posting variables with $PHP_SELF is not working on some servers

sampledformat

Hey,

I'm having some problems with posting variables onto the same page. The code i have (below) works on some servers but not others. Could someone help out, I can't seem to get it to work and stuck.

Here is the code, it's not the fuill page but i think it should have enough info to figure out what's wrong with it.

Thanks

<?php
{
// connect to host and select my database
$town = mysql_connect("localhost", "bubblers", "reggae")
or die ("Could not connect");
mysql_select_db ("bubblers")
or die ("Could not select database");

      if($createEntry) {


		echo "<form method=\"post\" action=\"$PHP_SELF\">\n";
		echo"\t\t<p align=\"center\"><b>ADD NEWS ITEM</b><p>\n";
		echo"\t\t<table width=\"500\" border=\"0\" align=\"center\">\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">Date <i>(YYYY-MM-DD)</i>\n";
		echo"\t\t<td width=\"350\" align=\"right\"><input type=\"text\" name=\"date\" maxlength=\"10\" size=\"28\"></td></tr>\n";				
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">Title\n";
		echo"\t\t<td width=\"350\" align=\"right\"><input type=\"text\" name=\"title\" maxlength=\"50\"  size=\"50\" ></td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">content\n";
		echo"\t\t<td width=\"350\" align=\"right\"><textarea rows=\"15\" cols=\"40\" name=\"content\"></textarea></td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">author\n";
		echo"\t\t<td width=\"350\" align=\"right\"><input type=\"text\" name=\"author\" maxlength=\"20\" size=\"28\"></td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td colspan=\"2\" align=\"center\">\n";
		echo "<input type=\"Submit\" name=\"submitCreate\" value=\"Create news item\"></td></tr>\n";
		echo "</table></form>\n";


	} else if ($submitCreate) {
		// print submitted author
		echo "<p align=\"center\">";
		while (list($name, $value) = each($HTTP_POST_VARS)) {
			echo "$name = $value<br>\n";
		}
		echo "</p>";

		$slash_title = addslashes($title);
		$slash_content = addslashes($content);
		$slash_author = addslashes($author);

TheDefender

It's because on some servers register globals is off and on some it's on. With Register Globals on, you can access the variable as $PHP_SELF, but if Register Globals is off, you have to access it as $_SERVER['PHP_SELF'].

The same holds true for the GET and POST superglobal arrays. I recommend you pull open the manual and look at predefined variables to learn more about the best practices to use when accessing variables.

terfle

Did you check your php.ini file and make sure register_globals = On. Or you chould change your code from $PHP_SELF to $_SERVER['PHP_SELF']

laserlight

Use $_SERVER['PHP_SELF'], and read both this forum's FAQ and the PHP Manual concerning register_globals

sampledformat

I tried using that instead but i got this error???:

Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/httpd/vhosts/bubblershifi.co.uk/httpdocs/news_admin.php on line 22

laserlight

within such a string, use {$_SERVER['PHP_SELF']}

sampledformat

Thanks laserlight. I tried using that string as well and got the same problem of the page refreshing without anything happening. I checked the code and there is nothing wrong in terms of syntax. I'm a little baffled now. I had a read through the manual and i'm not too sure about what to do. Here is the full code in case anyone has the time to have a look. It would be greatly appreciated.

      if($createEntry) {


		echo"<form method=\"post\" action=\"{$_SERVER['PHP_SELF']}\">\n";
		echo"\t\t<p align=\"center\"><b>ADD NEWS ITEM</b><p>\n";
		echo"\t\t<table width=\"500\" border=\"0\" align=\"center\">\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">Date <i>(YYYY-MM-DD)</i>\n";
		echo"\t\t<td width=\"350\" align=\"right\"><input type=\"text\" name=\"date\" maxlength=\"10\" size=\"28\"></td></tr>\n";				
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">Title\n";
		echo"\t\t<td width=\"350\" align=\"right\"><input type=\"text\" name=\"title\" maxlength=\"50\"  size=\"50\" ></td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">content\n";
		echo"\t\t<td width=\"350\" align=\"right\"><textarea rows=\"15\" cols=\"40\" name=\"content\"></textarea></td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">author\n";
		echo"\t\t<td width=\"350\" align=\"right\"><input type=\"text\" name=\"author\" maxlength=\"20\" size=\"28\"></td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td colspan=\"2\" align=\"center\">\n";
		echo "<input type=\"Submit\" name=\"submitCreate\" value=\"Create news item\"></td></tr>\n";
		echo "</table></form>\n";


	} else if ($submitCreate) {
		// print submitted author
		echo "<p align=\"center\">";
		while (list($name, $value) = each($HTTP_POST_VARS)) {
			echo "$name = $value<br>\n";
		}
		echo "</p>";

		$slash_title = addslashes($title);
		$slash_content = addslashes($content);
		$slash_author = addslashes($author);


		// create query
		$query = "INSERT INTO news (news_date,title,content,author) VALUES ('$date','$slash_title','$slash_content','$slash_author')";

		//$query = stripslashes ($query);
		echo "<p>queryString = $query</p>\n";

		// process form
		$result = mysql_query("$query")
			or die ("Invalid query");

		echo "<p align=\"center\"><b>Thank you! news item <i>$title</i> has been created.</b>\n";

	} else if($editEntry) {

		// create query
		$query = "select * from news where news_id=$id";

		// process form

		$result = mysql_query("$query")
			or die ("Invalid query");

		$numOfRows = mysql_num_rows ($result)
			or die ("The query: '$query' did not return data");

		$row = mysql_fetch_assoc($result);

		echo "<form method=\"post\" action=\"{$_SERVER['PHP_SELF']}\">\n";
		echo"\t\t<p align=\"center\"><b>EDIT NEWS ITEM</b><p>\n";
		echo"\t\t<table width=\"500\" border=\"0\" align=\"center\">\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">Date <i>(YYYY-MM-DD)</i>\n";
		echo"\t\t<td width=\"350\" align=\"right\"><input type=\"text\" name=\"date\" maxlength=\"10\" size=\"28\"  value=\"$row[news_date]\"></td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">title\n";
		echo"\t\t<td width=\"350\" align=\"right\"><input type=\"text\" name=\"title\" value=\"$row[title]\" maxlength=\"50\"  ></td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">content\n";
		echo"\t\t<td width=\"350\" align=\"right\"><textarea rows=\"15\" cols=\"40\" name=\"content\">$row[content]</textarea></td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td width=\"150\">author\n";
		echo"\t\t<td width=\"350\" align=\"right\"><input type=\"text\" name=\"author\" value=\"$row[author]\" maxlength=\"20\" size=\"20\"></td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td colspan=\"2\" align=\"center\">\n";
		echo "<input type=\"Submit\" name=\"submitDelete\" value=\"Delete news\">\n";
		echo "<input type=\"Submit\" name=\"submitEdit\" value=\"Update news\"></td></tr>\n";
		echo "<input type=\"hidden\" name=\"id\" value=\"$row[news_id]\">\n";
		echo "</table></form>\n";





	} else if ($submitEdit) {

		// print submitted author
		echo "<p align=\"center\">";
		while (list($name, $value) = each($HTTP_POST_VARS)) {
			echo "$name = $value<br>\n";
		}
		echo "</p>";

		$slash_title = addslashes($title);
		$slash_content = addslashes($content);
		$slash_author = addslashes($author);

		// create query
		$query = "UPDATE news SET content = '$slash_content', news_date = '$date', title = '$slash_title', author = '$slash_author' WHERE news_id=$id";

		// process form
		$result = mysql_query("$query")
			or die ("Invalid query");

		echo "<p align=\"center\"><b>Thank you! news item <i>$title</i> has been updated.</b>\n";


	} else if ($submitDelete) {

		// print submitted author
		echo "<p align=\"center\">";
		while (list($name, $value) = each($HTTP_POST_VARS)) {
			echo "$name = $value<br>\n";
		}
		echo "</p>";

		// create query
		$query = "DELETE FROM news WHERE news_id = $id";



		// process form
		$result = mysql_query("$query")
			or die ("Invalid query");

		echo "<p align=\"center\"><b>Thank you! news item <i>$title</i> has been deleted.</b>\n";

	} else { // this is first screen

		// create query
		$query = "select * from news order by news_date desc";

		// process form
		$result = mysql_query("$query")
			or die ("Invalid query");

		$numOfRows = mysql_num_rows ($result)
			or die ("The query: '$query' did not return data");

		echo "<p align=\"center\"><b>NEWS ADMIN</b>\n";

		echo "<form method=\"post\" action=\"{$_SERVER['PHP_SELF']}\">\n";	
		echo"\t\t<table width=\"500\" border=\"0\" align=\"center\">\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td align=\"center\">Add a news item to the database</td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n"; 
		echo"\t\t<td align=\"center\">\n";
		echo "\t<input type=\"Submit\" name=\"createEntry\" value=\"Add news item\"></td></tr>\n";
		echo"\t\t</td></tr></table>\n";

		echo"\t\t<p><p>\n";
		echo"\t\t<table width=\"500\" border=\"0\" align=\"center\">\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td align=\"center\">Choose a news item to edit</td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n"; 
		echo"\t\t<td align=\"center\">\n";
		echo "\t<select name=\"id\">\n";

		while($row = mysql_fetch_assoc($result)) {
			echo "\t\t<option value =\"$row[news_id]\">$row[news_date], $row[title]";
			echo "\n";
		}

		echo"\t\t</td></tr>\n";
		echo"\t\t<tr valign=\"top\" bgcolor=\"f0f0f0\">\n";
		echo"\t\t<td align=\"center\">\n";
		echo "\t<input type=\"Submit\" name=\"editEntry\" value=\"Edit news item\"></td></tr></table>\n";
		echo "</form>";
	}
	echo "<p align=\"center\">---------------------------------------------------------\n";
	echo "<form method=\"post\" action=\"{$_SERVER['PHP_SELF']}\">\n";
	echo "\t<input type=\"hidden\" name=\"password\" value=\"$password\">\n";
	echo "\t<input type=\"Submit\" name=\"goBaseAdmin\" value=\"back to news admin home\">\n";
	echo "<br>---------------------------------------------------------\n";
	echo "</form>";

}
?>

rehfeld

sampledformat-

people in this thread told you what and where to read about register globals. once you actully spend a few minutes doing that, the answer will be obvious.

sampledformat

Yeah i did have read through what i was told and to be honest i am still a little in the dark. I dont have access to the php.ini file because i'm on a shared server and i have been scratching my head as to why i cant get this page to work. Thanks anyways, i'll keep on trying.

TheDefender

You have no php.ini access, and your register globals is off, so you have to call ALL form submitted variables from the superglobal $_POST array.

So, instead of:

if($createEntry) {

You need to do something more like this:

if($_POST['createEntry']) {

That link I provided to the page discussing predefined variables explains how to access variables in the $_POST superglobal array. It also discusses register globals.