Re: Do I need to worry about check boxes?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On May 25, 2016, at 10:15 AM, Jason Pruim wrote:

Hey Everyone,

I have a form that I'm working on, and I'm adding some check boxes to it, the check boxes display properly, and work as expected except... When I submit the form, it shows that it's in $_POST['chkCom'] for instance, but
if i try and do a simple:

$chkCom = $_POST['chkCom'];

so I can work on some validation it won't work... Nothing is ever assigned
to it... Even though

<?PHP var_dump($_POST['chkCom']); ?>

shows the proper value... All I'm looking at doing is running like
HTMLentities on the check box and verifying if it was checked...

I guess the biggest question comes down to do I need to worry about
sanitizing checkbox input? On this form it's just getting emailed into
another web based system that I'm not in control of (Online helpdesk
system).

Is chkCom the name of a checkbox set? Or, is it of a single checkbox
in a set? If it is a single checkbox in a set then the set name will have the selected value. Other wise, from my experience with my own stumblings
you have a syntax error or a variable miss spelling somewhere.

Forms can be forged: Values can be altered. Checkboxes can be altered.
Yes, I would sanitize everything comming from a form.

JK


Any info you can give would be greatly appreciated!

For anyone interested here are some basic snippets of code:

<?PHP

if (!empty($_POST['chkCom'])) {

                       $chkCom = $_POST['chkCom'];

                       echo "chkCom assigned";

               }else{

                     $chkCom = "Not assigned";

               }

?>


<ul>

<li>Hardware</li>

       <ul>

<li><input type="checkbox" name="chkCom" value="Mac" checked />
Mac Based</li>

               <li><input type="checkbox" name="chkiPad" value="iPad"
checked> iPad</li>

               <li><input type="checkbox" name="chkMonitor"
value="Monitor"> External Monitor</li>

               <li>Wireless Mouse</li>

               <li>iPhone 6</li>

               <li>Verizon Wireless MIFI</li>

               <li>Color Multifunction laser printer</li>

       </ul>

<li>Software</li>

       <ul>

           <li>Microsoft Office</li>

               <li>Dropbox</li>

               <li>Antivirus</li>

       </ul>
</ul>
<?PHP

$emailFrom = <<<EMAIL

       -f ${manager}

EMAIL;

       $headers = "X-Mailer: php/" . phpversion();


       $message ="Employee Name: " .$name. "\r\n";

       $message .= "Department: " .$position. "\r\n";

       $message .= "Manager: " .$manager. "\r\n";

$message .= "Where will they be working: " .$whereWorking. "\r \n";

       $message .= "When will they start: " . $startDate. "\r\n";

       $message .= $startDateErrorMessage;

$message .= "Will they be in the office for training on their first
day? " .$training . "\r\n";

       $message .= "Computer: " .$chkCom . "\r\n";

       $message .= "iPad: " . $_POST['chkiPad'] . "\r\n";

       $message .= "Shipping Address: " .$shippingAdd. "\r\n";

       $message .= "Shipping City:  " .$shippingCity. "\r\n";

       $message .= "Shipping State: " .$shippingState. "\r\n";

       $message .= "Shipping Zip: " .$shippingZip. "\r\n";

       $message .= "Current Phone Number: " .$currentPhone . "\r\n";

       $message .= "Notes: " .$notes . "\r\n";

       $message .= $step;

       $message .= $transerFrom;



       mail($email, $subject, $message, $headers, $emailFrom);


?>


Actual email output that I'm getting:

Employee Name: Jason
Department: LES
Manager: My Email
Where will they be working: FromHome
When will they start: 6/31/16
Will they be in the office for training on their first day? No
Computer:
iPad: iPad
Shipping Address: Address
Shipping City:  City
Shipping State: State
Shipping Zip: Zip
Current Phone Number: Phone
Notes: NOTE NOTES NOTE
<ul>
<li>Hardware</li>
       <ul>
<li><input type="checkbox" name="chkCom" value="Mac" checked
/> Mac Based</li>
               <li><input type="checkbox" name="chkiPad" value="iPad"
checked> iPad</li>
               <li><input type="checkbox" name="chkMonitor"
value="Monitor"> External Monitor</li>
               <li>Wireless Mouse</li>
               <li>iPhone 6</li>
               <li>Verizon Wireless MIFI</li>
               <li>Color Multifunction laser printer</li>
       </ul>
<li>Software</li>
       <ul>
            <li>Microsoft Office</li>
               <li>Dropbox</li>
               <li>Antivirus</li>
       </ul>
<li>Permissions</li>
       <ul>
            <li>Add to Appropriate sales list based on region</li>
<li>Add CRM access with "Sales" as the primary group</ li>
               <li>Add to ERM on salesman dashboard</li>
               <li>Setup MyContrax Credentials</li>
       </ul>
<li>Create User record in Active directory on domain controller</li>
<li>Create email account</li>
</ul>



I did a lot of copy/paste so I may have missed a few things with it... all the HTML is served in HEREDOC's inside the PHP files, I've broken those up into the name form, validation, positions, style, etc and include them all at the top. Other than this 1 issue with the check box it works perfectly!

Thanks Everyone!


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux