Printable Version of Topic

Click here to view this topic in its original format

HTMLHelp Forums _ Server-side Scripting _ Form Post Method

Posted by: Freshman Dec 19 2018, 08:54 AM

Hi all,

I'm very new to HTML and PhP but learning as I go.
In code below I would like to 'insert' the id (from the URL) to the Action in the Form Post method.
As you will see I tried to pass the $id value into the Action but it is not working.
If I hardcode the correct value then all my following code work 100%

URL would be something like: www.mydomain.com/add.html?id=123

CODE

<?php
//getting id from URL
$id = $_GET['id'];
?>

<html>
<head>
    <title>Add Data</title>
</head>

<body>
    <br/><br/>

    <form method="post" name="form1" action="addrec.php?id="&<?php echo $id;?>>
        <table width="25%" border="0">
            <tr>
                <td>Day <?php echo $id;?> N </td>
                <td><input type="text" name="HDay"></td>
            </tr>
            <tr>
                <td>Month</td>
                <td><input type="text" name="HMonth"></td>
            </tr>
            <tr>
                <td>Relation</td>
                <td><input type="text" name="Relation"></td>
            </tr>
            <tr>
                <td></td>
                <td><input type="submit" name="Submit" value="Add"></td>
            </tr>
        </table>
    </form>
</body>
</html>

Posted by: Christian J Dec 19 2018, 12:14 PM

QUOTE(Freshman @ Dec 19 2018, 02:54 PM) *

CODE

<form method="post" name="form1" action="addrec.php?id="&<?php echo $id;?>>

The querystring value that the PHP script prints must be inside the quote too, and the ampersand characters shouldn't be there. Something like:

CODE
action="addrec.php?id=<?php echo $id;?>">

As a sidenote, the querystring data should be sanitized so that users can't insert arbitrary code into the web page (e.g. by tricking someone else into clicking a malformed URL). The htmlspecialchars() function might be used for this:

CODE

<?php
//getting id from URL
$id = htmlspecialchars($_GET['id']);
?>



Posted by: pandy Dec 19 2018, 05:29 PM

I maybe misunderstand, but if you want to use the query string in an URL you need to use GET, not POST.

Posted by: Christian J Dec 19 2018, 06:25 PM

QUOTE(pandy @ Dec 19 2018, 11:29 PM) *

I maybe misunderstand, but if you want the use the query string in an URL you need to use GET, not POST.

Not sure I understand either actually. It's technically possible to use a query string as an ACTION URL in a POST form, but I can't see any obvious reason to do so. unsure.gif

To the OP:

The normal way is for the browser to create the query string from the submitted form data. For that you need to use method="get", and the URL value in the form's ACTION attribute can't contain a query string (it seems to be overwritten when I tested). Using the OP's code example, the ACTION value should be just addrec.php, then when the form is submitted the URL with querystring (as seen in the browser's address bar) would become something like addrec.php?HDay=&HMonth=&Relation= (if you submit the form with empty form fields).

Posted by: pandy Dec 19 2018, 06:42 PM

Not sure either, but if you want to send data to the form in a query string it works if the script accepts GET requests.

For example, the form for direct input "our" validator uses use POST. But the script also accepts GET, so I can do this.

CODE
http://htmlhelp.com/cgi-bin/validate.cgi?area=%0D%0A%3C%21DOCTYPE+HTML+PUBLIC+%22-%2F%2FW3C%2F%2FDTD+HTML+4.01%2F%2FEN%22%0D%0A%22http%3A%2F%2Fwww.w3.org%2FTR%2Fhtml4%2Fstrict.dtd%22%3E%0D%0A%0D%0A%3Chtml%3E%0D%0A%0D%0A%3Chead%3E%0D%0A%3Ctitle%3E%3C%2Ftitle%3E%0D%0A%3C%2Fhead%3E%0D%0A%0D%0A%0D%0A%3Cbody%3E%0D%0A%0D%0A%3Cp%3E%0D%0AHello+world%3C%2Fp%3E%0D%0A%0D%0A%3C%2Fbody%3E%0D%0A%3C%2Fhtml%3E%0D%0A%0D%0A%0D%0A%0D%0A%0D%0A%0D%0A&charset=ISO-8859-1&warnings=yes&input=yes

http://htmlhelp.com//cgi-bin/validate.cgi?area=%0D%0A%3C%21DOCTYPE+HTML+PUBLIC+%22-%2F%2FW3C%2F%2FDTD+HTML+4.01%2F%2FEN%22%0D%0A%22http%3A%2F%2Fwww.w3.org%2FTR%2Fhtml4%2Fstrict.dtd%22%3E%0D%0A%0D%0A%3Chtml%3E%0D%0A%0D%0A%3Chead%3E%0D%0A%3Ctitle%3E%3C%2Ftitle%3E%0D%0A%3C%2Fhead%3E%0D%0A%0D%0A%0D%0A%3Cbody%3E%0D%0A%0D%0A%3Cp%3E%0D%0AHello+world%3C%2Fp%3E%0D%0A%0D%0A%3C%2Fbody%3E%0D%0A%3C%2Fhtml%3E%0D%0A%0D%0A%0D%0A%0D%0A%0D%0A%0D%0A&charset=ISO-8859-1&warnings=yes&input=yes


And now I was planning to demonstrate that a query string does nothing with the w3c validator, but they've gone changed the method from POST to GET, so you have to take my word for that it didn't use to work. laugh.gif

Posted by: Freshman Dec 20 2018, 01:39 AM

Hi all, thanks for the replies - although most of it is above my level of understanding so I have to take time to figure out the advice.

I have a few php files and each URL opens with a unique identifier stored as 'id' in the URL. I use that in each of the php files to extract the correct data from a mysql table. So far all the php files work fine and I can extract the id from the URL in each to use but on this spesific code (html not php) I cannot seem to get the 'id' from the URL and then secondly I have to pass it onto the next php file named addrec.php which is mentioned in the Action part.

Maybe I should try and insert the code in the addrec.php file into this html code?

Posted by: Freshman Dec 20 2018, 01:54 AM

Update:
I saved the file as php instead of html and now I can at least get the 'id' from the URL. So one down smile.gif
Must just figure out how to use the id in the Form Action now

Posted by: Freshman Dec 20 2018, 02:01 AM

Final update:
@ChristianJ - Thanks this worked smile.gif
(Not sure how to give a 'thumbs up' on your post or to mark as 'solved')

CODE

action="addrec.php?id=<?php echo $id;?>">

Posted by: pandy Dec 20 2018, 04:15 AM

Ah, simple as that.

Normally .html files aren't parsed for PHP. You can see that by doing a View Source. If PHP isn't parsed you see the raw PHP in the page source. If it is you don't. If it's important to you, you can make the server parse HTML files too though.

Powered by Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)