Calling local php with submit

[lkeeney]

I have seen where you can open an external php file when clicking on a Submit button in a form, but how can I activate a local php file only when the Submit button is clicked?

Lawrence

[guido2004]

What do you mean by 'local php file'? And by 'activate'?

[lkeeney]

What do you mean by 'local php file'? And by 'activate'?

I have a form and beneath the form I have a php file that loads information into a data base. I don't want the php file to run until the form is complete filled in, and the Submit button is clicked.

By local, I meant a php file on the same page as the form, not an external php file.

Lawrence

[Jake Arkinstall]

In that case, check for the existence of the $_POST array. Put the processing above the form, not below it:

PHP Code:

<?php
$errors = array();
if ($_SERVER['REQUEST_METHOD'] === 'POST'){
    //form validation and handling here
    if(count($errors) < 1) header('location: http://www.yoursite.com/success.php');
}
//show the form. You can use the $errors array to inform the user of any errors.

[lkeeney]

In that case, check for the existence of the $_POST array. Put the processing above the form, not below it:

PHP Code:

<?php
$errors = array();
if ($_SERVER['REQUEST_METHOD'] === 'POST'){
    //form validation and handling here
    if(count($errors) < 1) header('location: http://www.yoursite.com/success.php');
}
//show the form. You can use the $errors array to inform the user of any errors.

I have other forms on this page with their individual submit buttons. Will this still work?

It appears this is calling an external php file, I want to run a php file that is located in the same file as the forms. The reason for this is I want to use some other variables located on the same page but not as a result of a form.

Lawrence

[Cups]

If you want to post back to the same page (called a postback) make sure your form action looks like this:

File: index.php

PHP Code:

<form method=POST action=index.php name=myform> 


OR

File: something.php

PHP Code:

<form method=POST action="" name=myform> 


And be aware that if you want to catch whether the form was submitted by clicking a submit button, clicking another image or button and doing being submitted by Javascript OR if a user presses Enter from their keyboard - you will have to do what Arkinstall just said, or look for the value of one of your form elements that should not be empty.

[guido2004]

I have other forms on this page with their individual submit buttons. Will this still work?

If each submit button has to trigger a different php script, then you'll have to give each a unique name or value, and check for it's existance/value.

It appears this is calling an external php file, I want to run a php file that is located in the same file as the forms.

Just put your script where it says 'form validation and handling here'.

The reason for this is I want to use some other variables located on the same page but not as a result of a form.

Attention! The script is executed before the form is shown to the user. The result of that (a HTML page) is sent to the user's browser. Once the user clicks on the submit button, the form field values are sent back to the server and the script mentioned in the form's "action" parameter is executed (or the same script again if none is mentioned).
So, any values set in the script the first time, but not saved in some way (hidden fields in the form, session values or whatever), will NOT be there anymore when the form is sent.

[Stormrider]

Leaving the action attribute on a form empty is not standard behaviour, and the results are undefined. At least use PHP_SELF in there for a post back.

[Cups]

Use of PHP_SELF was considered harmful. Has that changed?

Leaving it blank seems to work for me though.

[Stormrider]

It does work in most things, but officially the behaviour is undefined.

Why is PHP_SELF harmful? I've not heard that before. Normally I use my own functions and classes in my framework to get the current page's url anyway.

[Cups]

It goes back a few years but reading about PHP_SELF attacks stopped me using it.

[Stormrider]

Fair enough. I've never used it myself, but I never leave the action attribute blank either, I have just seen others use it.

Learn something new every day!

[lkeeney]

If you can't use "PHP_SELF" for the action, and you can't leave it blank, and it is recommended that you show an action, what is the approved method of submitting the form data to php code listed on the same page as the form?

A search for "form submit action" on Google provides very little information on this.

Lawrence

[Stormrider]

You can either:
- Have the value hard coded in there
- Use PHP_SELF but cleanse it first and make sure it doesn't contain anything dodgy
- I think using one of the $_SERVER variables is ok (SCRIPT_FILENAME or something)

[Cups]

- Have the value hard coded in there

Thats the preferred option, but its less flexible as you are developing, moving files around, refactoring, renaming them etc.

Plus, in these days of Ajaxified interfaces the form action is becoming less relevant.

BTW, I am generalising about Admin interfaces, where I tend spend 90% of my time.

On public webs, with concrete urls almost sacrosanct, then I am pretty sure I hard code the Action without question.

Perhaps that clarification makes the suggestion to leave it blank makes it seem less radical.

[kikykuang]

i all always submit the PHP files online to test, use the loacal php file it seems no useful

[TeNDoLLA]

I have used usually $_SERVER['SCRIPT_NAME'] instead of PHP_SELF.

[lkeeney]

i all always submit the PHP files online to test, use the loacal php file it seems no useful

Unfortunately, I can't find a way to print back to the web page that calls the php file, from within the php file. It just prints on a new page. This is the reason I keep the php file in the web page.

Lawrence