[SOLVED] Get in a form action?

[SirChick]

Is it possible to do this:

 

<form name="" method="POST" action="reportplayer.php?process=<?=$ID?>" enctype="text/plain" id="Form1" onsubmit="return ValidateForm1(this)">

 

 

Although it is not working for me as the url just shows ?process=

 

But is it possible to put the get into the form action ?

[pcman]

try this:

<form name="" method="POST" action="reportplayer.php?process=<? echo $ID?>" enctype="text/plain" id="Form1" onsubmit="return ValidateForm1(this)">

[revraz]

Are you setting $ID to something?

 

Like

 

$ID = $_GET['id'];

 

or try using $_GET['id'] right in the echo statement.

[SirChick]

Ok well when the page loads it has :

reportplayer.php?process=72

 

So i got:

 

If(isset($_GET['report'])){
$ID = mysql_real_escape_string($_GET['report']);
<form name="" method="POST" action="reportplayer.php?process=<?=$ID?>" enctype="text/plain" id="Form1" onsubmit="return ValidateForm1(this)">

//form stuff

 

This is so that when the form is in process it still has the player's ID so it knows what ID to process.

 

[revraz]

So it works?

[SirChick]

No it doesnt. When i echo $ID it is blank.

But i didn't know weather it was possible to do in the first place which would explain why it was not working... but if i know its possible then I know I made a mistake some where

[pcman]

maybe

<?php echo $ID; ?>

 

[revraz]

Yep echo it.

[SirChick]

maybe

<?php echo $ID; ?>

 

 

I use short tags with my scripts I don't think it would make a difference by using Echo...

 

Edit * tried the echo method and it didn't work *

How ever the $ID does contain the value but not when its used in the form?

 

 

This is what i got:

 

 

The url of this script is:

reportplayer.php?report=72

<?php
If(isset($_POST['Button1'])){
$Date = date("Y-m-d H:i:s",time());
$ID = mysql_real_escape_string($_GET['process']);
//doesnt echo
Echo $ID;
}

If(isset($_GET['report'])){
$ID = mysql_real_escape_string($_GET['report']);
//does echo
Echo $ID;
If($ID == $_SESSION['Current_User']){
Header("location: reportplayer.php?error3");
}
If(is_numeric($ID)){
$Check = mysql_query("SELECT * FROM userregistration WHERE UserID='$ID'")
or die(mysql_error());
If(mysql_num_rows($Check) < 1){
Header("location: reportplayer.php?error");
}
}
?>

<script language="JavaScript" type="text/javascript">
<!--
function ValidateForm1(theForm)
{
if (theForm.TextArea1.value.length > 250)
{
   alert("Please enter at most 250 characters in the \"TextArea1\" field.");
   theForm.TextArea1.focus();
   return false;
}
return true;
}
//-->
</script>
</head>
<div id="bv_" style="position:absolute;left:170px;top:300px;width:650px;height:24px;z-index:14" align="center">
<font style="font-size:30px" color="#FF0000" face="Arial"><b>Abusing this report feature <u>WILL</u> result in your account being punished!</b></font></div>
<div id="bv_" style="position:absolute;left:300px;top:390px;width:350px;height:24px;z-index:14" align="center">
<font style="font-size:16px" color="#FFFFFF" face="Arial"><i><u>Please let us know what your reporting this user for so we know what we are looking for!</u></i></font></div>
<div id="bv_" style="position:absolute;left:201px;top:353px;width:583px;height:300px;z-index:15" align="left">
<form name="" method="POST" action="reportplayer.php?process=<?echo$ID?>" enctype="text/plain" id="Form1" onsubmit="return ValidateForm1(this)">
<input type="submit" id="Button1" name="Button1" value="Report" style="position:absolute;left:250px;top:201px;width:75px;height:24px;z-index:0">
<textarea name="TextArea1" id="TextArea1" style="position:absolute;left:132px;top:108px;width:289px;height:72px;z-index:1" rows="3" cols="29"></textarea>
<input type="checkbox" id="Checkbox1" name="Checkbox1" value="" style="position:absolute;left:342px;top:203px;z-index:2">
<div id="bv_Text10" style="position:absolute;left:219px;top:263px;width:150px;height:19px;z-index:3" align="center">
<font style="font-size:16px" color="#FFFFFF" face="Arial"><b><u>Cancel</u></b></font></div>

</form>
</div>
<?
}
?>

[PFMaBiSmAd]

O'boy.

 

The mysql_real_escape_string() function requires a current open link to a mysql server and is generating errors when you call it that way.

 

When learning php, developing php code, or debugging php code, always check your web server log for errors and/or turn on full php error reporting in php.ini or a .htaccess file to get php to help you.

[revraz]

You may want to either make it a Global variable($_SESSION maybe) or use the $_GET instead.  I bet it's not passing because the form is being shown before the variable is getting set.

 

Also, you know you are overwriting $ID right?

[SirChick]

Well in the page source the form shows the ID so it works.. but upon submit the $ID doesn't get assigned... I don't see where the ID would be overwritten.. what line are you referring to ?

 

One $_GET is "process" and one is "report" so they can't overwrite cos that would mean the url is the same at the same time which can't be possible.

 

O'boy.

 

The mysql_real_escape_string() function requires a current open link to a mysql server and is generating errors when you call it that way.

 

When learning php, developing php code, or debugging php code, always check your web server log for errors and/or turn on full php error reporting in php.ini or a .htaccess file to get php to help you.

 

 

Wait you lost me there...

 

do you mean it needs the:

 

//connect
include("include.php");

 

If so that is always there as standard i didn't put that in as the problem is slightly beyond that.. I get no errors anyway =/

 

If you mean something else then you've lost here, cos ive never had problems using string escape with GETS for the last year or so...

[SirChick]

Got it working ! thankgod for that