Have I found a bug ? :D

From my newbie point of view, I would love to find a bug on a major stuff, and have my name on it. :D. It would be amazing. :smiley:

Normally, however, the bug it’s (in) me, so, here it goes:


<?php

  $nomeDominio='';

  if (isset($_GET['infoDominio']))
  {          
      $nomeDominio = $_GET['nomeDominio'];
      echo "I'm getting ".$nomeDominio;
  }

  if (isset($_POST['atualizarDominio']))
  {
      echo "I'm posting ".$nomeDominio;
  }

?>


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>

    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Test Case 99</title>
    </head>

    <body>

        <form name="infoDominio" action="<?php echo htmlentities($_SERVER['PHP_SELF']);?>"  method="get">

            <input id="nome_dominio" type="text" name="nomeDominio" value="<?php echo $nomeDominio; ?>"/>
            <br />
            <button name="infoDominio" type="submit">Obtem informacao</button>

        </form>

        <form action="<?php echo htmlentities($_SERVER['PHP_SELF']);?>" name="atualizarDominio" method="post">
            
            <input type="hidden" value="<?php echo $nomeDominio ?>" name="nome-dominio"/>
            <br />
            <button type="submit" name="atualizarDominio">atualizar domínio</button>

        </form>

    </body>

</html>

Like this, if we get and then we post
The value from GET will not pass into POST.

IF HOWEVER, on the second form (atualizarDominio) instead of

action="<?php echo htmlentities($_SERVER['PHP_SELF']);?>"

if we have just:

action=""

the value WILL pass!

Why?:eye:

ps- this code can be copy and pasted since it is a test case by itself.

Here, condensed code sample showing exactly what oikram is trying to do. Runs fine here working exactly as expected.


<?php

  if (isset($_GET['fromGet'])) {
    $nomeDominio=$_GET['nomeDominio'];
    $method='getting';
  } else if (isset($_POST['fromPost'])) {
    $nomeDominio=$_POST['nomeDominio'];
    $method='posting';
  } else $nomeDominio='empty';

	echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html
	xmlns="http://www.w3.org/1999/xhtml"
	lang="en"
	xml:lang="en"
><head>

<meta
	http-equiv="Content-Type"
	content="text/html; charset=utf-8"
/>

<meta
	http-equiv="Content-Language"
	content="en"
/>

<title>Test Case 99</title>

</head><body>';

	if (isset($method)) {
		echo '
<p>I\\'m ',$method,' ',$nomeDominio,'</p>';
	}

echo '
<form
	action="',htmlentities($_SERVER['PHP_SELF']),'"
	method="get"
>
	<fieldset>
		<input
			type="text"
			name="nomeDominio"
			value="',$nomeDominio,'"
		/><br />
		<input
			type="submit"
			name="fromGet"
			value="Obtem informacao"
		/>
	</fieldset>
</form>

<form
	action="',htmlentities($_SERVER['PHP_SELF']),'"
	method="post"
/>
	<fieldset>
		<input
			type="hidden"
			value="',$nomeDominio,'"
			name="nomeDominio"
		/><br />
		<input
			name="fromPost"
			type="submit"
			value="atualizar dom&#237;nio"
		/>
	</fieldset>
</form>

</body></html>';

?>

Actually, you’re way off on this and failed to read his properly. – Why do I say this? Because he’s using TWO forms. one post, one get, same page. I think you completely missed that detail of what OP is trying to do.

You CAN have two separate forms that use two separate submit methods on one document, just as you can have multiple submits and track them by their value. This is why a ‘name’ and ‘value’ on the input[submit] (not button) is important so you can tell them apart! The problem is he’s using unreliable elements (button instead of input) and has conflicting namespaces.

What should be there for markup is:


<?php
echo '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html
	xmlns="http://www.w3.org/1999/xhtml"
	lang="en"
	xml:lang="en"
><head>

<meta
	http-equiv="Content-Type"
	content="text/html; charset=utf-8"
/>

<meta
	http-equiv="Content-Language"
	content="en"
/>

<title>Test Case 99</title>

</head><body>

<form
	action="',htmlentities($_SERVER['PHP_SELF']),'"
	method="get"
>
	<fieldset>
		<input
			type="text"
			name="nomeDominio"
			value="',$nomeDominio,'"
		/><br />
		<input
			type="submit"
			name="fromGet"
			value="Obtem informacao"
		/>
	</fieldset>
</form>

<form
	action="',htmlentities($_SERVER['PHP_SELF']),'"
	method="post"
/>
	<fieldset>
		<input
			type="hidden"
			value="',$nomeDominio,'"
			name="nomeDominio"
		/><br />
		<input
			name="fromPost"
			type="submit"
			value="atualizar dom&#237;nio"
		/>
	</fieldset>
</form>

</body></html>
';
?>

… and to do what’s trying to be done server side that’s


<?php 

  if (isset($_GET['fromGet'])) {           
    echo 'I\\'m getting ',$_GET['nomeDominio'];
  } 
  if (isset($_POST['fromPost'])) { 
      echo 'I\\'m posting ',$_POST['nomeDominio']; 
  }
  
?>

Which should work exactly as expected. You submit the post form, only the post message is shown. You submit the get form, only the get message is shown.

Its important to know that in IE all buttons will be submitted in the form. Therefore, if you set a delete button for a list of products in IE all the products listed would likely be deleted. Its preferred to use inputs for that reason as they function consistently across browsers. Its not always an issue but will become one when dealing with multiple submit actions for the same form. Its just safer to avoid the issue entirely using a input, if possible.

Your code states:

<form name="infoDominio" action="<?php echo htmlentities($_SERVER['PHP_SELF']);?>"  method="get">

The form says method is GET.
That means every single field will be sent to the ACTION location via GET method.
If you want to mix _POST and _GET, you do it the following way:

<form name="whatever" action="some_php_file.php?my_get_variable=something" method="post">
...
some code here 
...
</form>

This way, you have “my_get_variable” sent via get method (or if you want it - it’s propagated trough URL" and its value will be “something”.
Every other field in the form will be populated into $_POST array by php.
That way you successfully mixed post and get methods and you can use both in your code.

On the other hand, you can use PHP’s superglobal $_REQUEST array that captures the data from both $_POST and $_GET and your problems will go away.

But remember, POST > GET.

Edit: when submitting a form, you can do it the following way:

  1. Press <enter> while focused in input type=“text” or textfield if you want it.
  2. Click a button that’s specified by “<input type=“submit” />”
  3. Use javascript for triggering submit event

<input type=“button” /> will not (and should not) trigger the submit event. It can be spoofed via javascript tho, but in general - as stated before - use <input type=“submit” /> for submitting your forms.

@deathshadow60

  1. The issue is solved. I’m just trying to understand why is it behaving like this.

If we cannot answer, I do accept: I don’t know why. To many variables to find out. And I rest my case.

So, I’m trying to understand why.

Still. :smiley:

  1. there is little legitimate reason to put NAME on a FORM.

1.1) Why?
1.2) Should I put what on the isset part of it? A input field name?

  1. you put the same name on both the form and the button – and you’re wondering why the response is a bit screwy?

2.1) I didn’t realise that. But yes, I’m still asking that question. :slight_smile:

  1. Button is unreliable, use input[submit] instead.

3.1) I will do that, why is Button unreliable, because it’s a browser compatibility issue?

Thanks a lot. So, the thing is that, when we do action=“” and this “works” it means that a given browser as the computed value of action=“” set to get ?

Is that it?

If so, and from that assumption, how do we pass from that, to the fact that, by doing that, we get the value read after the second conditional ?

  1. there is little legitimate reason to put NAME on a FORM.

  2. you put the same name on both the form and the button – and you’re wondering why the response is a bit screwy?

  3. Button is unreliable, use input[submit] instead.

Thanks. Please have patience. :wink:
If I don’t have my $_POST[‘atualizarDominio’], why do we get the code after

if (isset($_POST['atualizarDominio']))

executed ?

No, you’re not reading what I’ve written.
It’s not the case that no one knows, it seems you’re lacking a bit at the technical side.
You were trying to use the $_POST array, however that array hasn’t been populated with anything. The reason was that you set your <form> method to GET, which means all variables are sent trough URL rather than header body. Therefore, PHP won’t populate $_POST array, ergo - you won’t have your $_POST[‘atualizarDominio’].

There really isn’t that much to all this, you just need to sit down and read a little bit more until it all clicks.

Thanks a lot blue. :wink:

So the reason why it was behaving like that no one seems to know.
But DeathShadow suspects that it was due the mixing of button name and form name.

As an add on, we should use input field of type submit instead of button.

Roger. :slight_smile:

Your form has attribute of method set to get. You will never populate $_POST array.
That’s extended version of what RNEL was aiming at.
Bug is you, sadly. Check your HTML better next time.

default = $_GET