1. Home
  2. UK Do-It-Yourself Forum
  3. Online PHP problem.

Online PHP problem.

I run a website for a rambling club, and recently I've come up against a problem that used not to be there. I'm wondering if there's been a change in the php handling of my website provider. Can anyone help?

When a walker wants to book a walk they arrive at a form which shows the leader of the walk, the walker enters his name in a box then presses a SUBMIT button. This then operates a php file which sends me an email and echoes a thankyou back.

The leader's name is injected into the form via local.storage from the walks listing page.

My problem is that the users's name gets sent fine, but the leader's name is null in the post and the echo, even though they both show on the form. Here is the relevant code:

In booking.htm file: <FORM name="BOOKING" METHOD="post" ACTION="booking.php">

<TABLE> <TR><TD>Leader:</TD><TD ID="Leader" name="Leader"></TD></TR> <TR><TD><textarea cols=21 rows=1 ID="namein" name="namein"></textarea></TD></TR> </TABLE> </FORM> <SCRIPT LANGUAGE="JavaScript">

document.getElementById("Leader").innerHTML = localStorage.getItem("Leader"); </SCRIPT>

In booking.php file: { $message = "Leader: " . $_POST['Leader'] . "\n"; $message .= "NAME: " . $_POST['namein'] . "\n"; $sent = mail("xxxxxxxxx", $message); }

Reply to
Dave W
Loading thread data ...

This is far from all "the relevant code". You'll really need to give someone with some PHP and web knowledge access to the web hosting system to be able to fix this.

It *may* be something simple like a newer version of PHP has been installed and needs some changes for the code to work as before but one still needs access to the hosting service to find out.

Reply to
Chris Green

Therein is I think the issue.

Unless you have a FORM field like <INPUT> or <textarea> the data entered will not be passed as a POST variable to the PHP.

What you need to do is create an input variable of type <HIDDEN> and as well as populating the TD element with the leader name, populate that also,

So:

<FORM name="BOOKING" METHOD="post" ACTION="booking.php"> <TABLE> <TR> <TD>Leader:</TD><TD ID="Leader" name="Dummy"></TD> </TR> <TR> <TD><textarea cols=21 rows=1 ID="namein" name="namein"></textarea></TD> </TR> </TABLE> <INPUT TYPE="HIDDEN" ID="Whatever" name="Leader" VALUE=""> </FORM> <SCRIPT LANGUAGE="JavaScript">

document.getElementById("Leader").innerHTML = localStorage.getItem("Leader"); document.getElementById("Whatever").value = localStorage.getItem("Leader"); </SCRIPT>

The booking.php script should now work as intended

Reply to
The Natural Philosopher

It looks like that relies on the [evil] PHP register_globals, if you're using a hosted PHP, it wouldn't surprise me if they've turned it off, but does surprise me they didn't do so a decade ago ...

Reply to
Andy Burns

Actually I should have got some sleep!

TNP is right, what you need within your <form> is <input name='leader' blahblah> rather than <td name='leader' blahblah>

Reply to
Andy Burns

Well no, the issue is that that is NOT an input field. Its preselected and filled in by by the hosts data Hence my suggestion to use a HIDDEN field, and inject the data into that.

And no, that code isn't using register globals.

$message = "Leader: " . $_POST['Leader'] . "\n"; is not use of them

$message = "Leader: " . $Leader. "\n"; would be, but really I don't think anyone still uses them.

The ability for malware to arbitrarily set any variable in PHP is too much even for the sloppiest hacker...

Reply to
The Natural Philosopher

That's what I said, it needs to be an INPUT instead of a TD

Reply to
Andy Burns

That not what I said. It is *not* a field that the designer wants data to be inputted into.

It is simply a fixed text area whose contents want to be delivered via a POST variable to the backend program.

It is unfortunate that <INPUT Type="hidden"> is not a field into which data can be input....even though it is called 'input'

Reply to
The Natural Philosopher

I'm typically using the hidden field thus:

<input type=hidden name="wiggy" value='<?php echo $somevar; ?>'>
Reply to
Tim Streater

Dear TNP, thank you very much for that, my website now works. I didn't add a separate HIDDEN input, just added a normal input between my TDs. The contents get displayed and used by PSP correctly.

I haven't managed to remove the borders to hide the fact that it's an input, but I don't mind if the user adds something to the displayed text.

I see that my PHP now only looks at input fields, but I don't understand why. It was different in the past.

Reply to
Dave W

I dont think it was. And its not PHP in charge, it is the browser..since that is what assembles the POST data to send to the php.

Have you recently upgraded from IE4?

Reply to
The Natural Philosopher

I use Firefox but also had the same problem on Chrome. I used to have loads of fields between TDs filled via local storage (not input fields) and they all copied splendidly into my email, then suddenly the results were all blank.

Reply to
Dave W

That does not compute. Whatever happened is not what you think happened

Reply to
The Natural Philosopher

Cheek!

Reply to
Dave W

HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.