stackoom
  简体   繁体   中英

Help passing _POST Form Data PHP

 原文  2010-03-24 19:09:45       php/ html/ forms/ post

Question

I apologize in advance, I am a PHP noob!

I have form with some hidden fields. I need the values to POST to "submit_rma.php" so that they're not missing from the db--I need $qty, $estmate_id and $rma_type.

The rest of the fields are just displaying data for the user and are readonly. Currently I only get value from the qty text field.

Is there any easier way to pass these values? URL is out of the question due to security issues. 

<form method="post" action="submit_rma.php";> 
<table>
   <tr>
      <td>
         Quantity
      </td>
      <td>
         <input type="text" name="qty" value="<?php echo $qty ?>" size="1"/><br/>
      </td>
   </tr>
   <tr>
      <td>
          Part #
      </td>
      <td>
         <input type="text" name="" value="<?php echo $model ?>" size="8" READONLY/><br/>
      </td>
   </tr>
   <tr>
      <td>
         Description
      </td>
      <td>
         <input type="text" name="" value="<?php echo $name_EN ?>" size="50" READONLY/><br/>
      </td>
   </tr>
   <tr>
      <td>
         Paid Date
      </td>
      <td>
         <input type="text" name="" value="<?php echo $sold_date ?>" size="6" READONLY/><br/>
      </td>
   </tr>
   <tr>
      <td>
         Amount Each
      </td>
      <td>
         <input type="text" name="" value="<?php echo $dealer_price ?>" size="8" READONLY/>
      </td>
   </tr>
</table>
         <input type="hidden" name="estmate_id" value="<?php echo $estmate_id ?>">
         <input type="hidden" name="rma_type" value="Short Shipped">
         <input type="submit" name="submit";">
</form>

2 answers

solution1
 1 ACCPTED  2010-03-24 19:15:09

Maybe use a hidden <INPUT> : 

<input type="hidden" name="qty" value="<?= $qty ?>">

This won't show anything to the user. If you're unfamiliar, <?= x ?> is effectively equivalent to: <?php echo x; ?> <?php echo x; ?> .

However, this is a security problem, as an attacker could craft a fake request and put a different value into the field (sidestepping your page and doing the request directly). You should try and get the value some other way, such as through running the INSERT on page generation, then using an UPDATE on the POST, or something like that.

solution2
 0  2010-03-24 19:39:52

Am I pointing out the obvious to say that you forgot NAME attributes for all of the text boxes after "qty"? The values won't persist beyond this page if the names aren't there :-)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PHP form passing post data using AJAX Passing encrypted data by POST in the form in PHP Form Not Passing Post to php Form not passing POST data Uploadify not passing form data to php page via post PHP Session not passing multiple post form data through multiple pages php passing data form Form not passing data, PHP Form data not passing to PHP passing form data with post issue
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM