variable truncated in $_POST[$var]

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
gyszilagyi
Forum Newbie
Posts: 9
Joined: Sun Nov 19, 2006 12:48 pm
Location: Budapest, Hungary

variable truncated in $_POST[$var]

Post by gyszilagyi »

I'm submitting a form where the input name is a string variable:

Code: Select all

echo ("<input type='text' size='20' length='60' name='$var' value=''>");
I'm using the following code to access the submitted form:

Code: Select all

$result = $_POST[$var];
This works fine as long as $var does not include spaces. For example if

Code: Select all

$var = "anything";
the script works. However, if

Code: Select all

$var = "anything at all";
the script fails (i.e. $result stays empty).

I guess $var gets truncated, but I couldn't find a way to prevent this.

Any help is appreciated!
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

I don't get it,

Code: Select all

$_POST['foo bar'] = 'I worked fine';

$foobar = 'foo bar';

echo $_POST[$foobar];
works fine for me.. where exactly does your $var come from?
gyszilagyi
Forum Newbie
Posts: 9
Joined: Sun Nov 19, 2006 12:48 pm
Location: Budapest, Hungary

Post by gyszilagyi »

$var comes from a database and is used as the name of an input field in a form.

Here is the code in more detail:

Code: Select all

//Read Product & Service Names from the "products_services" table
$query = "SELECT * FROM products_services WHERE enabled='1'";
$result = mysql_query($query) or die ($ERROR_MSG . mysql_error());

//Display the form
echo ("<form name='sales_targets' method='post' action='frm_sales_targets.php'>");
	
while($row = mysql_fetch_array( $result )) {

	$product_service_name = $row['product_service_name'];
	
	echo ("<table>");
        echo ("<tr>");
	echo ("<td bgcolor='#FFCCCC' valign='middle'><div align='right' class='gen_text'>$product_service_name</div></td>");
	echo ("<td bgcolor='#E9E9E9'><input type='text' size='20' length='60' name='$product_service_name' value=''></td>");
	echo ("</tr>");
        echo ("</table>");
		
	}

echo ("<p align='center'><input type='submit' name='action_button' value='$LNG2810'></p>");
echo ("</form>");
And the part where the submit goes:

Code: Select all

//Read Product & Service Names from the "products_services" table
$query = "SELECT * FROM products_services WHERE enabled='1'";
$result = mysql_query($query) or die ($ERROR_MSG . mysql_error());
						
//Starting the WHILE loop that assignes the Sales Targets entered by the user to the appropriate Product/Service
while($row = mysql_fetch_array( $result )) {

	$product_service_name = $row['product_service_name'];
	
	$sales_target = $_POST[$product_service_name];
		
	echo ("sales target for");
	echo $product_service_name;
	echo (":");
	echo $sales_target;
							
}
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

Take a look at the values in POST

Code: Select all

echo '<pre>POST: '; var_export($_POST); echo "</pre>\n";

//Starting the WHILE loop that assignes the Sales Targets entered by the user to the appropriate Product/Service
while($row = mysql_fetch_array( $result )) {
gyszilagyi
Forum Newbie
Posts: 9
Joined: Sun Nov 19, 2006 12:48 pm
Location: Budapest, Hungary

Post by gyszilagyi »

This is what I get:
POST: array (
'Test_Product_1' => '159',
'Test_Product_2' => '456',
'Test' => '789',
'action_button' => 'Save Sales Targets',
)
This looks fine, the only strange thing is that there are underlines between the words whereas these should be just spaces ('Test_Product_1' instead of 'Test Product 1'), although it might be normal that this is how they are echoed.

However, the script I posted returns the value only for 'Test', and doesn't return anything for 'Test Product 1' or 'Test Product 2'.

Thanks indeed for looking into this.

If looking at the application helps, this is the link: http://theplumber.whsites.net/test/theplumber. Log in as "admin", "admin", then go to the Control Panel and choose Sales Targets.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

If var_export() prints it as Test_Product_1 then you have to access the element as $_POST['Test_Product_1'].
User avatar
visonardo
Forum Contributor
Posts: 136
Joined: Mon Oct 02, 2006 7:49 pm
Location: Argentina, South America´s Sun.

Post by visonardo »

dont forget to use urlencode and urldecode when you are passing data by GET. If you dont use those functions perhaps somecharacters will be lose or addeda '_'.
gyszilagyi
Forum Newbie
Posts: 9
Joined: Sun Nov 19, 2006 12:48 pm
Location: Budapest, Hungary

Post by gyszilagyi »

That's exactly my probelm: 'Test Product 1' is the result of a database query. $product_service_name should equal 'Test Product 1' (without underlines). Since this is a user-defined variable, I can't actually use $_POST['Test Product 1'], I have to use $_POST[$product_service_name], which apparently doesn't work, maybe beacuse somehow underlines appear where spaces should be...

:(
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

Code: Select all

$product_service_name = str_replace('_', ' ', $product_service_name);
as a bandaid approach, although you definantly should look into better designing this..
gyszilagyi
Forum Newbie
Posts: 9
Joined: Sun Nov 19, 2006 12:48 pm
Location: Budapest, Hungary

Post by gyszilagyi »

It works! :D

I realise that this is anything but elegant, but I guess you could see from the code I posted that I'm no expert, so as long as it works I'm happy! I guess these added underlines have something to do with using '$var' as the name of a form element, although I have no idea what...

Thanks a lot for taking the time to help me, I really appreciate it!
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

gyszilagyi wrote:I guess these added underlines have something to do with using '$var' as the name of a form element, although I have no idea what...
no, php replaces spaces by underscores in all GET/POST parameter names.

Code: Select all

<html>
	<head>
		<title>...</title>
	</head>
	<body>
		<pre><?php
		echo 'query string: ', $_SERVER['QUERY_STRING'], "\n";
		echo 'urldecode(query string): ', urldecode($_SERVER['QUERY_STRING']), "\n";
		echo 'GET: '; print_r($_GET); ?></pre>
		<a href="<?php echo $_SERVER['PHP_SELF']; ?>?a%20b=xyz">reload</a>
	</body>
</html>
query string: a%20b=xyz
urldecode(query string): a b=xyz
GET: Array
(
[a_b] => xyz
)
gyszilagyi
Forum Newbie
Posts: 9
Joined: Sun Nov 19, 2006 12:48 pm
Location: Budapest, Hungary

Post by gyszilagyi »

I see... Good to know, now I understand what's happening! Thanks again...
Post Reply