Form textarea not parsing variables typed in


#1

I have a form parsing variables to another page, but it’s not working as expected. The textarea in the form is not parsing variables typed in directly. Take a look at the code and help me figure this out. Thanks.
Form:

[code]<!doctype html>

Enter Names

Names:

1:

2:

3:


Message: Hello . $name ..
This is just a test.
Thanks . $name . for taking the test.


[/code]

PHP Code:
[php]<?php
if(isset($_POST[‘submit’])){
$name1=$_POST[‘name1’];
$name2=$_POST[‘name2’];
$name3=$_POST[‘name3’];
$message = $_POST[‘message’];

$recipients = array(
“$name1”,
“$name2”,
“$name3”,
);

foreach ($recipients as $name) {
//echo $name . “

”;

echo $message . "<p>";

}

echo “

CLICK HERE TO GO BACK”;
}
?>
[/php]

The output should display the variable $name typed in the textarea, but it does not. However, when I type in the message in the code directly it works. It never works as a form post from the textarea.
Please help.
Thanks.


#2

When you see this, $name1, it shows something are going badly. You should never have to name variables like that, that is what an array is for.

[php][/php]

I would imagine what the message prints is exactly,

“Hello . $name …
This is just a test.

Thanks . $name . for taking the test.”

If you are trying to replace the $name in the message with one of the variables passed in, use string replace


#3

Hi,
My kind opinion:
If you just need that output to have a border drawn around then just do it in CSS.
(Because the textarea is similar to text input - its content is grabbed by $_POST upon clicking ,submit,.You still can ,echo, the stuff you need into it.)

As Astonicipher pointed out - it indeed displays the message within that textarea because it was in fact hardcoded by yourself.

See the attached - it was done by echoing the $_POST in to fieldset (not sure if it is ok to use this tag for such purpose but it looks ok).


phphelp.png


#4

Thanks for your kind response. My major issue is that if the message in $post for the message from the textarea always appears as is. The $name variable never picks the names from the $post for name fields, even after parsing it into an array, If I remove the textarea field in the form and code the message into the php code directly everything works. There must be something I’m doing terribly wrong. Please help a beginner. If I can see some modified code to use in fixing this I will be very grateful.
Thanks.


#5

My reply stated what to do…


#6

Thanks for the insight you gave. I’m still splitting hairs over this. I’ve changed much of the form to use arrays now and it still submits fine. Thanks for that; I didn’t know this before now. However, when you look at the edited code now it works fine when I code the message direct and comment out the textarea in the form and its corresponding code in the php side. Like so:

Form:

[code]<!doctype html>

Enter Names

Names:

1:

2:

3:



[/code]

And the php side so:
PHP Code:
[php]<?php
if(isset($_POST[‘submit’])){
//$name1=$_POST[‘name1’];
//$name2=$_POST[‘name2’];
$names=$_POST[‘name’];

/$recipients = array(
“$name1”,
“$name2”,
“$name3”,
);
/

foreach ($names as $name) {
//echo $name . “

”;
$message = “Hello $name.
This is just a test.

Thanks $name for taking the test.”;

echo $message . "<p>";

}

echo “

CLICK HERE TO GO BACK”;
}
?>
[/php]

Everything works fine and the variables display the names entered in the form. Please help me make this work when I enter the message from the form textarea instead of hardcoding the message.
Thanks again.


#7

All the data from the form are strings, no matter what the strings look like, so, the $name variable in the message isn’t php code, it’s just the characters $, n, a, m, and e, inside the string.

While you can cause a string to be executed as php code, this is extremely dangerous, since any php code that gets put into the string will be executed on the server. Using this on a live/public server will allow a hacker to take over your web site.

The safe way of doing this to treat the message string as a ‘template’ with ‘tags’ in it that will get replaced by the value. Use a tag syntax that won’t normally exist as text, such as {tag_name}. Your example message will become - Hello {name}.
This is just a test.
Thanks {name} for taking the test.

Once you do this, you can use str_replace() to replace the tag with the actual value.