Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7
  1. #1
    New to the CF scene
    Join Date
    Jan 2010
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Passing variables to pages

    Hello All

    I am new to this forum and new to php. I am trying to pass variables from page to page in order to maintain a state so I can use information users entered to interact with them and send email as appropriate. Look out for my comments in the code below that explains what I am trying to achieve.

    At the moment my first hurdle is getting all the values from the form in one variable and then trimming and cleaning it as necessary but having no luck.

    This the contact.shtml form:
    PHP Code:
    // (1)
    // Contact page (shtml): Users input their info and the form goes to validate.php script
    // CheckAll() is a javascript function and it works ok.

    <?
    include ("cleaner.php);
    ?>
    <form action="
    php/validate.php" method="POST" NAME="contact" onSubmit="return checkAll()">
    // usual form structure follows here no typos, all is ok :-)

    //Now cleaner.php looks like this:
    function clean_it_out($formVarariables)
    {
      $formVarariables = trim($formVarariables);
      $formVariables = htmlentities($formVariables);
      $formVarariables = strip_tags($formVariables);
      return $formVarariables;
    }
    This to validate the form server side and clean out htm codes:
    PHP Code:
    // (2)
    // Validate page: This is where I am having problems :-(
    // I am trying to grab all the user inputs over 15 in the form input fields and put them in one variabe and then strip out the dangerous stuff. 

    for ($_POST as $variable_name => $value)
        {
          
    $formVariables[$variable_names} = clean_it_out ($value50);
         }
          
    extract ($_POSTXTR_PREFIX_ALL'$formVariables');

    // Validate rest of form inputs as normal here ... 

    // Then at the bottom of the valaidate.php page, output what visitor entered to next php page:
    Header ("Location: output.php"); 
    This is to output what the user entered and email the form to a desired email address:
    PHP Code:
    // (3) 
    //In the output.php I use the print command to output everything neatly in a table for the 
    // user to see, then when user press send, it emails the user inputs depending on which 
    // country they selected in the contact.shtml page:
    print "<table cellpadding=0 blah blah">";
    print "
    <tr><td>Blah blab blah</td></tr>";
    // and so the print commands goes on...

    // Then depending on what country the user selected send an email to the correct email address:
    if ($formVariables[Option"
    ] == "USA")
        {
         echo "<form action="email_usa.php\" method=\"post\"> ";
        }
    if ($formVariables["Option"] == "Canada")
        {
         echo "<form action=\"email_can.php\" method=\"post\"> ";
        }
    if ($formVariables["Option"] == "UK")
        {
         echo "<form action=\"email_uk.php\" method=\"post\"> ";
        }    
        
    $FirstName;     
    $value;    

    while (list($Firstname, $value) = each($_POST))
      {
       echo "
    <input type=\"hidden\" value=\"$value\" Name=\"$Firstname\">\n"; 
      }

    //Havent reached the thank_you.php page yet to output a confirmation that email sent 
    // successfull. That's a simple html page I guesse 
    END__VBULLETIN__CODE__SNIPPET ?>

  • #2
    New to the CF scene
    Join Date
    Jan 2010
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I noticed this typo in my post above but their are no typo in the original codes. I have checked and double checked. I typed it manually here and I am a bit exhausted.
    Throughout the entire code it should say $formVariables on every php script that uses it.
    PHP Code:
    function clean_it_out($formVarariables
    Last edited by RedBox; 01-26-2010 at 06:06 PM.

  • #3
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,546
    Thanks
    8
    Thanked 1,093 Times in 1,084 Posts
    This line has an extra quote (remove it):
    print "<table cellpadding=0 blah blah">";

    Once you leave this script and go to "output.php",
    // Then at the bottom of the valaidate.php page, output what visitor entered to next php page:
    Header ("Location: output.php");

    you lose the variables. You are not passing them on.

    You could fix that by putting the validate and clean-up code in the same
    script as "output.php", and not have them separate.

    The whole thing about passing variables to other scripts ...
    Most webhosts will disable "register_globals", as a security measure.
    I'm assuming register_globals is disabled for you too, and it should be.
    You'll have to pass them on via cookies, sessions, or combine the scripts
    in such a way that you are not passing them on.

  • #4
    New to the CF scene
    Join Date
    Jan 2010
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Sorry I got logged out as my internet connection just died on me????
    That typo you spotted is not in the original code again I am tired so I am typing a few mistakes lol.
    Ok you said I am not passing the variable to the next php script. I thought the session start function would take care of that along with the glabal variables.

    Should I use like this instead?
    PHP Code:
    Header("Location: valinput.php?Firstname=$FirstName&Surname=$Surname"); 

    As for global variable, you maybe right the host server may have disabled it. Is there another way of achieving this since I didn't want to pass all 15 values to every php page by listing them out example.
    PHP Code:
    $first_name0 $_POST['first_name0'];

    $first_name1 $_POST['first_name1'];

    $first_name2 $_POST['first_name2'];

    $first_name3 $_POST['first_name3'];

    $first_name4 $_POST['first_name4']; 

  • #5
    New Coder
    Join Date
    Aug 2008
    Posts
    14
    Thanks
    0
    Thanked 1 Time in 1 Post
    doing it your first way would be horrible since you'd have to sanitize your inputs every time a page load occured, otherwise i can inject things into your $_GET params for output.php.

    in your first page where the user enters data, the very first line in the php file add "session_start();" then after sanitizing each input var do $_SESSION['first_name0'] = $first_name_clean;

    etc.

    in output.php add "session_start();" as the first line, and then u can reference each variable as $_SESSION['first_name0'] and you know it's already sanitized.

  • #6
    New to the CF scene
    Join Date
    Jan 2010
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I see...

    I guess the long way it is then. I already have session_start() at the top of all my php pages that need to access the variables concerned.

    Btw, the user input page is not a php page but an shtml page. I will change it to php and then do as you suggest.
    in your first page where the user enters data, the very first line in the php file add "session_start();"
    Thank you very much for your help and patience. I will report back later.
    Last edited by RedBox; 01-26-2010 at 08:22 PM.

  • #7
    New to the CF scene
    Join Date
    Jan 2010
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have tried what you suggest but maybe I am missing something because now every field is telling me I need to input data in the correct format so it seems something is defaulting to that elseif statement of the code.


    This is the error message my php script is outputting about ALL the form input boxes???
    The First name field cannot be blank.
    The Surname field cannot be blank.
    etc...
    Page 1 input from user:
    PHP Code:
    session_start();
    $_SESSION['FirstName'] = $_POST['FirstName'];

    // Forms inoput:
    //--------------
     
    <td align="left"><b>First Name:</b></td>
         <
    td><INPUT NAME="FirstName" TYPE="text" size=35,1 MAXLENGTH=100>&nbsp;&nbsp;&nbsp;<b>*</b><br><br></td
    Page 2 validate input:
    PHP Code:
    session_start();
    $_SESSION['FirstName']= $FirstName;

    // validate inputs:
    //----------------
    if (empty($_SESSION['FirstName']))
        {
        
    $errorString .=
            
    "\n<br><br><div align='center'>The <b>Name</b> field cannot be blank.</div>";
        }
    elseif (!
    eregi('^[A-Za-z]$'$FirstName))
    {
          
    $errorString .=
                     
    "\n<div align='center'><br><font class='small-red'>first name</font> field - Invalid Entry" 
                     
    "\n<br>Only letters are allowed in the <b>first name</b> field.</div>";

    Last edited by RedBox; 01-29-2010 at 12:48 AM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •