Results 1 to 7 of 7

Thread: Query String Parameters Ignored

  1. #1
    javelin is offline Junior Member
    Join Date
    Jan 2015
    Posts
    7

    Default Query String Parameters Ignored

    I have a php page which allows for users to submit comments via a form. When the form is submitted, all query string parameters are ignored. I know the code is not an issue, as it works on my ISP members area.

    Is there something I need to do to get it working on AlterVista?

  2. #2
    karl94 is offline AlterVista Staff
    Join Date
    Jan 2015
    Posts
    573

    Default

    Are you sure that the script doesn't receive the data from the form? Could you please provide the script that shows the problem?

  3. #3
    javelin is offline Junior Member
    Join Date
    Jan 2015
    Posts
    7

    Default

    I figured a code snippet would be required. Rather than post all 232 lines of code, I'll try and give the relevant information below:

    An example URL would be http://javelin.altervista.org/article.php?id=43, where 'id' refers to the line number of a file.
    This works for links and manual entry, as the contents of the file are correctly retrieved and displayed when not submitting the form. The form action uses $_SERVER['REQUEST_URI'] so that the same php page (and URL) are used for processing. This is the point where things stop working.

    Code:
    <?php
    require("incl/session.php");
    require("incl/functions.php");
    
    if (is_numeric(_INPUT('id'))) { // Validate id
       $line = _INPUT('id');
    } else {
       $line = 0;
    }
    
    $count=1;
    $total = countLines("articles");
    
    $articles = fopen("articles", "r");
    
    if ($articles) { // Check if variable exists before continuing
       if ($line > 0 && $line <= $total) { // Ensure $line is valid
    
    [Display file contents, validate form data, do whatever else here]
    
       } else { // If $line is invalid, display '404 Not Found' error
          header("HTTP/1.1 404 Not Found");
          include("err/404.php");
          exit;
       }
    }
    fclose($articles);
    The session.php file contains the following:

    Code:
       session_start();
       $_SESSION['URL'] = $_SERVER['REQUEST_URI'];
    functions.php contains various functions used, of which the following is relevant:

    Code:
    function _INPUT($field) {
       if ($_SERVER['REQUEST_METHOD'] == 'GET') {
          return strip_tags($_GET[$field]);
       }
    
       if ($_SERVER['REQUEST_METHOD'] == 'POST') {
          return strip_tags($_POST[$field]);
       }
    }
    As you can see, I display a 404 error page if 'id' is invalid. It is the 404 error I am receiving each time I submit the form on this page, despite the URL being correct and including the query string.

  4. #4
    karl94 is offline AlterVista Staff
    Join Date
    Jan 2015
    Posts
    573

    Default

    If I understand correctly, you are unsung a form which has the attribute method set to GET, and an action URL with a query component. Well, the HTML specification is clear: any query component of the URL specified is replaced with the form data set.
    So it's normal that the id parameter is lost, you should include it in a hidden input element.
    This however has nothing to do with AlterVista or PHP.

  5. #5
    javelin is offline Junior Member
    Join Date
    Jan 2015
    Posts
    7

    Default

    Sorry, I should have included that code as well (inserted below). The form uses the post method.
    I have briefly read that using get and post data shouldn't be done at the same time, but I know this code works as it does so on a different server.

    Code:
    echo "<h2 class=\"bottom_spacer noprint\">Add a Comment</h2>\n\n";
    
    echo "<form action=\"" . $_SERVER['REQUEST_URI'] . "#cmnt\" method=\"post\" id=\"comment\">\n";
    echo "   <p><label for=\"name\">Name<span class=\"required\">*</span></label>&nbsp;<input type=\"text\" name=\"name\" id=\"name\" value=\"" . $name . "\"></p>\n";
    echo "   <p><label for=\"email\">Email (not displayed)<span class=\"required\">*</span></label>&nbsp;<input type=\"text\" name=\"email\" id=\"email\" value=\"" . $email . "\"></p>\n";
    echo "   <p><label for=\"url\">URL</label>&nbsp;<input type=\"text\" name=\"url\" id=\"url\" value=\"" . $url . "\"></p>\n";
    echo "   <p><label for=\"comm\" class=\"hidden\">Comment</label><textarea name=\"comment\" id=\"comm\" rows=\"8\" cols=\"50\">$comment</textarea></p>\n";
    echo "   <p><input type=\"submit\" name=\"submit\" value=\"Add Comment\" class=\"button\" onmouseover=\"this.className='button btnhover'\" onmouseout=\"this.className='button'\"></p>\n";
    echo "</form>\n";

  6. #6
    karl94 is offline AlterVista Staff
    Join Date
    Jan 2015
    Posts
    573

    Default

    Even if you send the form using the POST method there's a problem: you're trying to get the value of a parameter named id that's located in the query component of the URL, but you're using the function _INPUT and this looks for it in the $_POST array when the HTTP method used is POST like in this case.
    So it's still valid the suggestion I gave you: use a hidden input element to send the id parameter.
    Last edited by karl94; 03-08-2015 at 02:06 PM.

  7. #7
    javelin is offline Junior Member
    Join Date
    Jan 2015
    Posts
    7

    Default

    Thanks Karl, that worked a treat and makes perfect sense. Although I don't understand why this code worked properly in the past? Maybe I'll put it down to chance or a fluke or something. :-)

    Thanks again.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO