unique id in form problem

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

allelopath
Forum Commoner
Posts: 34
Joined: Tue Mar 16, 2004 5:21 am

unique id in form problem

Post by allelopath »

I'm having difficulty getting a unique id for a form submission to work
The id is 'token' here.
It doesn't get assigned a value.
Here's the form:

Code: Select all

<form action="$_SERVER[PHP_SELF]" method="post">

  <?php $token = md5(uniqid(rand(), true)); ?>

     <table>
      <tr>
        <td>
          <b>First name:</b>
        </td>
        <td>
          <input type="text" name="firstName" size="30">
        </td>
      </tr>
      </table>
       <!-- create hidden field with unique id to prevent multiple submission of same form -->
      <input type="hidden" name="token" value="<?php echo $token; ?>">

      <input type="submit" value="Submit">

  </form>
and then later i try to access it:
echo 'token: ' . $_POST['token'] ;

but nothing is printed out after 'token:'

What am i doing wrong?
Illusionist
Forum Regular
Posts: 903
Joined: Mon Jan 12, 2004 9:32 pm

Post by Illusionist »

<form action="$_SERVER[PHP_SELF]" method="post">
change to
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
allelopath
Forum Commoner
Posts: 34
Joined: Tue Mar 16, 2004 5:21 am

Post by allelopath »

Thanks for your reply.
I cut'n'pasted that line, and i get a parse error:
Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING
Illusionist
Forum Regular
Posts: 903
Joined: Mon Jan 12, 2004 9:32 pm

Post by Illusionist »

i really dont think that you did. My code works perfect, i jsut tested it. It something with your other code. It might help if you post al you code around there
omom
Forum Newbie
Posts: 13
Joined: Sun Apr 04, 2004 9:58 pm

Post by omom »

for some reason, if i remove the quotes from PHP_SELF, it parses.
<form action="<?php echo $_SERVER[PHP_SELF]; ?>" method="post">
this isn't right, though, i know the quotes need to be there.
magicrobotmonkey
Forum Regular
Posts: 888
Joined: Sun Mar 21, 2004 1:09 pm
Location: Cambridge, MA

Post by magicrobotmonkey »

Change $_SERVER[PHP_SELF] to $_SERVER['PHP_SELF'] is proper
Steveo31
Forum Contributor
Posts: 416
Joined: Sun Nov 23, 2003 9:05 pm
Location: San Jose CA

Post by Steveo31 »

Code: Select all

<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post"> 

  <?php $token = md5(uniqid(rand(), true)); ?> 

     <table> 
      <tr> 
        <td> 
          <b>First name:</b> 
        </td> 
        <td> 
          <input type="text" name="firstName" size="30"> 
        </td> 
      </tr> 
      </table> 
       <!-- create hidden field with unique id to prevent multiple submission of same form --> 
      <input type="hidden" name="token" value="<?php echo $token; ?>"> 

      <input type="submit" value="Submit"> 

  </form>
There.
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post">
As Illusionist said, you'd need to echo it otherwise it won't display ;)
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
allelopath
Forum Commoner
Posts: 34
Joined: Tue Mar 16, 2004 5:21 am

Post by allelopath »

Here's the entire file, stripped to a minimum, in which a get the parse error on the <form action...? line.
Can anyone tell me whats wrong?
<?php

require 'DB.php';

if (isset($_POST['stage']) && ('process' == $_POST['stage']))
{
//process_form();
}
else
{
print_form();
}

function print_form()
{
echo <<<END

<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">

<?php $token = md5(uniqid(rand(), true)); ?>

<table>
<tr>
<td>
<b>First name:</b>
</td>
<td>
<input type="text" name="firstName" size="30">
</td>
</tr>
</table>


<!-- create hidden field with unique id to prevent multiple submission of same form -->
<input type="hidden" name="token" value="<?php echo $token; ?>">

<input type="submit" value="Submit">

</form>


END;
}

?>
d3ad1ysp0rk
Forum Donator
Posts: 1661
Joined: Mon Oct 20, 2003 8:31 pm
Location: Maine, USA

Post by d3ad1ysp0rk »

Code: Select all

<?php

require 'DB.php';

if (isset($_POST['stage']) && ('process' == $_POST['stage']))
{
   //process_form();
}
else
{
   print_form();
}

function print_form()
{
   $token = md5(uniqid(rand(), true));
   $file = $_SERVER['PHP_SELF'];
   echo <<<END

   <form action="$file" method="post">



   <table>
   <tr>
   <td>
   <b>First name:</b>
   </td>
   <td>
   <input type="text" name="firstName" size="30">
   </td>
   </tr>
   </table>


   <!-- create hidden field with unique id to prevent multiple submission of same form -->
   <input type="hidden" name="token" value="<?php echo $token; ?>">

   <input type="submit" value="Submit">

   </form>
END;
}
?>
Try that
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

you're using <? tags in heredoc (legal? never tried it)
d3ad1ysp0rk
Forum Donator
Posts: 1661
Joined: Mon Oct 20, 2003 8:31 pm
Location: Maine, USA

Post by d3ad1ysp0rk »

me or him?

i was until i tried running what I posted, then edited it.

now it works.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

him..
User avatar
William
Forum Contributor
Posts: 332
Joined: Sat Oct 25, 2003 4:03 am
Location: New York City

Post by William »

You can always just use:

Code: Select all

<form action="<?=$_SERVER['PHP_SELF'] ?>" method="post">
allelopath
Forum Commoner
Posts: 34
Joined: Tue Mar 16, 2004 5:21 am

Post by allelopath »

LiLpunkSkateR,
Your code that takes the $_SERVER['PHP_SELF'] out of the <form...> tag works!

I still have one problem though.
'token' is being assigned a value (a 32 character string) in the print_form function, but the value doesn't seem to make it to the process_form function. I echo the value of token and when it is assigned (e.g. 86a7b6e6e8412e8aecc9e88ed58fd06a), but when I print it out in the process_form function, it seems to have lost its value (nothing is output from the echo statement).

So the value is being assigned to the value $token, but apparently not making it into the $_POST array (in $_POST['token']). This would poin t to an error in the hidden field tag:
<input type="hidden" name="token" value="<?php echo $token; ?>">

Any idea what is wrong?

Code now looks like this:

<?php

require 'DB.php';

if (isset($_POST['stage']) && ('process' == $_POST['stage']))
{
process_form();
}
else
{
print_form();
}

// ----------------------------------------------------------------------------
function print_form()
{
$token = md5(uniqid(rand(), true));
echo 'token = ' . $token;

$file = $_SERVER['PHP_SELF'];

echo <<<END

<form action="$file" method="post">

<table>
<tr>
<td>
<b>First name:</b>
</td>
<td>
<input type="text" name="firstName" size="30">
</td>
</tr>
</table>


<!-- create hidden field with unique id to prevent multiple submission of same form -->
<input type="hidden" name="token" value="<?php echo $token; ?>">
<input type="hidden" name="stage" value="process">

<input type="submit" value="Submit">

</form>
END;
}

// ----------------------------------------------------------------------------
// process form
// validate, submit form data to db, start download
// ----------------------------------------------------------------------------
function process_form()
{
echo 'Thanks for submitting, ' . $_POST['firstName'] ;
echo '<br>';
echo 'token: ' . $_POST['token'] ;
echo '<br>';

}

?>
Post Reply