Solved

PHP send form back to itself

Posted on 2011-03-03
24
1,545 Views
Last Modified: 2012-05-11
Hello, I have an input form where users enter several pieces of information (figures). I then have a php script to perform a calculation on those figures. I want to be able to return the result to the original form. I can achieve this with php_self with just one input value, but if i try with more than one I get an HTTP 403 error.
Here is the code I am trying to use:
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['Calculator']; ?>">
            Weight(kgs):<input name="Weight" type="text" >
              Length(cms):<input name="Length" type="text" >
               Width(cms):<input name="Width" type="text" >
             Depth;(cms)<input name="Depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>
             
                     
      </form>
<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['Length'] ;
$Width = $_POST['Width'] ;
$Depth = $_POST['Depth'] ;
$a= '('.$length.'*'.$Width.'*'.$Depth.')/5000';
//$a= '3*(5-1)/3';                // = 3*(4)/3 = 4
eval("\$b = $a;");
echo "the answer is $b";  
   
}
?>

</body>
</html>
The error log on Apache reads "[Thu Mar 03 16:37:28 2011] [client 127.0.0.1] (20024)The given path is misformatted or contained invalid characters: Cannot map POST /calculator/%3C?php%20echo%20$_SERVER['Calculator'];%20?> HTTP/1.1 to file, referer: http://localhost/calculator/calculator.html".
This ought to be self explanatory, but I cna't see where the problem is.
Any assistance would be greatly appreciated.

Trevor
0
Comment
Question by:TrevorParnhamntl
  • 9
  • 5
  • 4
  • +3
24 Comments
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35029278
You are not using PHP_SELF. Change

<FORM method="post" action="<?php echo $_SERVER['Calculator']; ?>">

to

<FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35029304
bportlock,
Sorry I had originally got the correct code. I just changed it and still getting the same error

0
 
LVL 4

Expert Comment

by:mars-vie
ID: 35029409
<?php
ini_set('display_errors','1');
error_reporting(E_ALL);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>
             
                     
      </form>
<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['length'] ;
$width = $_POST['width'] ;
$depth = $_POST['depth'] ;
$a= '('.$length.'*'.$width.'*'.$depth.')/5000';

eval("\$b = $a;");
echo "the answer is $b";  
   
}
?>

</body>
</html>
0
 
LVL 4

Expert Comment

by:mars-vie
ID: 35029418
All characters lower case - no mismatch upper and lowercase
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35029494
The error is being caused by the eval change it to


eval("\$b = \$a;");
echo "the answer is $b";
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 35029709
All that 'eval' seems to do is a string copy.  I added the actual calculation on the line before it and moved that <div> from the <head> to the <body> where it belongs.
<?php
ini_set('display_errors','1');
error_reporting(E_ALL);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

</head>
<body>
<div align=center><h1><b>Wrington Online World </b></h1></div>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">

<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form">            
</form>

<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['length'] ;
$width = $_POST['width'] ;
$depth = $_POST['depth'] ;
$a= '('.$length.'*'.$width.'*'.$depth.')/5000';
$c = ($length * $width * $depth)/5000;
eval("\$b = \$a;");
echo "the answer is $b and $a and $c .";  
   
}
?>

</body>
</html>

Open in new window

0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35029775
DaveBaldwin said: "All that 'eval' seems to do is a string copy.  "

Yeah - I presumed that was intended as a test for greater things to come......
0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35030588
Hi Experts, I've tried all your suggestions, with the same result.
I stress that if you just use one value
I assume you have all tested your various solutions. Can you confirm this? If this is the case then we need to look broader. The error log could be misleading.
It would also be useful to know which OS you are all working on. I am on Vista home premium and there are some big differences between this an earlier windows, such as XP.
0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35030987
I thought this might be useful to see.

This is the HTML file where the form is submitted to a separate php file. This works perfectly. It is only when I try to combine the two we have a problem.

Calculator.html
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="calculator.php">
            Weight(kgs):<input name="Weight" type="text" >
              Length(cms):<input name="Length" type="text" >
               Width(cms):<input name="Width" type="text" >
             Depth;(cms)<input name="Depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>
              
                     
      </form>


</body>
</html>

Calculator.php

<?PHP

$length = $_POST['Length'] ;
$Width = $_POST['Width'] ;
$Depth = $_POST['Depth'] ;

$a= '('.$length.'*'.$Width.'*'.$Depth.')/5000';

eval("\$b = $a;");
echo "the answer is $b";   // outputs the answer
?>

0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35031173
You still have a duff eval as per my earlier post. It should be

eval("\$b = \$a;");
echo "the answer is $b";

Also, your form processing PHP should come BEFORE the HTML processing like so

<?php
ini_set('display_errors','1');
error_reporting(E_ALL);

$b = "";
if(isset($_POST['submit'])) {
     $weight=$_POST['weight'];
     $length = $_POST['length'] ;
     $width = $_POST['width'] ;
     $depth = $_POST['depth'] ;
     $a= '('.$length.'*'.$width.'*'.$depth.')/5000';
     $b = '';

     eval("\$b = \$a;");
}
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>


      </form>

     <?php
         if ( $b != "" )
             echo $b;
     ?>
</body>
</html>

Open in new window

0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35031260
You're missing the point as your code still isn't working. Can you answer my earlier questions re testing and the system you are on?
How can you say the eval is incorrect when it is working in the standalone php file I posted earlier? The problem has something to do with putting the two files together and whether the php comes before the html or visa versa is not the issue. What it is, I don't know, which is why I asked the experts the question.
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35031470
The code posted works here. I can fill in all the input values and it works - or appears to. It certainly does not generate any error codes of any kind, particularly a 403.

If I try running your code here in two files as you have them then if I fill in all values and press ENTER then I get an answer.

I don't know what's wrong with your set up but it is not the PHP at fault - not as you have posted here at any rate.

0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35031505
Which is what I suggested earlier. I'm asking for expert help to establish what may be the problem. Can you point me in the direction of anyone who is likely to know?
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 35031653
Ok, this version gives the correct answer for $b without any errors.  Save this and try it.  Let us know if there are error messages and if there are, what they are.
<?php
ini_set('display_errors','1');
error_reporting(E_ALL);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

</head>
<body>
<div align=center><h1><b>Wrington Online World </b></h1></div>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">

<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form">            
</form>

<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['length'] ;
$width = $_POST['width'] ;
$depth = $_POST['depth'] ;
$a= '('.$length.'*'.$width.'*'.$depth.')/5000';
$c = ($length * $width * $depth)/5000;
eval("\$b = $a;");
echo "the answer is $b and $a and $c .";  
   
}
?>

</body>
</html>

Open in new window

0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35031721
It is exactly the same. HTTP 403 error in IE but the error log in Apache is
 "[Thu Mar 03 21:45:56 2011] [client 127.0.0.1] (20024)The given path is misformatted or contained invalid characters: Cannot map POST /calculator/%3C?php%20echo%20$_SERVER['PHP_SELF'];%20?> HTTP/1.1 to file, referer: http://localhost/calculator/newcalculator.html"

From what I have been reading, I suspect this is something to do with $_SERVER superglobal, but I don't know where to start with that.
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 35031870
It should have been saved as 'newcalculator.php', not 'html.  If you're saving it as 'html', then that variable does not get processed by PHP when the file is loaded and you will get an error.  I should have noticed that from your original question but I missed it.
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 35032284
If you want a script to post "to itself" then do not put any action attribute in the form tag.  You can see the code in this snippet on my server.  Hopefully that will clear some of this up.  The script is at:
http://www.laprbass.com/RAY_temp_trevor.php
<?php // RAY_temp_trevor.php
ini_set('display_errors', TRUE);
error_reporting(E_ALL);


// DEMONSTRATE HOW TO COMPUTE THE VOLUME OF A BLOCK


// INITIALIZE SOME VARIABLES
$l = $w = $d = NULL;
$l = (!empty($_POST["l"])) ? $_POST["l"] : $l;
$w = (!empty($_POST["w"])) ? $_POST["w"] : $w;
$d = (!empty($_POST["d"])) ? $_POST["d"] : $d;

// IF THERE IS POST DATA
if (!empty($_POST))
{
    // COMPUTE AND REPORT
    $v = $_POST["l"] * $_POST["w"] * $_POST["d"];
    echo "THE ANSWER IS $v CUBIC UNITS";
}

// CREATE THE FORM USING HEREDOC FORMAT TO PRESERVE THE PREVIOUS INPUTS
$form = <<<ENDFORM
<form method="post">
Length:<input name="l" type="text" value="$l" /><br/>
 Width:<input name="w" type="text" value="$w" /><br/>
 Depth:<input name="d" type="text" value="$d" /><br/>
<input type="submit" value="COMPUTE VOLUME">
</form>
ENDFORM;

echo $form;

Open in new window

0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35032392
Bingo. That has done the trick. Sorry, I hadn't noticed that I'd saved it as html. I must have been on autopilot.
Many thanks for your help and perseverence. I will be pleased to award you the 500 points

One thing I need to point out for the benefit of others is the syntax of the eval function. As I wrote it"eval("\$b = $a;");" is absolutely correct and does return the result of the calculation. The syntax suggested by bportlock "eval("\$b=\$a;");" would just return the original formula.
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 35032429
You do not need eval() at all, and when I see eval() in code it is always a large red flag.

What you DO need, in all scripts you are developing are these two lines, right at the top.

ini_set('display_errors', TRUE);
error_reporting(E_ALL);

Best of luck with your project, ~Ray
0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35032435
My comment was aimed at DaveBaldwin. The later comment by Ray had not appeared when I wrote that.
Ray, the only point I would make is that this is a violation of the HTML code and whereas it may work in your browser it may not in others. I also think there is a security risk involved which is exactly why register globals was turned off.
0
 
LVL 1

Author Closing Comment

by:TrevorParnhamntl
ID: 35032452
It's very pleasing to see someone who actually investigates a problem rather than trotting out old possible solutions
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 35032461
Cool, thanks for the points.
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 35032561
Uhh, what are you talking about?  A "violation of the HTML code" is not, as far as I know, a term of art.  Could you please explain that one for me?  

And I don't think anybody mentioned register globals in this thread at all.  You can search a web page to look for things like that.  I'm pretty sure it's not in play here.
0
 
LVL 3

Expert Comment

by:Abrasax7
ID: 35875840
I couldnt stop lol'ing at this thread ;3
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Use these top 10 tips to master the art of email signature design. Create an email signature design that will easily wow recipients, promote your brand and highlight your professionalism.
In this tutorial viewers will learn how to embed an audio file in a webpage using HTML5. Ensure your DOCTYPE declaration is set to HTML5: : The declaration should display (CODE) HTML5 is supported by the most recent versions of all major browsers…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now