Solved

PHP send form back to itself

Posted on 2011-03-03
24
1,548 Views
Last Modified: 2012-05-11
Hello, I have an input form where users enter several pieces of information (figures). I then have a php script to perform a calculation on those figures. I want to be able to return the result to the original form. I can achieve this with php_self with just one input value, but if i try with more than one I get an HTTP 403 error.
Here is the code I am trying to use:
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['Calculator']; ?>">
            Weight(kgs):<input name="Weight" type="text" >
              Length(cms):<input name="Length" type="text" >
               Width(cms):<input name="Width" type="text" >
             Depth;(cms)<input name="Depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>
             
                     
      </form>
<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['Length'] ;
$Width = $_POST['Width'] ;
$Depth = $_POST['Depth'] ;
$a= '('.$length.'*'.$Width.'*'.$Depth.')/5000';
//$a= '3*(5-1)/3';                // = 3*(4)/3 = 4
eval("\$b = $a;");
echo "the answer is $b";  
   
}
?>

</body>
</html>
The error log on Apache reads "[Thu Mar 03 16:37:28 2011] [client 127.0.0.1] (20024)The given path is misformatted or contained invalid characters: Cannot map POST /calculator/%3C?php%20echo%20$_SERVER['Calculator'];%20?> HTTP/1.1 to file, referer: http://localhost/calculator/calculator.html".
This ought to be self explanatory, but I cna't see where the problem is.
Any assistance would be greatly appreciated.

Trevor
0
Comment
Question by:TrevorParnhamntl
  • 9
  • 5
  • 4
  • +3
24 Comments
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35029278
You are not using PHP_SELF. Change

<FORM method="post" action="<?php echo $_SERVER['Calculator']; ?>">

to

<FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35029304
bportlock,
Sorry I had originally got the correct code. I just changed it and still getting the same error

0
 
LVL 4

Expert Comment

by:mars-vie
ID: 35029409
<?php
ini_set('display_errors','1');
error_reporting(E_ALL);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>
             
                     
      </form>
<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['length'] ;
$width = $_POST['width'] ;
$depth = $_POST['depth'] ;
$a= '('.$length.'*'.$width.'*'.$depth.')/5000';

eval("\$b = $a;");
echo "the answer is $b";  
   
}
?>

</body>
</html>
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 4

Expert Comment

by:mars-vie
ID: 35029418
All characters lower case - no mismatch upper and lowercase
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35029494
The error is being caused by the eval change it to


eval("\$b = \$a;");
echo "the answer is $b";
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 35029709
All that 'eval' seems to do is a string copy.  I added the actual calculation on the line before it and moved that <div> from the <head> to the <body> where it belongs.
<?php
ini_set('display_errors','1');
error_reporting(E_ALL);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

</head>
<body>
<div align=center><h1><b>Wrington Online World </b></h1></div>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">

<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form">            
</form>

<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['length'] ;
$width = $_POST['width'] ;
$depth = $_POST['depth'] ;
$a= '('.$length.'*'.$width.'*'.$depth.')/5000';
$c = ($length * $width * $depth)/5000;
eval("\$b = \$a;");
echo "the answer is $b and $a and $c .";  
   
}
?>

</body>
</html>

Open in new window

0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35029775
DaveBaldwin said: "All that 'eval' seems to do is a string copy.  "

Yeah - I presumed that was intended as a test for greater things to come......
0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35030588
Hi Experts, I've tried all your suggestions, with the same result.
I stress that if you just use one value
I assume you have all tested your various solutions. Can you confirm this? If this is the case then we need to look broader. The error log could be misleading.
It would also be useful to know which OS you are all working on. I am on Vista home premium and there are some big differences between this an earlier windows, such as XP.
0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35030987
I thought this might be useful to see.

This is the HTML file where the form is submitted to a separate php file. This works perfectly. It is only when I try to combine the two we have a problem.

Calculator.html
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="calculator.php">
            Weight(kgs):<input name="Weight" type="text" >
              Length(cms):<input name="Length" type="text" >
               Width(cms):<input name="Width" type="text" >
             Depth;(cms)<input name="Depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>
              
                     
      </form>


</body>
</html>

Calculator.php

<?PHP

$length = $_POST['Length'] ;
$Width = $_POST['Width'] ;
$Depth = $_POST['Depth'] ;

$a= '('.$length.'*'.$Width.'*'.$Depth.')/5000';

eval("\$b = $a;");
echo "the answer is $b";   // outputs the answer
?>

0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35031173
You still have a duff eval as per my earlier post. It should be

eval("\$b = \$a;");
echo "the answer is $b";

Also, your form processing PHP should come BEFORE the HTML processing like so

<?php
ini_set('display_errors','1');
error_reporting(E_ALL);

$b = "";
if(isset($_POST['submit'])) {
     $weight=$_POST['weight'];
     $length = $_POST['length'] ;
     $width = $_POST['width'] ;
     $depth = $_POST['depth'] ;
     $a= '('.$length.'*'.$width.'*'.$depth.')/5000';
     $b = '';

     eval("\$b = \$a;");
}
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>


      </form>

     <?php
         if ( $b != "" )
             echo $b;
     ?>
</body>
</html>

Open in new window

0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35031260
You're missing the point as your code still isn't working. Can you answer my earlier questions re testing and the system you are on?
How can you say the eval is incorrect when it is working in the standalone php file I posted earlier? The problem has something to do with putting the two files together and whether the php comes before the html or visa versa is not the issue. What it is, I don't know, which is why I asked the experts the question.
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35031470
The code posted works here. I can fill in all the input values and it works - or appears to. It certainly does not generate any error codes of any kind, particularly a 403.

If I try running your code here in two files as you have them then if I fill in all values and press ENTER then I get an answer.

I don't know what's wrong with your set up but it is not the PHP at fault - not as you have posted here at any rate.

0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35031505
Which is what I suggested earlier. I'm asking for expert help to establish what may be the problem. Can you point me in the direction of anyone who is likely to know?
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 35031653
Ok, this version gives the correct answer for $b without any errors.  Save this and try it.  Let us know if there are error messages and if there are, what they are.
<?php
ini_set('display_errors','1');
error_reporting(E_ALL);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

</head>
<body>
<div align=center><h1><b>Wrington Online World </b></h1></div>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">

<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form">            
</form>

<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['length'] ;
$width = $_POST['width'] ;
$depth = $_POST['depth'] ;
$a= '('.$length.'*'.$width.'*'.$depth.')/5000';
$c = ($length * $width * $depth)/5000;
eval("\$b = $a;");
echo "the answer is $b and $a and $c .";  
   
}
?>

</body>
</html>

Open in new window

0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35031721
It is exactly the same. HTTP 403 error in IE but the error log in Apache is
 "[Thu Mar 03 21:45:56 2011] [client 127.0.0.1] (20024)The given path is misformatted or contained invalid characters: Cannot map POST /calculator/%3C?php%20echo%20$_SERVER['PHP_SELF'];%20?> HTTP/1.1 to file, referer: http://localhost/calculator/newcalculator.html"

From what I have been reading, I suspect this is something to do with $_SERVER superglobal, but I don't know where to start with that.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 35031870
It should have been saved as 'newcalculator.php', not 'html.  If you're saving it as 'html', then that variable does not get processed by PHP when the file is loaded and you will get an error.  I should have noticed that from your original question but I missed it.
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 35032284
If you want a script to post "to itself" then do not put any action attribute in the form tag.  You can see the code in this snippet on my server.  Hopefully that will clear some of this up.  The script is at:
http://www.laprbass.com/RAY_temp_trevor.php
<?php // RAY_temp_trevor.php
ini_set('display_errors', TRUE);
error_reporting(E_ALL);


// DEMONSTRATE HOW TO COMPUTE THE VOLUME OF A BLOCK


// INITIALIZE SOME VARIABLES
$l = $w = $d = NULL;
$l = (!empty($_POST["l"])) ? $_POST["l"] : $l;
$w = (!empty($_POST["w"])) ? $_POST["w"] : $w;
$d = (!empty($_POST["d"])) ? $_POST["d"] : $d;

// IF THERE IS POST DATA
if (!empty($_POST))
{
    // COMPUTE AND REPORT
    $v = $_POST["l"] * $_POST["w"] * $_POST["d"];
    echo "THE ANSWER IS $v CUBIC UNITS";
}

// CREATE THE FORM USING HEREDOC FORMAT TO PRESERVE THE PREVIOUS INPUTS
$form = <<<ENDFORM
<form method="post">
Length:<input name="l" type="text" value="$l" /><br/>
 Width:<input name="w" type="text" value="$w" /><br/>
 Depth:<input name="d" type="text" value="$d" /><br/>
<input type="submit" value="COMPUTE VOLUME">
</form>
ENDFORM;

echo $form;

Open in new window

0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35032392
Bingo. That has done the trick. Sorry, I hadn't noticed that I'd saved it as html. I must have been on autopilot.
Many thanks for your help and perseverence. I will be pleased to award you the 500 points

One thing I need to point out for the benefit of others is the syntax of the eval function. As I wrote it"eval("\$b = $a;");" is absolutely correct and does return the result of the calculation. The syntax suggested by bportlock "eval("\$b=\$a;");" would just return the original formula.
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 35032429
You do not need eval() at all, and when I see eval() in code it is always a large red flag.

What you DO need, in all scripts you are developing are these two lines, right at the top.

ini_set('display_errors', TRUE);
error_reporting(E_ALL);

Best of luck with your project, ~Ray
0
 
LVL 1

Author Comment

by:TrevorParnhamntl
ID: 35032435
My comment was aimed at DaveBaldwin. The later comment by Ray had not appeared when I wrote that.
Ray, the only point I would make is that this is a violation of the HTML code and whereas it may work in your browser it may not in others. I also think there is a security risk involved which is exactly why register globals was turned off.
0
 
LVL 1

Author Closing Comment

by:TrevorParnhamntl
ID: 35032452
It's very pleasing to see someone who actually investigates a problem rather than trotting out old possible solutions
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 35032461
Cool, thanks for the points.
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 35032561
Uhh, what are you talking about?  A "violation of the HTML code" is not, as far as I know, a term of art.  Could you please explain that one for me?  

And I don't think anybody mentioned register globals in this thread at all.  You can search a web page to look for things like that.  I'm pretty sure it's not in play here.
0
 
LVL 3

Expert Comment

by:Abrasax7
ID: 35875840
I couldnt stop lol'ing at this thread ;3
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article describes how to create custom column layout styles for Bootstrap. The article uses 5 columns to illustrate the concept, but the principle can be extended to any number of columns.
Use these top 10 tips to master the art of email signature design. Create an email signature design that will easily wow recipients, promote your brand and highlight your professionalism.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will receive an overview of the basics of CSS showing inline styles. In the head tags set up your style tags: (CODE) Reference the nav tag and set your properties.: (CODE) Set the reference for the UL element and styles for it to ensu…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question