Asked  7 Months ago    Answers:  5   Viewed   32 times

How do I make a self-posting/self-submitting form, i.e. a form that submits the results to itself, instead of submitting to another form?

 Answers

24

The proper way would be to use $_SERVER["PHP_SELF"] (in conjunction with htmlspecialchars to avoid possible exploits). You can also just skip the action= part empty, which is not W3C valid, but currently works in most (all?) browsers - the default is to submit to self if it's empty.

Here is an example form that takes a name and email, and then displays the values you have entered upon submit:

<?php if (!empty($_POST)): ?>
    Welcome, <?php echo htmlspecialchars($_POST["name"]); ?>!<br>
    Your email is <?php echo htmlspecialchars($_POST["email"]); ?>.<br>
<?php else: ?>
    <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
        Name: <input type="text" name="name"><br>
        Email: <input type="text" name="email"><br>
        <input type="submit">
    </form>
<?php endif; ?>
Wednesday, March 31, 2021
 
Keat
answered 7 Months ago
100

You could use the MySQL INET_ATON() and INET_NTOA() functions. Keep in mind these are MySQL specific, but you can implement them using php as well.

These functions convert an IP address from dot notation in to an integer. You can then store them in a table with "start_ip" and "end_ip" columns. When you are querying to see if an IP is banned, you can use a query with BETWEEN.

SELECT * FROM bans WHERE INET_ATON("127.0.0.1") BETWEEN start_ip AND end_ip
Wednesday, March 31, 2021
 
pinaki
answered 7 Months ago
75

As the other answers already state, you are having a chicken/egg problem: the fact that the PHP is running means the .htaccess saw no reason to forbid it, and its work is done.

Denying access to a page in PHP, where you should be doing more complex authentication and authorization stuff, is trivial though:

if($myUser->shouldNotBeHere()) {
  header('HTTP/1.1 403 Forbidden');
  die('Access denied!');
}

This looks the same as an Apache-level deny to the browser.

Saturday, May 29, 2021
 
mgraph
answered 5 Months ago
74

you can send your form data to index.php itself and than send whatever data to your process function. the best way to implement this will be is to change your form to collect data as an array.

here myFormArray will store all the information about the form

<input id='firstname' type='text' name='myFormArray[firstname]' value='' required/>

<input id='lastname' type='text' name='myFormArray[lastname]' value='' required/>

this value can be accessed in your index.php when you submit the form

so in your index.php

 if(isset($_POST["submit"]){
    $formData = $_POST["myFormArray"]; // dont forget to sanitize any post data
   //than you can call your class function and pass this data
   $class = new class();
   $class->ProcessRegistrationFunction($formData);
 }

your ProcessRegistrationFunction($data) will now have all the data in an array form..

you can iterate over it and fet the individual values

Note: there are lot of syntax error in your class.. also there is better way to implement this class.. for one you should always avoid html code inside your classs..

Dins

Saturday, May 29, 2021
 
EnTee
answered 5 Months ago
73

If this code is running, you should be seeing a ton of debug output, even if it is working correctly. You don't actually say what the problem is, but you're doing a few things wrong that I can see. It would really help if you based your code on the examples provided and read the docs instead of just guessing.

$mail->SMTPSecure = 'TLS';

should be:

$mail->SMTPSecure = 'tls';

Don't call smtpConnect() yourself, you'll mess up the tracking of SMTP transaction state. If you want to set SSL params, set them the expected way and then just call send(), which will deal with the connection:

$mail->SMTPOptions = array(
    'ssl' => array(
        'verify_peer' => false,
        'verify_peer_name' => false,
        'allow_self_signed' => true
    )
);

The next question is why are you doing that? If you can't provide an explicit, specific reason for doing that, you're doing something wrong.

Saturday, May 29, 2021
 
waylaidwanderer
answered 5 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :