Multipart/form-data enctype drops variable with ampersand on POST

Posted on 2005-04-29
Last Modified: 2013-11-19
We have a "member profile" page that users can login to and edit any values that we have stored in the database.  We load the values into an array from the database and display them on the form for editing.

Sample of current HTML used:

<form action="submission_form_db.php" method="POST" enctype="multipart/form-data">
  <intput type="name" value="......value from database....">
  ..... (other input fields)....
   ..... (image upload field as well).....

When I submit this form and do a print_r($POST) it completely removes the 'name' variable from the POST array and doesn't display it.  After trial and error I found that the problem only occurs if the the name value from the database has an ampersand (&) in it.  If the name value from the database does NOT have an ampersand, the POST submission works perfectly and the 'name' POST var stays in tact.  Also, if the original value does NOT have an ampersand, but then during editing I add an ampersand and submit, it STILL updates perfectly.  So the problem is only occuring when the original value has an ampersand (and the problem still occurs if I delete the ampersand from the field and then submit).

To me, it makes no sense.  And to make matters more confusing, if we remove the enctype from the FORM tag it works perfectly!  So it's something with the ampersand and the enctype.

PHP Version 4.3.4
MySQL 3.23.56

Any help?

Edit: When we pull the data out of the database and populate the form that is posting to the problem page, we replace ampersands with &amp;, so that's not the problem.
Question by:djs120
    LVL 6

    Accepted Solution

    Hi djs120,

    Ampersand is a special HTML character, you should replace it with HTML entity, for example:
    <input type="text" name="name" value="<?=htmspecialchars($value)?>" />

    This is a good idea to use htmlspecialchars() or even htmlentitites(), imagine what would happen if the 'name' contains quotes.

    German Rumm.
    LVL 1

    Author Comment

    I tried the htmlspecialchars and still no luck.  But I just had a new revelation... I edited the member's record in the database and changed the 'name' field to remove the ampersand and put the word 'AND' in there.  Then I tried again, and it still errors out.  So maybe it isn't the ampersand, but something else?  It just seems so bizarre.
    LVL 1

    Author Comment

    Well, I solved the issue, but have NO idea why it was happening.  I finally found out that PHP was dropping the first value of the POST array for some reason.  I added the following right before the first intput tag:

    <input type="hidden" name="junk" value="">

    And that solved the problem.  When I print_r($POST) the junk value does not show up, but at least our name value does.

    I am still interested in understanding why and how this could be happening.
    LVL 2

    Expert Comment

    Do you have a syntax error in one of the form fields above? Meaning.. did you forget to close a quote in one of the form fields?

    LVL 1

    Author Comment

    Nope, no syntax errors or missing brackets.
    LVL 1

    Author Comment

    Never got a solution... oh well.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Introduction Since I wrote the original article about Handling Date and Time in PHP and MySQL ( several years ago, it seemed like now was a good time to updat…
    Styling your websites can become very complex. Here I'll show how SASS can help you better organize, maintain and reuse your CSS code.
    Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…
    The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now