Search code examples
phpformssubmit

Stop PHP from clearing a form

I have 2 questions:

  • How do you stop a PHP script from erasing the form fields when you do the submit? I've searched many posts here, most regarding JS which I'm not using. I've tried auto-complete="new-password" but that didn't appear to work. I would like the form data to remain after a submit so that if it needs to be updated the user doesn't need to re-enter everything. Here's a sample of what I mean:

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta charset="UTF-8"></meta>
<meta name="viewport" content="width=device-width, initial-scale=1.0"></meta>

<title>create</title>

</head>

<body>

<form method="post">

<label for="sometext"></label>
<input type="sometext" id="sometext" name="sometext" />

<button name="save">Save File</button>

</form>

<?php
    if(isset($_POST['save']))
    {
        $text = $_POST['sometext'];
        $file=fopen("myfile.txt", "w");
        fwrite($file, $text);
        fclose($file);
    }
?>

</body>

</html>

  • What is that '/' at the end of an input, for example the input line in the attached code?

Solution

  • It's not php which clears the form. Php doesn't run in your browser. Your browser posts back the form, which means it discards the page it was displaying and loads whatever the URL the form was posted to returns as the next page.

    Since your form posts back to the same script, if you move the form processing code to the top of the PHP script it will run first before the form is re-rendered.

    You could then set a variable in php which can be used later on to echo the values back into the new copy of the form, if they exist.

    You already have $text declared in the case when the form is submitted, so this is ideal for the purpose. All you need to do additionally is HTML-encode so that echoing it doesn't leave the page open to XSS injection attacks.

    Example:

    <?php
if(isset($_POST['save']))
{
    $text = $_POST['sometext'];
    $file = fopen("myfile.txt", "w");
    fwrite($file, $text);
    fclose($file);
}
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <meta charset="UTF-8" />
  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  <title>create</title>
</head>
<body>
  <form method="post">
    <label for="sometext"></label>
    <input type="sometext" id="sometext" name="sometext" value="<?php echo (isset($text) ? htmlspecialchars($text) : ""); ?>"  />
    <button name="save">Save File</button>
  </form>
</body>
</html>