I have a text input search form for support tickets. If the user inputs a ticket id (checked using a PHP if statement), the background color of the search box is changed to yellow (using a PHP echo) to highlight the search text entered. This part works.
I would like to also change the source value of an iframe as part of the PHP if condition like this:
<td align="left">
<input type="text" name="ticket" id="ticket" placeholder="Ticket" value="<?php echo $this->state->ticket;?>" class="input-mini search-query" onchange="document.adminForm.submit();"
<?php if ($this->state->ticket != "")
{
echo 'style="background-color: yellow;"';
echo '<script language="javascript">';
echo 'document.getElementById("ticketIframe").contentWindow.document.location.href="http://myurl.com"';
echo '</script>';
}?>/>
</td>
The javascript function (document.getElementById...) displays on the page rather than executing. I tried a simple javascript alert, but got the same result.
Suggestions?
Need to close the input tag before you insert script tag. You simply are generating invalid html that looks like:
<input <script></script> />
You get unexpected results when html is invalid
Related
I'm using CakePHP 2.3.8 and I'm trying to create a form with dynamically added inputs from this tutorial but I'm having some issues. The adding and removing of inputs works just fine, but when I submit the form I get a black hole error message. Upon inspecting the inputs, it doesn't appear as if the key value isn't properly set and causing some issues with the id's of the inputs.
For example, with this code in an element
//Elements/users.ctp
$key = isset($key) ? $key : '<%= key %>';
<tr>
<td><?php echo $this->Form->input("Role.{$key}.user_id", array('options' => $users, 'label' => false)); ?></td>
<td class="actions">
Remove User
</td>
</tr>
this is the select that is generated
<select name="data[Role][0][user_id]" id="Role<%=Key%>UserId">
Edit
The value of $key is being set correctly on /Elements/users.ctp. I can create a row and echo the output of $key, and a number for the row appears correctly. As you can see above, the name of the element is set correctly, but the id is still being set strangely.
The name of the select element is being set properly, but not the id.
What is causing the select id to be Role<%=Key%>UserId rather than Role0UserId?
The Problem:
If you observe the generated select tag you posted in question, it shows
<%=Key%>
The variable expected by underscore library utilized by the tutorial you are using is
<%= key %>
CakePHP form input is replacing the html characters and space of that underscore variable, hence its not detectable by underscore library.
The Solution:
In order to fix the issue, you must use plain html code for the template part. Your grades.ctp must be as shown below (partial code for understanding)
<?php if (isset($key)) : ?>
<tr>
<td>
<?php echo $this->Form->input("Grade.{$key}.id") ?>
<?php echo $this->Form->input("Grade.{$key}.subject", array('label' => false)); ?>
</td>
</tr>
...rest of the code
<?php else: ?>
<tr>
<td>
<input type="hidden" id="Grade<%= key %>Id" name="data[Grade][<%= key %>][id]">
<div class="input text required">
<input type="text" required="required" id="Grade<%= key %>Subject" maxlength="200" name="data[Grade][<%= key %>][subject]">
</div>
</td>
...rest of the code
</tr>
<?php endif; ?>
i need some help .
this is a code for my php application installation page. while installing php application member can write license key in this .
<td><input type=\"text\" name=\"licensekey\" value=\"" . licensekey . "\" style=\"width:300px\"></td>
but i want that when some write key in above code so the key will be used in below code where i written( the license key here ) . means i want to show blank so members can write key in below code ( the license key here ) . the above code show the blank but i m not able to add it in below code. .
$spbas->license_key=' the license key here ';
sorry for my very bad english .
and thanks in advance.
If I understand correctly, you want to display "license key here" in the textbox initially, and then let the user type their key in.
To do that, you can use the following, no PHP is required.
<input type="text" placeholder="license key here" />
If, however, you want to display a textbox containing some key that's been generated in PHP, its better to do it like so:
<?php
//some code...
$license_key = "xxx";
?>
<input type="text" placeholder="license key here" value="<?php echo $license_key; ?>" />
<?php
//some more code...
?>
It's not great to echo out HTML with PHP. Although that works, it makes it VERY easy to make mistakes with quotes and such, so try and avoid it unless it becomes absolutely necessary. I hope this helps! :)
Please try this:
echo "
<td><input type=\"text\" name=\"licensekey\" value=\"" . $spbas->license_key . "\" style=\"width:300px\"></td>";
I am not sure if i understand you right, but you want to save the license key which your customer enters in the input field in the $spbas->license_key attribute?
Then you only need to create a <form action="PHPSCRIPTHERE" method="POST"> tag around the input field with your php script as target -> action attribute. In your PHP script you can access the license key your user entered over $_POST['licensekey']. Then you can assign this to the $license_key attribute of your object.
I have a form which i am using to update adds on my site, I am filling input value with existing adds but there is a problem in form it is showing adds images instead of text value.
I need to update adds link by replacing the link value in input field.
Input field has value as
<input name="addtop" type="text" value="<a href="http://www.xxyy.com/4g...." target="_blank" <img src="http://www.xxyy.com/h4...."/></a>" />
when i try to load page it shows image in input field instead of text as:
<a href="http://www.xxyy.com/4g...." target="_blank" <img src="http://www.xxyy.com/h4...."/> ></a>`
Please see how can I make input to show links in value instead of images.
You should use htmlspecialchars for whatever sets the value= of those <input type="text"> boxes.
It will take image tags and HTML and render them as HTML entities that will safely be place in that text box.
Then when you want to process the contents of that for, just use html_entity_decode to decode the HTML entities.
UPDATE: Your first attempt to fix this—shown in the comments—is this:
<input name="addtop" type="text" value="htmlspecialchars(<?php echo $addtop?>)" />
That is just incorrect. htmlspecialchars is a PHP function. So you need to put it in the <?php … ?> area. It should be:
<input name="addtop" type="text" value="<?php echo htmlspecialchars($addtop)?>" />
I have this query in php code:
$sql="SELECT vName,id FROM employee WHERE vName LIKE '%$my_data%' ORDER BY vName";
I have echoed the vName.
echo $row['vName']."\n";
The above values appear in a autocomplete textbox.
In the same aboce echo statement I want to pass 'id' as hiden value. is it possible? I wan to retrieve it in another page.How do I do this?
$sql="SELECT vName,id FROM employee WHERE vName LIKE '%$my_data%' ORDER BY vName";
$hid='<input type="hidden" name="xyz" id="abc" value="'.$row['id'].'" />';
echo($hid);
echo $row['vName']."\n";
I hope you get the idea.
Echo it out to a hidden input field,
<input type="hidden" name="hidden_id" id="my_hidden_id" value="<?php echo $row['id'];?>"/>
This way you can pass it with a form if you are submitting one or simply add an id to it and get the value to pass to the next page.
I would first make a variable of $row['id'] and when you're still in your form but outside the textbox do this:
<?php echo "<input type='hidden' name='id' value='".$yourvariable."'/>";?>
If it must be completely hidden i recommend using php-sessions.
I guess you want to do that if you want to retrieve the id in other page , you better do this :
<?php echo $row['vname'] ?>
I have a simple form with a submit button (below). I am trying to let the user type in the text box then when he/she clicks submit the page will refresh and echo out what they typed in a div. The data the user types is stored in a database before being echoed. The problem is that when I click submit, the input doesnt show immediatly. I have to click refresh for it to show and when I do my browser gives me a popup (safari) asking to resend the data. This will result in duplicate data inserted in the DB. I have a feeling I need to use javascript and I could also make it more elegant with a fadeIn, but I dont know how to do that. I guess I'm asking if there's a way to use javascript to take a user's text and insert it into a mysql DB and also display it after submit is clicked all on 1 or 0 (prefereably) refreshes. thanks
Here's my code:
<form method='POST' action='index.php'>
<input type='text' name='text' id='text'>
<input type ='submit' value='submit' name='submit'>
</form>
<?php
$input=$_POST['text'];
$put=mysql_query("INSERT INTO table VALUES ('$input')");
echo "<div id='area'>";
//i connect to the DB and echo out the data here
echo "</div>";
?>
I would put the php statements before you're actual html code and would modify you're code like this
<?php
if (isset($_POST['text']))
{
$input = mysql_real_escape_string($_POST['text']);
$put=mysql_query("INSERT INTO table VALUES ('$input')"); //At this point the info has been put inside the DB
echo "<div id='area'>";
//i connect to the DB and echo out the data here
echo mysql_query("SELECT * FROM table");
echo "</div>";
}
?>
<form method='POST' action='index.php'>
<input type='text' name='text' id='text'>
<input type ='submit' value='submit' name='submit'>
</form>
The reason why you don't see it is that the HTML is loaded before you php I think. So I would do a php page where all the sql treatement would be done and once that is done recal you index.php and in there query you're information from the database.
Setting aside SQL injection attacks your code is vulnerable with, the standard practice is to respond to the POST with a redirect back to where the form was. In your case, it will be the page which runs SELECT from table.
No need to use AJAX here. Just make sure that you do one of the following:
Make sure you SELECT from the DB after you have INSERTed the data.
Better, is that if ($_SERVER['REQUEST_METHOD'] == 'POST'), then rather than performing an extra SQL query, just display the POSTed value since you already know it.
A side note on your code sample. If you don't have magic_quotes enabled, it's susceptible to SQL injection, so make sure you properly escape user input before using it in queries.