PHP multiple forms, same page, isset($_POST[]) not working?

by

I have a page with a list of webinars, and a shortcode that displays a form button labeled “Enroll”. The form should simply update the user’s WordPress profile and redirect them to a page. I don’t understand why I’m not getting this to work:

/*
 * Usage: [enroll_form_button redirect="#" webinar="ABC"]
 */
if (!function_exists('enroll_form_button_function')) {
    function enroll_form_button_function($atts){
        $atts = shortcode_atts(array('redirect' => '#', 'webinar' => '',), $atts);
        $redirect_to = $atts['redirect'];
        $webinar_code = $atts['webinar'];
        
        $results .='<form id="form-'.$webinar_code.'" method="post" action="'.$redirect_to.'">
            <input type="submit" value="Enroll" name="form-'.$webinar_code.'" >
        </form>';
        
        if (isset($_POST['form-'.$webinar_code])){
            update_user_meta( get_current_user_id(), $webinar_code, 'true');
        }
        return $results;
    }
    add_shortcode('enroll_form_button', 'enroll_form_button_function');
} else {
    echo "enroll_form_button_function is not available.<br />n";
}

The parameters, the redirect, and the function to update the user’s profile is working fine, but the if-statement doesn’t seem to be working. If I take the function out of the if-statement, it updates all webinars in the user’s profile, not just the one they are submitting. So, I need to identify the form and only call the action to that form. What am I missing here?

Contents hide
Answers:
Method 1

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Few problems I see here.

1.) You’re using concatenation for $results (ie $results .= should be $results =)

2.) You’re assuming that $webinar_code will always be available. If the page they are redirected to is not the same exact page, that will not be the case, or if the page redirected to has the shortcode but different webinar in attributes, will update the wrong one.

I would instead do it like this:

add_shortcode( 'enroll_form_button', 'enroll_form_button_function' );

function enroll_form_button_function( $atts ) {

    $atts         = shortcode_atts( array( 'redirect' => '#', 'webinar' => '', ), $atts );
    $redirect_to  = $atts['redirect'];
    $webinar_code = $atts['webinar'];

    $results = "<form id="form-{$webinar_code}" method="post" action="{$redirect_to}"><input type="submit" value="{$webinar_code}" name="webinar_code" /></form>";

    return $results;
}

add_action( 'wp', 'check_enroll_form_submit' );

function check_enroll_form_submit(){

    if( ! isset( $_POST['webinar_code'], $_POST['webinar_nonce'] ) ){
        return;
    }

    $webinar_code = sanitize_text_field( $_POST['webinar_code'] );
    update_user_meta( get_current_user_id(), $webinar_code, 'true' );
}

I did a couple things here:

  1. Moved the check to update the user’s meta to the wp action
  2. Sanitized the value sent in $_POST (even if you know it’s secure, it’s ALWAYS good to be in the habit of sanitizing any kind of $_POST $_GET or $_REQUEST data)
  3. Instead of passing the value in the name, just pass it in the value (i think you were overthinking that part)


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x