[PHP] php form help...
I am trying to create this kind of form http://www.12monthinternetmillionaire.com/affiliate.php a user inserts their clickbank id and its generated in the field belowany pointers ?
Re: [PHP] php form help...
On Jan 8, 2008 11:19 AM, 2 Logic Studios [EMAIL PROTECTED] wrote:
I am trying to create this kind of form
http://www.12monthinternetmillionaire.com/affiliate.php
a user inserts their clickbank id and its generated in the field
belowany pointers ?
Yes. Hire a programmer. ;-P
In actuality, it could be done with JavaScript. However, because
JS won't modify the server settings, if you want to store the
ClickBank ID in a database, have it emailed, or whatever else, here's
the snippet of PHP code to generate the URL as they have it:
?
if($_POST['clickbank_id']) {
$url = http://.$_POST['clickbank_id']..12monthmil.hop.clickbank.net;
// Perform whatever other actions you want here, but remember to
SANITIZE the $_POST data!
}
?
form method=post action=?=$_SERVER['PHP_SELF'];? /
ClickBank ID:
input type=text name=clickbank_id /br /
input type=submit value=Update ClickBank ID /
/form
br /
input type=text value=?=$url;? size=35 /
--
Daniel P. Brown
[Phone Numbers Go Here!]
[They're Hidden From View!]
If at first you don't succeed, stick to what you know best so that you
can make enough money to pay someone else to do it for you.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php form help...
On Jan 8, 2008 11:56 AM, 2 Logic Studios [EMAIL PROTECTED] wrote: Daniel, Thanks...worked like a charm My pleasure. Just remember to sanitize the code as I said if you're going to do anything other than display it in the text box. Otherwise, a malicious user (or possibly even a typographical error) could lead to problems. -- Daniel P. Brown [Phone Numbers Go Here!] [They're Hidden From View!] If at first you don't succeed, stick to what you know best so that you can make enough money to pay someone else to do it for you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php form help...
On Jan 8, 2008 12:00 PM, Daniel Brown [EMAIL PROTECTED] wrote: On Jan 8, 2008 11:56 AM, 2 Logic Studios [EMAIL PROTECTED] wrote: Daniel, Thanks...worked like a charm My pleasure. Just remember to sanitize the code as I said if you're going to do anything other than display it in the text box. Otherwise, a malicious user (or possibly even a typographical error) could lead to problems. -- Daniel P. Brown [Phone Numbers Go Here!] [They're Hidden From View!] If at first you don't succeed, stick to what you know best so that you can make enough money to pay someone else to do it for you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php You think someone who didn't even know how to get post data in the first place knows how to properly sanitize it? :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php form help...
You think someone who didn't even know how to get post data in the first place knows how to properly sanitize it? :) One would think that the OP would lookup sanitize or some form of that search in google to become more familiar with the term and what it means, but then again I probably give to much credit to most of the population :) -- Jack Mays -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php form help...
On Jan 8, 2008 12:12 PM, Eric Butera [EMAIL PROTECTED] wrote: You think someone who didn't even know how to get post data in the first place knows how to properly sanitize it? :) Maybe, maybe not, but the point is to mention that it should be done to allow further exploration and study to learn how it's done. -- Daniel P. Brown [Phone Numbers Go Here!] [They're Hidden From View!] If at first you don't succeed, stick to what you know best so that you can make enough money to pay someone else to do it for you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php form help...
At 11:17 AM -0600 1/8/08, Jack Mays wrote: You think someone who didn't even know how to get post data in the first place knows how to properly sanitize it? :) One would think that the OP would lookup sanitize or some form of that search in google to become more familiar with the term and what it means, but then again I probably give to much credit to most of the population :) -- Jack Mays As I tell my grand-kids, half the people you meet everyday are below average intelligence. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php form help...
On Jan 8, 2008, at 11:52 AM, tedd wrote: At 11:17 AM -0600 1/8/08, Jack Mays wrote: You think someone who didn't even know how to get post data in the first place knows how to properly sanitize it? :) One would think that the OP would lookup sanitize or some form of that search in google to become more familiar with the term and what it means, but then again I probably give to much credit to most of the population :) -- Jack Mays As I tell my grand-kids, half the people you meet everyday are below average intelligence. Cheers, tedd I guess this ruins my impression of you being this 28 y/o programmer... grandpa! ;) Hehehe ~Phil -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php form help...
At 4:04 PM -0600 1/8/08, Philip Thompson wrote: On Jan 8, 2008, at 11:52 AM, tedd wrote: As I tell my grand-kids, half the people you meet everyday are below average intelligence. Cheers, tedd I guess this ruins my impression of you being this 28 y/o programmer... grandpa! ;) Yeah, I'm a little old -- but I'm still very good-looking, extremely smart and humble. I'm old enough to remember gas stations where the attendant would hand-pump gas up into a glass container and then would gravity feed it into your tank. I actually knew people who were alive during the civil war. And as everyone knows on this list, I used to program with rocks. But, I now play xbox (Call of Duty 4 rules) and my gamer tag is special tedd. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php form help...
On Jan 8, 2008 5:04 PM, Philip Thompson [EMAIL PROTECTED] wrote: I guess this ruins my impression of you being this 28 y/o programmer... grandpa! ;) Hehehe No, they just start raising families at a very young age. Tedd is only about seven years older than his children. -- Daniel P. Brown [Phone Numbers Go Here!] [They're Hidden From View!] If at first you don't succeed, stick to what you know best so that you can make enough money to pay someone else to do it for you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Form Help
Dear Chris,
Thank you for your response. I will make sure to start a new thread for
future.
I tried this but it did not work
if (isset($_POST['title'])) {
$title = htmlentities($_POST['title']);
echo $title;
} else {
$title = '';
}
This part of my code seems to be the problem, Though I dont know why.
if (isset($message))
{
echo font color=\red\{$message} /fontbr;
echo You are logged in $user;
?
Cause if change the if statement to
if (!isset($message))
the values are saved. But I need this to display the message..
if (empty($title) || empty($Email) || empty($Phone) || empty($Details)
|| empty($Keywords) || empty($City))
{
$message = Please fill all the required fields.;
// Now, redirect the browser to the current page
session_start();
header(Location: form.php?message= . urlencode($message));
exit;
}
Here is my structure..
?php
//check is there is any message, which I expect to have when the user
come on this page. Then show the user form
if (isset($message))
{
echo font color=\red\{$message} /fontbr;
echo You are logged in $user;
?
HTML CODE FOR FORM..
?php PHP code starts here
}//end of IF
else
{
if (empty($title) || empty($Email) || empty($Phone) || empty($Details)
|| empty($Keywords) || empty($City) || empty($State) || empty($ZIP) ||
empty($Type))
{
$message = Please fill all the required fields.;
// Now, redirect the browser to the current page
session_start();
header(Location: form.php?message= . urlencode($message));
exit;
}
here is the code to insert the entries into the database..
where it goes back to the same page for each error message
header(Location: form.php?message= . urlencode($message));
exit;
Or come back to the same page with a valid message for another entry..
}//end of else...
? end of php code
I am confused what I am doing wrong..
Again thank for your response.
-Jai
Chris wrote:
Jai Rangi wrote:
Greeting,
I hope this is the right place for this. If not please guide me.
I am having problem with my Form. Code is below. I want to generate
an error message if the required fields are not filled. If they are
filled then I want to add them to the database and display the form
again to make another entry. Database part is working fine. But when
it exist with an error for blank entry, it wipe out all the values
the user has entered, how can I save user input in case user does not
have to enter all the values again.
Thank you for help.
Start a new thread next time please - don't reply to an existing
thread. It makes it really hard to follow.
trtdfont color=? echo($FONTCOLOR); ?iMain Keywords for this
search: * /i/font/tdtdinput type=text name=Keywords
size=60/td/tr
You're not including the post values.
It should be something like:
..input type=text name=Keywords value=?php echo
(isset($_POST['Keywords'])) ? htmlentities($_POST['Keywords']) : '';
? size=60..
or you could check everything before hand:
if (isset($_POST['Keywords'])) {
$keywords = htmlentities($_POST['Keywords']);
} else {
$keywords = '';
}
...
input type=text name=Keywords value=?php echo $keywords; ?
size=60
...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Form Help
Jai Rangi wrote:
Dear Chris,
Thank you for your response. I will make sure to start a new thread for
future.
I tried this but it did not work
if (isset($_POST['title'])) {
$title = htmlentities($_POST['title']);
echo $title;
} else {
$title = '';
}
This part of my code seems to be the problem, Though I dont know why.
if (isset($message))
{
echo font color=\red\{$message} /fontbr;
echo You are logged in $user;
?
Cause if change the if statement to
if (!isset($message))
the values are saved. But I need this to display the message..
if (empty($title) || empty($Email) || empty($Phone) || empty($Details)
|| empty($Keywords) || empty($City))
{
$message = Please fill all the required fields.;
// Now, redirect the browser to the current page
session_start();
header(Location: form.php?message= . urlencode($message));
exit;
}
Here is my structure..
?php
//check is there is any message, which I expect to have when the user
come on this page. Then show the user form
if (isset($message))
{
If it's in the url, it should be $_GET['message'] - something like this:
if (isset($_GET['message'])) {
echo htmlentities($_GET['message']);
}
--
Postgresql php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Form Help
At 7:01 PM -0700 4/5/06, Jai Rangi wrote: Greeting, I hope this is the right place for this. If not please guide me. I am having problem with my Form. Code is below. I want to generate an error message if the required fields are not filled. If they are filled then I want to add them to the database and display the form again to make another entry. Database part is working fine. But when it exist with an error for blank entry, it wipe out all the values the user has entered, how can I save user input in case user does not have to enter all the values again. Thank you for help. You might want to review: http://www.weberdev.com/get_example-320.html http://www.weberdev.com/get_example-4321.html tedd -- http://sperling.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP Form Help
Greeting,
I hope this is the right place for this. If not please guide me.
I am having problem with my Form. Code is below. I want to generate an
error message if the required fields are not filled. If they are filled
then I want to add them to the database and display the form again to
make another entry. Database part is working fine. But when it exist
with an error for blank entry, it wipe out all the values the user has
entered, how can I save user input in case user does not have to enter
all the values again.
Thank you for help.
?php
include db.php;
echo Title is . $_POST['title'];
//logincheck();
session_start();
echo You are logged in $user;
if (isset($message))
{
echo font color=\red\{$message} /fontbr;
echo You are logged in $user;
?
html
table border=0 width=80% height=100% align=center border=0
cellspacing=0 cellpadding=0
STYLE=color: ? echo($fontcol); ?; bgcolor=? echo($BOXCOLOR); ?
tr width=100% background=./images/bg.jpg
td width=100% background=./images/bg.jpg align=center
div style=border: 2px groove #88; border-left: 0px; border-right:
0px;br
brbr/div
/td/tr
tr width=100%
td width=100% align=center
div align=center
form name=sds action=?php echo $_SERVER['PHP_SELF']; ?
METHOD=POST onfiltered=return check()
table cellpadding=4 cellspacing=0 border=0
trtdfont color=? echo($FONTCOLOR); ?iTitle: *
/i/font/tdtdinput type=text name=title size=40
value=?=$_POST['title']? /td/tr
trtdfont color=? echo($FONTCOLOR); ?iLocation :
/i/font/tdtdinput type=text name=location size=40 /td/tr
trtdfont color=? echo($FONTCOLOR); ?iCity: *
/i/font/tdtdinput type=text name=City size=15/td/tr
trtdfont color=? echo($FONTCOLOR); ?iEmail: *
/i/font/tdtdinput type=text name=Email size=40 value=?
echo($user); ?/td/tr
trtdfont color=? echo($FONTCOLOR); ?iPhone: *
/i/font/tdtdinput type=text name=Phone size=40/td/tr
trtdfont color=? echo($FONTCOLOR); ?iMain Keywords for this
search: * /i/font/tdtdinput type=text name=Keywords
size=60/td/tr
td/td
trtd colspan=2font color=? echo($FONTCOLOR);? bArticle
Details: * /b/fontbr
textarea name=Details rows=13 cols=55 wrap=physical/textarea
/td/tr
trtd colspan=2 align=centerinput type=submit value=NEXT/td/tr
/table
/form
/div
/td
/tr
/table
/html
?php
}else
{
if (empty($title) || empty($Email) || empty($Phone) || empty($Details)
|| empty($Keywords) || empty($City))
{
$message = Please fill all the required fields.;
// Now, redirect the browser to the current page
session_start();
header(Location: form.php?message= . urlencode($message));
}
else
{
// Connect to the MySQL DBMS - credentials are in the file db.php
if (!($connection = @ mysql_pconnect($hostName, $username,
$password)))
showerror();
// Use the User database
if (!mysql_select_db($databaseName, $connection))
showerror();
// Create a query to find The Company ID
$query = SELECT ID
FROM table
WHERE email = \$user\;
// Run the query through the connection
if (!($result = @ mysql_query($query, $connection)))
showerror();
// Were there any matching rows?
if (mysql_num_rows($result) == 0)
{
// No. So insert the new username and password into the table
$message = The user account -b$user/b- does not have ID.;
// Now, redirect the browser to the current page
header(Location: form.php?message= . urlencode($message));
exit;
}
$row = @ mysql_fetch_array($result);
$ID = (rand()%);
$CID = $row[CompID];
$jquery = INSERT INTO table
(Title,Email,Phone,Details,Keywords,Location,City,)
Values('$title','$Email','$Phone','$Details','$Keywords','$location','$City');
if (!($result = @ mysql_query($query, $connection)))
showerror();
$message = Your Article has been posted. Fill in the form to
post more Articles;
// Now, redirect the browser to the current page
header(Location: form.php?message= . urlencode($message));
exit;
}
}
?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Form Help
Jai Rangi wrote:
Greeting,
I hope this is the right place for this. If not please guide me.
I am having problem with my Form. Code is below. I want to generate an
error message if the required fields are not filled. If they are filled
then I want to add them to the database and display the form again to
make another entry. Database part is working fine. But when it exist
with an error for blank entry, it wipe out all the values the user has
entered, how can I save user input in case user does not have to enter
all the values again.
Thank you for help.
Start a new thread next time please - don't reply to an existing thread.
It makes it really hard to follow.
trtdfont color=? echo($FONTCOLOR); ?iMain Keywords for this
search: * /i/font/tdtdinput type=text name=Keywords
size=60/td/tr
You're not including the post values.
It should be something like:
..input type=text name=Keywords value=?php echo
(isset($_POST['Keywords'])) ? htmlentities($_POST['Keywords']) : ''; ?
size=60..
or you could check everything before hand:
if (isset($_POST['Keywords'])) {
$keywords = htmlentities($_POST['Keywords']);
} else {
$keywords = '';
}
...
input type=text name=Keywords value=?php echo $keywords; ? size=60
...
--
Postgresql php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] simple flash php form, help please
Hi again guys :) I am having problems with this little email user script for my website. I have set this script here to run with flash outputing the information. When i run the script in the browser i grt this error Warning: Failed to Receive in C:\apache\htdocs\innovat\forum\mailuser.php on line 18 I aint any php expert just some simple stuff i know. You can copy the code and test it just change the email information. cheers for any help guys. ? $username = djd;// set these two so that we do not need flash to output the information $users_email=[EMAIL PROTECTED]; $ToEmail = $users_email; $date = date(m/d/Y H:i:s); $ToName = $username;// out put from flash $ToSubject = Email from mywebsite.co.uk; $email = [EMAIL PROTECTED]; $msg = Type whatever here; $EmailBody = Sent By: $username\n\nMessage Sent:\n$msg\n\n; $EmailFooter=\nSent on\n Date/Time: $date; $Message = $EmailBody.$EmailFooter; mail($ToName. .$ToEmail.,$ToSubject, $Message, From: .$username. .$email.);// line 18 print retval=1$ToEmailToSubject$Message$username$email;// This just returns output to show all variables have been passed ok. ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP form help
Hi, I have created a form that passes details to the next page so the user can see the details they have submitted before clicking confirm to submit to the database. The problem is that the details dont seem to get passed to the script after they have appeared on the confirmation page. I know the script works because i submitted info to is successfully before i changed the form action to point at the confirmation page. I think it has something to do with PHP sessions but am not sure how to make it work. Thanks for any help. Steven M -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP form help
How is the information being kept? Sessions? You'll either want to store them in a session or create hidden fields on the confirmation page, then when they click on confirm, you'll have access to the fields on the new page, (the page where your processing script is) --- Jonathan -Original Message- From: Steven M [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 19, 2003 2:15 PM To: [EMAIL PROTECTED] Subject: [PHP] PHP form help Hi, I have created a form that passes details to the next page so the user can see the details they have submitted before clicking confirm to submit to the database. The problem is that the details dont seem to get passed to the script after they have appeared on the confirmation page. I know the script works because i submitted info to is successfully before i changed the form action to point at the confirmation page. I think it has something to do with PHP sessions but am not sure how to make it work. Thanks for any help. Steven M -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP form help
Please provide more information...ie source code so we can find the problem. Ray On Wed, 2003-02-19 at 13:14, Steven M wrote: Hi, I have created a form that passes details to the next page so the user can see the details they have submitted before clicking confirm to submit to the database. The problem is that the details dont seem to get passed to the script after they have appeared on the confirmation page. I know the script works because i submitted info to is successfully before i changed the form action to point at the confirmation page. I think it has something to do with PHP sessions but am not sure how to make it work. Thanks for any help. Steven M -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP form help
Hi Johnathan Thanks I've got it now, hidden fields did the trick. :-) Steven M Jonathan Villa [EMAIL PROTECTED] wrote in message 004301c2d851$24ac2fd0$8600a8c0@inhocvince">news:004301c2d851$24ac2fd0$8600a8c0@inhocvince... How is the information being kept? Sessions? You'll either want to store them in a session or create hidden fields on the confirmation page, then when they click on confirm, you'll have access to the fields on the new page, (the page where your processing script is) --- Jonathan -Original Message- From: Steven M [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 19, 2003 2:15 PM To: [EMAIL PROTECTED] Subject: [PHP] PHP form help Hi, I have created a form that passes details to the next page so the user can see the details they have submitted before clicking confirm to submit to the database. The problem is that the details dont seem to get passed to the script after they have appeared on the confirmation page. I know the script works because i submitted info to is successfully before i changed the form action to point at the confirmation page. I think it has something to do with PHP sessions but am not sure how to make it work. Thanks for any help. Steven M -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP form help
Thanks Ray but i've found the problem and sorted it. :-) Steven M -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Form help
Each user has a long list of magazines to choose from. Problem is that for
every magazine there is a checkbox and there are a lot of magazines to
choose from (more than 100). I put all of them in one form. After submit I
have to know which magazines user checked.
Is there any more simple way than mine? Well here it is:
I got a form with checkboxes which names are primary keys of every magazine.
I use "sif_" in front because you cannot have variables like $123 =
$sif_123.
input type="checkbox" name="sif_? echo $wponud[6]; ?" value="1"
After submitting the form I have to know which magazines user ordered. I go
through user's magazines again and use eval function twice to get variable
submited by form.
?
while ($wponud = mysql_fetch_array($izpis_raw)) {
$temp = "sif_$wponud[6]";
eval ("\$temp = \"$temp\";");
$temp = "$".$temp;
eval ("\$temp = \"$temp\";");
if ($temp == 1) {
// got it
echo $wponud[6]."br";
}
?
If anybody can think of better way to do it, please let me know.
tnx.
mitja.
[PHP] Form help
Hi All, I currently have a small problem with my PHP form. I have made two PHP files (application.php and process_application.php). On submitting the form, you then move to process_application.php. Any errors will force the form NOT to be submitted to me. However, how do I stop people from accessing process_application.php directly? You can still type in the URL of this address without filling in any details. Although it serves up an error, is there anyway I can prevent people from getting to this page unless they press "Submit" on the actual form on application.php? Thanks, SK _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Form help
You could have a check for the HTTP_REFERER variable, if it doesn't contain "application.php", chances are they didn't come from that page. There might be a neater way to do it, but I don't know it :-) HTH Jon -Original Message- From: Good Fella [mailto:[EMAIL PROTECTED]] Sent: 22 March 2001 14:34 To: [EMAIL PROTECTED] Subject: [PHP] Form help Hi All, I currently have a small problem with my PHP form. I have made two PHP files (application.php and process_application.php). On submitting the form, you then move to process_application.php. Any errors will force the form NOT to be submitted to me. However, how do I stop people from accessing process_application.php directly? You can still type in the URL of this address without filling in any details. Although it serves up an error, is there anyway I can prevent people from getting to this page unless they press "Submit" on the actual form on application.php? Thanks, SK _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] ** 'The information included in this Email is of a confidential nature and is intended only for the addressee. If you are not the intended addressee, any disclosure, copying or distribution by you is prohibited and may be unlawful. Disclosure to any party other than the addressee, whether inadvertent or otherwise is not intended to waive privilege or confidentiality' ** -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Form help
A common way is to add a check for the pressing of the submit button, so
assuming :
input type="submit" name="submit" value="submit me!"
if ( isset($submit) ) {
// process form
} else {
echo 'oh dear, you did not use form.';
}
I usually use a hidden field instead as at times the submit button can be
"skipped" as the user presses enter vs. clicks the button, not sure what
browsers or setups allow this behavior but some do (maybe someone can
expand on this thought). So, try something like :
input type="hidden" name="form_submitted" value="1"
if ( $form_submitted == true ) {
That should do the job. Also doing an is_array check somewhere in there
works if the form names are an array, like :
input type="text" name="form[username]"
input type="text" name="form[password]"
Other considerations apply but if $form is an array then most likely the
user used the form. So :
if ( is_array($form) ) {
Regards,
Philip Olson
http://www.cornado.com/
On Thu, 22 Mar 2001, Good Fella wrote:
Hi All,
I currently have a small problem with my PHP form. I have made two PHP
files (application.php and process_application.php).
On submitting the form, you then move to process_application.php. Any
errors will force the form NOT to be submitted to me.
However, how do I stop people from accessing process_application.php
directly? You can still type in the URL of this address without filling in
any details.
Although it serves up an error, is there anyway I can prevent people from
getting to this page unless they press "Submit" on the actual form on
application.php?
Thanks,
SK
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Form help
You could have a check for the HTTP_REFERER variable, if it doesn't
contain "application.php", chances are they didn't come from that page.
it's not a good idea to rely on $HTTP_REFERER for anything, and especially
for this. a referer is only reported when the user follows a hyperlink, so
in the hypothetical case given there would be no referer.
Isn't that the point? If there's no referer, they didn't come from the first
page, so you send them back there. I could be completely wrong here - is
HTTP_REFERER empty following a form submission, even if it's to a different
page?
what you need to do is combine your two scripts, which is really a neater
way handling forms anyway. point your form action to the same page
($PHP_SELF works really well for this, since you can rename the file and
it will still run properly), and then add the following code to the top
of your application.php file
if($GLOBALS["REQUEST_METHOD"] == "POST") {
include("process_application.php");
exit;
}
This is how I would handle it personally, but then he'd mentioned having two
pages, so..
Cheers
Jon
**
'The information included in this Email is of a confidential nature and is
intended only for the addressee. If you are not the intended addressee,
any disclosure, copying or distribution by you is prohibited and may be
unlawful. Disclosure to any party other than the addressee, whether
inadvertent or otherwise is not intended to waive privilege or confidentiality'
**
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Form help
not all browsers support the referrer or some people use software to block
that,
so that method is unreliable... the only way to do this is with a token.
that is time
sensitive from the database, even then there is no method that is hackproof.
Rick
At 03:41 PM 3/22/01 +, Jon Haworth wrote:
You could have a check for the HTTP_REFERER variable, if it doesn't
contain "application.php", chances are they didn't come from that page.
it's not a good idea to rely on $HTTP_REFERER for anything, and especially
for this. a referer is only reported when the user follows a hyperlink, so
in the hypothetical case given there would be no referer.
Isn't that the point? If there's no referer, they didn't come from the first
page, so you send them back there. I could be completely wrong here - is
HTTP_REFERER empty following a form submission, even if it's to a different
page?
what you need to do is combine your two scripts, which is really a neater
way handling forms anyway. point your form action to the same page
($PHP_SELF works really well for this, since you can rename the file and
it will still run properly), and then add the following code to the top
of your application.php file
if($GLOBALS["REQUEST_METHOD"] == "POST") {
include("process_application.php");
exit;
}
This is how I would handle it personally, but then he'd mentioned having two
pages, so..
Cheers
Jon
**
'The information included in this Email is of a confidential nature and is
intended only for the addressee. If you are not the intended addressee,
any disclosure, copying or distribution by you is prohibited and may be
unlawful. Disclosure to any party other than the addressee, whether
inadvertent or otherwise is not intended to waive privilege or
confidentiality'
**
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
##
# Rick St Jean,
# [EMAIL PROTECTED]
# President of Design Shark,
# http://www.designshark.com/
# Quick Contact: http://www.designshark.com/messaging.ihtml
# Tel: 905-684-2952
##
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Form help
why don't you check to see is a variable was passed to the page. If you use the post
method then a hidden field can be used o check that the user did come from the
application page.
a sample of the check will be
if(!$var_from_previous_page)
{
header("location: application.php");
}
--
On Thu, 22 Mar 2001 14:34:21
Good Fella wrote:
Hi All,
I currently have a small problem with my PHP form. I have made two PHP
files (application.php and process_application.php).
On submitting the form, you then move to process_application.php. Any
errors will force the form NOT to be submitted to me.
However, how do I stop people from accessing process_application.php
directly? You can still type in the URL of this address without filling in
any details.
Although it serves up an error, is there anyway I can prevent people from
getting to this page unless they press "Submit" on the actual form on
application.php?
Thanks,
SK
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Get 250 color business cards for FREE! at Lycos Mail
http://mail.lycos.com/freemail/vistaprint_index.html
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
