Jump to content

$_POST won't work!! Form validation PHP/HTML


Rosith

Recommended Posts

Hi there. My problem is quite simple, but carries lots of questions of why the hell is this happening.

I'm new at PHP but I'm familiar with the syntax, since It's been 3 years since I code in C, 1 in Java and half year in JS (with HTML and CSS of course).

I was creating a page where I could validate a HTML form using PHP script, it was going everything allright, until I couldn't use the data that was going to the $_POST array. I tested it on some other file and It was like the server just didn't allowed me to do it so. I searched around on internet and I found the print_r() function, which shows the data as an associative array in $_POST, like this: array(KeyName => ValueName). 

Check the code and please, help me find why is this happening. I'm brazillian and all I know about english came from netflix, so i'm sorry if I wrote anything wrong. Thanks S&Z

<!DOCTYPE html>
<html lang = "pt-br" >
    <head>
        <title>
            Formulário
        </title>
        <meta charset="utf-8">
    </head>
    <body>
        <form method = "POST" action = "<?php htmlspecialchars($_SERVER["PHP_SELF"]);?>" autocomplete = "off">
            Nome: <br>
            <input type = "text" name = "Name" placeholder = "Ex: Guilherme" required autofocus>
            <?php
                if($_SERVER["REQUEST_METHOD"] == $_POST){
                    echo $_POST["Name"];
                }
            ?>
            <br><br>
            <input type = "submit" value = "Enviar">
        </form>
        <?php
            print_r($_POST);
        ?>
    </body>
</html>

Link to comment
Share on other sites

22 minutes ago, Rosith said:

$_SERVER["REQUEST_METHOD"] == $_POST

$_SERVER['REQUEST_METHOD'] is a string value indicating what HTTP verb was used.  To check for a POST request then you need to compare to the string "POST" not the $_POST array.

if ($_SERVER['REQUEST_METHOD'] === 'POST'){
   //...
}

 

Link to comment
Share on other sites

Also, change the order of the code in your page, putting the php section first. Code flow should be something like this

if POST data exists
    Validate data storing error messages
    
    if no errors
        do updates
        header("location: #") // reload page
        exit
    end if
end if

if GET data
    process GET data
endif

any other code necessary for building page e.g. menus


!DOCTYPE html
html
    
    output any validation error messages
    form
        form fields
    end form
end html    

 

Link to comment
Share on other sites

In addition, leave the `action` attribute off your opening form tag. By not supplying an action the form will submit to it's own address, and I believe that $_SERVER['PHP_SELF'] can be altered or spoofed. In a similar vein, instead of checking $_SERVER['REQUEST_METHOD'], you could always check the actual variable you're about to use - that way you'll know that what you want to print actually exists.

if(!empty($_POST['Name'])){
	echo htmlspecialchars($_POST['Name']);
}

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.