Get data from express to form in html - html

there is a small and simple example.
I want to check if the data is in the server (for instance if the person is signed). If it is in the server, I know I can res.redirect in express to move on, but if it doesn't, how do I get the response from the server in the html, and not with angular or so, for example pop up a message if he isn't recognized in the db.
<form action="/IsSIgn" method="POST">
<input type="text" name="name">
<button type="submit">sign in</button>
</form>

Solution 1:
res.send("<script>window.alert('unauthorized');</script>")
res.send("<script>window.alert('unauthorized');window.location.href='/example-page-route'</script>")
Solution 2:
Make another html page for invalid name
and redirect to, that page

Related

What is required to make browsers send "submit"-input names to the server?

I need to debug missing data in some from POSTed to the server and after reading lots of tutorials and following other examples about that aspect, I still can't find my problem. The use case is pretty simple in theory: Have one form with two submit buttons to trigger different implementation on the server side.
According to lots of tutorials and examples, the submit-buttons should send their name if they have a name-attribute, while values should not be sent at all. The naming thing seems to differ according server side programming languages, sometimes it's some_name and sometimes some_name[], but that doesn't make any difference for me currently.
My problem is that whatever HTML I create, inputs of type submit are never part of the POSTed data. OTOH, pretty much the same HTML as button works as expected: If the button is used to submit the form, its name and even value are part of the POSTed data. When other inputs are clicked to submit, no names of any submit-input are available in the data.
So, with the exact same form, reaching the exact same endpoint, using same browser etc., the following DOES NOT provide any hint to the clicked button in the POSTed data:
<input type="submit"
name="foobar input"
value="foobar input"
title="foobar input"
/>
While the following OTOH does:
<button type="submit"
name="foobar button"
value="foobar button"
title="foobar button">
foobar button
</button>
So, should the input work the same way like the button does in theory? Or is the HTML wrong and I'm not able to spot the error? Sending the form itself works in both cases, though. So the browser obviously knows about the submit-input and its purpose.
Or have something changed the last years in modern browsers and submit-inputs are not part of POSTed data at all anymore for some reason? I can't remember the need to have multiple submits on a form for years.
How does a minimal example using a submit-input sending its name look like and tested to work for you? And in which browser? I tested an up-to-date Chromium based Opera and IE 11 and neither did include submit names.
Thanks!
OPINION: I would personally NEVER use more than one word in the name of a submit button
FACT: If that word is "submit" or you have id="submit" then you will not be able to programmatically submit the form using .submit()
FACT if you have script that disables the form element, it will not be sent to the server
Conclusion
In my experience and according to documentation - If you have the following
<form>
...................
<button type="submit"
name="whatever you want here but I would only use one name and NOT submit">Whatever</button>
</form>
OR
<form>
...................
<input type="submit"
name="whatever you want here but I would only use one name and NOT submit" value"Whatever">
</form>
your server will receive the button as name=value in the POST array if method = post and in the GET if nothing or method=get AND in the REQUEST array in either case (assuming PHP)
TEST PAGE
<form method="post" action="testsubmit.php">
Did not work according to OP<br/>
But it actually DOES work if not disabled from elsewhere <br/>
<input type="submit"
name="foobar input"
value="foobar input"
title="foobar input"
/>
<hr/>
<input type="text" name="sentField" value="This WILL be sent to the server" style="width:300px"/>
<hr/>
<input type="text" name="disField" disabled value="This will NOT be sent to the server" style="width:300px"/>
<hr/>
Does work
<button type="submit"
name="foobar button"
value="foobar button"
title="foobar button">
foobar button
</button>
</form>

HTML form does not submit correctly

I am using Laravel for my back end.
This does not work
<form action="/promo/update" style="background-color: #fafafa" method="GET">
This works
<form action="/promo" style="background-color: #fafafa" method="GET">
Is there something about using a GET and an extra "/"?
.. Is there something about using a GET and an extra "/"?
Short answer? No.
As others have noted, just make sure your routes file is expecting the correct parameters. I'd also suggest reading here to learn about PUT vs POST, and here to learn about form method spoofing.
Generally speaking, an UPDATE endpoint should be a POST or PUT. That's not your question though, so I'll just stick to answering what you have here.
Routes/web.php
Route::get('/promo/update', 'PromoController#update')->name('promo.update');
Blade
<form method="GET" action="/promo/update">
#csrf <!-- remember to pass your token -->
<input type="text" name="foo" id="foo" class="form-control" />
<button type="submit" class="btn btn-primary">Submit Form</button>
</form>
PromoController
public functon update( Request $request )
{
// Process your data
}
Because your route's method (/promo/update) is post and you use get...You can see available routes methods just by run below code in terminal:
php artisan route:list
First, make sure you have made the route in your routes file.
Second...
Laravel automatically generates a CSRF "token" for each active user session managed by the application. This token is used to verify that the authenticated user is the one actually making the requests to the application.
Anytime you define an HTML form in your application, you should include a hidden CSRF token field in the form so that the CSRF protection middleware can validate the request. You may use the #csrf Blade directive to generate the token field:

File upload with a submit button which has a different name

This question may be connected to this Stackoverflow-question:
Form submit button will not submit when name of button is "submit"
Well, I have a basic HTML formular for uploading files which is looking like this:
<form action="UploadServlet" enctype="multipart/form-data" method="POST">
<input type="file" id="uploadName" name="file">
<button type="submit" id="uploadButton" class="btn btn-primary">Upload</button>
</form>
Now, when pressing "Upload" the file is correctly uploaded and processed. But when adding a name attribute to the submit button:
<button id="uploadButton" name="anyname" type="submit" class="btn btn-primary">Upload</button>
Then the request brokes (by using the TamperData plugin in Firefox is seems that the request is being sent as text/html instead of application/...). I tried to find some answers, but the only thing I found was the above mentioned question. I am not sure whether this question is connected to this. I strongly assume that the problem is assigned to "multipart/form-data", isn't it?
It also may be a servlet-problem: when using a name attribute for the submit button I am getting a NullPointerException in org.apache.tomcat.util.http.fileupload.disk.DiskFileItem.getString (due to a request.getParts()-call).
Now that I've found the source of the problem I really want to understand it. Thanks for your replies :-)

Uploading data from an HTML form to Parse.com

I want to make a simple HTML webpage and use a form on that page to upload an object to my server on parse.com
For example, if this is my form:
<form>
First name: <input type="text" name="firstname"><br>
Last name: <input type="text" name="lastname">
</form>
Then I assume I would want some kind of post request, but I don't know how to set that part up with Parse.
Thanks in advance.
You need to do this using the REST API at Parse. You should find all the info you need in the guide:
https://www.parse.com/docs/rest
The form should have the following arguments:
<form action="some_page.php" method="get">
using get will show the sent data from inputs in the url, post will hide.
See this tutorial for more information about forms http://www.w3schools.com/php/php_forms.asp

HTML input type submit value without modifiying post value?

Lets say I have a really simple html form:
<form action="./whatever.php" method="POST">
<input type="submit" name="TheButton" value="Apples">
</form>
Which of course makes the button the user sees say Apples. I want the post request to be TheButton=Oranges ... Is there a simple way to deal with this in HTML, or will I be need to do something with a action=javascript ?
The simple way is:
<button type="submit" name="TheButton" value="Oranges">Apples</button>
… but this will break in Internet Explorer (IIRC, up to and including version 7).
If you only have one button to deal with then:
<input type="submit" value="Apples">
<input type="hidden" name="TheButton" value="Oranges">
… will work fine.
Otherwise the best approach is to use server side logic:
<input type="submit" name="TheButton_Oranges" value="Apples">
And look for a value which starts with TheButton_ and then extract the value from the name. It is an ugly hack, but it is reliable and doesn't depend on client side JS.