Query String help please
Permalink
Hey guys,
I'm trying to create a simple search form using a query string to redirect to a page and submit the search term using the following code, but nothing happens. I'm very rusty at this point and am looking for some pointers. I am also hard coding this.
I tried using javascript:
It seems like it is getting sanitized by C5, but it's more likely
the code is bad. >.< Like I said I'm rusty, and I knew how to do this at one point. Reading my Jphp/javascript bible now but getting nothing from it..
Any ideas?
Thank you
I'm trying to create a simple search form using a query string to redirect to a page and submit the search term using the following code, but nothing happens. I'm very rusty at this point and am looking for some pointers. I am also hard coding this.
<?php $myvar = ''; $myvar = $_GET[’qsrch’]; $content = new GlobalArea("qcksearch"); $start = '<div class="qsearch2"><!-- Start Quicksearch -->'; $end = '</div><!--End quick search-->'; $content->setBlockWrapperStart($start); echo "<form name=\"QuickSearchForm\" method=\"post\" action=\"http://testsite/SearchLaunch?KW=$myvar\">"; echo "<input type=\"text\" name=\"qsrch\" id=\"qstxtbox\" size=\"40\" maxlength=\"255\""; echo "alt=\"Catalogue Quick Search...\" value=\"Catalogue Quick Search...\" onfocus=\"this.value=''\">"; echo "<input type=\"image\" src=\"".$this->getThemePath()."/images/go.png\" alt=\"Keyword\" "; echo "title=\"Click here to search by Keyword\"> <br/> </form>"; $content->setBlockWrapperEnd($end); $content->display(); ?>
I tried using javascript:
function ffplQSearch(keyword) { alert("http://testsite/KWSearchLaunch?KW=" + document.forms["QuickSearchForm"]["qsrch"].value); var qsearch = "http://testsite/KWSearchLaunch?KW="; window.location.href= qsearch+ document.forms["QuickSearchForm"]["qsrch"].value; }
It seems like it is getting sanitized by C5, but it's more likely
the code is bad. >.< Like I said I'm rusty, and I knew how to do this at one point. Reading my Jphp/javascript bible now but getting nothing from it..
Any ideas?
Thank you
Great thank you!
I'll give this a shot and get post the results.
12am now, gtg to bed. dropping. @.@
I'll give this a shot and get post the results.
12am now, gtg to bed. dropping. @.@
still got nothing.
I can't sanitize either using the security helper.
Running C 5.6.0.2
Modified the php code a bit:
I'm using a global area so the search box stays on every page of the template. I feel utterly useless.. can't believe I'm stuck on query strings! Never thought I'd see the day... all this daily server, network, firewall stuff has my web brain rattled >.>
I'm still poking at this if anyone has any ideas.
The whole plan is pretty simple, there is a website that allows me to search. I simply want to pass the search string to it using a query string. Much like you can do with Google onsite search boxes.
thanks
I can't sanitize either using the security helper.
Running C 5.6.0.2
Modified the php code a bit:
<!-- start quick search --> <?php $myvar = 'Catalogue Quick Search...'; $myvar = $_GET[’qsrch’]; $content = new GlobalArea("catsearch"); $start = '<div class="qsearch2">'; $end = '</div>'; $content->setBlockWrapperStart($start); echo "<form name=\"QuickSearchForm\" method=\"get\" action=\"http:/test/search/SearchLaunch?KW=\">"; echo "<input type=\"text\" name=\"qsrch\" id=\"qstxtbox\" size=\"40\" maxlength=\"255\""; echo "alt=\"Catalogue Quick Search...\" value=\"$myvar\" onfocus=\" if (this.value='Catalogue Quick Search...') this.value=''\">"; echo "<input type=\"image\" src=\"".$this->getThemePath()."/images/go.png\" alt=\"Keyword\" "; echo "title=\"Click here to search by Keyword\"> </form>"; $content->setBlockWrapperEnd($end); $content->display();
Viewing 15 lines of 17 lines. View entire code block.
I'm using a global area so the search box stays on every page of the template. I feel utterly useless.. can't believe I'm stuck on query strings! Never thought I'd see the day... all this daily server, network, firewall stuff has my web brain rattled >.>
I'm still poking at this if anyone has any ideas.
The whole plan is pretty simple, there is a website that allows me to search. I simply want to pass the search string to it using a query string. Much like you can do with Google onsite search boxes.
thanks
I can sort of get it to work but it is adding:
to the search term. It should only be: dog
Still plugging away
ch=dog&x=0&y=0
to the search term. It should only be: dog
Still plugging away
I'm also looking at the page source code of the site and noticing that the global wrapper start and end var's are not being added.
All I get is the FORM code, but no start and end DIVs.
All I get is the FORM code, but no start and end DIVs.
made a change to the stack in question. Now the start and end DIVs do show up, but in the wrong spot.
<!-- start quick search --> <form name="QuickSearchForm" method="get" action="http://testsite/SearchLaunch?KW="> <input type="text" name="qsrch" id="qstxtbox" size="40" maxlength="255"alt="Catalogue Quick Search..." value="" onfocus=" if (this.value='Catalogue Quick Search...') this.value=''"> <input type="image" src="/themes/ffpl/images/go.png" alt="Keyword" title="Click here to search by Keyword"> </form> <div class="qsearch2"> </div> <!-- end quick search -->
alright, the only way around this for me was to remark the code that outputs the start and end block wrapper. I hardcoded the start and end DIVs. Not ideal but it works for now.
So back to the main problem which is the query string.
So back to the main problem which is the query string.
I can get the search to work, the query string passes the info, but one strange thing keeps happening and I think it's C5 doing it.
Each search sends values for X and Y.
For example if I search for: DOG
the query string ends up with KW=DOG&x=0&y=0
Even stranger are results like this:
Search for: dog cat moose bat
returns: KW=dog+cat+moose+bat&x=22&y=17
I don't know how it's getting the values for X and Y.. very weird.
A solution might be to strip anything starting
at & and onwards. But that's ugly and unusual.
Not to mention some users might use an & for their search.... v.v
ideas?
Each search sends values for X and Y.
For example if I search for: DOG
the query string ends up with KW=DOG&x=0&y=0
Even stranger are results like this:
Search for: dog cat moose bat
returns: KW=dog+cat+moose+bat&x=22&y=17
I don't know how it's getting the values for X and Y.. very weird.
A solution might be to strip anything starting
at & and onwards. But that's ugly and unusual.
Not to mention some users might use an & for their search.... v.v
ideas?
not so sure it's C5 anymore... it might be the record location in the browsers var/obj/value array? I don't know how to verify this theory.
I don't know how to prevent it from being appended to the query string. >.<
I don't know how to prevent it from being appended to the query string. >.<
x and y are input type image coords.
I need to switch to an input type submit.
http://stackoverflow.com/questions/801702/how-to-remove-x-and-y-on-...
If I get this working the form should work!!
sweeeet ;)
I need to switch to an input type submit.
http://stackoverflow.com/questions/801702/how-to-remove-x-and-y-on-...
If I get this working the form should work!!
sweeeet ;)
You are absolutely right. The line
creates the x & y coordinates due to image. if you use submit button, it will not pass in query string.
Rony
<input type="image" src="/themes/ffpl/images/go.png" alt="Keyword" title="Click here to search by Keyword">
creates the x & y coordinates due to image. if you use submit button, it will not pass in query string.
Rony
muwahahaha.. and it's working ;0)
Thanks Rony for re-affirming x,y coords issue.
Thanks Rony for re-affirming x,y coords issue.
I'm not sure exactly what you are going for, but I think you don't actually need to use a GlobalArea for that. I think you can just use regular HTML like this
Note that there are little snippets of php added in a few places. Also note that I used the concrete5 security helper to sanitize the string. If you have an older version of concrete5 this won't work. I think you need at least 5.6, but it will prevent XSS attacks.
I also removed the method="post" since we are doing a regular get request here and I moved the myvar to value of the field.
The autoblank doesn't work now, but hopefully this will point you in the right direction.
Best Wishes,
Mike