Get data not pulling through

Question

This is my HTML form:

  <form action='buddy_update.php'>
  <input type='text' name='buddy1' required='' placeholder='Player ID / E-mail'>
  <input type='hidden' name='id' value=''%".$id."%''>
  <input type='submit' value='Request Buddy #1!'>
  </form>

This is my PHP on buddy_update

<?php
include 'credentials.php';
$id=$_GET['id'];
$buddy1=$_GET['buddy1'];

// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
}

$id=$_GET['id'];
$buddy1=$_GET['buddy1'];

$sql = "UPDATE buddy SET buddy1_id = '".$buddy1."' WHERE main_player = '".$id."'";

if (mysqli_query($conn, $sql)) {
echo $id;
    echo $buddy1;
} else {
    echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}

mysqli_close($conn);
?>

$buddy1 comes through absolutely fine but $id doesn't.

For what it's worth I have also changed the value='' to a plain text input on the HTML form and it still doesn't work. The output in the PHP form is still blank.

EDIT No idea why I've defined variables twice! Took the one out but still same problem

Check if you have any errors by enabling PHP errors: https://stackoverflow.com/a/21429652/881032 - also your code is very vulnerable. Check [this article](https://www.wordfence.com/learn/how-to-prevent-sql-injection-attacks/) for more information. — lumio, Aug 29 '17 at 18:08
If you open up dev tools, in your Network tab, when you submit the form, can you check that you are in fact sending the right data? Because now it looks like that input value is just empty `input value=''`. Also your code is very vulnerable to SQL Injection, very insecure. — Giedrius, Aug 29 '17 at 18:08
Yeah I'm aware it's next on my list of problems to solve! Cheers I'll look at the PHP errors now. I didn't get any in my error logs though come to think of it. — James V, Aug 29 '17 at 18:09
@JamesV - ok, if there are none in you log, then you should be fine. What output do you get when you use `var_dump($_GET);` — lumio, Aug 29 '17 at 18:11
array(2) { ["buddy1"]=> string(6) "sfswef" ["id"]=> string(0) "" } — James V, Aug 29 '17 at 18:14
Yeah it's all in a PHP file, all my site files are .PHP as pretty much every page relies on it at some stage — James V, Aug 29 '17 at 18:15
Can I ask who downvoted this? Would be nice to have an explanation — James V, Aug 29 '17 at 18:30
I'm quite new to PHP (literally learnt it just for this project) is there a reason I shouldn't be? — James V, Aug 29 '17 at 18:35
It's not a PHP thing; it's an HTTP thing. It would apply to any programming language running on a web server. As a general rule of thumb, GET is for *requests*, POST is for *updates*. People can bookmark GET URLs; search engines can crawl them. — TRiG, Aug 29 '17 at 19:22

Just_Do_It · Accepted Answer · 2017-08-29T18:32:05.407

2

There are few things to consider:

Your html form should be in .php file
Your form needs to have method='get', <form action='buddy_update.php' method='GET'>
<input type='hidden' name='id' value="<?php if(isset($_GET['id'])){echo $_GET['id'];}?>"> in case you are getting this GET variable`

edited Aug 29 '17 at 18:32

answered Aug 29 '17 at 18:17

Just_Do_It

765
6
18

Thanks for all your help. Still not working but it is obviously a problem somewhere I haven't put on here I guess. Weird thing is all my other forms that follow this exact structure work perfectly! :s – James V Aug 29 '17 at 18:21
@JamesV From where are you getting $id on the page where you have the html form? – Just_Do_It Aug 29 '17 at 18:33
I have just fixed it! And it was this problem, the whole statement is within an If and then else if type array. The variable needed to be defined in a different palce. Weird I didn't see an undefined variable error though? THanks for your help though I really appreciate it. – James V Aug 29 '17 at 18:34
Forms are `method="GET"` by default, you don't need to specify it if you're sending over GET-protocol. – Qirel Aug 29 '17 at 19:25

score 0 · Answer 2 · answered Aug 29 '17 at 18:10

0

Your code can't access the $id value. Why don't you try this

<input type='hidden' name='id' value='<?php echo $id ?>'>

assuming you define $id above this statement

answered Aug 29 '17 at 18:10

Erhan

124
8

Thanks I did try this but unfortunately still didn't work – James V Aug 29 '17 at 18:14
I assume you have some other problem. I copied your code and and it worked for me. Good Luck – Erhan Aug 29 '17 at 18:19

score 0 · Answer 3 · answered Aug 29 '17 at 20:50

0

You have to ensure that the input (hidden) always has a value. Else it will throw invalid index error. $id is not getting any value here:

answered Aug 29 '17 at 20:50

Lux Me

25
4

Mike · Answer 4 · 2017-08-29T18:21:34.513

-1

It seems you have defined form in php.Since $id states that variable is defined in php. so you can try to replace your code with some thing like below code

echo  "<form action='buddy_update.php'>
  <input type='text' name='buddy1' required='' placeholder='Player ID / E-mail'>
  <input type='hidden' name='id' value='".$id."'>
  <input type='submit' value='Request Buddy #1!'>
  </form>";

edited Aug 29 '17 at 18:21

answered Aug 29 '17 at 18:20

Mike

390
1
14

The code you provided is invalid (try it, you'll see what I mean). – AStopher Aug 29 '17 at 18:21

Get data not pulling through

4 Answers4