Problem With Xhtml Validation

[TavoxPeru 0]

Hi, i have a problem when i try to validate a php page that includes a litlle form and use sessions as a strict xhtml 1.1 page with the W3C XHTML VALIDATOR, the problem consists that everytime i send it to the validator it creates a hidden input with the PHP PHPSESSID in the form and also adds to the href attribute of every link this PHPSESSID, so if you have for example a link like this:

<a href="page.php?sessionvar=1">page with session var equal 1</a>

it results in this:

<a href="page.php?sessionvar=1&PHPSESSID=Some_Value">page with session var equal 1</a>

and as you know it is recommended that always replace & with & to make your page valid XHTML 1.1

Can someone knows a solution for this????

Best regards,

[Quatrux 4]

The solution is easy, you need to make the & into & and for your situation I find it very easy to use htaccess files and I recommend to put that file into your account root dir, you need to change the php.ini settings, overdrive them.

#=====================================\# ARG SEPERATOR OUTPUT value (String) +#=====================================/php_value arg_separator.output "&"

So this should work, if I understood correctly that the & is created by the server and I also recommend to program in a way, that to avoid the PHPSESSID in the GET.

[TavoxPeru 0]

The solution is easy, you need to make the & into & and for your situation I find it very easy to use htaccess files and I recommend to put that file into your account root dir, you need to change the php.ini settings, overdrive them.

#=====================================\# ARG SEPERATOR OUTPUT value (String) +#=====================================/php_value arg_separator.output "&"

So this should work, if I understood correctly that the & is created by the server and I also recommend to program in a way, that to avoid the PHPSESSID in the GET.

 

Thanks a lot, i found this solution too after a small research but also i found other problem related with this, especially if you send your forms with the POST method, because the server include a hidden input with the PHPSSID value to every form included in the page.

 

Now, i found that there is two easy ways to solve this problem.

You must use the ini_set php function to set the url_rewriter.tags and the arg_separator.output in every php page that you want to be valid xhtml1.1 as the following code:

 

<?phpini_set("arg_separator.output","&");ini_set("url_rewriter.tags","a=href,area=href,frame=src,input=src");?>

 

To the htaccess file that Quatrux post you must add the following line: php_value url_rewriter.tags "a=href,area=href,frame=src,input=src"

 

So the complete htaccess file will be:

<IfModule mod_php4.c>  php_value arg_separator.output "&"  php_value url_rewriter.tags "a=href,area=href,frame=src,input=src"</IfModule>

And in every form of every php page that you want to be valid xhtml1.1 you must include a hidden input:

<input type="hidden" name="PHPSESSID" value="<?php echo session_id();?>" />

I dont test this solution with PHP5 but i think it would work too, so i will test it and edit this post with the results very soon.

Finally, i recommend the use of the second option, because it this way you only have to include the hidden input to your pages.

 

BTW, this problem was a recognized PHP bug as noticed in the PHP website: Bug #13472 input type=hidden should be in a fieldset if there is one (XHTML and trans sid)

 

Best regards,

[FirefoxRocks 0]

Could you please explain that in more simpler terms? I finally whipped up a login script and I am encountering that problem too. I have tried adding <div> to many places, but the <input type="hidden"> thing comes up RIGHT AFTER the <form> thing, therefore <div>s are kind of useless there.I need to have pages validate as XHTML 1.0 Strict. XHTML 1.1 requires the application/xhtml+xml MIME type which is difficult to configure for Internet Explorer .

[TavoxPeru 0]

Could you please explain that in more simpler terms? I finally whipped up a login script and I am encountering that problem too. I have tried adding <div> to many places, but the <input type="hidden"> thing comes up RIGHT AFTER the <form> thing, therefore <div>s are kind of useless there.
I need to have pages validate as XHTML 1.0 Strict. XHTML 1.1 requires the application/xhtml+xml MIME type which is difficult to configure for Internet Explorer .

As i said in my previous post, there are 2 easy ways to solve this problem, i prefer the second option -using a htaccess file- because you do it only one time and forget, it will apply to all the webpages of your site.

So your first step is to create a htaccess file and upload it to your root folder with the following:

php_value arg_separator.output "&"php_value url_rewriter.tags "a=href,area=href,frame=src,input=src"

Then, your next step is to add to every of your pages that uses forms a hidden input named PHPSESSID with the session_id php function as its value, you do it with the following:

<input type="hidden" name="PHPSESSID" value="<?php echo session_id();?>" />

If you need more help with this please let me know and i can send you a complete example.

Best regards,

[FirefoxRocks 0]

Where do I insert this?

<input type="hidden" name="PHPSESSID" value="<?php echo session_id();?>" />

My best guess is in the form thing but I'm not sure.

[TavoxPeru 0]

Where do I insert this?

<input type="hidden" name="PHPSESSID" value="<?php echo session_id();?>" />

My best guess is in the form thing but I'm not sure.

Yes, you insert it inside your form, for example something like this will work fine:

<form action="page.php" method="post"><p><label for="email">Your email:</label><input id="email" name="email" /> <input type="submit" value="Submit" /><input type="hidden" name="PHPSESSID" value="<?php echo session_id();?>" style="display:none" /></p></form>

BTW, you can put the hidden input wherever you want in your form and with the display:none style applied to it you tell the browser that you don't allocate any space to the hidden input, remove it to see the diference. Also you can replace the p tag with a div tag if you want.

Best regards,