Results 1 to 3 of 3

Thread: Form not getting submitted after restricting direct page access

  1. #1
    Join Date
    Sep 2017
    Posts
    18
    Thanks
    6
    Thanked 0 Times in 0 Posts

    Default Form not getting submitted after restricting direct page access

    Hi this is a simple form i have when i submit the form it will redirect to mail.php
    and i want to restrict direct access to mail.php so i added some script here...
    PHP Code:
    //  <?php 
    session_start
    ();
    // kill the page if the access variable doesn't exists
    //            or if the access variable does exist but is not set to true
    if(!isset($_SESSION['State']) || (isset($_SESSION['State']) && $_SESSION['State'] !== true))
    {
        
    header("Location: index.php");
        
    // kill the page display error
    }
    ?>...//
    now the problem is my form is not getting submitted. Your help will be appreciated(i am beginer to php)

    PHP Code:
    <?php error_reporting (E_ALL E_NOTICE); ?>
    <?php 

    // some 'helper' functions - 
    // apply html htmlentities to a value 
    function _ent($val

        return 
    htmlentities($val); 


    // return an element from an array 
    function _element($arr,$index

        return isset(
    $arr[$index]) ? $arr[$index] : ''



    $errors = []; // define an array to hold errors 
    $data = []; // define an array to hold a working copy of the data being operated on (if editing existing data, this is needed. for commonality, use if just submitting new data too.)

    // define a list of option choices - both city/state are using the same list. if they were different lists, create two separate defining arrays. 
    $options = ['1','2','3'];
    $options1 = ['4','5','6'];


    // form processing 
    if ($_SERVER["REQUEST_METHOD"] == "POST"

        
    $data array_map('trim',$_POST); // get a trimmed copy of all 1st level (non-array) data 

        // validate all the inputs here 
        // state and city - select/option, consisting of Member, New, one. 
        // name - text field, consisting of letters and spaces only. 
        // phone - unknown if used, but using this recommend code layout, adding code for a field is straight forward. 

        
    if($data['state'] == ''
        { 
            
    $errors['state'] = "State is required."
        } 
        else 
        { 
            if(!
    in_array($data['state'],$options)) 
            { 
                
    $errors['state'] = "Invalid choice for State."// if you see this error, either there is a mistake in the coding or someone is submitting their own values. 
            

        } 

        if(
    $data['city'] == ''
        { 
            
    $errors['city'] = "City is required."
        } 
        else 
        { 
            if(!
    in_array($data['city'],$options1)) 
            { 
                
    $errors['city'] = "Invalid choice for City."// if you see this error, either there is a mistake in the coding or someone is submitting their own values. 
            

        } 

        if(
    $data['name'] == ''
        { 
            
    $errors['name'] = "Name is required."
        } 
        else 
        { 
            if (!
    preg_match("/^[a-zA-Z ]*$/",$data['name'])) 
            { 
                
    $errors['name'] = "Only letters and spaces are allowed in Name."// allowing actual white space, which the original message stated uses a different value in the regex pattern 
            

        } 
    if(
    $data['textarea1'] == ''
        { 
            
    $errors['textarea1'] = "Message is required."
        } 
        
    // if no errors, use the submitted data 
        
    if(empty($errors)) 
        { 
            
    header('location:mail.php'); // note: success was misspelled in the original code 
            
    die; 
        } 

    ?> 
    <?php

    if($_SERVER["REQUEST_METHOD"]=="POST") { $name $_POST["name"]; $_SESSION['name']=$name; }
    ?>
    <!doctype html> 
    <html> 
    <head> 
    <meta charset="utf-8"> 
    <title>Untitled Document</title> 
    </head> 
    <body> 
    <?php 
    // if you want to display all the errors at once, before the start of the form, do that here... 
    if(!empty($errors)) 

        echo 
    implode('<br>',$errors); // add any html markup and css to display them the way you want 

    ?> 
    <form method="post"> 
        <fieldset> 
            <legend><?php echo $error?> </legend> 
            <select name="state"> 
               <option value="">-- Please select a state --</option> 
               <?php 
               
    foreach($options as $choice
               { 
                   
    $sel = isset($data['state']) && $data['state'] == $choice ' selected' ''
                   echo 
    "<option value='$choice'$sel>$choice</option>\n"
               } 
               
    ?> 
            </select> 

            <select name="city"> 
                <option value="">-- Please select a city --</option> 
               <?php 
               
    foreach($options1 as $choice
               { 
                   
    $sel = isset($data['city']) && $data['city'] == $choice ' selected' ''
                   echo 
    "<option value='$choice'$sel>$choice</option>\n"
               } 
               
    ?> 
                </select> 

                  <?= _element($errors,'name'); ?> <input type="text" name="name" value="<?= _ent(_element($data,'name')); ?>">
                 <textarea class="textarea" id="textarea1" name="textarea1" type="text">
    <?php if(isset($_POST['textarea1'])) { 
    echo 
    htmlentities ($_POST['textarea1']); }?>
    </textarea>
            <input type="submit" name="submit" value="submit"> 
        </fieldset> 
    </form> 
    </body> 
    </html>
    my mail.php script ..............

    PHP Code:
    <?php 
    session_start
    ();
    // kill the page if the access variable doesn't exists
    //            or if the access variable does exist but is not set to true
    if(!isset($_SESSION['State']) || (isset($_SESSION['State']) && $_SESSION['State'] !== true))
    {
        
    header("Location: index.php");
        
    // kill the page display error
    }
    ?>
    Last edited by james438; 11-25-2017 at 11:42 PM. Reason: format

  2. #2
    Join Date
    Jan 2015
    Posts
    60
    Thanks
    0
    Thanked 13 Times in 13 Posts

    Default

    When posting code in the forum, you need to add the forum's [PHP][/PHP] tags around your code. A(The) forum moderator has been editing your posts to add these, but has probably gotten tired of doing so.

    In the original code example I posted, there was a section in the form processing code that looked like this -

    PHP Code:
        // if no errors, use the submitted data 
        
    if(empty($errors)) 
        { 

            
    // do 'something' with the submitted form data in $data 
             
            // generate a fake error message 
            
    $errors[] = 'For testing, stay on this page after the form data has been processed'

        } 
    This is where you should be putting the code to send an email (this is the first thread where we have learned what you are trying to use the form data for) or doing whatever else you may want to do with the form data. You should not be redirecting to a different page to do something with the submitted data.

    The 'fake error message' code's purpose was to prevent the next section of code from running, for demonstration purposes only, since I/we didn't know what you were even trying to use the form data for at that point -

    PHP Code:
        // if no errors at this point, the form data was successfully processed 
        
    if(empty($errors)) 
        { 
            
    header('location:success.php'); // note: success was misspelled in the original code 
            
    die; 
        } 
    If you want to display a success page to the visitor after sending the email, you would want to have this section in your code. You currently have removed it/merged it with the code section above it and you have removed the die; statement that's needed to prevent the remainder of the code from running.


    In addition to putting any email code in the correct place in the main code, your current code isn't setting any $_SESSION['State'] variable. One other version of code you have posted in the forum is setting a $_SESSION['state'] variable, but those two variables are not the same, due to the capitalization differences. Your current code also has an $error variable that doesn't exist and would be throwing a php error. The php error_reporting should be E_ALL. Remove the ^ E_NOTICE part, as that will hide errors that would be helping you find problems in your code.

    When we see what looks like randomly changing code for no purpose, variables that don't exist, capitalization differences, etc..., it makes it hard to help you, which is why a number of your threads have gone unanswered. If you are just copying together things you have seen or been told, without understanding what they do or why you are using them, it will take you a very long time to successfully write code that works. You need to actually understand what each line code does, so that you will know how it contributes to the goal you are trying to accomplish.

    If you go back to the thread where I posted the code example - http://www.dynamicdrive.com/forums/s...-in-validation and add any form fields to the form, validation logic to the form processing code, put the email code where the // do 'something' with the submitted form data in $data line is at, and remove the 'fake error message' code, you will be done.
    Last edited by DyDr; 11-25-2017 at 11:11 AM.

  3. #3
    Join Date
    Jan 2007
    Location
    Davenport, Iowa
    Posts
    1,876
    Thanks
    92
    Thanked 97 Times in 95 Posts

    Default

    Yes, please start formatting your code as recommended by DyDr.
    To choose the lesser of two evils is still to choose evil. My personal site

Similar Threads

  1. Filling out a form to access a page
    By Franz in forum JavaScript
    Replies: 3
    Last Post: 12-26-2009, 04:28 AM
  2. HTACCESS Question About Restricting Access
    By smitsmah in forum Dynamic Drive scripts help
    Replies: 1
    Last Post: 03-13-2009, 02:21 PM
  3. form validation check before the page is submitted to asp
    By jillkatz in forum Dynamic Drive scripts help
    Replies: 6
    Last Post: 11-13-2007, 01:16 AM
  4. Ajax File Access but Restriction for Direct Link
    By Strangeplant in forum Dynamic Drive scripts help
    Replies: 3
    Last Post: 09-06-2006, 08:32 PM
  5. Replies: 4
    Last Post: 08-23-2005, 12:27 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •