Passing data to confirmation page after form submissions

I have form and i would like to echo something like form submitted successful with the details from the form, but i want to do this after calling the redirection method but it does not seem to work.

My code:

If(isset($_POST['email'])){
header("Location: http://mysite.com/samepage/?confirmed");
echo $_POST['email']  . 'have been submitted successfully';
}

But the problem is that is redirects but the echo is not shown, and i purposely used the redirection as a means of removing or stopping form resubmission on page reload.
But i still need my echo to be seen when it gets to the new page.

The new page is the same page where the form is just that i added a query string to make it unique.

Please how can i archive it?

Put the echo into your samepage code, looking for $_GET['confirmed'].

As soon as you send the Location header, you cannot output anything else to the screen, because the browser is transitioning to the new page and running that page’s code for resolution - it’s not an Include, it’s a new pageload.

1 Like

Thanks alot @m_hutley you are always there to help out.

However i understand what you mean but i don’t know exactly how to apply it.
The samepage.php is where the form is kept, and once submitted it will manually add a query /?confirmed which means is still in the samepage only url changed

So where do i put this _get['confirmed'] and what is the content of this _get[‘confirmed’].

Or should do

$confirmed = ‘your form have been submitted successfully’;

Then where do i add $_GET[‘confirmed’]

Your code here looks to see if a $_POST is set with the name ‘email’. If so, it redirects the browser to http://mysite.com/samepage/?confirmed.

Going to that URL will mean $_GET['confirmed'] is set when you get to http://mysite.com/samepage/. So whatever message you want to display, check to see if $_GET['confirmed'] is set in the code for http://mysite.com/samepage/ , and if so, display the message.

I got it to work using sessions because $_GET does not always output the posted email address in ?confirmed, so this is what i did

If(isset($_POST['email'])){
$_SESSION["demail"] = $_POST["email"];
header("Location: http://mysite.com/samepage/?confirmed");
echo $_POST['email']  . 'have been submitted successfully';
}

Then below the code i added

if(isset($_GET['email-added'])){
echo 'your email address '.$_SESSION["demail"].' have been added to your list';
}

using session works fine, but i discovered another problem,
if i want to output sensitive information without using session is there a better approach to it?

Sorry this is

if(isset($_GET['confirmed'])){
echo 'your email address '.$_SESSION["demail"].' have been added to your list';
}

Not

if(isset($_GET['email-added'])){
echo 'your email address '.$_SESSION["demail"].' have been added to your list';
}

Not generally. In this case, it doesn’t actually matter; you could have javascript write the value to storage temporarily before the send, and have it pull afterwards, but the data has to go to the server anyway, so it’s already exposed in that communication. (Adding something like JWT to the setup would help secure those transmission lines, but then at that point you’ve already sent the data up to the server once.)

1 Like

A million thanks @m_hutley

I think at this point had to ask what is JWT?

Though i don’t take javascript serious in my works as long as it keeps being a client side script, i only use it for fancy and decoration as a senior brother to css

Because it can be turned off from browsers

JWT (JSON Web Tokens) are a way of asserting a session or credentials between a browser and server.

Thanks @m_hutley will study about it