Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 11 of 11
  1. #1
    Regular Coder
    Join Date
    Nov 2011
    Location
    Preston, UK
    Posts
    131
    Thanks
    36
    Thanked 0 Times in 0 Posts

    Change $_REQUEST to $_POST problem

    On advice, I am changing all my $_REQUEST to $_POST.

    My form is:
    Code:
    <form action="register-exec.php" target="new" method="POST">
    My register-exec.php (receiving script) is:
    Code:
    <?php
    	//Start session
    	session_start();
    	
    	//Include database connection details
    	require_once('config.php');
    
    $from = $_REQUEST['email'];
    
    $action = $_REQUEST['action'];
    When I change it to:
    Code:
    <?php
    	//Start session
    	session_start();
    	
    	//Include database connection details
    	require_once('config.php');
    
    $from = $_POST['email'];
    
    $action = $_POST['action'];
    nothing gets through. I just get a blank screen.

    If I set a trap:
    Code:
    echo $email; exit;
    I get a blank screen.
    Code:
    echo "Hello World"; exit;
    I get Hello World echoed.

    Can anybody think of what I am doing wrong ???

    I have checked other scripts that I have changed and can't find any difference.

    Thanks
    The MAN, The MYTH, The LEGEND:
    John C
    ________________________________
    Support your local Country Music Club

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,980
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    $email isn't declared as anything, so that provides no surprise that it produces no output.
    Enable your error reporting:
    PHP Code:
    ini_set('display_errors'1);
    error_reporting(E_ALL); 
    You can check the $_POST using var_dump($_POST); to see what's in it. If its empty, it's not receiving post, which indicates that it is receiving a $_GET instead. Did you modify the form action there as well, or was that always post?

    Also, this hasn't a thing to do with Mysql. Moving to PHP forum.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #3
    Regular Coder
    Join Date
    Nov 2011
    Location
    Preston, UK
    Posts
    131
    Thanks
    36
    Thanked 0 Times in 0 Posts
    Hi Fou-Lu..

    Many thanks, once again.
    Firstly, let me apologise for posting in the wrong forum. I do get confused when the php objective is to populate the mysql database.

    Secondly, sorry I misled you with $email. That was actually declared lower down the list (I only showed part of the list to save space.

    However, I have obviously confused myself because this is not the problem.

    The script is a double opt-in email catcher.
    i.e. the subscriber fills in the form and the script sends out an email to the subscriber to verify the correct email address. The subscriber then clicks on a link in the email which then adds the data to the database.

    The problem is NOT sending out the email, it is AFTER the subscriber clicks on the link. This is the link that is sent out to the subscriber:
    PHP Code:
    //////// SEND SUBSCRIBE VALIDATION EMAIL

        
    $mail_body "Please DO NOT reply to this email. It is an unattended mailbox.\n\nTo validate your email address, please click the following link:\n\nhttp://countrymusic.org.uk/calendar/register-exec.php?email=$from&emailcount=$emailcount&act=$active&action=subscribe&fname=$fname&surname=$surname&country=$country&year=$year&m=$hashed";

        
    mail($from"Validation Email"$mail_body"From: noreply@countrymusic.org.uk\n"); 
    This is the email that the subscriber receives:
    Please DO NOT reply to this email. It is an unattended mailbox.

    To validate your email address, please click the following link:

    countrymusic.org.uk/calendar/register-exec.php?email=jc1@in-uk.co.uk&emailcount=1&act=1&action=subscribe&fname=John&surname=Craven&country=UK&year=2013&m=7d2263 650cde3c8a1f5744414de3a748
    NB. I have removed the http\\ from the front of the link. I insisted on making it a link with it there.

    I notice in here that there is no indication of method=POST.

    This script worked perfectly well using $_REQUEST

    Now that I have sorted my brain, can you help ???

    Thanks
    The MAN, The MYTH, The LEGEND:
    John C
    ________________________________
    Support your local Country Music Club

  • #4
    New Coder
    Join Date
    Dec 2012
    Location
    USA
    Posts
    82
    Thanks
    3
    Thanked 17 Times in 17 Posts
    I notice in here that there is no indication of method=POST.

    This script worked perfectly well using $_REQUEST
    You have solved your own problem...

    The $_REQUEST array includes $_GET, $_POST, and $_COOKIE

    You are utilizing $_POST for the form submission and $_GET for the link.

    To get the information held in the URL query string, you need to use $_GET, not $_POST

    IE:
    PHP Code:
    // Link: http://countrymusic.org.uk/calendar/register-exec.php?email=jc1@in-uk.co.uk&emailcount=1&act=1&action=subscribe&fname=John&surname=Craven&country=UK&year=2013&m=7d2263 650cde3c8a1f5744414de3a748
    $email $_GET['email']; // jc1@in-uk.co.uk 

  • Users who have thanked TFlan for this post:

    countrydj (02-05-2013)

  • #5
    Regular Coder
    Join Date
    Nov 2011
    Location
    Preston, UK
    Posts
    131
    Thanks
    36
    Thanked 0 Times in 0 Posts
    Hi TFlan ...
    Thank you so much for your help.

    That worked fine.

    I must admit, I don't really know when to use POST and when to use GET.
    Is there a rule of thumb ???

    How do you know that I am using GET for the string.
    Is this always the case ???

    Thanks again...
    The MAN, The MYTH, The LEGEND:
    John C
    ________________________________
    Support your local Country Music Club

  • #6
    Master Coder felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, Australia
    Posts
    6,479
    Thanks
    0
    Thanked 635 Times in 625 Posts
    Quote Originally Posted by countrydj View Post
    I must admit, I don't really know when to use POST and when to use GET.
    Is there a rule of thumb ???.
    When the data is passed in a querystring (that is after a ? as part of a web address) then you read it using $_GET.

    If the data is being passed from a form that has method="POST" then you read it using $_POST.

    Note that in both cases you should validate the content received looks reasonable before moving it to another field for subsequent processing by your code - preferably validation but at least sanitize the data before moving it. That way you keep the tainted fields separated from the untainted ones.
    Stephen
    Learn Modern JavaScript - http://javascriptexample.net/
    Helping others to solve their computer problem at http://www.felgall.com/

    Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

  • Users who have thanked felgall for this post:

    countrydj (02-05-2013)

  • #7
    Regular Coder
    Join Date
    Nov 2011
    Location
    Preston, UK
    Posts
    131
    Thanks
    36
    Thanked 0 Times in 0 Posts
    Hi felgall ...

    Thanks very much for your explanation. This makes it a lot clearer.

    I changed all my POSTs and GETs some years ago when I read that REQUEST was the best.
    Recently I have read that REQUEST shouldn't be used so I am changing it all back. Slowly.

    Thanks again.
    The MAN, The MYTH, The LEGEND:
    John C
    ________________________________
    Support your local Country Music Club

  • #8
    Master Coder felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, Australia
    Posts
    6,479
    Thanks
    0
    Thanked 635 Times in 625 Posts
    Quote Originally Posted by countrydj View Post
    Recently I have read that REQUEST shouldn't be used so I am changing it all back.
    One reason $_REQUEST shouldn't be used is that using it means that you have no control over whether the information is passed in $_POST, $_GET or $_COOKIE as it consolidates all three. In most cases you only want the info to come from one of those three places and so not looking for it in the other two places makes your code more secure.

    I have never seen anywhere recommending using REQUEST - even 10 years ago all the references I saw were recommending against using it.
    Stephen
    Learn Modern JavaScript - http://javascriptexample.net/
    Helping others to solve their computer problem at http://www.felgall.com/

    Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

  • Users who have thanked felgall for this post:

    countrydj (02-05-2013)

  • #9
    Regular Coder
    Join Date
    Nov 2011
    Location
    Preston, UK
    Posts
    131
    Thanks
    36
    Thanked 0 Times in 0 Posts
    Hi felgall ...

    Thanks for your explanation.
    I have never seen anywhere recommending using REQUEST - even 10 years ago all the references I saw were recommending against using it.
    Maybe I am wrong (it has been known) - QUITE OFTEN ACTUALLY !!!

    I just seem to remember seeing it somewhere ????????

    Can you tell me when to use POST and when to use GET PLEASE ???

    Thank you very much.
    The MAN, The MYTH, The LEGEND:
    John C
    ________________________________
    Support your local Country Music Club

  • #10
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,980
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    $_POST when your request is post, $_GET when you're request is get.
    In HTML world, $_POST when your form has an action="post", $_GET when its passed through a querystring.

    $_REQUEST is another one of those "brainchild" things that zend did, like register_globals and magic_quotes. Newer versions of PHP can control these variables (at perdir level) in PHP 5.3+. The ultimate fallback is still to variables_order which is by default EGPCS, or ENV, GET, POST, COOKIE, and finally SERVER. This is clearly a big problem as now you cannot tell which method provided what AND it's overridden in the order from left to right.
    At the very minimum $_REQUEST should be manually overwritten as a merge of $_POST and $_GET, where $_POST overrides $_GET. My suggestion is to never use it.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • Users who have thanked Fou-Lu for this post:

    countrydj (02-05-2013)

  • #11
    Regular Coder
    Join Date
    Nov 2011
    Location
    Preston, UK
    Posts
    131
    Thanks
    36
    Thanked 0 Times in 0 Posts
    Many thanks Fou-Lu for your explanation.

    Hopefully I will 'get there' eventually.

    THANK YOU
    The MAN, The MYTH, The LEGEND:
    John C
    ________________________________
    Support your local Country Music Club


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •