www.webdeveloper.com
Results 1 to 6 of 6

Thread: can't read form variables...

Hybrid View

  1. #1
    Join Date
    Jun 2006
    Location
    Doncaster
    Posts
    78

    can't read form variables...

    I have a form which sends it's output to a page.The user agrees with what has been sent, and the data is sent to a third page to add a new line to MySQL.

    The first and second pages work, but the new line is empty.

    Can anyone tell me why??

    Form:

    HTML Code:
    <form action="reg_proc.php" method="post" enctype="application/x-www-form-urlencoded" name="register">
    <table width="97%" border="0" cellspacing="5" cellpadding="0">
      <tr>
        <td bordercolor="#6699CC"><div align="left">Your FIRST name</div></td>
        <td><input name="fname" type="text" maxlength="25"/></td>
      </tr>
      <tr>
        <td bordercolor="#6699CC"><div align="left">Your SECOND name</div></td>
        <td><input name="sname" type="text" maxlength="25"/></td>
      </tr>
      <tr>
        <td bordercolor="#6699CC"><div align="left">Your EMAIL</div></td>
        <td><input name="email" type="text" /></td>
      </tr>
      <tr>
        <td bordercolor="#6699CC"><div align="left">MOBILE</div></td>
        <td><input name="mobile" type="text" value="07" /></td>
      </tr>
      <tr>
        <td bordercolor="#6699CC"><div align="left">I am a </div></td>
        <td><input name="gender" type="radio" value="m" />boy
        	<input name="gender" type="radio" value="f" />girl   	</td>
      </tr>
      <tr>
        <td bordercolor="#6699CC"><div align="left">POSTCODE</div></td>
        <td><input name="pcode" type="text"  /></td>
      </tr>
      <tr>
        <td bordercolor="#6699CC"><div align="left">I am...</div>
        </td>
        <td><input name="user_level" type="radio" value="1" />Staff/screener <br />
        	<input name="user_level" type="radio" value="2" />a Coordinator <br />
            <input name="user_level" type="radio" value="0" />just passing by <br />
        </td>
      </tr>
      <tr>
      	<td>
        <input type="submit" value="Register" />
        </td>
        <td>
        	<input type="reset" value="Start again"/>
        </td>
    	</tr>
    </table>
    
    
    </form>
    Confirmation...
    PHP Code:
    <div id="positioned-element24">
    <?php include("connect.php"); 

    $db_name="tht"// Database name
    $tbl_name="users"// Table name

    // username and password sent from form
    $fname=$_POST['fname'];
    $sname=$_POST['sname'];
    $email=$_POST['email'];
    $mobile=$_POST['mobile'];
    $gender=$_POST['gender'];
    $pcode=$_POST['pcode'];
    $user_level=$_POST['usr_level'];

    ?>
    <br />

    <table width="50%" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td>Your name is 
        </td>
        <td><strong><?php 
                            
    echo ($fname); 
                            echo(
    $sname);
                         
    ?></strong></td>
      </tr>
      <tr>
        <td>Your mobile</td>
        <td><strong><?php 
                            
    echo ($mobile); 
                    
    ?></strong>
        </td>
      </tr>
      <tr>
        <td>Your email</td>
        <td><strong><?php 
                            
    echo ($email); 
                         
    ?></strong>
        </td>
      </tr>
      
    </table>
    You are (m/f): <?php echo ($gender)?>, and live in <?php echo ($pcode)?>.
    <br />
    <form action="reg_proc2.php">
        <input name="reg_submit" id="reg_submit" value="Register me!" type="submit"/>
        <input type="button" value="No, start again" ONCLICK="history.go(-1)"/>
    </form>
    </div>
    and the actual doings...
    PHP Code:
    <div id="positioned-element24">
    <?php include("connect.php"); 

    // username and password sent from form
    $fname=$_POST['fname'];
    $sname=$_POST['sname'];
    $email=$_POST['email'];
    $mobile=$_POST['mobile'];
    $gender=$_POST['gender'];
    $pcode=$_POST['pcode'];
    $user_level=$_POST['usr_level'];

    $sql  "INSERT INTO users (fname, sname, email, mobile, gender, pcode, acs_lvl) VALUES ('$fname','$sname','$email','$mobile', '$gender', '$pcode', '$user_level')"

            
    #execute SQL statement 
            
    $result mysql_query($sql$db); 

            
    # check for error 
            
    if (mysql_error()) { print "Database ERROR: " mysql_error(); }
            
    $to $email;
    $subject "THT Registration";
    $header "From: "$fname $sname." <" $email ">\r\n";

    $body "Hi there.<br>Someone entered this address to register at THT's site. If it wasn't you, please accept our apologies. Your data will be removed within seven days. <br>Otherwise, please follow the link below. <hr> For more info on the trust, please visit http://www.tht.org ";
     
    echo 
    'Thank-you'.$fname.'. Your message has been sent to '.$email;
    mail($to$subject$body$header);

    ?> 

    <br />
    An email has been sent to the address you entered. <br />
    This contains a link, and when you click this the registration is complete.
    <p>
    You should follow this link within <strong>seven days</strong>, or <a href="#">request</a> a new email.

    </div>

  2. #2
    Join Date
    Nov 2002
    Location
    Peterborough, UK
    Posts
    166
    Your first page has a form with method="post", so when the form is submitted the $_POST array is populated with the values of the form field.

    Your second page doesn't have a form, thus the $_POST array is not populated and the third page cannot see the form fields as you expected.

    You could place all of the form fields into hidden inputs on the 2nd page - keeping what you already have but adding:
    PHP Code:
    <input type="hidden" value="<?php echo $fname?>" name="fname" />
    etc.
    Something like that.

  3. #3
    Join Date
    Nov 2008
    Posts
    2,477
    Also the code you posted leaves you wide open to SQL injection and XSS attacks.

  4. #4
    Join Date
    Jun 2006
    Location
    Doncaster
    Posts
    78

    Thanks, fellas

    Rodders, new concept to me, simply explained, ta.

    Mindzai, I know everyone says this, but the eventual code will be more robust, including stripslashes etc., but thanks anyway.

  5. #5
    Join Date
    Jun 2006
    Location
    Doncaster
    Posts
    78

    Nope, still not working...

    I amended the code so that it took in your suggestion, but it still won't play:

    PHP Code:
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

    <title>add to database</title>

    <link href="boxes_lg.css" rel="stylesheet" type="text/css" />
    </head>

    <body >
    <div id="container">
        

    ...

    <div>
    <form action="#" method="POST">
    <input type="hidden" value="<?php echo $fname?>" name="fname" /> 
    <input type="hidden" value="<?php echo $sname?>" name="sname" />
    <input type="hidden" value="<?php echo $email?>" name="email" /> 
    <input type="hidden" value="<?php echo $mobile?>" name="mobile" />
    <input type="hidden" value="<?php echo $gender?>" name="gender" /> 
    <input type="hidden" value="<?php echo $pcode?>" name="pcode" />
    <input type="hidden" value="<?php echo $user_level?>" name="acs_lvl" /> 
    </form>
    <?php 
    //username and password sent from form
    $fname=$_POST['fname'];
    $sname=$_POST['sname'];
    $email=$_POST['email'];
    $mobile=$_POST['mobile'];
    $gender=$_POST['gender'];
    $pcode=$_POST['pcode'];
    $user_level=$_POST['usr_level'];

    echo 
    $fname;
    $sql  "INSERT INTO users (fname, sname, email, mobile, gender, pcode, acs_lvl) VALUES ('$fname','$sname','$email','$mobile', '$gender', '$pcode', '$user_level')"

            
    #execute SQL statement 
            
    $result mysql_query($sql$db); 

            
    # check for error 
            
    if (mysql_error()) { print "Database ERROR: " mysql_error(); }
            
    $to $email;
    $subject "THT Registration";
    $header "From: "$fname $sname." <" $email ">\r\n";

    $body "Hi there.<br>Someone entered this address to register at THT's site. If it wasn't you, please accept our apologies. Your dat will be removed within seven days. <br>Otherwise, please follow the link below. <hr> For more info on THT, please visit http://www.tht.org ";
     
    echo 
    'Thank-you'.$fname.'. Your message has been sent to '.$email;
    mail($to$subject$body$header);

    ?> 

    <br />
    This message contains a link, and when you click this the registration is complete.
    <p>
    You should follow this link within <strong>seven days</strong>, or <a href="#">request</a> a new email.

    </div>
    ...

    </div>


    </body>
    </html>
    ...but actually, couldn't I just do it one page? I'd just need the SQL to fire when the "register me" button is pressed ... something like

    HTML Code:
    <form action="#" method="post">
        <input name="reg_submit" id="reg_submit" value="Register me!" type="submit"/>
        <input type="button" value="No, start again" ONCLICK="history.go(-1)"/>
    </form>
    Except that, once again, it won't get the variables. Right, deep breath, more coffee...

  6. #6
    Join Date
    Jul 2007
    Location
    Wisconsin
    Posts
    468
    You're on the right track... just the wrong place.

    PHP Code:
    <input type="hidden" value="<?php echo $fname?>" name="fname" /> 
    <!-- et al -->
    has to go on reg_proc.php, (the second page) inside the

    HTML Code:
    <form action="reg_proc2.php">
    <!-- input type="hidden" here...
        <input name="reg_submit" id="reg_submit" value="Register me!" type="submit"/>
        <input type="button" value="No, start again" ONCLICK="history.go(-1)"/>
    </form> 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles