?
Solved

Sometimes works, sometimes doesnt

Posted on 2008-10-01
11
Medium Priority
?
173 Views
Last Modified: 2012-05-05
Hi guys, another problem.

Im trying to grab a posted form variable. Sometimes it works, sometimes it does not.
Im trying to grab hiddendescription

<input type="hidden" name="hiddendescription" value="<?php echo $rows_view_tasks['description_ctk']; ?>">

Im trying to grab it by doing the following..

$grab_hiddendescription = $_REQUEST['hiddendescription'];
echo "The value of \$grab_hiddendescription is: " . $grab_hiddendescription;

I dont know why it is not returning.
Any help greatly appreciated.
<form name="formedit" method="post" action="edit_task.php">		
							
							<!-- Send the edit_task.php page, the variable 'radioedittask' which has selected record's id_ctk. -->					
							<input type="radio" name="radioedittask" value="<?php echo $rows_view_tasks['id_ctk']; ?>">	
							<input type="hidden" name="hiddendescription" value="<?php echo $rows_view_tasks['description_ctk']; ?>">							
							<!-- 
							The following are not required to be sent to edit_task.php. The id id_ctk is enough
							<input type="hidden" name="hiddentaskname" value="<?php echo $rows_view_tasks['name_ctk']; ?>">	
							<input type="hidden" name="hiddendescription" value="<?php echo $rows_view_tasks['description_ctk']; ?>">
							-->								
					</td>		
						
				</tr> <?php } ?>	
							
							<input id="edittaskbutton" type="submit" name="Submit" value="Edit">
		
						</form>

Open in new window

0
Comment
Question by:Simon336697
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
11 Comments
 
LVL 82

Accepted Solution

by:
hielo earned 1000 total points
ID: 22615708
try changing:

<input type="hidden" name="hiddendescription" value="<?php echo $rows_view_tasks['description_ctk']; ?>">                                           
to:
<input type="hidden" name="hiddendescription" value="<?php echo htmlspecialchars($rows_view_tasks['description_ctk']); ?>"> 
also verify that $rows_view_tasks['description_ctk'] actually has some value. If your db field is empty you will not see anything when you try to retrieve the value of the hidden field.

Open in new window

0
 
LVL 1

Author Comment

by:Simon336697
ID: 22615787
Hi mate,
hi,
should i be using something like htmlspecialchars when actually inserting into the database?
Could this be part of my problem as well?

When inserting, this is what im doing..

==================================================== insert_task.php
<form name="form1" method="post" action="insert_task_ac.php">
<td class="descriptioncol2"><textarea name="description" type="text" id="description"></textarea></td>
<input type="submit" name="Submit" value="Insert New Task">
</form>
0
 
LVL 1

Author Comment

by:Simon336697
ID: 22615913
Hi,
the insert_task.php posts to insert_task_ac.php which does the insertion.
All i have in insert_task_ac.php for the insertion is:

$sql="INSERT INTO $tbl_tasks(name_ctk, fk_id_pro_ctk, description_ctk)VALUES('$taskname', '$project', '$description')";
$result=mysql_query($sql);

Should i be using something here to make sure it is safe to put the textarea stuff into mysql?
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 
LVL 11

Expert Comment

by:bansidhar
ID: 22615926
please don't post same problem in 2 posts. Check my suggestions on the last post.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/Q_23778324.html#a22615761
0
 
LVL 1

Author Comment

by:Simon336697
ID: 22615945
Sorry ban
0
 
LVL 11

Assisted Solution

by:bansidhar
bansidhar earned 1000 total points
ID: 22615950
you must have
$taskname = mysql_real_escape_string($taskname);
$project = mysql_real_escape_string($project);
$description = mysql_real_escape_string($description);
$sql="INSERT INTO $tbl_tasks(name_ctk, fk_id_pro_ctk, description_ctk)VALUES('$taskname', '$project', '$description')";
$result=mysql_query($sql);
0
 
LVL 1

Author Comment

by:Simon336697
ID: 22616018
ban,
so do i first grab the variables like:

$taskname=$_POST['taskname'];
$project=$_POST['projectid'];
$description=$_POST['description'];

then do:

$taskname = mysql_real_escape_string($taskname);
$project = mysql_real_escape_string($project);
$description = mysql_real_escape_string($description);
0
 
LVL 1

Author Comment

by:Simon336697
ID: 22616168
hielo and ban.
thank you again for your awesome help.
points now and ill work on this more thanks so much.
0
 
LVL 11

Expert Comment

by:bansidhar
ID: 22616169
easier is you can do both in single step

$taskname=mysql_real_escape_string($_POST['taskname']);

etc...
0
 
LVL 11

Expert Comment

by:bansidhar
ID: 22616175
happy it helped you :)
0
 
LVL 82

Expert Comment

by:hielo
ID: 22616220
>>the insert_task.php posts to insert_task_ac.php which does the insertion.
Then in  insert_task_ac.php you just need to use mysql_real_escape_string on the value you are inserting into the db.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Popularity Can Be Measured Sometimes we deal with questions of popularity, and we need a way to collect opinions from our clients.  This article shows a simple teaching example of how we might elect a favorite color by letting our clients vote for …
Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question