Make pre-populated PHP form submit on page load - javascript

I've got a working PHP form that I've built and it contains 5 fields which are pre-populated by a URL query string.
The query string URL is on a hyperlink on an HTML email asking the recipient to click here to make a booking. I've got their details already because I've sent them the email, hence why the form get pre-populated.
How can I get the form to instantly submit on page load and redirect to the thank you page?
Here's how my form looks at the moment:-
<form name="frm" id="frm" method="POST">
<input name="firstname" id="firstname" type="text" value="<?php echo ((isset($_GET["firstname"]))?htmlspecialchars($_GET["firstname"]):""); ?>" />
<input name="lastname" id="lastname" type="text" value="<?php echo ((isset($_GET["lastname"]))?htmlspecialchars($_GET["lastname"]):""); ?>" />
<input name="email" id="email" type="text" value="<?php echo ((isset($_GET["email"]))?htmlspecialchars($_GET["email"]):""); ?>" />
<input name="company" id="company" type="text" value="<?php echo ((isset($_GET["company"]))?htmlspecialchars($_GET["company"]):""); ?>" />
<input name="contactid" id="contactid" type="text" value="<?php echo ((isset($_GET["contactid"]))?htmlspecialchars($_GET["contactid"]):""); ?>" />
<input type="submit" name="Submit" value="submit" />
</form>
And here's the JavaScript I've tried (but didn't work):-
window.onload = function() {
setInterval(function(){
document.getElementById("frm").Submit();
},5000);
}
Here's a pastebin of the whole page: http://pastie.org/private/lgpealjya8xrwqi78gropw
Thanks

Alright so basicaly you have been trying to get information through url, insert them in a form and then submit the form so you can send an email. This is all quite nice although you're just making things harder than they are.
You you need to do is wipe off the form (we don't need this really) and instead of processing all those $_POST information you wanted to get off the form, you gonna do that with the $_GET array you already got off the url, at the end of the day it's exactly the same since the informations you're inserting in the form are only the ones you're getting off the url.
So if you change this the following way, youe script will work just fine :
//Get the submitted data
$firstname = cleanText($_GET['firstname']);
$lastname = cleanText($_GET['lastname']);
$email = cleanText($_GET['email']);
$company = cleanText($_GET['company']);
$contactid = cleanText($_POST['contactid']);
So here is what's gonna happen : the user is going to clic on a link, your script is going to get the $_GET array, process it, send the email based on this array, and this send the user to the thankyou.php page. Note that you could get your script to be more efficient and save the user some time if you insert your script in the thankyou.php.
Last but not least I would like to point out to you that it's not very good practice to get an email sent on url submission... you could end up having a bot send massive amounts of emails through this url and get you email blacklisted. If I were you I'd either control the ip and make sure only 1 mail is sent every 10 minutes or whatever time suits your needs best, or i'd add a captcha to the page so the user would need to show he's a human being who actualy wants to waste some time sending email.

try using: document.getElementById('frm').submit(); instead of document.getElementById('frm1').submit();
and also make it execute once the page has been loaded:
window.onload=function(){
document.getElementById('frm').submit();
}

Related

Submit form and redirect not working

EDIT: I should mention the form submits fine manually but with the javascript nothing seems to happen
I'm trying to get a form to autosubmit on page load and then redirect the user. Reason for this is this is part of a PHP page and the data needs to go into my database but then also POST the variables to a 3rd party SMS platform then return to the users dashboard.
My form looks like this:
<html>
<form action="https://www.example.com" id="myForm" method ="POST">
<input type="hidden" name="apiKey" value="withheld">
<input type="hidden" name="message" value="<?php echo $club_name ?> have requested you to play for them this weekend. Please login to your account to see more information and accept.">
<input type="hidden" name="to" value="<?php echo $to ?>">
<input type="hidden" name="from" value="withheld">
<input type="submit" name="submit" id="submit" value="Submit">
</form>
</html>
This seems to work fine so I assume the Javascript is incorrect which is:
<script>
document.getElementById('myForm').submit();
window.location.replace("https://www.example.com");
</script>
You have to use a different name than
name="submit"
as all name attributes are set as properties on the form,
hence overriding the default "submit" property on the form,
and the default form method "submit()" is gone.
https://developer.mozilla.org/de/docs/Web/API/HTMLFormElement
"Named inputs are added to their owner form instance as properties, and can overwrite native properties if they share the same name (eg a form with an input named action will have its action property return that input instead of the form's action HTML attribute)."
In your code window.location.replace("https://www.example.com"); line won't make sense because submit() function will try to submit the form and will change the page and then replace function will prevent submitting the form and will redirect the page. The right way to do this via js can be, submit the form via ajax and in the success callback of Ajax run document.getElementById('myForm').submit()

block submitting forms that are not from a specific domain

I have an online game site, that submits users' records and displays them in site score board.
But, some users like to be #1 (!) and they create a form with my "action" and "method" forms that are for submitting.
Here is my form:
<form action="submit.php" method="post" id="form">
<input type="hidden" id="time" name="time">
<input type="hidden" id="name" name="name" value="<?php echo $_SESSION['name']; ?>">
</form>
And here is js that runs at the end of the game:
document.getElementById("time").value=finaltime;
document.getElementById("form").submit();
"submit.php" inserts $_POST['time'] and $_POST['name'] into mysql database.
So, How can I prevent users to submit their own created form?
In another meaning, how can I find the origin of the submitted form in "submit.php" ?
As far I as I am aware, there's no way to tell from which domain a record has been inserted into a database, unless the webpage passes that information when inserting. However, people aren't able to just insert into a database, if that's your concern. when they connect to the database they should require a username and password first (assuming you have that set-up). Here's how PHP connects to a database:
mysqli_connect("domain.com","username_here","password_here","database_here");
Even then, they still need to provide which table to insert the information into.

How do I prevent a pre-set INPUT value from being changed?

I have a form where some fields are completed by loading information from a database. These fields can vary from one account to another.
When the form is submitted any database information will be sent along with new information entered in the form.
However, the user is able to change (on screen) the information entered from the database, and although these changes are not submitted (my $Xvariables from the database override the POSTed $variables), I would like them to revert the on-screen data back to the database value.
Here is an example of what I have at the moment, but it does not work ...
<input type="text" name="firstname" size="25" tabindex="4" onchange="if($xfirstname<>'') this.value=$xfirstname" value="<?php echo $firstname;?>"/>
or better still, if there is a way, how can I make them unchangable if they have a value loaded from the database ?
Just place readonly="readonly" within the input <> tags or place disabled="disabled"
Example
<input type="text" name="firstname" size="25" tabindex="4" onchange="if($xfirstname<>'') this.value=$xfirstname" value="<?php echo $firstname;?>" readonly="readonly" />
Keep this:
<input type="text" name="firstname" size="25" tabindex="4"
value="<?php echo $firstname;?>"/>
Add this: Edit: Sorry did not see it has no ID on the input element use this:
<script>
if($('input[name="firstname"]').val().length > 0)
{
$('input[name="firstname"]').attr("disabled", true);
}
</script>
Result :http://jsfiddle.net/4wt9r/6/
But keep in mind anything on the client can be changed, your true filtering/authenticating must be done on the server.

How to increase a value of PHP Variable without page refresh on click event

The name attribute in input field need to be updated dynamically. The form is being submitted through ajax request and db gets new value, which need to be taken as count increment without page refresh(to save the motive ajax form submit), How can i increase the PHP count variable..
I cannot rule out below code coz on first page refresh or any page refresh event it should get the updated value form db,
Will jquery help out and how or some other better method are in your hand.
<?PHP
$sql=sql::readOne("SELECT col_name FROM table_name");
$sql=json_decode($sql->col_name,true);
$count= count($sql);
?>
HTML CODE PART
</form>
.....
<input class="form-control" name="col_name[<?php echo $count+1 ?>][username]" placeholder="User Name" type="text" id="username" value="" >
<input class="form-control" name="col_name[<?php echo $count+1 ?>][email]" placeholder="email" type="text" id="email" value="" >
.....
<button type="submit" id="editdata" class="btn btn-success">Edit and Update </button>
</form>
You should update your database immediately using ajax after php increments a variable, so that when your page reloads, it gets the incremented value in the database.

reload form on submit with latest post data

I have a form to post content into a database. The existing database content for the form is posted into the form as the value. enalbeing the form to show the existing database content.
On submit the database is updated and to view the newly updated content in the form the page must be reloaded.
I have produced a reload script in javascript to reload the page on submit. The page reloads but the php content doesn't update. The page still need to be reloaded manually for the new content to show up.
This is the code for my form.
<form method="POST" action="">
<input type="text" name="title" <?php echo "value=\"" .$row['title']."\">"?>
<textarea id="editor" name="content"><?php echo $row['content']; ?></textarea>
<input type="submit" name="save" value="Save" class="submit" onclick="reload();">
</form>
Javascript
function reload(){
document.location.reload(true);
}
I have also tried
window.location = window.location.href;
Both are relaoding the page but the php isn't being refreshed.
you should first update the db with submitted value before selecting the records to display in the form value.
use <?php $_SERVER['PHP_SELF'] ?> in form action.
mysql_query("UPDATE xyz SET title=$_request['title'],... WHERE id = 1") .
2.Then select query mysql_query("SELECT * from xxx where id =1").
These may solve your problem of reloading to get new values.
java script excecute only on the client side. php is Server side. you need to reload the PHP.
<form method="POST" action="<<NAME OF YOUR PHP>>.php">
<input type="text" name="title" <?php echo "value=\"" .$row['title']."\">"?>
<textarea id="editor" name="content"><?php echo $row['content']; ?></textarea>
<input type="submit" name="save" value="Save" class="submit" onclick="reload();">
</form>
Is there a reason it needs to be done with ajax? If you don't need ajax it's better to handle it with php. ajax is more work and doesn't have the same rate of success as submitting a form via php, sometimes weird things happen. You can just do a redirect after saving the form:
header("Location: /routeToYourPage&id=".$ID,TRUE,303);

Categories