Jump to content

HTML form displaying values as <?=$name?>


Go to solution Solved by shadiadiph,

Recommended Posts

Hi,

 

Probably a silly question I have a page where I save a form with <input type="text" name="name" value="<?=$name?>" />

to an SQL database

 

When I call it from the database $name is already called prior to calling the form but when it displays it displays the input field with the php code <?=$name?> I tried <?php echo or just using $name got the same results each time is there anyway to make this work so it displays the variable instead of the php text?

Link to comment
https://forums.phpfreaks.com/topic/283910-html-form-displaying-values-as/
Share on other sites

1) The value is the one that shows up on the form page.

2) Is your form using PHP_SELF method?

3) What are you trying to achieve?

 

---

I assumed that you want to make a form that auto generates the username for the user so that they do not need to type again.

So, the code will be

<input type="text"  name="username" value="<?php echo $row['username']; ?>" readonly="readonly"  >

 

Please remember your query on the top.

Actually i am:

 

1) saving the form with <input type="text" name="name" value="<?=$name?>" /> to sql

2) calling $name

3) calling $form which has the above input tag

4) echo $form and it is showing the php code as the value

Edited by shadiadiph

With PHP version < 5.4, the following willl work only if short_tags are enabled.

<input type="text" name="name" value="<?=$name?>" />

if short_tags as disabled in the php.ini file you need to use

<input type="text" name="name" value="<?php echo $name?>" />

Version >=  5.4  - this will work regardless of short_tag setting

<input type="text" name="name" value="<?=$name?>" />

There should be no need for you to use eval() at all.

Edited by Barand

by using eval() you have opened yourself up to let hackers run their php code on your server. you must now validate that the $name variable (or any other value you put into the eval() statement) does not contain php code. does the rest of your code contain sufficient validation to insure someone isn't going to take over your web site?

 

databases are for storing data, not code. if you want to store html makeup in your database, you need to use a template system where values have place-holders and the template essentially does a search/replace at runtime to put the values into the markup.

Edited by mac_gyver
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.