Jump to content

Archived

This topic is now archived and is closed to further replies.

agupta2683

$POST and isset ($_GET[' '])

Recommended Posts

Hi All,

I have  a form which asks a user to add and delete the fields. These fields r defined in the backend database. I'm using POST method on the submission and once the user presses submit, the control goes to the form_submit page. This page uses isset($_get[' ']) method to retrive the values entered by the user and perform insertion or deletion operations in the database. The code is not throwing any error . when a user tried to enter the values for the fields on the form, the insertion or deletion operations are not performed in the database.

I have checked that I have made connection to the database.

I tried different if else combinations but it doesnt seem to work.

I have also attached the code if anyone can be kind enough to have a look at it.

I would highly appreciate any sort of help in this.

CODE

<?php
 
        if( isset( $_GET[ 'region' ], $_GET ['addstate'],$_GET ['deletestate']) )
      {
        $addstate = $_GET[ 'addstate' ];
        $deletestate = $_GET[ 'deletestate' ];   
        $region = $_GET[ 'region' ];
        $query  = "INSERT INTO dbo.off_campus_ashish VALUES ('$region', '$addstate') AND DELETE * FROM dbo.ashishdate WHERE region = '$region' AND state = '$deletestate'" ;
        mssql_query($query);
        //$result = db_query( "INSERT INTO dbo.ashishdate VALUES ($category, $addate) AND DELETE * FROM dbo.ashishdate WHERE category = $category AND date = $deletedate");
        }
      else
      {
      if( isset( $_GET[ 'region' ],$_GET ['addstate']) )
        {
        $addstate = $_GET[ 'addstate' ];
        $region = $_GET[ 'region' ];
        $query  = "INSERT INTO dbo.off_campus_ashish VALUES ('$region', '$addstate')";
        mssql_query($query);
        //$result = db_query( "INSERT INTO dbo.ashishdate VALUES ($category, $addate)");
        }
       
      else
      {
        if (isset( $_GET[ 'region' ], $_GET ['deletestate']) )
        {
        $deletestate = $_GET[ 'deletestate' ];   
        $region = $_GET[ 'region' ];
        $query  = "DELETE * FROM dbo.off_campus_ashish WHERE region = '$region' AND state = '$deletestate'" ;
        mssql_query($query);
        //$result = db_query("DELETE * FROM dbo.ashishdate WHERE category = $category AND date = $deletedate");
        }
        else
        {
        echo "You did not submit all the required information.  Please go back and try again.";
        }
        }
        }
    ?>

Share this post


Link to post
Share on other sites
change the $_GET[ 'region' ]  to $_POST[ 'region' ]
not just the reigon all the fields that are being sumbit using post change them to $_post...

Share this post


Link to post
Share on other sites
It should be " $_POST['region'] and not $_GET['region'] "

When you are using form to transfer info from form to script then we should use $_POST always....

$_GET[''] is used when the info i passed through url like http://domain.com/form.php?region=anyinfo

Inthis the "anyinfo" transfered to script to work with and it can be used by $_GET['anyinfo']

I hope you have understand the difference.........

I am also new and trying to learn things........ Please other guys correct me if i am wrong.

Share this post


Link to post
Share on other sites
Forms can be submitted in either POST or GET methods, which you define as below:

[code]
<form name="myform" method="POST">
[/code]

or

[code]
<form name="myform" method="GET">
[/code]

The POST method is more secure, in that the form values are passed "behind-the-scenes", which is good for ensuring that the information is not broadcast in the URL and cannot be manipulated outsite of the script. I recommend this method for items like user login scripts and other items that have sensitive data to be passed.

The GET method is less secure, but can a good choice where you want the form values passed through the URL. This is good for search scripts and the like where you would want a user to "bookmark" the page.

Whichever method you choose, you can access the variables by the corresponding $_POST or $_GET variable array.

Alternatively, you can use the $_REQUEST variable array for either form type, but be prepared to validate the contents of the variable because you won't know whether the information was passed by POST or GET.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.