PHP code shows but does not execute

epiz_28063674
michaelsbookcorner.com

I am having an issue with code showing up from a .php page rather than executing.

Brief Background:
I wish to use amp-forms in AMPHTML which is somewhat unfamiliar. Using amp-form requires CORS permissions to work. I have created a couple of sandbox files to transfer data in a GET request from my .html page to the .php page. Thus far this works and I have managed to verify the data will pass when using method=“POST” where it shoots back to the the original page. I would like to move the data forward in a product checkout application. Using GET, I also have no CORS errors but any code below the header statements just prints out in the browser without executing.

The two files are here
michaelsbookcorner.com/getformTest.html
michaelsbookcorner.com/getbookSubmit.php




<!doctype html>
<html amp lang = "en">
   <head>
      <meta charset = "utf-8">
      <script async src = "https://cdn.ampproject.org/v0.js">
      </script>
      <title>AMP - Book Submit Form</title>
      <link rel = "canonical" href = "ampform.html">
      <meta name = "viewport" content = "width = device-width,
      minimum-scale = 1,initial-scale = 1">
      
      <style amp-boilerplate>
         body{
            -webkit-animation:
            -amp-start 8s steps(1,end) 0s 1 normal both;-moz-animation:
            -amp-start 8s steps(1,end) 0s 1 normal both;-ms-animation:
            -amp-start 8s steps(1,end) 0s 1 normal both;animation:
            -amp-start 8s steps(1,end) 0s 1 normal both
         }
         @-webkit-keyframes 
         -amp-start{from{visibility:hidden}to{visibility:visible}}@-moz-keyframes 
         -amp-start{from{visibility:hidden}to{visibility:visible}}@-ms-keyframes 
         -amp-start{from{visibility:hidden}to{visibility:visible}}@-o-keyframes 
         -amp-start{from{visibility:hidden}to{visibility:visible}}@keyframes 
         -amp-start{from{visibility:hidden}to{visibility:visible}}
      </style>
      <noscript>
         <style amp-boilerplate>
            body{
               -webkit-animation:none;
               -moz-animation:none;
               -ms-animation:none;
               animation:none}
         </style>
      </noscript>
      <script async custom-element = "amp-form" 
         src = "https://cdn.ampproject.org/v0/amp-form-0.1.js">
      </script>
      <script async custom-template = "amp-mustache" 
         src = "https://cdn.ampproject.org/v0/amp-mustache-0.2.js">
      </script>
      <script async custom-element="amp-selector" 
         src="https://cdn.ampproject.org/v0/amp-selector-0.1.js">
      </script>

      <style amp-custom>
         form.amp-form-submit-success [submit-success],
         form.amp-form-submit-error [submit-error]{
            margin-top: 16px;
         }
         form.amp-form-submit-success [submit-success] {
            color: white;
            background-color:gray;
         }
         form.amp-form-submit-error [submit-error] {
            color: red;
         }
         form.amp-form-submit-success.hide-inputs > input {
            display: none;
         }
         ul {
            list-style: outside none none;
         }
         div.books {
            width: 90%;
            height: 80px;
            margin-top: 10px;
         }
         amp-selecter {
            width: 100%;
            padding: 10px 15px;
            border: 1px dashed blue;
            border-radius: 4px;
            background-color: orange;
         }
         .center {
            margin-left: auto;
            margin-right: auto;
         }
      </style>
   </head>
   <body>
      <div id="bookFormats" class="container center">
         <h2 class="center italic"><b>Purchase</br>The Gifted: A Positive Tale of Mutation</b></h2>

         <form 
            method = "get" 
            class = "p2" 
            action = "getbookSubmit.php">
               <p>AMP - Form Example</p>
                           
                     <div class="books" >
                     <amp-img src="https://res.cloudinary.com/michaelsbookcorner/image/upload/v1641072491/BookstoreImages/AgesWebCover1000x1500_yeugrh.jpg" width="50" height="75"></amp-img>
               <input type="hidden" name="catalog" value="bk_003_0">     
               <p>Choose your format.</p>
               <amp-selector id="format" layout="container" name="format">
                  <ul>
                     <li>
                     <div class="books" option="_epub" selected>
                     <amp-img src="I-Images/EbookIcon100px.png" width="75" height="75"></amp-img>
                     .epub (most readers)</div>
                     </li>
                     <li>
                     <div class="books" option="_mobi">
                     <amp-img src="I-Images/KindleLogo.png" width="75" height="75"></amp-img>
                     .mobi (Kindle)</div>
                     <li>
                     <div class="books" option="_audio">
                     <amp-img src="I-Images/AudiobookIcon100px.png" width="75" height="75"></amp-img>
                     .audio (.mp3/.zip)</div>
                     </li>
                  </ul>
              
               <br/>
               <br/>
               <input 
                  type = "email" 
                  name = "email" 
                  placeholder = "Enter Email" 
                  required>
               <br/>
               <br/>
            
            <input type = "submit" value = "Submit">
            
         </form>
      </div>

   </body>
</html>

<?php

ini_set('session.use_cookies', '0');
ini_set('session.use_only_cookies',0);
ini_set('session.use_trans_sid',1);

session_start();

    if(!empty($_GET)){
        $domain_url = (isset($_SERVER['HTTPS']) ? "https" : "http") . 
            "://$_SERVER[HTTP_HOST]";
        header("Content-type: application/json");
        header("AMP-Access-Control-Allow-Source-Origin: " . $domain_url);
        header("Access-Control-Expose-Headers: 
            AMP-Access-Control-Allow-Source-Origin");

        $_SESSION['catalog'] = $_GET['catalog'].$_GET['format'];
      
        $_SESSION['email'] = $_GET['email'];

        //  Get PHPSESSIONID and pass it with successEmail.php url
		$getstring = htmlspecialchars(SID);
		echo '
		<a id="finish" href="orderConfirm.php?'.$getstring.'">Confirm</a>';                               
		//  Invoke JavaSCript to automattically 'click' the sending link
		echo '
		<script type="text/javascript">
			document.getElementById("finish").click();
		</script>';
      
   }
   
?>


Just to clarify here, GET works perfectly fine, but POST does not? Can you provide any errors that appear when using POST? You may have to modify our PHP so they are shown.

I began with an example using AMP with POST. I saw no errors there, but for that example, the output was echoed back to the first page. The .php page was not supposed to be rendered.

Also, to clarify, three assignment statements seem to have executed in the .php file I posted earlier rather than rendering as text. These would be

$_SESSION[‘catalog’] = $_GET[‘catalog’].$_GET[‘format’];

    $_SESSION['email'] = $_GET['email'];

    //  Get PHPSESSIONID and pass it with successEmail.php url
    $getstring = htmlspecialchars(SID); 

It was the echo statements below those which did not output rendered HTML, but just the raw HTML script.
The original ‘POST’ AMP example I ran was the following and saw no errors.
.html Form


<!doctype html>
<html amp lang = "en">
   <head>
      <meta charset = "utf-8">
      <script async src = "https://cdn.ampproject.org/v0.js"></script>
      <title>Google AMP - Form</title>
      <link rel = "canonical" href = "ampform.html">
      <meta name = "viewport" conten t = "width = device-width,
         minimum-scale = 1,initialscale = 1">
      
      <style amp-boilerplate>
         body{
            -webkit-animation:
            -amp-start 8s steps(1,end) 0s1 normal both;-moz-animation:
            -amp-start 8s steps(1,end) 0s 1 normal both;-msanimation:
            -amp-start 8s steps(1,end) 0s 1 normal both;animation:
            -amp-start 8s steps(1,end) 0s 1 normal both
         }
         @-webkit-keyframes 
         -ampstart{from{visibility:hidden}to{visibility:visible}}@-moz-keyframes 
         -ampstart{from{visibility:hidden}to{visibility:visible}}@-ms-keyframes 
         -ampstart{from{visibility:hidden}to{visibility:visible}}@-o-keyframes 
         -ampstart{from{visibility:hidden}to{visibility:visible}}@keyframes 
         -ampstart{from{visibility:hidden}to{visibility:visible}}  
      </style>
         <noscript>
            <style amp-boilerplate>
               body{
                  -webkit-animation:none;
                  -moz-animation:none;
                  -msanimation:none;
                  animation:none
               }
            </style>
         </noscript>
      <script async custom-element = "amp-form"
         src = "https://cdn.ampproject.org/v0/amp-form-0.1.js">
      </script>
      <script async custom-template = "amp-mustache"
         src = "https://cdn.ampproject.org/v0/amp-mustache-0.2.js">
      </script>
      <style amp-custom>
         form.amp-form-submit-success [submit-success],
         form.amp-form-submit-error [submit-error]{
            margin-top: 16px;
         }
         form.amp-form-submit-success [submit-success] {
            color: white;
            background-color:gray;
         }
         form.amp-form-submit-error [submit-error] {
            color: red;
         }
         form.amp-form-submit-success.hide-inputs > input {
            display: none;
         }
      </style>
   </head>
   <body>
      <h3>Google AMP - Form</h3>
      <form method = "post" 
         class = "p2" 
         action-xhr = "submitform.php" 
         target = "_top">
         <p>AMP - Form Example</p>
         <div>
            <input type = "text" name = "name" placeholder = "Enter 
               Name" required><br/><br/>
            <input type = "email" name = "email" 
            placeholder = "Enter Email" required>
            <br/>
            <br/>
         </div>
         
         <input type = "submit" value = "Submit">
         <div submit-success>
            <template type = "amp-mustache">
               Form Submitted! Thanks {{name}}.
            </template>
         </div>
         
         <div submit-error>
            <template type = "amp-mustache">
               Error! {{name}}, please try again.
            </template>
         </div>
      </form>
   </body>
</html>

<?php
   if(!empty($_POST)){
      $domain_url = (isset($_SERVER['HTTPS']) ? "https" : "http") . 
         "://$_SERVER[HTTP_HOST]";
      header("Content-type: application/json");
      header("AMP-Access-Control-Allow-Source-Origin: " . $domain_url);
      header("Access-Control-Expose-Headers: 
         AMP-Access-Control-Allow-Source-Origin");
      $myJSON = json_encode($_POST);
      echo $myJSON;
   }
?>

This might be part of the problem. You MIGHT have to move the SERVER superglobal outside of the text and concatenate it to ://.

I also found this:

Which should be: <meta name = "viewport" content

1 Like

It look like you are trying to parse it as a string, but its not a string. Try:

      $domain_url = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://" . $_SERVER[HTTP_HOST];

Should be one word

     <meta name = "viewport" content = "width = device-width, minimum-scale = 1, initialscale = 1">
1 Like

Addressing each one.

  1. I’m not even sure how to interpret this line copied from the example

$domain_url = (isset($_SERVER[‘HTTPS’]) ? “https” : “http”) .
“://$_SERVER[HTTP_HOST]”;

So this line allows for either protocol with the same domain name, i.e. http:/michaelsbookcorner.com OR https://michaelsbookcorner.com
I’m unclear as this seems to be the portion of the script which is functioning as I would expect.

It also seems odd that $_SERVER[HTTP_HOST], as a variable, is not concatenated with :// as in why does this line not read

$domain_url = (isset($_SERVER[‘HTTPS’]) ? “https” : “http”) .
“://” . $_SERVER[HTTP_HOST];

Is this what your comment on concatenation was referring to?

I did change the $domain_url line as pointed out to
$domain_url = (isset($_SERVER[‘HTTPS’]) ? “https” : “http”) .
“://”.$_SERVER[HTTP_HOST];
The result was the same. This is what is displayed


<a id="finish" href="orderConfirm.php?PHPSESSID=6ad0abfc29c4f1e26d38637a4472e492&PHPSESSID=6ad0abfc29c4f1e26d38637a4472e492">Confirm</a>                               
		
		<script type="text/javascript">
			document.getElementById("finish").click();
        </script>
  1. I’m not sure how it copied over, but my file does not have the word ‘content’ broken up as indicated. I just checked the file on the server and that looks OK.

Likely not work due to CORS policy restriction…

Just my guess…

Just using $something in a string can sometimes work unexpectedly when you start introducing additional characters, like getting data from an array.

And in that regard, the array key HTTP_HOST itself should be a string.

So putting it together, I would do this instead:

$domain_url = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://" . $_SERVER['HTTP_HOST'];

That said, I did try the book order page, and it seems to work fine for me. But that was in a regular browser on a desktop.

I’ve never used AMP, and I don’t know the technical requirements of using AMP on a site. So I can’t say for certain whether it will work here or not.

1 Like

Thank you so much for weighing in on this problem.
I believe I did rewrite the line as you said, namely

$domain_url = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://" . $_SERVER['HTTP_HOST'];

However, it still did not work for me. Perhaps it is an issue with my browser though it is an up to date version of Chrome. It is still a mystery as to why some code executed while some did not.

In any case, I tried stripping all of the junk out of the way with the one line

header('Access-Control-Allow-Origin: https://michaelsbookcorner.com');

This worked and all of the subsequent code executed normally. There is still an issue with Google AMP in that I need to figure out how to allow their AMP Cache domain access as well. I believe that is possible. Better to start from the ground up.

Thank all of you again. You got me restarted on the right track.

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.