Debugging $_POST

Client Joined: Oct 07, 2003 Posts: 735 Location: Ohio

Why would echo "<pre>".print_r($_POST)."</pre>";

Return

1

array()

For instance:

Code:

function editQuestion($cid) {


global $AllowableHTML, $db;


$cid = $_GET['cid'];





OpenTable();    


$result = $db->sql_query("SELECT * FROM comment_queue WHERE cid = '$cid'"); 


while ($row = $db->sql_fetchrow($result)) {


   $title = stripslashes(check_html($row['title'], 'nohtml'));


   $comment_text = stripslashes(check_html($row['comment_text'], 'nohtml'));


   }      


       


    echo "<b>Title:</b><br />"


        ."<input type=\"text\" name=\"title\" size=\"50\" maxlength=\"80\" value=\"$title\" /><br />"   


       . "<b>Text:</b>You can use HTML to format your question.<br />"


        ."<textarea cols=\"50\" rows=\"15\" style=\"background:#EFEFEF\" name=\"comment_text\">$comment_text</textarea><br />";   


    echo "<p>If you included any URLs or html, be sure to double check them for typos.</p>"


        ."<p>Allowed HTML:<br />"


        ."</p>"


      ."<p>";


    while (list($key,) = each($AllowableHTML)) echo ' &lt;'.$key.'&gt;';


    echo "</p>";   


   //echo"<select name=\"op\">"


//      ."<option value=\"saveQuestion\">Save</option>"


//        ."<option value=\"deleteQuestion\">Delete</option>"


//        ."<option value=\"previewQuestion\" selected=\"selected\">Preview</option>"


//        ."<option value=\"postReply\">Reply</option>"


//        ."</select>"


//        ."<input type=\"submit\" value=\"OK\" />";      


      echo"<br>";


      echo"<a href=\"index.php?op=deleteQuestion&cid=$cid\">Delete</a>";


      echo"<br>";


      echo"<a href=\"index.php?op=previewQuestion&cid=$cid\">Preview</a>";


      echo"<br>";


      echo"<a href=\"index.php?op=saveQuestion&cid=$cid\">Save</a>";


      echo"<br>";                        


       echo "</form>";


    CloseTable();    


}

And

Code:

function saveQuestion($cid, $title, $comment_text) {


global $db;





echo "<pre>".print_r($_POST)."</pre>";


}

returns

1

array()

My editQuestion function does have a form method of post and an action but I leave it out of the thread because NukeSentinal chokes on it and will not let me post it .

Posted: Fri Sep 14, 2007 12:42 pm

Because $_POST is an array.

I was almost going to leave the answer like that. Look at $_POST as a container that has contents within it. Each of those contents has a name and values associated with it. If you try to print or echo any array you are just going to get array. You need to do a foreach or use some other method provided by PHP to access the names and values of the array elements.

Posted: Fri Sep 14, 2007 12:56 pm

So extract($_POST) would not help me because the _POST array is empty.

No variables would be written.

I need a

Code:

foreach ($_POST as $value) {


echo"$value";


}

or something.

Posted: Fri Sep 14, 2007 1:45 pm

Or you could do something like this:

foreach($_POST as $key => $value) {
$a = $key;
kaching!

a = htmlentities($value);
// echo $a . ' ' . kaching!

a . '<br />';
}

Where your form fields will create variables with the name of the form field and the value will be whatever is filled in on the form field. You can put the echo in to see it the first time. When you post a form the receiving program (the one named in the action attribute) gets $_POST variables with the names of the fields on the form. So if you have an input element with the name of cid, then you will have a $_POST['cid'] available to you. Text fields are automatically posted. Checkboxes are not, they are only posted where they are checked. So you will want to do an isset($_POST['checkbox1'] test to avoid a warning message with those types of fields.

The htmlentities above is optional, it's from a program where I don't want any html in the input. There are many other filters you can run, of course.

registered · Posted: Fri Sep 14, 2007 2:48 pm

Donovan, regarding why it prints out 1, please read this:

http://us2.php.net/manual/en/function.print-r.php

You are trying to print out the return value of print_r(). That isn't totally what you want. You need to either do this:

Code:




echo '<pre>';


print_r($_POST);


echo '</pre>';

Or do this:

Code:




echo '<pre>' . print_r($_POST, true) . '</pre>';

In particular note the following from the manual:

Quote:

If you would like to capture the output of print_r(), use the return parameter. If this parameter is set to TRUE, print_r() will return its output, instead of printing it (which it does by default).

Posted: Fri Sep 14, 2007 2:50 pm

As to why the array is empty, your form must not be posting anything.

Posted: Fri Sep 14, 2007 3:04 pm

You don't need the foreach; if $_POST is a non-empty array, print_r will produce output describing the structure of the array in a human readable form. I print_r($_POST) all the time to debug.

You might want to do a foreach however, if your $_POST array contains HTML. Then you might want to run htmlentities on the elements with a foreach. Or you could use array_map or something.

Posted: Mon Sep 17, 2007 8:46 am

Gremmie wrote:

As to why the array is empty, your form must not be posting anything.

Which is the main problem. When I editQuestion I pull the data from the db to veiw, same when I previewQuestion. When I want to saveQuestion I want it to pull it from the _POST array on the form and update the database.

No variables are present in my saveQuestion function. I have open and closing post tags in editQuestion but these fields are not in the _POST array and sent to my saveQuestion function.

The two fields in my editQuestion function are:

Code:

echo "<b>Title:</b><br />"


        ."<input type=\"text\" name=\"title\" size=\"50\" maxlength=\"80\" value=\"$title\" /><br />"   


       . "<b>Text:</b>You can use HTML to format your question.<br />"


        ."<textarea cols=\"50\" rows=\"15\" style=\"background:#EFEFEF\" name=\"comment_text\">$comment_text</textarea><br />";

Posted: Mon Sep 17, 2007 9:11 am

We would need to see the whole form tag, especially the action and method attributes.

Posted: Mon Sep 17, 2007 9:42 am

From my editQuestion function:

NukeSentinal will choke on this.

my form method is post and action is _SERVER['PHP_SELF']

Code:

function editQuestion($cid) {





      


    echo "<b>Title:</b><br />"


        ."<input type=\"text\" name=\"title\" size=\"50\" maxlength=\"80\" value=\"$title\" /><br />"   


       . "<b>Text:</b>You can use HTML to format your question.<br />"


        ."<textarea cols=\"50\" rows=\"15\" style=\"background:#EFEFEF\" name=\"comment_text\">$comment_text</textarea><br />";   


    echo "<p>If you included any URLs or html, be sure to double check them for typos.</p>"


        ."<p>Allowed HTML:<br />"


        ."</p>"


      ."<p>";


    while (list($key,) = each($AllowableHTML)) echo ' &lt;'.$key.'&gt;';


    echo "</p>";   


   //echo"<select name=\"op\">"


//      ."<option value=\"saveQuestion\">Save</option>"


//        ."<option value=\"deleteQuestion\">Delete</option>"


//        ."<option value=\"previewQuestion\" selected=\"selected\">Preview</option>"


//        ."<option value=\"postReply\">Reply</option>"


//        ."</select>"


//        ."<input type=\"submit\" value=\"OK\" />";      


      echo"<br>";


      echo"<a href=\"index.php?op=deleteQuestion&cid=$cid\">Delete</a>";


      echo"<br>";


      echo"<a href=\"index.php?op=previewQuestion&cid=$cid\">Preview</a>";


      echo"<br>";


      echo"<a href=\"index.php?op=saveQuestion&cid=$cid\">Save</a>";


      echo"<br>";   


      echo"<a href=\"index.php?op=postReply&cid=$cid\">Reply</a>";


      echo"<br>";                           


       echo "</form>";


    CloseTable();    


}

Posted: Mon Sep 17, 2007 9:46 am

It is really hard to help you when we can't see all of the code. Maybe you could put it in a text file and post a link here.

And don't take this the wrong way but you may want to get a good book on PHP and read up on form processing. There are also some good tutorials for PHP form processing on the internet. Try googling PHP Form Processing.

Posted: Mon Sep 17, 2007 11:26 am

Looking at what you've posted (no pun intended) on your edit question, you have hrefs that are being set up as links to another page. Where you have the select element named op, the option values there would be posts but they are commented out. Where you do a href, those are not form elements and would not be posted. Only form elements get posted. You can find a list of form elements in any reference book or on many sites on the web. An a href is not one of them.

Posted: Mon Sep 17, 2007 11:34 am

The issue I am having is methods I used while coding my first Nuke module do not work in a standalone "Non-Nuke" environment with registered globals off.

It's as if learning PHP in a PHPNuke environment has led to believe many false asssumtions.

The reason why they are commented out is because they do not work.

Why something like this:

Code:

echo"<select name=\"op\">"


      ."<option value=\"saveQuestion\">Save</option>"


        ."<option value=\"deleteQuestion\">Delete</option>"


        ."<option value=\"previewQuestion\" selected=\"selected\">Preview</option>"


        ."<option value=\"postReply\">Reply</option>"


        ."</select>"


        ."<input type=\"submit\" value=\"OK\" />";

... would work in Nuke and not in plain PHP is something I will have to figure out.

Here is my page.

http://www.donovanfamily.us/index.txt

Posted: Mon Sep 17, 2007 11:51 am

In Nuke, because mainfile does an import request variables, the value of $op is automatically available to the program that processes the form. In non-Nuke you have to explicitly "extract" the variable from the $_POST array. As we are working on Ravennuke we are trying to act as if import request variables does not exist wherever possible. In other words we are explicitly getting the variables from the $_POST array and filtering them right at the start of the processing program. This is the safest way and the "best" way. I think it is fair to say that we'd love to be able to turn import request variables off in Nuke but doing so would break a lot of programs that depend on it.

If you use that foreach($_POST ... ) statement we've discussed in this thread previously you will see all the form elements that are posted to your action program When you are writing the form in the first place, make your self a list of all elements that you expect to have posted. If they aren't in that $_POST array, then look again at the form because you've fouled something up. Also, if you run the form itself thru the w3c validator or one of the many other validation tools that exist, it will point out any syntax errors (including bad nesting of elements) that can cause your form to fail.

Posted: Mon Sep 17, 2007 12:02 pm

fkelly wrote:

In Nuke, because mainfile does an import request variables, the value of $op is automatically available to the program that processes the form. In non-Nuke you have to explicitly "extract" the variable from the $_POST array. As we are working on Ravennuke we are trying to act as if import request variables does not exist wherever possible. In other words we are explicitly getting the variables from the $_POST array and filtering them right at the start of the processing program. This is the safest way and the "best" way. I think it is fair to say that we'd love to be able to turn import request variables off in Nuke but doing so would break a lot of programs that depend on it.

If you use that foreach($_POST ... ) statement we've discussed in this thread previously you will see all the form elements that are posted to your action program When you are writing the form in the first place, make your self a list of all elements that you expect to have posted. If they aren't in that $_POST array, then look again at the form because you've fouled something up. Also, if you run the form itself thru the w3c validator or one of the many other validation tools that exist, it will point out any syntax errors (including bad nesting of elements) that can cause your form to fail.

Thanks I will look into this.

Unfortunatly I'm behind a firewall on campus on a secure server.

Posted: Mon Sep 17, 2007 2:15 pm

I don't know what the firewall has to do with this situation at all. You can still go to:

Only registered users can see links on this board! Get registered or login!

pick the validate by direct input, do a view source on your own page, copy and paste the source into the validator and read the results. If the results are cryptic, then you have more research to do but the validator gives you a lot of links for more information that you can look at.

registered · Posted: Mon Sep 17, 2007 5:59 pm

Donovan, I have looked at your text file of the code. You are still confusing POST vs. GET I think. If you look at your switch, right before it you are inspecting $_GET['op'] , however, within editQuestions() function, your form action is "POST". The two are not equivalent.

You need to be consistent in how you use the 'op' variable OR you will need to inspect post $_GET and $_POST to see if 'op' is set...

Posted: Fri Sep 21, 2007 8:18 am

Thanks everybody with your help. I am making progress with this. My first development in a non-Nuke program has been an eye opener.

Posted: Sat Sep 22, 2007 7:12 am