Page 1 of 1

SESSION Data cut off in form

Posted: Mon Feb 02, 2004 3:07 pm
by o51974
hi all,

I need to post a hidden field in a form. The hidden field contains a session veriable. I have no clue why an extra " is put in there by itself. I can echo the session variable on the same page of the form w/o this problem.

"The session variable itself was coming off a TEXTAREA input and stored as session variable and at the end retrieved by the form for posting. "

PHP version: 4.3.2 on FreeBSD.
Register_Globals=on

Code: Select all

<?php
$ch=str_replace("\r\n","<br>",$_SESSION&#1111;challenge]);
echo $ch;
?>
<input type="hidden" name="ssl_challenge" value="<?php echo $ch;?>">
------------------------------
RESULT from IE view | source:
------------------------------
<input TYPE="hidden" NAME="ssl_challenge" VALUE="Identify a current challenge—but state it as if it were ideally solved already.<br"><br>My challenge is to be a pizza man. How can I eat 5 boxes of 18 pizza without feeling like I am dying. That is a tough challenge.">
------------------------------

The result above shows the extra " in the first <br>. If I don't replace \r\n with <br>, then the whole text will get cut off.

Thanks in advance.



[/php_man]

Posted: Mon Feb 02, 2004 3:58 pm
by DuFF
Instead of str_replace you could use nl2br. You may then have to strip out /r if it still remains though. You could do this using:

Code: Select all

<?php
$ch = nl2br($_SESSION['challenge']);
$ch = ereg_replace("\r", "", $ch);
?>

Posted: Mon Feb 02, 2004 4:18 pm
by o51974
Thanks for your reply. Try it. Still come up with the " in the first <br>.

Code: Select all

<input   TYPE="hidden" NAME="ssl_challenge" VALUE="Identify a current challenge—but state it as if it were ideally solved already.<br"><br>My challenge is to be a pizza man.  How can I eat 5 boxes of 18 pizza without feeling like I am dying.  That is a tough challenge.  Damn! How come this does not work?">

Posted: Mon Feb 02, 2004 4:21 pm
by DuFF
I don't think it worked then, nl2br should replace all occurrences of "\n" with "<br />" (which is XHTML compliant). You still have regular <br>'s in it.

Posted: Mon Feb 02, 2004 4:39 pm
by o51974
In either nl2br or str_replace, I think the problem is that somehow, when HTML presents the PHP variable, it changes it to <br">. However, why is it only on the first one and not the second one. I have no clue. Any idea would be appreciated.

Posted: Mon Feb 02, 2004 5:59 pm
by o51974
hi all,

please help me on this! I have been trying to figure this out for the last 2 days.

Posted: Mon Feb 02, 2004 7:08 pm
by d3ad1ysp0rk
Can you show us the page that the session var is created on?

Posted: Mon Feb 02, 2004 7:26 pm
by o51974
Thanks for your reply. Please find the code and the challenge content below:

--------------------------------------------
First, $challenge is created or updated with the attached quote as the challenge content.
--------------------------------------------

Code: Select all

$challenge=(isset($_POST&#1111;'challenge']) ? trim($_POST&#1111;'challenge']) : (isset($_SESSION&#1111;'challenge']) ? trim($_SESSION&#1111;'challenge']) : NULL));
if (strlen($_POST&#1111;'challenge'])>0) &#123;$_SESSION&#1111;'challenge']=$_POST&#1111;'challenge'];&#125;
Identify a current challenge—but state it as if it were ideally solved already.

My challenge is to be a pizza man. How can I eat 5 boxes of 18'' "pizza" without feeling like I am dying. That is a tough challenge. Damn! How come this does not work?


--------------------------------------------
After visitor surf around and and make final commitment, $challenge needs to be posted.
--------------------------------------------

Code: Select all

<?php
$ch=str_replace("\r\n","<br>",$_SESSION&#1111;'challenge']);
?>
<input type="hidden" name="ssl_challenge" value="<?php echo $ch;?>">
The above code results in the <br"> situation and the part of content supposed to hidden on the page breaks out and display so.

Code: Select all

<?php
//$ch=str_replace("\r\n","<br>",$_SESSION&#1111;'challenge']);
?>
<input type="hidden" name="ssl_challenge" value="<?php echo $challenge;?>">
If I comment out the str_replace part, then, it becomes the following:

<input pizza\" without feeling like I am dying. That is a tough challenge. Damn! How come this does not work?"TYPE="hidden" NAME="ssl_challenge" VALUE="Identify a current challenge—but state it as if it were ideally solved already.



My challenge is to be a pizza man. How can I eat 5 boxes of 18'''' \">


Posted: Mon Feb 02, 2004 7:55 pm
by d3ad1ysp0rk

Code: Select all

$challenge=(isset($_POST&#1111;'challenge']) ? trim($_POST&#1111;'challenge']) : (isset($_SESSION&#1111;'challenge']) ? trim($_SESSION&#1111;'challenge']) : NULL)); 
if (strlen($_POST&#1111;'challenge'])>0) &#123;$_SESSION&#1111;'challenge']=$_POST&#1111;'challenge'];&#125;
Why say $challenge = this
if you're just gonna end up using $_POST['challenge'] for the session anyways? or did you mean to do $_SESSION['challenge'] = $challenge; ??

Posted: Mon Feb 02, 2004 8:02 pm
by o51974
When $challenge is first created, it is posted and converted to a session variable throughout the user's visit. If in case, the user clicks to the link and look at the challenge entered. They see the session variable $challenge. If the user does alter $challenge, post takes over and change session variable $challenge accordingly.