• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1561
  • Last Modified:

PHP send form back to itself

Hello, I have an input form where users enter several pieces of information (figures). I then have a php script to perform a calculation on those figures. I want to be able to return the result to the original form. I can achieve this with php_self with just one input value, but if i try with more than one I get an HTTP 403 error.
Here is the code I am trying to use:
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['Calculator']; ?>">
            Weight(kgs):<input name="Weight" type="text" >
              Length(cms):<input name="Length" type="text" >
               Width(cms):<input name="Width" type="text" >
             Depth;(cms)<input name="Depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>
             
                     
      </form>
<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['Length'] ;
$Width = $_POST['Width'] ;
$Depth = $_POST['Depth'] ;
$a= '('.$length.'*'.$Width.'*'.$Depth.')/5000';
//$a= '3*(5-1)/3';                // = 3*(4)/3 = 4
eval("\$b = $a;");
echo "the answer is $b";  
   
}
?>

</body>
</html>
The error log on Apache reads "[Thu Mar 03 16:37:28 2011] [client 127.0.0.1] (20024)The given path is misformatted or contained invalid characters: Cannot map POST /calculator/%3C?php%20echo%20$_SERVER['Calculator'];%20?> HTTP/1.1 to file, referer: http://localhost/calculator/calculator.html".
This ought to be self explanatory, but I cna't see where the problem is.
Any assistance would be greatly appreciated.

Trevor
0
TrevorParnhamntl
Asked:
TrevorParnhamntl
  • 9
  • 5
  • 4
  • +3
1 Solution
 
Beverley PortlockCommented:
You are not using PHP_SELF. Change

<FORM method="post" action="<?php echo $_SERVER['Calculator']; ?>">

to

<FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
0
 
TrevorParnhamntlAuthor Commented:
bportlock,
Sorry I had originally got the correct code. I just changed it and still getting the same error

0
 
mars-vieCommented:
<?php
ini_set('display_errors','1');
error_reporting(E_ALL);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>
             
                     
      </form>
<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['length'] ;
$width = $_POST['width'] ;
$depth = $_POST['depth'] ;
$a= '('.$length.'*'.$width.'*'.$depth.')/5000';

eval("\$b = $a;");
echo "the answer is $b";  
   
}
?>

</body>
</html>
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

 
mars-vieCommented:
All characters lower case - no mismatch upper and lowercase
0
 
Beverley PortlockCommented:
The error is being caused by the eval change it to


eval("\$b = \$a;");
echo "the answer is $b";
0
 
Dave BaldwinFixer of ProblemsCommented:
All that 'eval' seems to do is a string copy.  I added the actual calculation on the line before it and moved that <div> from the <head> to the <body> where it belongs.
<?php
ini_set('display_errors','1');
error_reporting(E_ALL);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

</head>
<body>
<div align=center><h1><b>Wrington Online World </b></h1></div>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">

<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form">            
</form>

<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['length'] ;
$width = $_POST['width'] ;
$depth = $_POST['depth'] ;
$a= '('.$length.'*'.$width.'*'.$depth.')/5000';
$c = ($length * $width * $depth)/5000;
eval("\$b = \$a;");
echo "the answer is $b and $a and $c .";  
   
}
?>

</body>
</html>

Open in new window

0
 
Beverley PortlockCommented:
DaveBaldwin said: "All that 'eval' seems to do is a string copy.  "

Yeah - I presumed that was intended as a test for greater things to come......
0
 
TrevorParnhamntlAuthor Commented:
Hi Experts, I've tried all your suggestions, with the same result.
I stress that if you just use one value
I assume you have all tested your various solutions. Can you confirm this? If this is the case then we need to look broader. The error log could be misleading.
It would also be useful to know which OS you are all working on. I am on Vista home premium and there are some big differences between this an earlier windows, such as XP.
0
 
TrevorParnhamntlAuthor Commented:
I thought this might be useful to see.

This is the HTML file where the form is submitted to a separate php file. This works perfectly. It is only when I try to combine the two we have a problem.

Calculator.html
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="calculator.php">
            Weight(kgs):<input name="Weight" type="text" >
              Length(cms):<input name="Length" type="text" >
               Width(cms):<input name="Width" type="text" >
             Depth;(cms)<input name="Depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>
              
                     
      </form>


</body>
</html>

Calculator.php

<?PHP

$length = $_POST['Length'] ;
$Width = $_POST['Width'] ;
$Depth = $_POST['Depth'] ;

$a= '('.$length.'*'.$Width.'*'.$Depth.')/5000';

eval("\$b = $a;");
echo "the answer is $b";   // outputs the answer
?>

0
 
Beverley PortlockCommented:
You still have a duff eval as per my earlier post. It should be

eval("\$b = \$a;");
echo "the answer is $b";

Also, your form processing PHP should come BEFORE the HTML processing like so

<?php
ini_set('display_errors','1');
error_reporting(E_ALL);

$b = "";
if(isset($_POST['submit'])) {
     $weight=$_POST['weight'];
     $length = $_POST['length'] ;
     $width = $_POST['width'] ;
     $depth = $_POST['depth'] ;
     $a= '('.$length.'*'.$width.'*'.$depth.')/5000';
     $b = '';

     eval("\$b = \$a;");
}
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

<DIV ALIGN=CENTER><h1><b>Wrington Online World </b></h1></DIV>
</head>
<body>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">


<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form"><br>


      </form>

     <?php
         if ( $b != "" )
             echo $b;
     ?>
</body>
</html>

Open in new window

0
 
TrevorParnhamntlAuthor Commented:
You're missing the point as your code still isn't working. Can you answer my earlier questions re testing and the system you are on?
How can you say the eval is incorrect when it is working in the standalone php file I posted earlier? The problem has something to do with putting the two files together and whether the php comes before the html or visa versa is not the issue. What it is, I don't know, which is why I asked the experts the question.
0
 
Beverley PortlockCommented:
The code posted works here. I can fill in all the input values and it works - or appears to. It certainly does not generate any error codes of any kind, particularly a 403.

If I try running your code here in two files as you have them then if I fill in all values and press ENTER then I get an answer.

I don't know what's wrong with your set up but it is not the PHP at fault - not as you have posted here at any rate.

0
 
TrevorParnhamntlAuthor Commented:
Which is what I suggested earlier. I'm asking for expert help to establish what may be the problem. Can you point me in the direction of anyone who is likely to know?
0
 
Dave BaldwinFixer of ProblemsCommented:
Ok, this version gives the correct answer for $b without any errors.  Save this and try it.  Let us know if there are error messages and if there are, what they are.
<?php
ini_set('display_errors','1');
error_reporting(E_ALL);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="calc.css" />

</head>
<body>
<div align=center><h1><b>Wrington Online World </b></h1></div>
<ul id="list-nav">
<li><a href="#">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Services</a></li>
<li><a href="#">Products</a></li>
<li><a href="#">Prices</a></li>
<li><a href="#">Contact</a></li>
</ul>

<HR size="3" color="6495ed">

<h2><b>Volume calculator</b></h2>
      <FORM method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            Weight(kgs):<input name="weight" type="text" >
              Length(cms):<input name="length" type="text" >
               Width(cms):<input name="width" type="text" >
             Depth;(cms)<input name="depth" type="text" >

<input type="submit" name="submit" value="Submit Form">            
</form>

<?php
if(isset($_POST['submit']))
{
$weight=$_POST['weight'];    
$length = $_POST['length'] ;
$width = $_POST['width'] ;
$depth = $_POST['depth'] ;
$a= '('.$length.'*'.$width.'*'.$depth.')/5000';
$c = ($length * $width * $depth)/5000;
eval("\$b = $a;");
echo "the answer is $b and $a and $c .";  
   
}
?>

</body>
</html>

Open in new window

0
 
TrevorParnhamntlAuthor Commented:
It is exactly the same. HTTP 403 error in IE but the error log in Apache is
 "[Thu Mar 03 21:45:56 2011] [client 127.0.0.1] (20024)The given path is misformatted or contained invalid characters: Cannot map POST /calculator/%3C?php%20echo%20$_SERVER['PHP_SELF'];%20?> HTTP/1.1 to file, referer: http://localhost/calculator/newcalculator.html"

From what I have been reading, I suspect this is something to do with $_SERVER superglobal, but I don't know where to start with that.
0
 
Dave BaldwinFixer of ProblemsCommented:
It should have been saved as 'newcalculator.php', not 'html.  If you're saving it as 'html', then that variable does not get processed by PHP when the file is loaded and you will get an error.  I should have noticed that from your original question but I missed it.
0
 
Ray PaseurCommented:
If you want a script to post "to itself" then do not put any action attribute in the form tag.  You can see the code in this snippet on my server.  Hopefully that will clear some of this up.  The script is at:
http://www.laprbass.com/RAY_temp_trevor.php
<?php // RAY_temp_trevor.php
ini_set('display_errors', TRUE);
error_reporting(E_ALL);


// DEMONSTRATE HOW TO COMPUTE THE VOLUME OF A BLOCK


// INITIALIZE SOME VARIABLES
$l = $w = $d = NULL;
$l = (!empty($_POST["l"])) ? $_POST["l"] : $l;
$w = (!empty($_POST["w"])) ? $_POST["w"] : $w;
$d = (!empty($_POST["d"])) ? $_POST["d"] : $d;

// IF THERE IS POST DATA
if (!empty($_POST))
{
    // COMPUTE AND REPORT
    $v = $_POST["l"] * $_POST["w"] * $_POST["d"];
    echo "THE ANSWER IS $v CUBIC UNITS";
}

// CREATE THE FORM USING HEREDOC FORMAT TO PRESERVE THE PREVIOUS INPUTS
$form = <<<ENDFORM
<form method="post">
Length:<input name="l" type="text" value="$l" /><br/>
 Width:<input name="w" type="text" value="$w" /><br/>
 Depth:<input name="d" type="text" value="$d" /><br/>
<input type="submit" value="COMPUTE VOLUME">
</form>
ENDFORM;

echo $form;

Open in new window

0
 
TrevorParnhamntlAuthor Commented:
Bingo. That has done the trick. Sorry, I hadn't noticed that I'd saved it as html. I must have been on autopilot.
Many thanks for your help and perseverence. I will be pleased to award you the 500 points

One thing I need to point out for the benefit of others is the syntax of the eval function. As I wrote it"eval("\$b = $a;");" is absolutely correct and does return the result of the calculation. The syntax suggested by bportlock "eval("\$b=\$a;");" would just return the original formula.
0
 
Ray PaseurCommented:
You do not need eval() at all, and when I see eval() in code it is always a large red flag.

What you DO need, in all scripts you are developing are these two lines, right at the top.

ini_set('display_errors', TRUE);
error_reporting(E_ALL);

Best of luck with your project, ~Ray
0
 
TrevorParnhamntlAuthor Commented:
My comment was aimed at DaveBaldwin. The later comment by Ray had not appeared when I wrote that.
Ray, the only point I would make is that this is a violation of the HTML code and whereas it may work in your browser it may not in others. I also think there is a security risk involved which is exactly why register globals was turned off.
0
 
TrevorParnhamntlAuthor Commented:
It's very pleasing to see someone who actually investigates a problem rather than trotting out old possible solutions
0
 
Dave BaldwinFixer of ProblemsCommented:
Cool, thanks for the points.
0
 
Ray PaseurCommented:
Uhh, what are you talking about?  A "violation of the HTML code" is not, as far as I know, a term of art.  Could you please explain that one for me?  

And I don't think anybody mentioned register globals in this thread at all.  You can search a web page to look for things like that.  I'm pretty sure it's not in play here.
0
 
Abrasax7Commented:
I couldnt stop lol'ing at this thread ;3
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 9
  • 5
  • 4
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now