Here is the situation : I have a form created by HtmlService, and several items have the same names because I want to retrieve them in a array.
Here is an example:
<html>
<form method="post" action="address of my published script (or dev address for the test)" >
<input type="text" name="field" />
<input type="text" name="field" />
<input type="submit" value="Send" />
</form>
</html>
(Ok, it seems useless here, but it'll be interesting when user can add fields of the same name dynamically, so I won't know how many they are).
In the function doPost(e), I wish to have e.parameter.field equals to [value1, value2]. Unfortunately, I only have the first element.
I read that in PHP we can write name="field[]", but it doesn't work either.
Do you know any solution for doing that ?
Thanks for your answers ! :)
e.parameters (note the s at the end) will have precisely what you want.
Related
I would like to make certain fields in the form to read only while other editable. I read this in HTML (Read only)
<form action="demo_form.asp">
Country: <input type="text" name="country" value="Norway" readonly="readonly" /><br />
<input type="submit" value="Submit" />
</form>
This example specifically states the fields which will be editable. But i am using Django Forms. I am not able to do this specifically because the field is derived from models.py.
What options do i have in making the fields read only? Need some suggestions and guidance...
When creating the form add an extra param to add the readonly attribute, for your field:
name = forms.CharField(widget=forms.TextInput(attrs={'readonly':'readonly'}))
You can use jQuery to add the property?
$('.inputClass').prop("readonly", true);
I want visitors to my website to be able to search for airport lounges offered by a company called Priority Pass. I have created the following form:
<form action="http://prioritypass.com/lounges/lounge-print.cfm" method="post">
<input type="text" id="print_airport_code" name="print_airport_code" value="MAN" />
<input type="submit" value="Submit" />
</form>
Which mirrors the form they have on their own mobile search site (here). But when I submit my form it doesnt seem like the parameters are being posted properly.
Any help would be great. Thanks.
The form on their website doesnt appear to contain any fields which I have missed?
You're pointing to the wrong URL; POSTing to /lounges/lounge-print.cfm is producing an HTTP redirect header, which is corrupting your output.
Additionally, the name of your input field is incorrect. Using someone else's form results often requires you to maintain all field names consistently as they appear on the remote site.
Change the form to:
<form action="http://www.prioritypass.com/mobile/lounges.cfm" method="post">
<input id="Airport_Code" name="Airport_Code" type="text" size="10" value="MAN" />
<input type="submit" value="Submit" />
</form>
How do I link multiple input elements in a form so the server knows that two values are related?
Let's assume we have separate fields for first and last names, for multiple people on a single page:
<input name="firstNames" value="John">
<input name="lastNames" value="Smith">
...
<input name="firstNames" value="Jane">
<input name="lastNames" value="Doe">
When POSTing that, the server eventually has the following data:
firstNames = ["John", "Jane"]
lastNames = ["Smith", "Doe"]
So we can determine the respective names by index:
person = firstNames[i] + lastNames[i]
Is there a better way than relying on the order? (Is that even reliable?)
EDIT : This is language specific
Upon further searching, some languages (ASP) allow you to get at the data as a CSV string. So you'll need to add further context to your question. However, the array method still works in all languages.
You can't rely on the order in PHP. If two HTML form elements have the same name the last one overrides everything else (in PHP at least).
Just use arrays.
<input name="firstNames[0]" value="John">
<input name="lastNames[0]" value="Smith">
...
<input name="firstNames[99]" value="Jane">
<input name="lastNames[99]" value="Doe">
You could also use empty [] empty braces as well.
EDIT
Copy paste the code below to see the behavior in PHP.
Down voters : I'd really be interested in knowing where this would not be the case (in a different language)
<html>
<head>
</head>
<body>
<form action='test.php' method='post'>
<input name="firstNames" value="John">
<input name="lastNames" value="Smith">
<input name="firstNames" value="Jane">
<input name="lastNames" value="Doe">
<input type='submit' value='Go'>
</form>
</body>
</html>
<?php
if (!empty($_POST)) {
var_dump($_POST);
}
Let say I have a post from like this:
<form action="myApp/form_action.asp" method="post">
First name: <input type="text" name="fname" /><br />
Last name: <input type="text" name="lname" /><br />
<input type="submit" value="Submit" />
</form>
So, let say there is a really bad buy who want to do something in my application. For example, my form_action.asp not only accept param "fname", "lname", but also "gender", can he/she make a request on their own , like this....
<form action="http://www.myDomain.com/myApp/form_action.asp" method="post">
First name: <input type="text" name="fname" /><br />
Last name: <input type="text" name="lname" /><br />
Gender: <input type="text" name="gender" /><br />
<input type="submit" value="Submit" />
</form>
****Updates:****
I don't want the user submit the gender, because I don't want to modify his/her gender after he/she assigned.
If he/she can submit this query, it there any way to avoid him/her to do so? thank you.
You're thinking about this the wrong way. Forget about HTML forms. They're not what your server handles. It handles HTTP requests.
And (pretty obviously) people can send you HTTP requests that contain whatever they want. Not just additional fields, but also fields with values that the form would not allow, or fields with names that are 5000 characters long and/or values that are that long.
So what you absolutely must do is define what constitutes valid input and reject input that isn't. In your case, it's pretty simple: if the form is not supposed to contain a "gender" field, then have the server ignore such a field, or abort with an error if it's present.
Usually you don't have to do anything to ignore fields. But you definitely have to write your app in such a way that it does not accept field values that are not valid.
You cannot avoid this. Inputs coming from the clientside are NEVER secure and can ALWAYS be tampered with.
You'll have to implement your checks serverside, in the ASP file itself.
The reason you can't avoid it is that he doesn't need to make his own copy and submit it from another domain. He can easily modify your site live with javascript (e.g.: firebug) and send the fake request identical to a valid one.
If your form action file i.e. form_action.asp doesn't call for the $_POST['gender'] variable i can't see how it would affect your script.
Make sure that you are sanitizing your variables though, so for first name and last name you would only really want to accept A-Za-z, space and maybe hyphens and apostrophes.
By doing this it doesn't really matter what they send to your form because most of the tags, brackets etc will be removed and any script injected won't run.
Make sure you also escape the variables before you enter them in your database, I use mysql_real_escape_string in php, but don't know any asp so you will have to look it up.
i have a web form who send post variables like:
<form action="teacher.php" method="post">
<input name="pass" type="password">
<input name="quiere" type="image" value="submit" src="IMG/unlock-32.png" />
</from>
In the same page i check for a submit acction with php doing a simple isset check like:
"if (isset($_POST['quiere'])) {"
But if you do this in IE the post var "QUIERE" (the button var) does not post, the others vars are fine, and if you try this simple form in any other browser it works. I only get this form function well in IE changing the button for a normal button, instead of a image button like:
<input name="quiere" type="submit" value="submit" />
In this way, the var "quiere" get post. So, what do you think? and sorry for my english.
This is a known issue in IE6 and IE7. image inputs are not submitted with a form as you'd expect. It submits the cords instead and changes the field names with appending _x or _y . i've run into this several times in the past and found others have as well.
A fix is to check for $_POST['quiere_x'] or $_POST['quiere_y'] instead of just $_POST['quiere']
I believe this link has your answer.
IE doesn't send the name/value pair
for elements.
They only send the x/y coordinates.
Most, if not all, other common
browsers send both the name/value pair
and the x/y coordinates.
http://www.codingforums.com/archive/index.php/t-79035.html
This is a known ie issue. Read above for the same.
Yup, just another annoying IE issue.
I normally do this:
<form action="teacher.php" method="post">
<input name="pass" type="password">
<input type="hidden" name="quiere" value="submit" />
<input type="image" src="IMG/unlock-32.png" />
</form>
i.e. - just move the name and value attributes into a hidden field.