Flourish PHP Unframework
This is an archived copy of the forum for reference purposes

Question about fRequest::isPost();

posted by czapata 9 years ago

I have a form something like this: 

#!text/html
<form action="<?php echo  fURL::getDomain() . fURL::getWithQueryString(); ?>" 
   enctype="multipart/form-data" method="post" >
<!-- I have additional fields here -->	
	<div class="form_row">
	    <label for="image_1">Image 1:</label>
	    <input type="file" id="image_1" name="listing_image[]" />
	    <label for="image_2">Image 2:</label>
	    <input type="file" id="image_2" name="listing_image[]" />
	    <label for="image_3">Image 3:</label>
	    <input type="file" id="image_3" name="listing_image[]" />
	    <span class="hint">
	        You can upload JPEG, GIF, or PNG files up to 500 KB.
	    </span>
	</div>
	<div class="form_row_last">
		<input type="submit" value="Save Listing" />
		<input type="hidden" name="token" value="<?php echo fRequest::generateCSRFToken() ?>" />
	</div>
</form>

In the page I use to process the post I have something like: 

if ($action == 'edit') {
  try {
	//other code here
	echo('This is fired!');
	if (fRequest::isPost()) {
	    echo('But not this!');
	);
   } catch (fException $e {
      //etc...etc...
   }
}

I'm also passing variables in the querystring. My server's access log records the access as a POST but the code inside the isPost is not executed. Could the querystring be causing a conflict? Any Ideas?

Thanks, Carlos

fRequest::isPost() just compares strtoupper($_SERVER['REQUEST_METHOD']) to the string POST.

Can you paste the output of fCore::expose($_SERVER)? Are you using ModRewrite at all? Or ErrorDocument 404 in Apache?

posted by wbond 9 years ago 
Array
(
    [HTTP_HOST] => 192.168.91.25
    [HTTP_USER_AGENT] => Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6 GTB7.1
    [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    [HTTP_ACCEPT_LANGUAGE] => en-us,en;q=0.5
    [HTTP_ACCEPT_ENCODING] => gzip,deflate
    [HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.7
    [HTTP_KEEP_ALIVE] => 115
    [HTTP_CONNECTION] => keep-alive
    [HTTP_REFERER] => [EDITED]/listings.php?action=edit&id=10
    [HTTP_COOKIE] => PHPSESSID=satpbi0cgk14k5ahbn7h9ac9n5
    [PATH] => /usr/local/bin:/usr/bin:/bin
    [SERVER_SIGNATURE] => <address>Apache/2.2.14 (Ubuntu) Server at [EDITED] Port 80</address>
  
    [SERVER_SOFTWARE] => Apache/2.2.14 (Ubuntu)
    [SERVER_NAME] => [EDITED]
    [SERVER_ADDR] => [EDITED]
    [SERVER_PORT] => 80
    [REMOTE_ADDR] => [EDITED]
    [DOCUMENT_ROOT] => /var/www
    [SERVER_ADMIN] => webmaster@localhost
    [SCRIPT_FILENAME] => [EDITED]/listings.php
    [REMOTE_PORT] => 55398
    [GATEWAY_INTERFACE] => CGI/1.1
    [SERVER_PROTOCOL] => HTTP/1.1
    [REQUEST_METHOD] => GET
    [QUERY_STRING] => action=edit&id=10
    [REQUEST_URI] => [EDITED]/listings.php?action=edit&id=10
    [SCRIPT_NAME] => [EDITED]/listings.php
    [PHP_SELF] => [EDITED]/listings.php
    [REQUEST_TIME] => 1278180348
)

I edited some of the sensitive info but here it is. I know the request method is shown as GET however the form has is set as POST. I'm have mod_rewrite active but I was having syntax issues with redirecting via htaccess so I commented out all my htaccess redirections.

Thanks, czapata

posted by czapata 9 years ago

Yeah, so it definitely looks like the request is a GET. What does the opening <form> tag look like in your HTML? I wonder if your action attribute has a query string if the form will submit as a GET instead of POST?

If you use Firefox, I would recommend trying Live HTTP Headers to debug what exactly is happening in terms of redirects or submissions.

posted by wbond 9 years ago

I followed your recommendations and used the plugin. It shows the request as a POST and a response from apache that is a 302 then a 200. The redirect si to the same page so I'm stumped here, any ideas? Also, my .htaccess has been commented out completely, so I don't think that's the cause. 

http://192.168.80.134/infotohand/listings.php

POST /infotohand/listings.php HTTP/1.1
Host: 192.168.80.134
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6 GTB7.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://192.168.80.134/infotohand/listings.php?action=edit&id=10
Cookie: PHPSESSID=088fbi44alpbes4c0kqat4np12
Content-Type: multipart/form-data; boundary=---------------------------31750465428540
Content-Length: 2552
-----------------------------31750465428540
Content-Disposition: form-data; 

[FORM DATA IS GIVEN HERE]

HTTP/1.1 302 Found
Date: Tue, 06 Jul 2010 15:47:20 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: http://192.168.80.134/infotohand/listings.php?action=edit&id=10
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 573
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
----------------------------------------------------------
http://192.168.80.134/infotohand/listings.php?action=edit&id=10

GET /infotohand/listings.php?action=edit&id=10 HTTP/1.1
Host: 192.168.80.134
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6 GTB7.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://192.168.80.134/infotohand/listings.php?action=edit&id=10
Cookie: PHPSESSID=088fbi44alpbes4c0kqat4np12

HTTP/1.1 200 OK
Date: Tue, 06 Jul 2010 15:47:20 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1762
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html
posted by czapata 9 years ago

Any ideas on this?

posted by czapata 9 years ago

So something in your PHP or Apache is definitely redirecting the user. Are you using any other libraries other than Flourish in your PHP? If so, I'd look into those to see if they are doing a 302 redirect.

Are you using fCRUD::redirectWithLoadedValues()? I'm not sure if PHP sets the HTTP status to 302 when doing a Location: header redirect.

posted by wbond 9 years ago

Here's my form tag: 

#!text/html
<form action="http://[edited]/listings.php?action=edit&id=10" enctype="multipart/form-data" method="post" >

I'll try to see if it works without the querystring.

posted by czapata 9 years ago

Note: I'm using fRequest::getValid() to specify the actions allowed (don't know if the issue is with that). Here's what that declaration looks like: 

	// set allowed actions, default is list
	$action = fRequest::getValid(
		'action',
		array('list', 'add', 'edit', 'delete', 'view')
	);

I removed the querystring part from the form action and added a hidden field to the form to hold the 'action' vale but still no joy, any recommendations?

Thanks!

posted by anonymous 9 years ago