Solved

Sometimes works, sometimes doesnt

Posted on 2008-10-01
11
170 Views
Last Modified: 2012-05-05
Hi guys, another problem.

Im trying to grab a posted form variable. Sometimes it works, sometimes it does not.
Im trying to grab hiddendescription

<input type="hidden" name="hiddendescription" value="<?php echo $rows_view_tasks['description_ctk']; ?>">

Im trying to grab it by doing the following..

$grab_hiddendescription = $_REQUEST['hiddendescription'];
echo "The value of \$grab_hiddendescription is: " . $grab_hiddendescription;

I dont know why it is not returning.
Any help greatly appreciated.
<form name="formedit" method="post" action="edit_task.php">		
							
							<!-- Send the edit_task.php page, the variable 'radioedittask' which has selected record's id_ctk. -->					
							<input type="radio" name="radioedittask" value="<?php echo $rows_view_tasks['id_ctk']; ?>">	
							<input type="hidden" name="hiddendescription" value="<?php echo $rows_view_tasks['description_ctk']; ?>">							
							<!-- 
							The following are not required to be sent to edit_task.php. The id id_ctk is enough
							<input type="hidden" name="hiddentaskname" value="<?php echo $rows_view_tasks['name_ctk']; ?>">	
							<input type="hidden" name="hiddendescription" value="<?php echo $rows_view_tasks['description_ctk']; ?>">
							-->								
					</td>		
						
				</tr> <?php } ?>	
							
							<input id="edittaskbutton" type="submit" name="Submit" value="Edit">
		
						</form>

Open in new window

0
Comment
Question by:Simon336697
  • 5
  • 4
  • 2
11 Comments
 
LVL 82

Accepted Solution

by:
hielo earned 250 total points
ID: 22615708
try changing:

<input type="hidden" name="hiddendescription" value="<?php echo $rows_view_tasks['description_ctk']; ?>">                                           
to:
<input type="hidden" name="hiddendescription" value="<?php echo htmlspecialchars($rows_view_tasks['description_ctk']); ?>"> 
also verify that $rows_view_tasks['description_ctk'] actually has some value. If your db field is empty you will not see anything when you try to retrieve the value of the hidden field.

Open in new window

0
 
LVL 1

Author Comment

by:Simon336697
ID: 22615787
Hi mate,
hi,
should i be using something like htmlspecialchars when actually inserting into the database?
Could this be part of my problem as well?

When inserting, this is what im doing..

==================================================== insert_task.php
<form name="form1" method="post" action="insert_task_ac.php">
<td class="descriptioncol2"><textarea name="description" type="text" id="description"></textarea></td>
<input type="submit" name="Submit" value="Insert New Task">
</form>
0
 
LVL 1

Author Comment

by:Simon336697
ID: 22615913
Hi,
the insert_task.php posts to insert_task_ac.php which does the insertion.
All i have in insert_task_ac.php for the insertion is:

$sql="INSERT INTO $tbl_tasks(name_ctk, fk_id_pro_ctk, description_ctk)VALUES('$taskname', '$project', '$description')";
$result=mysql_query($sql);

Should i be using something here to make sure it is safe to put the textarea stuff into mysql?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 11

Expert Comment

by:bansidhar
ID: 22615926
please don't post same problem in 2 posts. Check my suggestions on the last post.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/Q_23778324.html#a22615761
0
 
LVL 1

Author Comment

by:Simon336697
ID: 22615945
Sorry ban
0
 
LVL 11

Assisted Solution

by:bansidhar
bansidhar earned 250 total points
ID: 22615950
you must have
$taskname = mysql_real_escape_string($taskname);
$project = mysql_real_escape_string($project);
$description = mysql_real_escape_string($description);
$sql="INSERT INTO $tbl_tasks(name_ctk, fk_id_pro_ctk, description_ctk)VALUES('$taskname', '$project', '$description')";
$result=mysql_query($sql);
0
 
LVL 1

Author Comment

by:Simon336697
ID: 22616018
ban,
so do i first grab the variables like:

$taskname=$_POST['taskname'];
$project=$_POST['projectid'];
$description=$_POST['description'];

then do:

$taskname = mysql_real_escape_string($taskname);
$project = mysql_real_escape_string($project);
$description = mysql_real_escape_string($description);
0
 
LVL 1

Author Comment

by:Simon336697
ID: 22616168
hielo and ban.
thank you again for your awesome help.
points now and ill work on this more thanks so much.
0
 
LVL 11

Expert Comment

by:bansidhar
ID: 22616169
easier is you can do both in single step

$taskname=mysql_real_escape_string($_POST['taskname']);

etc...
0
 
LVL 11

Expert Comment

by:bansidhar
ID: 22616175
happy it helped you :)
0
 
LVL 82

Expert Comment

by:hielo
ID: 22616220
>>the insert_task.php posts to insert_task_ac.php which does the insertion.
Then in  insert_task_ac.php you just need to use mysql_real_escape_string on the value you are inserting into the db.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Generate PDF from MySQL using PHP 3 54
PHP: Filling Out/Creating a PDF 29 102
PHP encrypted string and passing to a ASP Page 12 46
PHP Curl Problem 10 41
Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question