Help With Posting Arrays through Hidden Fields!?!?!

[Ryanz]

Well ... I'm having problems using the "serialize()" and "unserialize()" functions to send an array through a hidden input in a form.

 

Here's two simple script pages. They go in a cycle ... The array is created in answer1.php which just makes the array and then processes it instead of recieveing the array and processing it, I havn;t included that one.

 

The array is simple numbers ... arr = array("1","2","3","4", ect.)

 

Answer.php :

 

 

 

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Quiz</title>
</head>

<body>


<?php 
$answer = $_POST['answer'];
$correct = $_POST['correct'];
$question = $_POST['question'];


$arr = unserialize($_POST['comparr']);

$random = array_rand($arr);


$nextq = $arr[$random];

$nextqn = $question + 1;

$newarray = array_splice($arr, array_search($nextq, $arr), 1);

if($answer == $correct) echo "<font color=green>CORRECT</font><br><form action=q" . $nextq . ".php method=post>
<input type=hidden name=question value=" . $nextqn . ">
<input type=hidden name=comparr value=" . serialize($newarray) . ">
<input type=submit name=Next value='Next Question'></form>";
else echo "INCORRECT<br><a href=index.php>Try again ...</a>";



?>

</body>
</html>

 

 

 

The hidden values in the answer.php page are then send to the next question which should be randomly picked from the previosly sent array and the question that has just ben answered should be removed from the array sot aht the same question does not come up 2 times, but the questions still come randomly.

 

Here is q2.php, which should be randomly picked, the next question is 'q" . $nextq . ".php' which is created in the php above the form.

 

q2.php:

 

 

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Quiz</title>

</head>

<body>

<h1>Q<?php 
$question = $_POST['question'];
echo $question; 
$array = unserialize($_POST['comparr']);


?>


</h1><br><b>Question?</b><br><br>
<form method="post" action="answer.php">
<input type="radio" name="answer" value="1" />answer1<br>
<input type="radio" name="answer" value="2" />answer2<br>
<input type="radio" name="answer" value="3" />answer3<br>
<input type="radio" name="answer" value="4" />answer4 - correct<br>
<input type="radio" name="answer" value="5" />answer5<br>
<input type="hidden" name="correct" value="4" />
<input type="hidden" name="question" value="

<?php echo $question; ?>" />
<input type=hidden name=comparr value=" . serialize($array) . ">
<input type="Submit" name="submit" value="Submit" />
</form>
</body>
</html>

 

 

 

I know that this is an awful way of doing this! I'm sorry about that but I don't have much experience in PHP and don't really know how to create sessions to use ect.

 

If anyone could rewrite or just give me tips onw hat to do with the script to make it work how I want it to work it would be great!

 

Thanks Alot!

 

Ryan

 

(edited by kenrbnsn to change the [nobbc] tags to

tags[/nobbs])

[Ryanz]

I was told about the serialize() by somone but it's obvios that I have not used it correctly. Could somone tell me how to use it correctly?

[Ryanz]

Help Please!

[sennetta]

Not 100% sure what the question is, but I wouldn't serialise anything.  If it's just an array you're transferring through POST perhaps use implode() to turn the array into a string, stuff it in the hidden html field, and then explode() to turn it back again in the handling script.  Does this help?

[laffin]

either method, you have to consider the data.

and codes ya have to avoid, and how to overcome them.

 

data - shudn contain url/html code

 

serialize/unserialize - works great with arrays, but will more than likely have undesirable characters.

 

so u combine either method with

 

urlencode and urldecode,

 

if yer array contains " & + ?

ya may need to add another layer, using htmlentities

 

 

so on the form ya shud use:

<input type=hidden name=comparr value=" . urlencode(htmlentities(serialize($newarray))) . ">

 

to extract the info go in reverse

if(isset($_POST['comprarr']))
  $arr = unserialize(html_entity_decode(urldecode($_POST['comparr'])));

 

yer processing form shud validate and sanitize any input from the user.

otherwise ya will end up with errors

[Ryanz]

either method, you have to consider the data.

and codes ya have to avoid, and how to overcome them.

 

data - shudn contain url/html code

 

serialize/unserialize - works great with arrays, but will more than likely have undesirable characters.

 

so u combine either method with

 

urlencode and urldecode,

 

if yer array contains " & + ?

ya may need to add another layer, using htmlentities

 

 

so on the form ya shud use:

<input type=hidden name=comparr value=" . urlencode(htmlentities(serialize($newarray))) . ">

 

to extract the info go in reverse

if(isset($_POST['comprarr']))
  $arr = unserialize(html_entity_decode(urldecode($_POST['comparr'])));

 

yer processing form shud validate and sanitize any input from the user.

otherwise ya will end up with errors

 

Hey

 

I tried that, but it didn't work :S

 

I cannot see what went wrong, but the digit still isn't being sent :S

[Ryanz]

Not 100% sure what the question is, but I wouldn't serialise anything.  If it's just an array you're transferring through POST perhaps use implode() to turn the array into a string, stuff it in the hidden html field, and then explode() to turn it back again in the handling script.  Does this help?

 

I've also tried implode and explode ... But that won't work :S

 

All I have to do is send an array ... I have no clue why it won't work :S

[resago]

implode and explode using + as the delim.

 

[sasa]

try to change line

<input type=hidden name=comparr value=" . serialize($newarray) . ">

to

<input type=hidden name=comparr value='" . serialize($newarray) . "'>

[Ryanz]

try to change line

<input type=hidden name=comparr value=" . serialize($newarray) . ">

to

<input type=hidden name=comparr value='" . serialize($newarray) . "'>

 

Tried that ... didn't seem to work ... can anyone show me how to use implode and explode properly?

[kenrbnsn]

This line in the original code that was posted

<input type=hidden name=comparr value=" . serialize($array) . ">

 

the "serialize()" function call is not within PHP tags, so it will not work.

 

Write it like

<input type=hidden name=comparr value="<?php echo htmlentities(serialize($array),ENT_QUOTES); ?>">

 

The htmlentities() function will encode quotes so not to disrupt the value quoted string.

 

Ken

[Ryanz]

This line in the original code that was posted

<input type=hidden name=comparr value=" . serialize($array) . ">

 

the "serialize()" function call is not within PHP tags, so it will not work.

 

Write it like

<input type=hidden name=comparr value="<?php echo htmlentities(serialize($array),ENT_QUOTES); ?>">

 

The htmlentities() function will encode quotes so not to disrupt the value quoted string.

 

Ken

 

Thanks loads for that .. important bit of information I've missed out. Still didn't make the script work though :S

 

What would I have to do to uncode your string?

[Ryanz]

Any one else?

[aschk]

Alternatively stop messing around with hidden fields and start using sessions...

[Ryanz]

Alternatively stop messing around with hidden fields and start using sessions...

 

I don't knwo how basiaclly ... that's the problem with that :S

[aschk]

101 in Sessions:

 

<?php

session_start();
$_SESSION['myvar'] = "blah blah blah";

echo $_SESSION['myvar'];

?>

 

Once you have set a session variable it remains "in memory" until you wipe it from the session, destroy the session, or it expires.

Thus you can use $_SESSION['myvar'] on any following page once it's set, so long as you start the session on each page ( session_start() );

[Stooney]

sessions stay set until you unset them or the session expires.  So you don't have to post them page to page.  Here's a quick and simple example.

 

<?php
session_start()

$_SESSION['var']=$_POST['var'];
echo $_SESSION['var'];
?>

 

EDIT:  Didn't notice a page 3.  aschk already beat me to it.

[Ryanz]

101 in Sessions:

 

<?php

session_start();
$_SESSION['myvar'] = "blah blah blah";

echo $_SESSION['myvar'];

?>

 

Once you have set a session variable it remains "in memory" until you wipe it from the session, destroy the session, or it expires.

Thus you can use $_SESSION['myvar'] on any following page once it's set, so long as you start the session on each page ( session_start() );

 

How can you carry arrays in sessions though? and I will need to edit the array being carried as people reach new pages ...

[Stooney]

Yep

 

$_SESSION['var']=array('1', '2', '3');

 

Nothing Different.  You can edit it just like you would any other variable.

[Ryanz]

Guys ... I've read up a bit on the session() function. could I litterally get my array by saying $_SESSION['array'] = $array?

[laffin]

ya know, never thougt about tring to use a session with an array

usually i thought of sessions like cookies...

but they are handled differently, so it may work. but wudn hurt to test it out.....