Set, 02:58, Jerry Stuckle <jstuck...@attglobal.netwrote:
>
And a hacker couldn't register and get a session active? Quite easy.
I don't know!
Could an hacker control the value of a specified session variable? I
hope not! :-)
How does the hacker know the name of a session variable and its right
value?
I define:
$_SESSION[$username][$randomValue] = $fixedValue;
How could the hacker infer:
- the name of the user;
- the random number (previously generated and only active when logged
in);
- the fixed value for test; pe*************@gmail.com wrote:
On 18 Set, 02:58, Jerry Stuckle <jstuck...@attglobal.netwrote:
>And a hacker couldn't register and get a session active? Quite easy.
I don't know!
Could an hacker control the value of a specified session variable? I
hope not! :-)
How does the hacker know the name of a session variable and its right
value?
I define:
$_SESSION[$username][$randomValue] = $fixedValue;
How could the hacker infer:
- the name of the user;
- the random number (previously generated and only active when logged
in);
- the fixed value for test;
I didn't say the hacker could change the value of a session variable.
But that's not what your problem is.
What I'm referring to is someone hacker registering on your site. Then
at a later time, once he's been authorized, he hacks your site and
starts spamming. But the time you catch him, you've been shut off
because you're a spam relay.
The bottom line here is - NEVER, NEVER, EVER trust data from the user.
Always validate it server side. And always watch for hack attempts.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
================== This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Eric |
last post by:
Hey Everyone..
I have a form that has approximately 7 text fields and 1 checkbox.
Generally when this form is submitted(to itself BTW) it works fine,
however, when the checkbox is only field...
|
by: Dan R Brown |
last post by:
I have a large form that is generated dynamically in a jsp using xml / xslt. So, to
break up this form into several "tabbed" sections, I break up the form using <div>
tags. Each <div...
|
by: Rick |
last post by:
Hello,
I'm having trouble with submitting my form when checking to see if data
is present in the user-inputted fields. What I want to happen is for
the user to input various pieces of data,...
|
by: Wysiwyg |
last post by:
I need to validate a form to ensure that all of the fields add up correctly.
I can't do this while the user is entering data since validation needs to be
done after the entry is completed. What's...
|
by: Esa |
last post by:
Hi,
I'm having problems with one strange web system where submitting an
application and making queries about its handling status require a series of
form submits and response parsing - all in...
|
by: Rik |
last post by:
Hello guys,
now that I'm that I'm working on my first major 'open' forms (with
uncontrolled users I mean, not a secure backend-interface), I'd like to add
a lot of possibilities to check wether...
|
by: kev |
last post by:
Hi all,
I have created a database for equipments. I have a form to register the
equipment meaning filling in all the particulars (ID, serial, type,
location etc). I have two buttons at the end...
|
by: NavinM |
last post by:
I have a couple of forms that are misbehaving in FireFox, but work fine in IE.
when i do submit( with submit button) a javascript function validates all of the fields entered, and stops the...
|
by: flexsingh |
last post by:
Hello there, I have a form and when data is inputted it goes into the table and I can get it out pefectly fine, the problem I have is that if the promary key is empty it will not submit, but if any...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |
