Hello I have created a small form for users that they can easily preview then submit the form so like 1st phase user fills the form and click on preview then on preview page thier submitted information will be shown up and at the bottom of the page they will have 2 option submit or edit the details

submit_form.php

<form name="myform" method="POST" action="preview.php">
<label>
<p>Name</p>
<p class="info"><input type="text" name="name" class="textfield1" placeholder="Full Name" readonly /></p>
</label>

<div class="clear"></div>

<label>
<p>Date</p>
<p class="info"><input type="text" name="date" class="textfield1" placeholder="Username" /></p>
</label>

<label>
<p>Comments</p>
<p class="info">
<textarea placeholder="Enter Your Comments and Feedback Please" name="comment"></textarea>
</p>
</label>

<div class="clear"></div>

<div class="input" style="text-align:center;">
<p>&nbsp;</p>             
<input type="submit" name="submit" value="Preview" class="btn1" />
<input type="reset" value="Reset" class="btn1" />
</div>
</form>

Here is the preview.php page

<form name="submit_report" method="POST" action="submit_query_rep.php">
<label>
<p>Name</p>
<p class="info"><?php echo $name = $_POST['name']; ?></p>
</label>

<div class="clear"></div>

<label>
<p>Date</p>
<p class="info"><?php echo $date = $_POST['date']; ?></p>
</label>

<div class="clear"></div>
<label>
<p>Comments</p>
<p class="info">
<?php echo $comments = $_POST['comment']; ?>
</p>
</label>

<div class="clear"></div>

<div class="input" style="text-align:center;">
<p>&nbsp;</p>             
<input type="submit" value="Submit" class="btn1" />
<a href="submit_rep.php" style="text-decoration:none;" class="btn1">Edit<a/>
</div>
</form>

First of all, what is the problem that you faced? As from what I see, you don't asking any question in the thread.

And, I found that you posting your 'Username' field as $_POST['date'] where is may confused the user.
On the other hand, the $_POST['name'] will be always empty as the field with label 'Full Name' is disabled for input.

I forgot to mention when I click on edit and it brings me to the submit page but the values how can i retrive them back from preview page to submit page

If you are asking for methods recommended for the 'Edit' to work, then from my approach will be using a lightbox to display the preview.php and then if user click on 'Edit', just simply close the lightbox. This method is posible if the user is allowing javascript on their browser.
For the non javascript method, I will probably modify the 'Edit' button to <a href="submit_rep.php?nm=<?php echo $_POST['name']; ?>" style="text-decoration:none;" class="btn1">Edit<a/> and use a $_GET['nm'] to get data back

<br /><font size='1'><table class='xdebug-error xe-notice' dir='ltr' border='1' cellspacing='0' cellpadding='1'><tr><th align='left' bgcolor='#f57900' colspan=
Notice: Undefined variable: val in C:\wamp\www\attendance\submit_rep.php on line 52 Call Stack #TimeMemoryFunctionLocation 10.0002242520{main}( )..\submit_rep.php:0 " />

found this error
how do i call back

show us the code for your submit_rep.php

<form name="myform" method="POST" action="preview.php">
<label>
<p>Name</p>
<p class="info"><input type="text" name="name" class="textfield1" placeholder="Full Name" readonly /></p>
</label>
<div class="clear"></div>
<label>
<p>Date</p>
<p class="info"><input type="text" name="date" class="textfield1" placeholder="Username" /></p>
</label>
<label>
<p>Comments</p>
<p class="info">
<textarea placeholder="Enter Your Comments and Feedback Please" name="comment"></textarea>
</p>
</label>
<div class="clear"></div>
<div class="input" style="text-align:center;">
<p>&nbsp;</p>             
<input type="submit" name="submit" value="Preview" class="btn1" />
<input type="reset" value="Reset" class="btn1" />
</div>
</form>

Another approach is to redirect back to your submit_form.php with the 'Edit' link
<a href="submit_form.php?cm=<?php echo $_POST['comment']; ?>" style="text-decoration:none;" class="btn1">Edit<a/>
and change your submit_form.php codes to something like <textarea placeholder="Enter Your Comments and Feedback Please" name="comment"><?php if(isset($_GET['cm'])){ echo $_GET['cm']; } ?></textarea>

commented: Vulnerable to XSS. +0

You are a genius bro like why I did'nt thought about this :)
Thank You once again

One last question if i use POST instead of get will it work cuz get method shows all info on the url

If your are worrying the user will modify the url, since the data is actually formed using the $_POST data to preview.php which is keyed-in by user themselves, what's the concern since the url data is only for display purpose only?

Yes you are right so can preview and to recheck theor submitted data and to confirm it

Member Avatar for diafol

Remember that all input is suspect, so whether it's GET or POST shouldn't matter too much - you must validate and sanitize all input. However, any data sent that ends up manipulating stored data should use POST (forget PUT for now!). GET is usually just used for retrieval of data (other than checking passwords!)

Your intermediate step - the 'preview' - shouldn't matter too much, as mentioned. It's the security at the handler end that has to be watertight. Never rely on anything passed by the user. Use session variables possibly to help with validation and security.

Perfect thank you

@diafol

Hello I used the get method and saw to my teacher and he refused he said this is not the correct way you should show a way that you can reduced do it will build a big link for you thought I was think is there a posiblity I can use these in session variables what whould you say ??

Thannk You

Member Avatar for diafol

The point I was making was more to do with security. Storing in session is an option.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.