Most books, specially the older ones will use this type of coding. It relies
completely on register_globals (and some other settings) to be enabled in
your php.ini.
However, many possible security risks has been identified with having
register_globals=on, so newer versions come with that feature disabled by
default.
This has been discussed to great depths in the archives, and arguably, if
you design your code with security in mind, turning register_globals on,
will and should not cause any problems. On the other hand, it is becoming a
"standard", so unless you have your own server, or you know your ISP will
turn it on for you, then you are probably better off accessing your
variables through the POST and GET arrays.
As I said in my first post, it is basically in the way that you call your
variables.
If you look at your example:
You have a form that has the same page as the action, using the POST method,
meaning that all the "names" of form elements and the correlating "values",
will be passed to the action page as POST variables. All these variables get
stored in the $_POST array.
So, as an example:
Your form has a <input type="text" name="var1" value="test">
With your code in mind, hitting the submit on the form, will place a new
element in the $_POST array, called "var1" ad associative value = "test"
And if you need to echo or use that variable/value, you should do so by
calling it like so:
echo $_POST[var1];
output -> "test"
If you look closely at your code, you will see an If
/* Section that executes query */
> > if (@$form == "yes")
> > {
and you will also see that the form being shown on first load of the page,
has a get variable appended to it in the action:
<form action=<?php echo $PHP_SELF ?>?form=yes method="post">
> > <table>
> > <tr>
> > <td align="right"><b>Type in database name</b></td>
> > <td>
that "?form=yes" bit, creates a $_GET variable called $_GET[form] with a
value of "yes"
So, for your code to work, the IF statement should read:
if ($_GET[form] == "yes")
> > {
Basically, the reason why it looks like your page is not doing anything, is
because the if cannot be satisfied...
You should thus go through that sample code and change the nameing of your
POST and GET variables (ie, the variables that are "passed" to the next page
to the abovementioned method and all should be fine.
-----Original Message-----
From: Simon Chappell [mailto:[EMAIL PROTECTED]
Sent: Monday, June 30, 2003 6:22 PM
To: Petre Agenbag
Subject: Re: [PHP] Forms
thanks for the reply
yes I have tried both on and off, it is currently off?
Where would i put those in my script? or do I have to start from scratch?
The reason I am asking, is that all the books I have seem to be doing the
same
out of date coding, and if it is possible to make a quick change that I can
carry with me through my learning then I can get use out of all the books
that i have bought! but if all the scripts are pointless then i might as
well
light a match or give them to my 6 year old and ask him to look after them!!
Many thanks
Simon
On Monday 30 Jun 2003 3:14 pm, Petre Agenbag wrote:
> Have you checked register_globals = on/off in your php.ini?
> If register_globals=off, then you must access your POST variables by:
>
> $_POST['whatever'];
>
> and your get (the stuff you put at the end of your URL's):
>
> $_GET['whatever'];
>
> On Mon, 2003-06-30 at 15:48, Simon Chappell wrote:
> > Hi can anyone help me with this?
> >
> > I have been failing to get any forms working with PHP now I have run out
> > of ideas? Having bought 3 books the latest one being php & mysql for
> > dummies(which might be appropriate for me) I am still failing at this
> > hurdle.
> >
> > the following script is a classic example taken straight out of the
book,
> > I get round the $PHP_SELF problem ok but then all the script does is
loop
> > back to itself?
> >
> > <!-- Program Name: mysql_send.php
> > Description: PHP program that sends an SQL query to the
> > MySQL server and displays the results.
> > -->
> > <html>
> > <head>
> > <title>SQL Query Sender</title>
> > </head>
> > <body>
> > <?php
> > $user="root";
> > $host="localhost";
> > $password="";
> >
> > /* Section that executes query */
> > if (@$form == "yes")
> > {
> > mysql_connect($host,$user,$password);
> > mysql_select_db($database);
> > $query = stripSlashes($query) ;
> > $result = mysql_query($query);
> > echo "Database Selected: <b>$database</b><br>
> > Query: <b>$query</b>
> > <h3>Results</h3>
> > <hr>";
> > if ($result == 0)
> > echo("<b>Error " . mysql_errno() . ": " . mysql_error() . "</b>");
> >
> > elseif (@mysql_num_rows($result) == 0)
> > echo("<b>Query completed. No results returned.</b><br>");
> > else
> > {
> > echo "<table border='1'>
> > <thead>
> > <tr>";
> > for ($i = 0; $i < mysql_num_fields($result); $i++)
> > {
> > echo("<th>" . mysql_field_name($result,$i) . "</th>");
> > }
> > echo " </tr>
> > </thead>
> > <tbody>";
> > for ($i = 0; $i < mysql_num_rows($result); $i++)
> > {
> > echo "<tr>";
> > $row = mysql_fetch_row($result);
> > for ($j = 0; $j < mysql_num_fields($result); $j++)
> > {
> > echo("<td>" . $row[$j] . "</td>");
> > }
> > echo "</tr>";
> > }
> > echo "</tbody>
> > </table>";
> > }
> > echo "<hr><br>
> > <form action=$PHP_SELF method=post>
> > <input type=hidden name=query value=\"$query\">
> > <input type=hidden name=database value=$database>
> > <input type=submit name=\"queryButton\" value=\"New Query\">
> > <input type=submit name=\"queryButton\" value=\"Edit Query\">
> > </form>";
> > unset($form);
> > exit();
> > }
> >
> > /* Section that requests user input of query */
> > @$query = stripSlashes($query);
> > if (@$queryButton != "Edit Query")
> > {
> > $database = " ";
> > $query = " ";
> > }
> > ?>
> >
> > <form action=<?php echo $PHP_SELF ?>?form=yes method="post">
> > <table>
> > <tr>
> > <td align="right"><b>Type in database name</b></td>
> > <td>
> > <input type=text name="database" value=<?php echo $database ?> >
> > </td>
> > </tr>
> > <tr>
> > <td align="right" valign="top"><b>Type in SQL query</b></td>
> > <td><textarea name="query" cols="60" rows="10"><?php echo $query
> > ?></textarea>
> > </td>
> > </tr>
> > <tr>
> > <td colspan="2" align="center"><input type="submit" value="Submit
> > Query"></td>
> > </tr>
> > </table>
> > </form>
> >
> > </body>
> > </html>
> >
> > Any ideas would be greatly appreciated as I am floundering badly!
> >
> > Simon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
