Validating 'required' form page data for save to database, Saving by php code file after succesful validation. Success message on |
Validating 'required' form page data for save to database, Saving by php code file after succesful validation. Success message on |
Freddz |
Jan 7 2019, 08:34 PM
Post
#1
|
Novice Group: Members Posts: 25 Joined: 7-January 19 Member No.: 26,791 |
Hello,
I have a form page where I check the mandatory inputs client-sided by the attribute 'required' (when clicking send button). When all required inputs are done the send button click... 1.) should call a php file 'dbinsert.php' which just contains the save process of the form data to a database. 2.) But the success message should be shown on the SAME page, on top of the form page. How can I implement this process under those 2 conditions? I suppose that the send button's 'action' attrbute should be empty and the php file has to be called via Ajax (within a Javascript function?) !? But unfortunately I fail in implementing THIS specific configuration. Could you help me, please? If so, please specify in your answer all necessary code lines like the form header, the submit button and the Javascript function that executes the Ajax call (and also fires the success message, I suppose)? Thank you so much! The following constellation does not work: * <FORM NAME="Betrugseingabe" ACTION="../cgi-bin/DBinsert.php" METHOD=POST> * <INPUT TYPE="submit" NAME="Absenden" VALUE="Absenden" ID="Schaltflaeche1" formtarget="_self"> |
Freddz |
Jan 15 2019, 09:23 AM
Post
#2
|
Novice Group: Members Posts: 25 Joined: 7-January 19 Member No.: 26,791 |
See, Christian, we meanwhile have discussed about 4 or 5 methods an implementation could be done. Obviously at each method there is at least one disadvantage not fulfilling my early conditions. Isn't it?
It seems as if not even one of the following 4 can be used for my wished, quick solution!?... 1) If Action<>"" (Action ="dbinsert.php", the php file JUST contains the SQL commands!!) then a NEW page shows the success message. 2) If onsubmit is used in the form tag to execute a Javascript function which should contain the php script this is not allowed. 3) If using Ajax (to execute php code within a HTML page) attribute 'required' of the input elements cannot be used. 4) If isset is used to execute a php code within an html page file (on page submission) this is not allowed. Is this summary correct so far??... Only version 1 seems to work by fulfilling the 2 main conditions: * using the attribute 'required' to make the client-sided validation * afterwards using my php dbinsert code. (probably without page change) See, this/my site is not a big and critical one. No big or confidential data in db. And I want to finish this site quick - at least a first rough version. It can have some unsecurity. Main point: It should work (by fulfilling the 2 conditions above) and it should be configurable at Netobjects. It is not a permanent solution, Christian. IF this site will be successful I (or any better programmer than me) will improve it anyway! So you must not ask me about my code wishes. I just wish a working version fulfilling the upper conditions! That's it. So which is your final suggestion fitting most, and forgetting your additional security considerations?... |
Christian J |
Jan 15 2019, 12:33 PM
Post
#3
|
. Group: WDG Moderators Posts: 9,656 Joined: 10-August 06 Member No.: 7 |
Obviously at each method there is at least one disadvantage not fulfilling my early conditions. Isn't it? "Disadvantage" doesn't mean it's impossible. Number 1, 3 and 4 are quite possible to do with a little work. QUOTE 1) If Action<>"" (Action ="dbinsert.php", the php file JUST contains the SQL commands!!) then a NEW page shows the success message. Why not load dbinsert.php in an iframe on the form page, and let dbinsert.php write out the success message? That way the message will appear inside the iframe. QUOTE 2) If onsubmit is used in the form tag to execute a Javascript function which should contain the php script this is not allowed. Correct, javascript can't run PHP (except with Ajax). QUOTE 3) If using Ajax (to execute php code within a HTML page) attribute 'required' of the input elements cannot be used. It can: REQUIRED works with onsubmit, javascript and Ajax. QUOTE 4) If isset is used to execute a php code within an html page file (on page submission) this is not allowed. It is allowed: you can use isset and PHP if the form submission reloads the same page (such as when using ACTION=""). All it requires is enabling PHP in .html files, which is normally simple to do (ask your web host support). (Here's another idea: 5) why not use my isset script, but at "../cgi-bin/DBinsert.php" from the start? That is, the user goes to DBinsert.php, fills out the form there, and when the form is submitted DBinsert.php writes to the database.) QUOTE See, this/my site is not a big and critical one. No big or confidential data in db. And I want to finish this site quick - at least a first rough version. It can have some unsecurity. It's up to you, but malware bots are continuously testing random sites for all kinds of known vulnerabilities. So a site doesn't need to be big to be a target. And even if your database contains nothing important it can still be manipulated to post malware on your web site, in which case search engines may blacklist it until you remove the malware. QUOTE So which is your final suggestion fitting most, and forgetting your additional security considerations?... I'd use number 4, like I've said all along. Can't say what works with Netobjects though. |
Lo-Fi Version | Time is now: 25th April 2024 - 06:45 AM |