Strange behavior by form

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Strange behavior by form

Post by n00b Saibot »

I have a form like this

Code: Select all

<form action="<?php echo SELF ?>?op=<?php echo $op ?>&id=<?php echo $id ?>" method="post" enctype="multipart/form-data">
...
<input type="text" name="title" value="<?php echo clean($Title) ?>" size="57" />
...
<textarea name="article" cols="50" rows="10"><?php echo clean($Article) ?></textarea>
...
</form>
I observed a peculiar behavior today that whenever the textarea contained the (Smart-Quote) then the post array would be missing the title key. Also when I removed either the smart-quote or the enctype attribute, thing would get working allright.My last whole hour went into this trifle. What I would like to know is that is this thing a known bug or it has happened to me only :?
User avatar
ambivalent
Forum Contributor
Posts: 173
Joined: Thu Apr 14, 2005 8:58 pm
Location: Toronto, ON

Post by ambivalent »

Could it be related to this? Or this?
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

I have seen both of them. it's not the apostrophe, it is the smart-quote here which is causing problem and this problem is not mentioned in both places so I guess this could be a rather new bug. Maybe I should file a new bug... whatsay :?: :?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

methinks it's not a bug with php specfically... since you were able to post the smart-quote here.. but there are many variables.. and you haven't shown all your code...
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

I wrote:Also when I removed either the smart-quote or the enctype attribute, thing would get working allright.
how would you explain this... :? if reqd i'll post my code
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

id say post the code that you're passing the input through, then post a print_r of $_POST
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

Ok. here is the page code... minus validation part...

Code: Select all

<?
$PATH = include('../relpath.php');
require_once $PATH.'lib/inc/tpl_secure.php';
require_once $PATH.'lib/inc/handlers.php';
includeClasses('movies', 'previews', 'reviews', 'musicreviews', 'trailers');

$Title = '';
$Cast = '';
$Director = '';
$Producer = '';
$Music = '';
$Preview = '';
$Review = '';
$MReview  = '';
$Trailer = '';
$Path = '';
$Rel_Date = '';
$Exp_Date = '';
$Area = '';
$FORMOK = TRUE;

// instantiate movies class
$Movies = new MOVIES();

// check for id
if ($id) $Movies->setMoviesID((int)($id)); // assign unique id

dump($_POST);
dump($_FILES);

if (isset($_POST["title"])) // if form was posted
{
 // assign page variables
 $Title = clean($_POST["title"]);
 $Cast = clean($_POST["cast"]);
 $Director = clean($_POST['dir']);
 $Producer = clean($_POST['prod']);
 $Music = clean($_POST['music']);
 $Preview = clean($_POST['preview']);
 $Review = clean($_POST['review']);
 $MReview = clean($_POST['mreview']);
 $Trailer = isset($_POST['trailer'])?clean($_POST['trailer']):'';
 $Rel_Date = clean($_POST["rel_mm"]).'/'.clean($_POST["rel_dd"]).'/'.clean($_POST["rel_yy"]);
 $Exp_Date = $_POST["exp_mm"]=='-'?NULL:clean($_POST["exp_mm"]).'/'.clean($_POST["exp_dd"]).'/'.clean($_POST["exp_yy"]);
 $Area = clean($_POST['area']);

 //....
 //validate & process form
 //....

startSecurePage(ucfirst($op).' Movie'); 
writeErrors();
?>
<form action="<? echo SELF ?>?op=<? echo $op ?>&id=<? echo $id ?>" method="post" enctype="multipart/form-data">
<table cellpadding="0" cellspacing="0" width="80%">
<tr>
<td class="rowHeadRt">Title</td>
<td class="left" colspan="2"><input type="text" name="title" value="<? echo clean($Title) ?>" size="57" /></td>
</tr>
<tr>
<td class="rowHeadRt">Cast</td>
<td class="left" colspan="2"><input type="text" name="cast" value="<? echo clean($Cast) ?>" size="57" /></td>
</tr>
<tr>
<td class="rowHeadRt">Director</td>
<td class="left" colspan="2"><input type="text" name="dir" value="<? echo clean($Director) ?>" size="57" /></td>
</tr>
<tr>
<td class="rowHeadRt">Producer</td>
<td class="left" colspan="2"><input type="text" name="prod" value="<? echo clean($Producer) ?>" size="57" /></td>
</tr>
<tr>
<td class="rowHeadRt" nowrap>Music Director</td>
<td class="left" colspan="2"><input type="text" name="music" value="<? echo clean($Music) ?>" size="57" /></td>
</tr>
<tr>
<td class="rowHeadRt" nowrap>Preview Article</td>
<td class="left" colspan="2">
<? if ($op=='add') {?>
<textarea name="preview" cols="50" rows="10"><? echo clean($Preview) ?></textarea>
<?} else writeSelect($PreviewARGS) ?>
</td>
</tr>
<tr>
<td class="rowHeadRt" nowrap>Review Article</td>
<td class="left" colspan="2">
<? if ($op=='add') {?>
<textarea name="review" cols="50" rows="10"><? echo clean($Review) ?></textarea>
<?} else writeSelect($ReviewARGS) ?>
</td>
</tr>
<tr>
<td class="rowHeadRt">Music Review Article</td>
<td class="left" colspan="2">
<? if ($op=='add') {?>
<textarea name="mreview" cols="50" rows="10"><? echo clean($MReview) ?></textarea>
<?} else writeSelect($MReviewARGS) ?>
</td>
</tr>
<tr>
<td class="rowHeadRt">Trailer</td>
<td class="left" colspan="2">
<? if ($op=='add') {?>
<input type="file" name="movie_trailer" size="45" /></td>
<?} else writeSelect($TrailerARGS) ?>
</td>
</tr>
<tr>
<td class="rowHeadRt">Image</td>
<td class="left" width="60%"><input type="file" name="movie_pic" onchange="change(this.value)" /></td>
<td class="left" rowspan="4"><img style="border:1px solid black" <?echo $Path==''?'':"src=\"http://media01/ramarkz/moviez/$Path\" " ?>id="imgPreview" width="90" height="75">
<? echo ' <font size="1" id="PicText">'.($Path==''?'No Image':'Current Image').'</font>' ?>
</td>
</tr>
<tr>
<td class="rowHeadRt" nowrap>Release Date</td>
<td class="left"><? writeDateSelect('rel_', $Rel_Date) ?></td>
</tr>
<tr>
<td class="rowHeadRt" nowrap>Expire Date</td>
<td class="left"><? writeDateSelect('exp_', $Exp_Date) ?></td>
</tr>
<tr>
<td class="rowHeadRt">Area</td>
<td class="left">
<input name="area" type="radio" value="bollywood" <? echo ($Area == 'bollywood' || $Area == ''?' checked': '') ?>>
Bollywood &nbsp;
<input name="area" type="radio" value="tollywood" <? echo ($Area == 'tollywood'?' checked': '') ?>>
Tollywood</td>
</tr>
<tr>
<td colspan="3"><input type="submit" value="<? echo ucfirst($op) ?> Movie" class="btn" /></td>
</tr>
</table>
</form>
<script>
Pic = document.getElementById("imgPreview");
Text = document.getElementById("PicText");
Orig = "<? echo $Path ?>";

function change(Path)
{
 if(Path=="")
 {
  Pic.src = Orig;
  Text.innerText = "Current Image";
 }
 else
 {
  Pic.src = Path;
  Text.innerText = "New Image";
 }
}
</script>
<? endSecurePage() ?>
here is the input...

Code: Select all

[title] => The Matrix
    [cast] => Keanu Reeves
    [dir] => Can't Remember
    [prod] => Can't Remember
    [music] => Can't Remember
    [preview] => It's a good movie...
    [review] => It really rocks...
    [mreview] => One Flew Over the Cuckoo’s Nest
    [rel_mm] => 11
    [rel_dd] => 8
    [rel_yy] => 2005
    [exp_mm] => 11
    [exp_dd] => 8
    [exp_yy] => 2005
    [area] => bollywood
    [movie_trailer] => <empty>
    [movie_pic] => <empty>
here is the result...

Code: Select all

[cast] => Keanu Reeves
    [dir] => Can\'t Remember
    [prod] => Can\'t Remember
    [music] => Can\'t Remember
    [preview] => It\'s a good movie...
    [review] => It really rocks... 
    [mreview] => One Flew Over the Cuckoo’s Nest
    [rel_mm] => 11
    [rel_dd] => 8
    [rel_yy] => 2005
    [exp_mm] => 11
    [exp_dd] => 8
    [exp_yy] => 2005
    [area] => bollywood
    [movie_trailer] => Array
        (
            [name] => 
            [type] => 
            [tmp_name] => 
            [error] => 4
            [size] => 0
        )
    [movie_pic] => Array
        (
            [name] => 
            [type] => 
            [tmp_name] => 
            [error] => 4
            [size] => 0
        )
you can see that apostrophes are excaped correctly but the smart-quote has been not... and the title key is missing :?
Last edited by n00b Saibot on Tue Nov 08, 2005 8:21 am, edited 2 times in total.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

where's your input and result output's coming from? And why don't the inputs and result's match?
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

the input is what i typed manually into the fields, the output is what comes out from dump()s at lines 28-29

wonder what happened to the PHP & CODE fonts :?
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

oops! i was first sending the input without the change which i posted here... i have changed it now. the input and output are exactly the same except the missing title key... :?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

have you tried looking at the raw post data? Sadly, it doesn't populate it when a multipart form is used, but php://input may have data...

http://php.net/ini.core#ini.always-popu ... -post-data
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

it says both $HTTP_RAW_POST_DATA and php://input are empty in case of "multipart/form-data" aaaargh! :evil:

so i guess it is an old problem :( .... i gonna shoot an email to client telling him he dare not enter any smart-quote into that textarea :lol:
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

well.... could have the file uploads on a separate "attachment" page... ;)
Post Reply