All Activity

You can achieve this by splitting the user input into separate keywords and then searching for each keyword individually in your database query. public function get_materials_pick($id) { // Split the user input into separate keywords $keywords = explode(" ", $id); // Construct the WHERE clause dynamically to search for each keyword $whereClause = ""; foreach ($keywords as $keyword) { $whereClause .= "(".PREFIX."tprices.ProductDesc LIKE '%$keyword%') OR "; } // Remove the last 'OR' from the WHERE clause $whereClause = rtrim($whereClause, "OR "); // Construct and execute the SQL query $sql = "SELECT ".PREFIX."tprices.IdPrice, ".PREFIX."tprices.Supplier, ".PREFIX."tprices.ProductCode, ".PREFIX."tprices.ProductDesc, ".PREFIX."tprices.Price FROM ".PREFIX."tprices WHERE $whereClause ORDER BY ".PREFIX."tprices.Price, ".PREFIX."tprices.Supplier ASC"; return $this->db->select($sql); } i hope With this modification, you can input keywords in any order, and the function will search for each of them individually in the ProductDesc column of your materials table. This should provide the flexibility you need for searching. Best regard Danish Hafeez | QA Assistant ICTInnovations

Does that mean that you've made sure you're using prepared statements, nonces for your CSRF, and proper XSS request headers or do you mean you feel fine altering user input because what you have looks like it's working as it is?

Anyway. I should be OK. Covered XSS, SQLi (PDOs and such), and CSRF (using tokens) and hashed everything i should hash with salt 🥳

Anyone else think bootstrap is just lazy? 😁

Thanks for looking at it. I manged to solve it.... the code looks like this now.... <script> // Function to initialize emoji selector for a comment section function initializeEmojiSelector(sectionId) { const section = document.querySelector(`.comment-section[data-section-id="${sectionId}"]`); const textarea = section.querySelector('.comment-textarea'); const emojiSelect = section.querySelector('.emoji-select'); const emojis = [ '(・ω・)', '(´・ω・`)', '(｡♥‿♥｡)', 'ヾ(⌐■_■)ノ♪', '(╯°□°）╯︵ ┻━┻' ]; // Populate the emoji selector dropdown emojis.forEach(emoji => { const option = new Option(emoji, emoji); // Create a new option element emojiSelect.add(option); // Add option to the dropdown }); // Event listener for emoji selection emojiSelect.addEventListener('change', function() { const selectedEmoji = this.value; if (selectedEmoji) { const cursorPos = textarea.selectionStart; // Get current cursor position const textBeforeCursor = textarea.value.substring(0, cursorPos); const textAfterCursor = textarea.value.substring(cursorPos); const newText = textBeforeCursor + selectedEmoji + textAfterCursor; textarea.value = newText; // Insert selected emoji at cursor position textarea.focus(); // Keep focus on textarea } }); } // Initialize emoji selectors for all comment sections on DOMContentLoaded document.addEventListener('DOMContentLoaded', function() { const commentSections = document.querySelectorAll('.comment-section'); commentSections.forEach(section => { const sectionId = section.getAttribute('data-section-id'); initializeEmojiSelector(sectionId); }); }); </script> <div class="comment-section" data-section-id="2"> <textarea class="comment-textarea"></textarea> <select class="emoji-select"></select> </div>

The only thing that will save us is web 3.0!!! 🤪

What "fallback"? It doesn't make sense to have a "fallback". What you're doing is altering the data being passed to your script. You're saying "yes, you did type one thing, but I'm going to change it and pretend you typed something else". There are two basic parts to things like HTML and SQL and JSON and the like: you have the bits with values that you want to fill in (data), and you have the bits that are not data but fundamentally define how the HTML/SQL/JSON works (structure). Sanitization is about making sure that the data stays "data" and never crosses over into "structure".

Thats a shame.. prob will be back once they learn they need to learn at some point in time.

When user selects emojiSelect2 ("select") it places the emoji into comment_text2.. but it only works on the first comment box.. I want to use the index increment to act as a unique identifier (indeed) and then use that in the functions parameter the javascript... this should then allow me to use the select form (including dropdown and textarea) for all the other comments,,.. should work just don't know how.

They'll be back when they realize that the AI generated code doesn't* do exacty what they wanted. *edit - I seemed to have missed out a critical word🙄

Ever since AI I have seen tech forums like this one become very quiet which isn't surprising.

Maybe. I have no way of knowing what you intend to do with the index and the function parameters. Two things to bear in mind ID values must be unique - you cant have several inputs all with the id="comment_text2" When you define an event listener on page load, it is only attached to elements that exist when the page has loaded and not to elements you add dynamically.

Oh, i always sanitize my inputs. But this is a bad idea for a fallback?

Can it not be done with index++ and function parameters? Maybe that would be more simple, and is kinda the direction I was going in.

1. Never modify $_GET and $_POST. 2. Never sanitize values ahead of time. 3. Always work with pure, unaltered values, and reserve sanitizing values until the very last step according to what you're doing with those values. So yes, there is a problem with that there. Don't do it. You should only ever be doing two(ish) things: use prepared statements for your SQL, and use htmlspecialchars when outputting an unknown value into HTML. More than that is probably wrong and going to create problems for yourself in the present and/or future.

I like to use data attribute on these occasions. NOTE: use a class name for the selects and another for the inputs. Don't use ids. Maintain a count of how many comments the user adds and increment each time they add a new one. When creating a new select and input, give them both a data-id attribute with the value of the count. When emoji selected, get the value of the select's data-id. Look for the input with the same data_id and insert the emoji.

user visits comment section user wants to input emoji via input/select - works on the first comment box, but there are multipul.. - doesnt work on comment box 2, 3,4 etc.. * seems to need a id of some sort inserted into the Javascript so that it can be used multi. Not sure how.

And how is the user expected to interact with it? Can you display a form with a select and an input text user enters comment user clicks "Save" form is posted and comment saved page reloads Rinse and repeat as many times as required?

Hi. Yes, infinite inputs/select. Its in a looped comment system. 🦄

It would help if you explained what you are trying to achieve. Code that doesn't work only shows us what you don't want to do. What do want to do (30?) times in a loop. For example... Are you meaning there may be 30 emojis, or there will be 30 select/input text pairs?

Anyone started using AI for code samples.. do we have to "adjust with the times" and embrace or totally distance ourselves? Is it the future? Will in the future we be placing AI gen code into objects daily? 😶‍🌫️ Got an opinion?

Hey! ... Is there any problem with using .. $_GET = filter_input_array(INPUT_GET, FILTER_SANITIZE_FULL_SPECIAL_CHARS); $_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_FULL_SPECIAL_CHARS); I use htmlspecialchars before on all my values already. Think of this as if i missed one. Is it OK?

I have this code (very cool)... document.addEventListener('DOMContentLoaded', function() { const emojiSelect = document.getElementById('emojiSelect2'); const inputText = document.getElementById('comment_text2'); const emojis = [ '(・ω・)', '(´・ω・`)', '(｡♥‿♥｡)', 'ヾ(⌐■_■)ノ♪', '(╯°□°）╯︵ ┻━┻' ]; // Populate the select dropdown with emojis emojis.forEach(emoji => { const option = document.createElement('option'); option.value = emoji; option.text = emoji; emojiSelect.appendChild(option); }); // Event listener for emoji selection emojiSelect.addEventListener('change', function() { const selectedEmoji = this.value; if (selectedEmoji) { inputText.value += selectedEmoji; this.selectedIndex = 0; // Reset dropdown to default option after selection } }); }); </script> Though I need to call it multiple times with no fixed number... <select id="emojiSelect2"> <option value="">Select an kaomoji</option> </select> <textarea name="comment_text" id="comment_text2" rows="2" cols="40" placeholder="Type comment reply here." required></textarea> ... here. This will loop a few times... say 30.. though my current code only allows the first iteration. I'm not very good at Javascript.,.. could someone show me how to write it to allow multiples inside the loop? Maybe gen an index(++) and drop that in. If so, how? Thanks guys and gals!

You want to encrypt a stream using functionality that encrypts files? That doesn't sound right... "No such file or directory" sounds relevant. Does the $messageData file exist, and is it readable by PHP? Does the $encryptedMessage file exist, or at least its parent directory, and is it writable by PHP?

Anybody have any recommendations for a web-hosting provider that will offer PHP, SQL, email, and other assorted features that would be beneficial (like the ability to run CRON jobs, etc.)? @ginerjm I noticed in a recent thread that you cautioned against GoDaddy. Who would you suggest as an alternative?