On a site it offers the option of changing your last name, to confirm this it sends a confirmation link to your email.
My question is, how do i figure out how the request is made (if it's POST or GET)? I monitored with live http headers, tamper data, fiddler and burp suite but all have shown there is 0 traffic. When i check my email, i have received the confirmation link.
Here is the html source code of the change lastname button:
<form>
<div class="m-lastname-updated">
<div class="m-h3">One more step</div><p>We have sent you a confirmation email. To change your last name click the sent link in your email!</p>
</div><div class="m-field m-lastname"><div class="m-h3">Last Name</div>
<span class="m-error"></span>
<input type="text" maxlength="100" class="m-input" name="lastname">
<p>Your last name is never shared</p></div><button style="display: inline-block;">Change</button>
</form>
Thanks to anyone who can help me understand how this request is made.
The url this is available on is in this example, http://example.com/profile/.
When a form is submitted, the request is done by default with method="GET" if the method is not specified as method="POST".
To see this, form example, if you use PHP script lastname.php as action:
<?php
echo "<pre>
\$_GET:";
print_r($_GET);
echo "</pre>";
echo "<pre>
\$_POST:";
print_r($_POST);
echo "</pre>";
?>
<form>
<div class="m-lastname-updated">
<div class="m-h3">One more step</div><p>We have sent you a confirmation email.
To change your last name click the sent link in your email!</p>
</div><div class="m-field m-lastname"><div class="m-h3">Last Name</div>
<span class="m-error"></span>
<input type="text" maxlength="100" class="m-input" name="lastname">
<p>Your last name is never shared</p></div><button style="display: inline- block;">Change</button>
</form>
You will see something like this:
$_GET:Array
(
[lastname] => mygod
)
$_POST:Array
(
)
$_GET is filled while $_POST contains no elements.
Related
I have a form with id theForm which has the following div with a submit button inside:
<div id="placeOrder"
style="text-align: right; width: 100%; background-color: white;">
<button type="submit"
class='input_submit'
style="margin-right: 15px;"
onClick="placeOrder()">Place Order
</button>
</div>
When clicked, the function placeOrder() is called. The function changes the innerHTML of the above div to be "processing ..." (so the submit button is now gone).
The above code works, but now the problem is that I can't get the form to submit! I've tried putting this in the placeOrder() function:
document.theForm.submit();
But that doesn't work.
How can I get the form to submit?
Set the name attribute of your form to "theForm" and your code will work.
You can use...
document.getElementById('theForm').submit();
...but don't replace the innerHTML. You could hide the form and then insert a processing... span which will appear in its place.
var form = document.getElementById('theForm');
form.style.display = 'none';
var processing = document.createElement('span');
processing.appendChild(document.createTextNode('processing ...'));
form.parentNode.insertBefore(processing, form);
It works perfectly in my case.
document.getElementById("form1").submit();
Also, you can use it in a function as below:
function formSubmit()
{
document.getElementById("form1").submit();
}
document.forms["name of your form"].submit();
or
document.getElementById("form id").submit();
You can try any of this...this will definitely work...
I will leave the way I do to submit the form without using the name tag inside the form:
HTML
<button type="submit" onClick="placeOrder(this.form)">Place Order</button>
JavaScript
function placeOrder(form){
form.submit();
}
You can use the below code to submit the form using JavaScript:
document.getElementById('FormID').submit();
<html>
<body>
<p>Enter some text in the fields below, and then press the "Submit form" button to submit the form.</p>
<form id="myForm" action="/action_page.php">
First name: <input type="text" name="fname"><br>
Last name: <input type="text" name="lname"><br><br>
<input type="button" onclick="myFunction()" value="Submit form">
</form>
<script>
function myFunction() {
document.getElementById("myForm").submit();
}
</script>
</body>
</html>
HTML
<!-- change id attribute to name -->
<form method="post" action="yourUrl" name="theForm">
<button onclick="placeOrder()">Place Order</button>
</form>
JavaScript
function placeOrder () {
document.theForm.submit()
}
If your form does not have any id, but it has a class name like theForm, you can use the below statement to submit it:
document.getElementsByClassName("theForm")[0].submit();
I have came up with an easy resolve using a simple form hidden on my website with the same information the users logged in with. Example: If you want a user to be logged in on this form, you can add something like this to the follow form below.
<input type="checkbox" name="autologin" id="autologin" />
As far I know I am the first to hide a form and submit it via clicking a link. There is the link submitting a hidden form with the information. It is not 100% safe if you don't like auto login methods on your website with passwords sitting on a hidden form password text area...
Okay, so here is the work. Let’s say $siteid is the account and $sitepw is password.
First make the form in your PHP script. If you don’t like HTML in it, use minimal data and then echo in the value in a hidden form. I just use a PHP value and echo in anywhere I want pref next to the form button as you can't see it.
PHP form to print
$hidden_forum = '
<form id="alt_forum_login" action="./forum/ucp.php?mode=login" method="post" style="display:none;">
<input type="text" name="username" id="username" value="'.strtolower($siteid).'" title="Username" />
<input type="password" name="password" id="password" value="'.$sitepw.'" title="Password" />
</form>';
PHP and link to submit form
<?php print $hidden_forum; ?>
<pre>Forum</pre>
I have a problem with $_POST. I am adding data to my mysql database with this code and it is working.;
if (isset($_POST["d_kayit"])){
$denetci=$dbpdo->prepare("INSERT INTO denetciler(name,pass) VALUES(:name, :pass)");
$denetci->bindParam(":name",$_POST["denad"],PDO::PARAM_STR);
$denetci->bindParam(":pass",$_POST["sif"],PDO::PARAM_STR);
$denetci->execute();
}
But in the same form i want to use $_POST["denad"] for another insert. It is giving me "Notice: Undefined index: denad in" error. Sample code that giving error is;
if (isset($_POST["add"]))
{
echo "Person: ".$_POST["denad"];
}
Can you help me please?
If this:
if (isset($_POST["add"]))
{
echo "Person: ".$_POST["denad"];
}
is yielding notice: Undefined index: denad then you probably don't have inputs "add" and "denad" on the same form. Or it is an unchecked checkbox.
Edit based on the code of your HTML form. You'll need something like this, you can't end your form with </form> like you did until you included all needed input fields:
<form action="" method="post">
<!-- content here -->
<input name="denad" id="denad" type="text" style="margin-top:2px; width:200px; height:30px;"></input>
<input type="submit" class="get_file" id="K_ekle" name="add" onclick="test()" value="Kişiye Ekle" style="float:left;"></input>
<!-- more content here -->
</form>
I've been stuck on this and pulling my hair out.
I have an "Item Gallery" custom post type with a "Create Custom Item" button that will pass reference data to a PHP multi-page form. The form page is used to create a different custom post type (Custom-Item post). I am thinking I only need to pass hidden data of unique post-id and that this would be enough to retrieve "reference post-id", "reference post thumbnail", "reference url link".
REFERENCE POST PAGE (Item-Gallery Custom Post Type) I'm using WPViews content template for displaying this content.
Some fields that are displayed about item
->Submit Button "Create Custom Item" (Passes Post-ID, etc to Form Page)
<form action="../post-new" method="post">
<input type="hidden" name="assocPostid" value="[wpv-post-id]">
<input type="hidden" name="assocPosturl" value="[wpv-post-url]">
<input type="hidden" name="assocPostimage" value="[wpv-post-featured-image]">
<input type="submit" value="Create Custom Item">
</form>
FORM PAGE (Custom-Item Custom Post Type)
My Question: What code would I need here to display reference post info?
-Displays Reference Post Thumbnail
-Displays Reference ID (this will be saved to new CPT post)
-Displays Reference URL Link
My Custom Form Inputs...
->Submit Button (Submits form data and reference data to new custom post type)
I have tried many failed attempts including the ones below to retrieve Reference POST data. Do I need to add some type of function for this process?
// Retrieve the hidden form variable.
$myvar = $_POST[wpv-post-id];
echo "myvar: ".$myvar;
//-------More attempts
<li>
echo __($_POST['assocPostimage']);
</li>
<li>
echo __($_POST['assocPostid']);
</li>
<li>
echo __($_POST['assocPosturl']);
</li>
//----other attempts
<li>
<?php _e('$POST','assoc-postid'); ?>
</li>
<li>
<?php echo __('Associated Item'); ?>
</li>
<li>
<p><input type="hidden" size="50" class="do_input_new full_wdth_me" name="assoc-postid" placeholder="<?php _e('You have not added an item. You must do this first.') ?>" value="<?php echo (empty($_POST['assoc-postid']) ?
($post->assoc-postid == "Auto Draft" ? "" : $post->assoc-postid) : $_POST['assoc-postid']); ?>" /></p>
</li>
<li>
Reference Item ID: <?php echo __($_POST ['assocPostid']); ?>
</li>
On reference post, I am thinking I only need to pass hidden data of unique post id and that this would be enough to later retrieve "reference post-id", "reference post thumbnail", "reference url link" for when individual custom-item post is displayed. I am using WP Views as a content template for individual reference post pages.
I have what should be a relatively simple form in Rails that I'm using to send an email for two different previews, a desktop preview and a mobile preview.
<form id="email-form" role="form" action="<%= action_name == 'desktop_preview' ? email_preview_newsletter_path(#newsletter) : email_preview_newsletter_path(#newsletter, mobile: 'true') %>">
<label for="email_address">Email</label>
<input type="email" id="email_address" name="email_address" value="<%= params[:email_address] %>" placeholder="PLEASE ENTER EMAIL">
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
<input type="submit" value="Send" class="btn btn-primary"></input>
</form>
Right now I have it setup so that both previews get sent to the same endpoint, '/email_preview', but in the case of the mobile_preview I want to pass in a 'mobile' query string so that it ends up looking like this:
'/email_preview?mobile=true'
When I inspect the form on the page everything looks in order, however when it gets passed to the controller the 'mobile' part of the query string disappears and only the 'email_address' exists.
I suppose I could pass in the mobile value as a hidden field, but something about that just doesn't feel right to me. What is the best way to setup this form so that both the 'mobile' and 'email_address' key value pairs are passed as query strings when sent to the controller?
In the process of writing out this question I realized exactly what the problem was:
I had the form setup as a GET request as opposed to a POST request.
This was causing any pre-established query strings to get erased in the process of setting up the GET params being defined in the form (in this case, the 'email_address' param). Changing the form from GET to POST, (i.e. form method="POST")
Took care of this issue. Please note that if you are going to manually setup a form like this in rails then you also need to explicitly take care of the csrf token. This can be done by inserting the following input with the helper method into your form:
input type="hidden" name="authenticity_token" value="<%=form_authenticity_token%>"
when I submit one page to another, the sites shows the information!
Someone told me to use post to avoid it. however, when I use post method it doesn't work.
<form action="\look\at", method="post">
Select your new car's color.
<br>
<input type="radio" name="radios1" value="red">red
<input type="radio" name="radios1" value="green">green
<input type="radio" name="radios1" value="blue">blue
<br>
<br>
<input type="submit"/>
</form>
When I submit I can not see \look\at page. but I delete method="post" It works well.
How I use post method?
Check your routes (in config/routes.rb).
Probably you will have a line
get '/look/at', to: 'look#at'
replace get by post and it will accept a post.
Since you are not using the rails form helper or view mechanism (erb/haml) (please start using them, why write plain html????), you have to skip the authenticity token check (please note that this check is there for a reason: it is a protection against cross-site request forgery).
Just add the following line at the top of your controller:
skip_before_filter :verify_authenticity_token