[SOLVED] php forms displaying VALUE in the text boxes on new server, but not on old one

keefaz · 09-10-2014, 08:20 AM

Quote:

Originally Posted by rjo98

Using ... ]makes the page not display anything

Check for errors in logs (tail /var/log/httpd/error_log) while trying your script

michaelk · 09-10-2014, 09:27 AM

In a nutshell Register_Global directive was on which automatically assigned your form values to variables when submitted by default. Since this directive is now depreciated your variables are not automatically defined. This is why your script does not work.

However, if php recognised $work as a not defined variable it should of displayed nothing instead of "$work" There could be a syntax error in your old code that is now causing problems with the current php version. Form values are now available using $_POST['xxxx'] or $_REQUEST['xxxx'].

anon091 · 09-10-2014, 09:35 AM

OK. Now not being a php programmer, are there syntax checkers out there I can run my file through? I did the command line php check -l, and it didn't report any errors.

michaelk · 09-10-2014, 10:25 AM

Try changing <? to <?php.
Change all your form post variables i.e. $work to $_POST['work'].

Will get the form working first before adding other stuff.

anon091 · 09-10-2014, 10:49 AM

ok, changed my one <? to <?php

but for the other suggestion, do I just change that in my if ($send != "no") section? or do I change that every spot there's a $work for example? I think just in that if section, but want to make sure.

anon091 · 09-10-2014, 11:05 AM

Also, is taking out all the VALUE= parts in the form_block part the right thing to do so the text boxes aren't populated with stuff like
\"$work\"

michaelk · 09-10-2014, 11:07 AM

Did you try running the script? Did the $work disappear?

I'm not the best programmer either... Others might suggest a better method.

Actually in your (send==no) if then block you could add
$word=$_POST['word'] (i.e.for each form variable)
..
echo "form_block"

P.S not if you want to redisplay those values that were first posted.

anon091 · 09-10-2014, 11:15 AM

Actually, just tried to run it after my <? to <?php change, and that eliminated all the garbage from the text boxes! so I guess that question is void now. but when I click the submit button, it just clears all the forms out and I don't get the email.

I'm still confused on where I need to "Change all your form post variables i.e. $work to $_POST['work']" though? do I change it on the INPUT lines, where it's checking to make sure it's filled in, or where it's adding it into $msg? Sorry, feeling really dense on this part.

but wow, that first change made the form look identical to how it was on the old server, pretty amazing!

keefaz · 09-10-2014, 12:41 PM

There have been changes from php v.4 to php 5

$PHP_SELF becomes $_SERVER['PHP_SELF']

All your post form variables are now in $_POST array

eg:
$employee becomes $_POST['employee']
$department becomes $_POST['department']

etc

PS: the errors can be seen in /var/log/httpd/error_log

anon091 · 09-10-2014, 12:54 PM

ok, I see where I have $PHP_SELF
<FORM METHOD=\"post\" ACTION=\"$PHP_SELF\">
so am I simply manually doing a find and replace of those 2 phrases to change it?

So sounds like every time I see a $employee for example that should become $_POST['employee']

I do see the errors with line numbers in error_log, but how to correct them (or how not to make things worse) i'm still struggling with. it complains of undefined variables PHP_SELF, employee, department, work, cell, home, pager, message, op.

Could someone show me what the line for PHP_SELF and maybe employee should look like, then i can try to fix the others myself?

really appreciate you guys barring with me here

michaelk · 09-10-2014, 02:53 PM

You can use isset function to see of $op is set to remove that error. If not set then
you can define your form variables to equal "". This will not cause errors when you echo the form block string when first run. Then when you display errors you use the $_POST to get the form data.

If (!isset($op)) {
$message=""; // include all form variables
...
echo form_block;
}
if ($send=='no') {
$message=$_POST['message'];// assigns variables. include all form variables.
...
echo form_block;
}

keefaz · 09-10-2014, 03:09 PM

Maybe use a function to simplify things...

PHP Code:



<?php
function myIsset($str) {
  return isset($_POST[$str]) ? trim($_POST[$str]) : '';
}

$form_block = "
<FORM METHOD=\"post\" ACTION=\"{$_SERVER["PHP_SELF"]}\">
<p><strong>Employee name: <font size=\"-1\"><em>(Exactly as it should be listed)</em></font>  <font color=\"#FF0000\">**Required</font></strong><br>
<INPUT TYPE=\"text\" NAME=\"employee\" VALUE=\"".myIsset("employee")."\" SIZE=\"75\" MAXLENGTH=\"100\"></p>

<p><strong>Department: <font size=\"-1\"><em>(Exactly as it should be listed)</em></font>  <font color=\"#FF0000\">**Required</font></strong><br>
<INPUT TYPE=\"text\" NAME=\"department\" VALUE=\"".myIsset("department")."\" SIZE=\"75\" MAXLENGTH=\"50\"></p>";

/* script continue */
?>

Now, I think it's better to use single quotes for $form_block value imo

PHP Code:



<?php
function myIsset($str) {
  return isset($_POST[$str]) ? trim($_POST[$str]) : '';
}

$form_block = '
<FORM METHOD="post" ACTION="'.$_SERVER['PHP_SELF'].'">
<p><strong>Employee name: <font size="-1"><em>(Exactly as it should be listed)</em></font>  <font color="#FF0000">**Required</font></strong><br>
<INPUT TYPE="text" NAME="employee" VALUE="'.myIsset('employee').'" SIZE="75" MAXLENGTH="100"></p>

<p><strong>Department: <font size="-1"><em>(Exactly as it should be listed)</em></font>  <font color="#FF0000">**Required</font></strong><br>
<INPUT TYPE="text" NAME="department" VALUE="'.myIsset('department').'" SIZE="75" MAXLENGTH="50"></p>';

/* script continue */

?>

Also myIsset() function should do more tests on posted variables to sanitize user inputs

anon091 · 09-11-2014, 08:06 AM

Thanks guys. will try to implement what you said.

keefaz · 09-11-2014, 09:27 AM

Frankly, if it's a script for learning forms in PHP, I would try another one, more recent

If it's a script that will run in real production server environment, I am afraid but it has to be rebuilt from scratch

A modern example for php5, html5

PHP Code:



 <!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>

<?php
// define variables and set to empty values
$nameErr = $emailErr = $genderErr = $websiteErr = "";
$name = $email = $gender = $comment = $website = "";

if ($_SERVER["REQUEST_METHOD"] == "POST") {
   if (empty($_POST["name"])) {
     $nameErr = "Name is required";
   } else {
     $name = test_input($_POST["name"]);
     // check if name only contains letters and whitespace
     if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
       $nameErr = "Only letters and white space allowed";
     }
   }
  
   if (empty($_POST["email"])) {
     $emailErr = "Email is required";
   } else {
     $email = test_input($_POST["email"]);
     // check if e-mail address is well-formed
     if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
       $emailErr = "Invalid email format";
     }
   }
    
   if (empty($_POST["website"])) {
     $website = "";
   } else {
     $website = test_input($_POST["website"]);
     // check if URL address syntax is valid (this regular expression also allows dashes in the URL)
     if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) {
       $websiteErr = "Invalid URL";
     }
   }

   if (empty($_POST["comment"])) {
     $comment = "";
   } else {
     $comment = test_input($_POST["comment"]);
   }

   if (empty($_POST["gender"])) {
     $genderErr = "Gender is required";
   } else {
     $gender = test_input($_POST["gender"]);
   }
}

function test_input($data) {
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;
}
?>

<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
   Name: <input type="text" name="name" value="<?php echo $name;?>">
   <span class="error">* <?php echo $nameErr;?></span>
   <br><br>
   E-mail: <input type="text" name="email" value="<?php echo $email;?>">
   <span class="error">* <?php echo $emailErr;?></span>
   <br><br>
   Website: <input type="text" name="website" value="<?php echo $website;?>">
   <span class="error"><?php echo $websiteErr;?></span>
   <br><br>
   Comment: <textarea name="comment" rows="5" cols="40"><?php echo $comment;?></textarea>
   <br><br>
   Gender:
   <input type="radio" name="gender" <?php if (isset($gender) && $gender=="female") echo "checked";?>  value="female">Female
   <input type="radio" name="gender" <?php if (isset($gender) && $gender=="male") echo "checked";?>  value="male">Male
   <span class="error">* <?php echo $genderErr;?></span>
   <br><br>
   <input type="submit" name="submit" value="Submit">
</form>

<?php
echo "<h2>Your Input:</h2>";
echo $name;
echo "<br>";
echo $email;
echo "<br>";
echo $website;
echo "<br>";
echo $comment;
echo "<br>";
echo $gender;
?>

</body>
</html>

http://www.w3schools.com/php/php_form_complete.asp

anon091 · 09-11-2014, 09:29 AM

I think you're probably right. at this point, i'll take this example you provided and try to tweak as a replacement for mine.

Thanks for the help everybody. I'm going to close this thread.