-
Posts
3,145 -
Joined
-
Last visited
-
Days Won
37
Everything posted by cyberRobot
-
Your form uses the GET method. You need to change it to POST...or use $_GET variables in lines like the following: if(isset ($_POST["submit"])) { To use the search input in the query, you need to do something like this prior to the query: $searchq = trim($_GET['search']); ...or if you use the POST method: $searchq = trim($_POST['search']);
-
It looks like you have a form being filled out before the Applicant Data View page is shown. What does the form code look like? Basically, I'm wondering what the search field is named. You just take the corresponding $_POST variable and assign it to $searchq. Of course, you need to assign the value to the variable prior to the query that uses the variable.
-
Sorry, I just noticed a typo. The above should have been "Also note that addslashes() isn't meant for protecting...".
-
Have you tried using JOIN? More information about the different join types can be found here: http://dev.mysql.com/doc/refman/5.0/en/join.html
-
I'm not sure I follow your question, but I noticed the username form field is named "User": <input type = "text" name="User"> And the script that processes the form uses "username": $_POST['username'] = addslashes($_POST['username']); Those names need to match. Also note that addslashes() is meant for protecting your database from SQL injections. You should use mysql_real_escape_string() instead. More information can be found here: http://php.net/manual/en/function.mysql-real-escape-string.php Of course, it should be said that the mysql_* functions have been deprecated. If you haven't done so already, you need to look into PDO or MySQLi. More information can be found here: http://php.net/manual/en/mysqlinfo.api.choosing.php Lastly, you'll want to avoid using the raw value from PHP_SELF for a form's action attribute. It makes your page susceptible to XSS attacks. More information about the attacks and how to change the attribute can be found here: http://seancoates.com/blogs/xss-woes
-
Create Table with TIMESTAMP and MYSQLI Query
cyberRobot replied to MatthewPatten's topic in PHP Coding Help
It looks like TIMESTAMP is formatted as "YYYY-MM-DD HH:MM:SS". More information can be found here: http://dev.mysql.com/doc/refman/4.1/en/datetime.html Also note that MySQL has some built-in functions for adding timestamps. Have you tried using NOW(): http://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html#function_now Note that you can find more time-related functions here: http://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html -
converting strings from foreach into a single array
cyberRobot replied to tarquino's topic in PHP Coding Help
It might help to see the code you have so far. When posting the code, please surround it with tags. -
Hmm...I guess it's a DOCTYPE thing. I mostly use the XHTML DOCTYPE and the empty action attribute validates. Leaving the attribute off altogether, however, doesn't validate.
-
Did you see Ch0cu3r reply? It should fix your code. The following should work (note the semi-colon after the second echo): <?php $myname = 'Noxin'; echo '<p>This is PHP</p>'; echo "<p>My name is $myname</p>"; echo "<p>My name in another notation is still $myname</p>"; ?>
-
While the above code should work, I would recommend using some caution. It's too easy to miss that concatenation character at the end and add a new statement where it shouldn't be. There have been a number of posts to this forum where something like the following doesn't work: <?php $myname = 'Noxin'; echo '<p>This is PHP</p>'. echo '<p>Just adding a new line that needs to go here</p>'; "<p>My name is $myname</p>". '<p>My name in another notation is still '.$myname.'</p>'; ?>
-
Using the raw value from PHP_SELF makes the form susceptible to XSS attacks. More information can be found here: http://seancoates.com/blogs/xss-woes To avoid this and still have the form direct the information back to itself, you can leave the action attribute blank. I tried validating a form with the action attribute blank and it passed. Have you tried validating your form here: http://validator.w3.org/ If you don't want to leave the action attribute blank, you could also use your script's name. For example: <form method="post" action="my-form-script.php">
-
I usually turn to the PHP manual which can be found here: http://php.net/
-
Welcome Noxin! When posting more information about the error, please start a new topic in the PHP Coding Help forum: http://forums.phpfreaks.com/forum/13-php-coding-help/ Note that it's helpful to know the exact error message. It also helps to see some code. Just keep in mind that PHP may say the error is on line 4. In reality, the error may be caused be something on another line; usually before the one reported. Here's to hoping we can help!
-
Have you worked with form variables before? If your form uses the POST method, you can access the form data with $_POST. Otherwise, you can use $_GET. To dynamically change the query based on an ID passed through the form, you could try something like this: <?php //... //GET THE ID FROM THE FORM if(isset($_POST['userID'])) { $id = $_POST['userID']; } else { $id = ''; } //IF PASSED ID IS A NUMBER, RUN QUERY if(ctype_digit((string)$id)) { $sql = "UPDATE users SET password='cotton candy' WHERE id=$id"; if ($conn->query($sql) === TRUE) { echo "Record updated successfully"; } else { echo "Error updating record: " . $conn->error; } //ELSE...INVALID ID } else { echo 'Invalid ID'; } //... ?> Note that the above code assumes that you are using the POST method on your form tag. And the field which passes the user's ID is named "userID".
-
IF % is greater than 50% get fields from txt and DB then send email
cyberRobot replied to sumation's topic in PHP Coding Help
Instead of using a while loop: while ($pool2 == $pool1 and $percent > "50") { Have you tried using an if: if ($pool2 == $pool1 && $percent > 50) { -
They seem to be using something called hovercards: http://designwithpc.com/Plugins/Hovercard Note that there is a jQuery plugin called "Hovercard", but I'm not sure if it is the same thing: http://designwithpc.com/Plugins/Hovercard
-
change a submit button into a text link with a class
cyberRobot replied to toolman's topic in Javascript Help
So are you asking how to submit a form with an HTML anchor tag? If so, perhaps the following will help: http://www.rockycode.com/blog/submitting-form-href-link-using-jquery/ -
The pop-up window is actually done on the client side. You could use something like JavaScript to create the pop-up window. Perhaps you could find something in the following Google search: https://www.google.com/search?q=html%20pop-up%20window
-
Is there anything specific that you are stuck on? Perhaps it may help if you post the code for your current attempt.
-
Just to clarify, you can submit both GET and POST variables through a form. Here is a quick example: <?php if(isset($_POST['submit'])) { print '<pre>' . print_r($_GET, true) . '</pre>'; print '<pre>' . print_r($_POST, true) . '</pre>'; } ?> <form method="post" action="?getVar=howdy"> <label>Post Var: <input type="text" name="postVar"></label> <input type="submit" name="submit"> </form> Sorry if this has nothing to do with the question at hand. I haven't had the time to go through the posts.
-
Perhaps I'm missing something, but the posted code uses MySQL functions. To use MySQLi, you'll need to change functions like mysql_query() to mysqli_query(). Hmm...do you see an error that suggests the chn() function call is missing a parameter? Based on your original post, the chn() function is undefined. Has something changed?
-
It sounds like the chn() function used here is undefined: $mysqli = chn("localhost", "root", "") Is the function defined in some external script? If so, has that script been imported into the script you're working on? If that function isn't defined anywhere, you need to define it or switch to mysql_connect(). More information can be found here: http://php.net/manual/en/function.mysql-connect.php Also, in case you're not aware, the mysql_* functions have been deprecated. At some point you'll need to switch to PDO or MySQLi. More information can be found here: http://php.net/manual/en/mysqlinfo.api.choosing.php
-
How can I populate a USA States select box with an array call?
cyberRobot replied to anthonyJ's topic in PHP Coding Help
Note that you'll need quotes around the value attribute's value. echo "<option value='$state'>$state</option>"; Otherwise, states with spaces in the name (like "New York") won't be passed through the form submission correctly. Side note: that <label> tag isn't really doing anything. To connect it with the corresponding form field, you could move the end </label> tag after the end </select> tag. <?php echo "<label>$label"; echo "<select name='State'>"; foreach($states_list as $state) { echo "<option value='$state'>$state</option>"; } echo "</select>"; echo '</label>'; ?> Note that I removed the "for" attribute from the <label> tag since it's no longer needed. More information about the form label, including an example of how to get the "for" attribute to work, can be found here: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/label -
Getting value's of dropdown from MySql not working
cyberRobot replied to brokenglass's topic in PHP Coding Help
No problem; glad to help For future reference, if you need to surround a column name with quotes because it's a reserved word in MySQL or maybe the column name contains spaces, you use backticks: $sql = "SELECT `limit` from w";