JakeForDesign Posted March 3, 2014 Share Posted March 3, 2014 I have my form created, and want to link it to an insert.php file where I can save data to database. Normally, I would have done it like this: <form method="post" action="insert.php"> Although, I have done my form a different way than usual to help security precautions(Reference: http://www.w3schools.com/php/php_form_complete.asp) <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> Name: <input type="text" name="name" value="<?php echo $name;?>"> <span class="error">* <?php echo $nameErr;?></span> <br><br> E-mail: <input type="text" name="email" value="<?php echo $email;?>"> <span class="error">* <?php echo $emailErr;?></span> <br><br> Website: <input type="text" name="website" value="<?php echo $website;?>"> <span class="error"><?php echo $websiteErr;?></span> <br><br> Comment: <textarea name="comment" rows="5" cols="40"><?php echo $comment;?></textarea> <br><br> Gender: <input type="radio" name="gender" <?php if (isset($gender) && $gender=="female") echo "checked";?> value="female">Female <input type="radio" name="gender" <?php if (isset($gender) && $gender=="male") echo "checked";?> value="male">Male <span class="error">* <?php echo $genderErr;?></span> <br><br> <input type="submit" name="submit" value="Submit"> </form> My form's action attribute is filled with php code already, so where do I link to my insert.php file now? Can I still put a file name next to the php code that is already there? Can I do it like this, adding an onclick attribute that links to insert.php file?: <input type="submit" name="submit" value="Submit" onclick="insert.php"> Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted March 3, 2014 Share Posted March 3, 2014 (edited) The action attribute determines where the form is submitted to. Setting the form action to PHP_SELF will submit the form to itself. if you want the form to goto insert.php then you must set the form action to that. Although, I have done my form a different way than usual to help security precautions(Reference: http://www.w3schools...rm_complete.asp) Nothing to do with security. That code you are referring to only repopulates the form values. Edited March 3, 2014 by Ch0cu3r Quote Link to comment Share on other sites More sharing options...
JakeForDesign Posted March 3, 2014 Author Share Posted March 3, 2014 Ok thanks. Well what is the point in php self at all? Quote Link to comment Share on other sites More sharing options...
Solution Ch0cu3r Posted March 3, 2014 Solution Share Posted March 3, 2014 As I said to submit the form to itself. Rather than change the form action, you could keep it set to php self. But Once you have validated/verified the users data to your requirements you can just include insert.php instead. example pseudo code <?php if(isset($_POST['submit'])) { /* validates users data */ if(/* users data validates */) { include 'insert.php'; } } ?> /* display form/validation errors */ Quote Link to comment Share on other sites More sharing options...
JakeForDesign Posted March 3, 2014 Author Share Posted March 3, 2014 (edited) Thanks again Edited March 3, 2014 by JakeForDesign Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.