anton_1 Posted December 7, 2011 Share Posted December 7, 2011 Hey guys, Any help is much appreciated! I want to make it, that when a form is submitted it inserts the booking and echos a message to the user without directing them to another page. Just now when you hit book, it shows the booking page on another page instead of just display Booking Complete on the same page Code: <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" > <table width="450px"> </tr> <tr> <td valign="top"> <label for="first_name">First Name *</label> </td> <td valign="top"> <input type="text" name="fname" maxlength="50" size="40"> </td> </tr> <tr> <td valign="top""> <label for="last_name">Last Name *</label> </td> <td valign="top"> <input type="text" name="lname" maxlength="50" size="40"> </td> </tr> <tr> <td valign="top"> <label for="email">Address</label> </td> <td valign="top"> <input type="text" name="address" maxlength="80" size="40"> </td> </tr> <tr> <td valign="top"> <label for="County">County</label> </td> <td valign="top"> <input type="text" name="county" maxlength="80" size="40"> </td> </tr> <tr> <td valign="top"> <label for="postcode">Postcode</label> </td> <td valign="top"> <input type="text" name="postcode" maxlength="80" size="40"> </td> </tr> <tr> <td valign="top"> <label for="telephone">Telephone Number</label> </td> <td valign="top"> <input type="text" name="telno" maxlength="30" size="40"> </td> </tr> <tr> <td valign="top"> <label for="CheckInDate">Check In Date</label> </td> <td valign="top"> <input type="text" name="checkIn" id="date" maxlength="30" size="40"> </td> </tr> <tr> <td valign="top"> <label for="CheckOutDate">Check Out Date</label> </td> <td valign="top"> <input type="text" name="checkOut" class="date" maxlength="30" size="40"> </td> </tr> <tr> <td colspan="2" style="text-align:center"> <input type="submit" name="submit" value="Book Room"> </td> </tr> </table> </form> PHP Code: <?php if(isset($_POST['submit'])) { $fname = $_POST['fname']; $lname = $_POST['lname']; $address = $_POST['address']; $county = $_POST['county']; $pcode = $_POST['postcode']; $telno = $_POST['telno']; $checkIn = $_POST['checkIn']; $checkOut = $_POST['checkOut']; $con = mysql_connect("localhost","root",""); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("forumtututorial", $con); $sql="INSERT INTO RoomBookings (FirstName, LastName, Address, County, Postcode, TelNo, CheckInDate, CheckOutDate) VALUES ('$_POST[fname]','$_POST[lname]','$_POST[address]','$_POST[county]','$_POST[postcode]','$_POST[telno]','$_POST[checkIn]','$_POST[checkOut]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } // mail customer reciept $to = "[email protected]"; $subject = "Booking Reservation"; $message = $fname . "has made a booking"; $headers = "Highlander Hotel"; mail($to,$subject,$message,$headers); echo "Booking Complete"; } ?> Thanks!! Link to comment https://forums.phpfreaks.com/topic/252650-php-self-post/ Share on other sites More sharing options...
MasterACE14 Posted December 7, 2011 Share Posted December 7, 2011 should leave the form 'action' field blank action="" there's security risks of using $_SERVER['PHP_SELF'] there. Link to comment https://forums.phpfreaks.com/topic/252650-php-self-post/#findComment-1295209 Share on other sites More sharing options...
anton_1 Posted December 7, 2011 Author Share Posted December 7, 2011 Thanks for your reply, but that doesnt do anything? If php self server is not in the action field it will not run the php script on the page when submit is clicked? Thanks! Link to comment https://forums.phpfreaks.com/topic/252650-php-self-post/#findComment-1295212 Share on other sites More sharing options...
aneeshrp Posted December 7, 2011 Share Posted December 7, 2011 http://php.net says $_SERVER is an array containing information such as headers, paths, and script locations. The entries in this array are created by the web server. There is no guarantee that every web server will provide any of these; servers may omit some, or provide others not listed here. That said, a large number of these variables are accounted for in the » CGI/1.1 specification, so you should be able to expect those. however you could try the following this 1. use "" in form's action attribute, From my understanding leaving the action blank (action=”") is not proper and still open to XSS attacks. or use __FILE__ constant with basename() <form method="post" name="helloworld" action="<?php echo basename( __FILE__ );?>"> <input type="submit" name="submit" value="Submit" /> </form> Link to comment https://forums.phpfreaks.com/topic/252650-php-self-post/#findComment-1295216 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.