php form does not return values

A

Anonymous

Guest
You should turn register_globals = off this is a security risk having it on and I believe in future releases this won't even be an option.

Below will give you a good start at making sure that your variables don't have unexpected stuff inserted into them. The best way to do this includes some more advanced settings and installs using php filter http://us2.php.net/filter. However below should give you the generally idea to sanitize your post variables.

Form page:
PHP: 
<form method='post' action='submit.php'>
<input type='text' name='email'>
</form>


submit page:

PHP: 
$email = htmlentities(strip_tags(stripslashes($_POST['email'])));
echo ($email);
 
lukevi,

flann is right about the globals, but if ur trying to use db backend for processing his solution doesn't help you.

Here is your code re-done that works.

Code: 
<?php
  if (isset($_POST['action'])) {
     $dis_u   = $_POST['uname'];
     $dis_p   = $_POST['pword'];
     $dis_var = "U =>$dis_u<= - P=>$dis_p<=";
  } else {
     $dis_var = '<form action="'.$_SERVER['PHP_SELF'].'" method=post>'.
		"<input type=text name=uname><br>".
		"<input type=password name=pword><br>".
		"<input type=hidden name=action>".
		"<input type=submit name=submit value=Submit>".
		"</form>";
  }
?>

<html>
<head>
  <title>My Test Form</title>
</head>
<body>
<center>
<h2>My Test Form</h2>
<?php echo $dis_var; ?>
</center>
</body>
</html>


lukevi said:
Hi,

My problem has been resolved after I updated the php.ini file by making some changing for the vars related

register_globals = On

register_argc_argv = On

magic_quotes_gpc = On

Thanks,
Click to expand...

Looks like U forgot to assign the "POST" variables to a variable you can display. You can try the vars assigned my solution in your action.php, without the "globals" on and it should work.

OMR
 
Hi

You can also use the following code at the top of your file where you are accessing the variables

Code: 
import_request_variables('p');

and you can directly access values using your variables.

here 'p' denotes post. if you want to access get variables then use 'g'
 
Lukei,

If you solved the problem let us know, so we can quit monitoring this thread.

OMR
 
You must log in or register to reply here.
Back
Top