Search code examples
phpformsexpressionengine

Why is $_POST empty when I can see the POST variables in firebug?

I am posting a form in an expressionengine (1.6.8) template. I'm doing it using jquery but have tried an HTML form too - same result. The PHP superglobal $_POST is empty after posting the form, even though I have PHP enabled on my templates (on input for the template containing the form and output on the processing template) and can see the POST variables in firebug.

Can anyone suggest what might cause this?

<html>
<head>
    <script type="text/javascript" src="/_scripts/jquery-1.6.1.min.js"></script>

    </head>
    <body>
        <form action="/select-locale/processing" method="POST">
            <input type="text" name="test"/>
            <input type="submit" name="submit" value="submit">
        </form>
        <a id="test" href="">link</a>

            <script type="text/javascript">
                $(function(){
                    $('#test').bind('click', function(e){
                        e.preventDefault();
                        var path = "/select-locale/processing"
                        var form = $('<form/>');
                        form.attr("method", "post");
                        form.attr("action", path);
                         var field = $('<input></input>');

                        field.attr("type", "hidden");
                        field.attr("name", 'locale');
                        field.attr("value", 'NZ');

                        form.append(field);
                        $('body').append(form);

                        form.submit();
                    });
                });


            </script>
    </body>
</html>

server-side code (inherited, not my own) :

<?php
var_dump($_POST);
var_dump($_GET);exit;
if ( ! isset($_POST['locale']))
{
    $locale = FALSE;

    $returnPage = "/";
}
else
{
    $locale = $_POST['locale'];

    $returnPage = $_POST['returnPage'];


}

if (isset($_GET['locale'])) {

    $locale = $_GET['locale'];
    $returnPage = "/"; 
?>
{exp:cookie_plus:set name="cklocale" value="<?php echo $locale;?>" seconds="2678400"}

{exp:session_variables:set name="userLocale" value="<?php echo $locale;?>"}  <?php
}
?>
{exp:cookie_plus:set name="cklocale" value="<?php echo $locale;?>" seconds="2678400"}

{exp:session_variables:set name="userLocale" value="<?php echo $locale;?>"}  


{exp:session_variables:get name="testSession"} 

{if  '{exp:session_variables:get name="testSession"}'=='yes' }
    {redirect="<?php echo $returnPage;?>"}
{if:else}
    {redirect="/nocookies/"}
{/if}
Solution

    • check the network tab if the parameters you want are really sent out

    • check the url if it's correct

    • if you use any sort of routing mechanism or url rewrite, you might wanna review it also

    • check your validation and XSS rules (if any) as it may reject the whole array once hints of XSS is found.

    happened to me a while ago (CI) and i was sending it to the wrong url