pappakaka

Thank you!

Hi, I'm very new to JS and trying to learn. Currently I'm trying to make a form validation for my website. What happends in the code below is that when you select an option from a drop down select field, it creates a new list item inside a ul list. I got everything to work except one thing. How many list items you can create. I simply want to restrict the user from selecting more than 3 options from the drop down menu. If you select a 4th option an alert message should pop up but I can't get it to work.. Here's the JS code: function selectGenres(select){ var option = select.options[select.selectedIndex]; var ul = select.parentNode.getElementsByTagName('ul')[0]; var choices = ul.getElementsByTagName('input'); for (var i = 0; i < choices.length; i++) if (choices[i].value == option.value) { alert("The genre is already selected!"); return false; } else if (option == 3) { alert("You can only select 3 genres!"); return false; } var li = document.createElement('li'); var input = document.createElement('input'); var text = document.createTextNode(option.firstChild.data); input.type = 'hidden'; input.name = 'ingredients[]'; input.value = option.value; li.appendChild(input); li.appendChild(text); li.setAttribute('onclick', 'this.parentNode.removeChild(this);'); ul.appendChild(li); } And here is the form to validate: <form name="form1" id="main_form" action="index.php" method="post"> <input id="btn" name="btn" value="Submit" type="submit" /> <div id="form_con"> <table cellspacing="0" cellpadding="0"> <tr> <td valign="middle"> <ul> </ul> <select id="genre_settings" onchange="selectGenres(this);"> <option disabled="disabled">Genre...</option> <option value="01">Animation</option> <option value="02">Action</option> <option value="03">Adventure</option> <option value="04">Animals</option> <option value="05">Comedy</option> ... </select> </td> </tr> </table> </div> </form>

Looked into it and it seems much better yes, thanks!

Ok thanks, so I can basically allow the users to use whatever characters they want in thier password? Or could that possibly be harmful any other way?

I'm trying to secure my login system as much as possible from SQL injections and other attacks. I know that by using mysql_real_escape_string() you can prevent that and I'm using that on for example the username input, but I would like to know if you hash the password before you send it to the database with MD5, do you still need to use mysql_real_escape_string()? A very quick and simple example: <?php $un = $_POST['username']; $pass = $_POST['password']; $pass = md5($pass); mysql_query("SELECT * FROM users WHERE password='$pass' AND username='$un'"); ?> If someone wrote a possible SQL query in the password input, wouldn't that be rendered useless as the md5 will hash it before sending it and therefor "hide" it? Or is there any other reason you wouldn't want people to use sertain characters/symbols in their passwords?

Anyone?

I have a problem, you can see it on this page and then by following the steps below: http://www.randommovietitle.com/Testing/ 1. Try clicking the random button. You will come to a random movie. 2. Go back and and try to choose some options like 2D Animation as genre, between the years 2000-2011. You will get a random movie that fits you options. Also, the query for the options you choose is echo'd out on in the corner aswell as the year span above the logo. 3. After you've done this. Close the tab/page and go to this URL: http://www.randommovietitle.com/Testing/movies.php?mid=100. You will come to the movie Crank. But do you see up in the corner and above the logo? The query and year span is still there and when you click the "Randomize again" button on that page, you will come to a new movie BUT only a movie that fits the options you choose in step 2. I know that this is happening because of the use of $_SESSION. But what I can't figure out is how to make it stop when you leave the movies.php page. Or even better, by using something else than $_SESSION entirely? For example, if I was on this site a few minutes ago and choose a few options that was saved in the $_SESSION veriable. Then come back and want to search for a completely random movie without any options. The options I choose a few minutes ago will still be in the $_SESSION variable and used in the search. How can I change this? Here is the form on the first page and the code I use on movies.php: <form class="main_form" action="movies.php" method="post" name="form1"> <input class="random_btn" name="next_btn" value="Random" type="submit" onclick="return validate()" /><br /> <div class="index_bgbox"> <label class="genre_label" value="genre">Genre</label><br /> <select multiple="multiple" name="genre[]" id="genre" size="7"> <option value="01">2D Animation</option> <option value="02">3D Animation</option> <option value="03">Action</option> <option value="04">Adventure</option> <option value="05">Animals</option> <option value="06">Comedy</option> <option value="07">Comics Adaptation</option> <option value="08">Crime</option> <option value="09">Dance</option> <option value="10">Disaster</option> <option value="11">Documentary</option> <option value="12">Drama</option> <option value="13">Family</option> <option value="14">Fantasy</option> <option value="15">Fighting</option> <option value="16">Game Adaptation</option> <option value="17">History</option> <option value="18">Horror</option> <option value="19">Thriller</option> <option value="20">Romance</option> <option value="21">Music</option> <option value="22">Mystery</option> <option value="23">Parody</option> <option value="24">Psychological</option> <option value="25">Sci-Fi</option> <option value="26">Sport</option> <option value="27">Teen</option> <option value="28">War</option> <option value="29">Western</option> </select> <label class="year_label" value="YearForm">Year</label><br /> <select class="year_from" name="YearFrom"> <option value="">Select From</option> <option value="1930">1930</option> <option value="1931">1931</option> <option value="1932">1932</option> <option value="1933">1933</option> ...etc... </select> <select class="year_to" name="YearTo"> <option value="">Select To</option> <option value="1930">1930</option> <option value="1931">1931</option> <option value="1932">1932</option> <option value="1933">1933</option> ...etc... </select> </div> </form> <?php session_start(); require("Includes/connection.php"); $connection = @mysql_connect($ControlHost, $ControlUser, $ControlPass) or die("Couldn't connect to server"); $db = @mysql_select_db("$ControlDb", $connection) or die("Couldn't select database"); if (isset($_GET['mid'])) { echo $_SESSION['genre_string']; $mid=(int)$_GET['mid']; $result = mysql_query("SELECT * FROM movie WHERE MID='$mid'"); $row = mysql_fetch_array($result); $MID = $row["MID"]; $Title = $row["Title"]; $YearFrom = $row["YearFrom"]; $RMTRating = $row["RMTRating"]; $IMDBRating = $row["IMDBRating"]; $Description = $row["Description"]; $Genree = $row["Genree"]; $Genree = explode(",", $Genree); $Poster = $row["Poster"]; $TrailerLink = $row["TrailerLink"]; $MoreInfo = $row["MoreInfo"]; $Prequel = $row["Prequel"]; $Sequel = $row["Sequel"]; } elseif (!isset($_GET['mid'])) { $genre_string=""; //$genre_string1=""; if(empty($_REQUEST['genreString1'])){ if(!empty($_REQUEST['genre'])){ $genre=$_REQUEST['genre']; $total_genre=count($genre); $genre_string1=""; for($i=0; $i<$total_genre;$i++){ $genre_string .= "Genree LIKE '%" . $genre[$i] . '%' . "'". " AND "; $genre_string1 .= $genre[$i] . " OR "; } $genre_string = substr($genre_string, 0, -4); $genre_string1 = substr($genre_string1, 0, -4); $genre_string = "WHERE" . "(" . $genre_string . ")"; } if( !empty($_REQUEST['YearFrom']) ){ $YearFrom = $_REQUEST['YearFrom']; $YearTo = $_REQUEST['YearTo']; if(!empty($_REQUEST['genre'])) $genre_string .= " AND "; else $genre_string .= "Where "; $genre_string .= "(YearFrom BETWEEN $YearFrom AND $YearTo)"; } }elseif(!empty($_REQUEST['genreString1'])){ $genre_string1 = $_REQUEST['genreString1']; $pieces = explode(" OR ", $genre_string1); for($ii=0; $ii<count($pieces);$ii++){ $genre_string .= "Genree LIKE '%" . trim($pieces[$ii]) . '%' . "'" . " AND "; $genre[]=trim($pieces[$ii]); } $genre_string = substr($genre_string, 0, -4); if( !is_numeric(trim($pieces[0]))) $genre_string = ""; else $genre_string = "WHERE" . "(" . $genre_string . ")"; if( !empty($_REQUEST['YearFrom']) ){echo "111"; $YearFrom = $_REQUEST['YearFrom']; $YearTo = $_REQUEST['YearTo']; if( is_numeric(trim($pieces[0]))) $genre_string .= " AND (YearFrom BETWEEN $YearFrom AND $YearTo)"; if( !is_numeric(trim($pieces[0]))) $genre_string = " Where (YearFrom BETWEEN $YearFrom AND $YearTo)"; } } if (!empty($genre_string)) { $_SESSION['genre_string'] = $genre_string; $YearFrom = $_REQUEST['YearFrom']; $YearTo = $_REQUEST['YearTo']; $_SESSION['YearFrom'] = $YearFrom; $_SESSION['YearTo'] = $YearTo; } else { $genre_string = $_SESSION['genre_string']; } $result = mysql_query("SELECT * FROM movie $genre_string ORDER BY RAND() LIMIT 0,1"); $row = mysql_fetch_array($result); $MID = $row["MID"]; header( "Location: movies.php?mid=" . $MID ) ; } ?>

Yes by using $id=(int)$_GET['id']; it worked much better thank you!

Thank you so much, this actually worked! So simple! Thank you!

I have a website that uses PHP to display content. That content is ofcourse taken from a database in MySQL, and only 1 row at a time is displayed on the page. The row of content that is displayed is randomly selected every time the page loads. So the page change (almost) everytime you reload it. Here is the problem. Even if the content on the page change, the URL does not. So there is no way to display a specific row. For example: I load the page www.website.com/row.php and a random row with ID 1 is displayed. Then I reload the page and a new row with the ID 2 is displayed, but the URL is still the same. What I need is so that, when it selects a random row, the ID of that row is added to the URL as a query. Like this: Row 1 = www.website.com/row.php?id=1 Row 2 = www.website.com/row.php?id=2 That way, if you only go to www.website.com/row.php. The page reloads and a random row is displayed with the ID of that row added to the URL. And if you go to www.website.com/row.php?id=1 directly, no random row is selected, only the row that matches the ID of the URL. I hope you understand and can help me, I really don't know how to explain it better. Here is the code I use right now to select a random row from the database and also to calculate a few inputs the user can make on the previous page on the site. <?php require("Includes/connection.php"); $connection = @mysql_connect($ControlHost, $ControlUser, $ControlPass) or die("Couldn't connect to server"); $db = @mysql_select_db("$ControlDb", $connection) or die("Couldn't select database"); $genre_string=""; //$genre_string1=""; if(empty($_REQUEST['genreString1'])){ if(!empty($_REQUEST['genre'])){ $genre=$_REQUEST['genre']; $total_genre=count($genre); $genre_string1=""; for($i=0; $i<$total_genre;$i++){ $genre_string .= "Genree LIKE '%" . $genre[$i] . '%' . "'". " AND "; $genre_string1 .= $genre[$i] . " OR "; } $genre_string = substr($genre_string, 0, -4); $genre_string1 = substr($genre_string1, 0, -4); $genre_string = "WHERE" . "(" . $genre_string . ")"; } if( !empty($_REQUEST['YearFrom']) ){ $YearFrom = $_REQUEST['YearFrom']; $YearTo = $_REQUEST['YearTo']; if(!empty($_REQUEST['genre'])) $genre_string .= " AND "; else $genre_string .= "Where "; $genre_string .= "(YearFrom BETWEEN $YearFrom AND $YearTo)"; } }elseif(!empty($_REQUEST['genreString1'])){ $genre_string1 = $_REQUEST['genreString1']; $pieces = explode(" OR ", $genre_string1); for($ii=0; $ii<count($pieces);$ii++){ $genre_string .= "Genree LIKE '%" . trim($pieces[$ii]) . '%' . "'" . " AND "; $genre[]=trim($pieces[$ii]); } $genre_string = substr($genre_string, 0, -4); if( !is_numeric(trim($pieces[0]))) $genre_string = ""; else $genre_string = "WHERE" . "(" . $genre_string . ")"; if( !empty($_REQUEST['YearFrom']) ){echo "111"; $YearFrom = $_REQUEST['YearFrom']; $YearTo = $_REQUEST['YearTo']; if( is_numeric(trim($pieces[0]))) $genre_string .= " AND (YearFrom BETWEEN $YearFrom AND $YearTo)"; if( !is_numeric(trim($pieces[0]))) $genre_string = " Where (YearFrom BETWEEN $YearFrom AND $YearTo)"; } } //echo $genre_string; //echo "SELECT * FROM movie $genre_string ORDER BY RAND() LIMIT 0,1<br />"; $result = mysql_query("SELECT * FROM movie $genre_string ORDER BY RAND() LIMIT 0,1"); //echo $er=mysql_num_rows($result);exit; $row = mysql_fetch_array($result); $MID = $row["MID"]; $Title = $row["Title"]; $YearFrom = $row["YearFrom"]; $RMTRating = $row["RMTRating"]; $IMDBRating = $row["IMDBRating"]; $Description = $row["Description"]; $Genree = $row["Genree"]; $Genree = explode(",", $Genree); $Poster = $row["Poster"]; $TrailerLink = $row["TrailerLink"]; $MoreInfo = $row["MoreInfo"]; $Prequel = $row["Prequel"]; $Sequel = $row["Sequel"]; ?> Then you I imagine it would be something like this to make each URL/row unique: $currentdomain = "http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; if ($currentdomain == "http://www.website.com/row.php") { header( "Location: row.php?id=" . $MID ) ; }

The MID is just a short I used in the MySQL database instead of MovieID. So I tought that would be a way to keep track of each movie, or by using the title of the movie in the end like this: http://www.randommovietitle.com/movies.php?title=titanic or http://www.randommovietitle.com/movies.php?mid=123456

What I mean is like on the forum. When you post a new thread it get it's own URL like this: http://www.phpfreaks.com/forums/index.php?topic=335006.0 See, it adds a few lines to the URL so you can go to this page directly! I checked the code but it can't be a $_POST or $_GET problem as I'm not doing anything to make the URL specific for the page.

Hi, I have a problem with pagination. This is my site: http://www.randommovietitle.com/ When you click random you get to a new page (called movies.php) wich displays random content taken from a mysql database. When you click Randomize Again, the same thing happends and so on. What I need is so that every page has it's own URL like this somehow: What it looks like now: Content about the movie Titanic is loaded: http://www.randommovietitle.com/movies.php Content about the movie Avatar is loaded: http://www.randommovietitle.com/movies.php What I need it to look like: Content about the movie Titanic is loaded: http://www.randommovietitle.com/movies.php?mid=xxxxxx Content about the movie Avatar is loaded: http://www.randommovietitle.com/movies.php?mid=xxxxxx I know you can do this but just don't know how? Please help?

Ok, what does the forum rules say about that? Can ju post a thread about paying someone for work?

This is what I get if I put the print_r($_POST); inside the genre_string statement: Array ([next_btn] => Random [YearFrom] => ) I do not know if I did this correctly cause I try to understand but honestly I have no idea what I'm doing!