Jump to content

$POST and isset ($_GET[' '])

agupta2683

By agupta2683
in PHP Coding Help

 Share

Recommended Posts

agupta2683 Newbie

agupta2683

Posted
Posted
Hi All,

I have  a form which asks a user to add and delete the fields. These fields r defined in the backend database. I'm using POST method on the submission and once the user presses submit, the control goes to the form_submit page. This page uses isset($_get[' ']) method to retrive the values entered by the user and perform insertion or deletion operations in the database. The code is not throwing any error . when a user tried to enter the values for the fields on the form, the insertion or deletion operations are not performed in the database.

I have checked that I have made connection to the database.

I tried different if else combinations but it doesnt seem to work.

I have also attached the code if anyone can be kind enough to have a look at it.

I would highly appreciate any sort of help in this.

CODE

<?php
 
        if( isset( $_GET[ 'region' ], $_GET ['addstate'],$_GET ['deletestate']) )
      {
        $addstate = $_GET[ 'addstate' ];
        $deletestate = $_GET[ 'deletestate' ];   
        $region = $_GET[ 'region' ];
        $query  = "INSERT INTO dbo.off_campus_ashish VALUES ('$region', '$addstate') AND DELETE * FROM dbo.ashishdate WHERE region = '$region' AND state = '$deletestate'" ;
        mssql_query($query);
        //$result = db_query( "INSERT INTO dbo.ashishdate VALUES ($category, $addate) AND DELETE * FROM dbo.ashishdate WHERE category = $category AND date = $deletedate");
        }
      else
      {
      if( isset( $_GET[ 'region' ],$_GET ['addstate']) )
        {
        $addstate = $_GET[ 'addstate' ];
        $region = $_GET[ 'region' ];
        $query  = "INSERT INTO dbo.off_campus_ashish VALUES ('$region', '$addstate')";
        mssql_query($query);
        //$result = db_query( "INSERT INTO dbo.ashishdate VALUES ($category, $addate)");
        }
       
      else
      {
        if (isset( $_GET[ 'region' ], $_GET ['deletestate']) )
        {
        $deletestate = $_GET[ 'deletestate' ];   
        $region = $_GET[ 'region' ];
        $query  = "DELETE * FROM dbo.off_campus_ashish WHERE region = '$region' AND state = '$deletestate'" ;
        mssql_query($query);
        //$result = db_query("DELETE * FROM dbo.ashishdate WHERE category = $category AND date = $deletedate");
        }
        else
        {
        echo "You did not submit all the required information.  Please go back and try again.";
        }
        }
        }
    ?>
Link to comment
Share on other sites
smartguyin Member

smartguyin

Posted
Posted
It should be " $_POST['region'] and not $_GET['region'] "

When you are using form to transfer info from form to script then we should use $_POST always....

$_GET[''] is used when the info i passed through url like http://domain.com/form.php?region=anyinfo

Inthis the "anyinfo" transfered to script to work with and it can be used by $_GET['anyinfo']

I hope you have understand the difference.........

I am also new and trying to learn things........ Please other guys correct me if i am wrong.
Link to comment
Share on other sites
HeyRay2 Newbie

HeyRay2

Posted
Posted
Forms can be submitted in either POST or GET methods, which you define as below:

[code]
<form name="myform" method="POST">
[/code]

or

[code]
<form name="myform" method="GET">
[/code]

The POST method is more secure, in that the form values are passed "behind-the-scenes", which is good for ensuring that the information is not broadcast in the URL and cannot be manipulated outsite of the script. I recommend this method for items like user login scripts and other items that have sensitive data to be passed.

The GET method is less secure, but can a good choice where you want the form values passed through the URL. This is good for search scripts and the like where you would want a user to "bookmark" the page.

Whichever method you choose, you can access the variables by the corresponding $_POST or $_GET variable array.

Alternatively, you can use the $_REQUEST variable array for either form type, but be prepared to validate the contents of the variable because you won't know whether the information was passed by POST or GET.
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.