phprocker
-
Posts
91 -
Joined
-
Last visited
Never
Posts posted by phprocker
-
-
I figured it out.
My function call:
displayForm();
was missing the default argument:
displayForm(array());
Cheers.
-
Hey all. I have a function called displayForm in a form validation script. This function accepts a few arguments but these arguments are empty upon initial calling of the function. One of the arguments is and errors array that only gets populated if there were form errors.
So upon running my script initially I get missing argument Warnings.
Can these warnings simply be ignored? Would they cause problems throughout my script if I ignore these warnings? And how can I suppress these warnings if I would like to?
Thanks all for your help.
Cheers.
-
Thanks for the great input guys. All clear now.
Cheers!
-
Hey all. What is the best way to check if a form field has been entered by the user? Because a field left blank by the user still shows up as set with the isset function.
Example:
if (isset($_POST['name'])) { echo "The field is set"; }This is a problem if I'm checking if the user has skipped over the name field on a form because an empty value gets passed to the POST array even if the field is left blank.
Do people use empty or a regular expression instead?
Cheers!
-
Hey all. I was curious what is the best practice when creating a user login system? I've seen them done in the following 2 ways.
First I've seen tutorials on logins where after the post data is verified against the database a username session is created and member pages are accessed if the user session is set.
Second I've seen tutorials on logins where the username session is verified against the database on every single page.
What is the best practice along these lines?
Cheers!
-
It's late and I'm tired so hopefully I did this right. I think this is what you mean.
$title = "This is an example of a sentence in a paragraph"; $title_array = explode(" ", $title); foreach($title_array as $value) { $count = strlen($value); echo "The word has " . $count . " characters.<br />"; } -
I just fixed an error I saw i had...check to make sure you have this...
<?php echo "<img src=\"C:\wamp\www\fermpix\Pics\\" . $row['Name'] . "\">"; ?>
-
This:
<?php echo "<img src=\"C:\wamp\www\fermpix\Pics\'{$row["Name"]}'\">";?>needs to be this:
<?php echo "<img src=\"C:\wamp\www\fermpix\Pics\\" . $row['Name'] . "\">"; ?>
Respond if it doesn't work.
-
@Pikachu200
Doesn't
htmlspecialchars($_POST['PHP_SELF'], ENT_QUOTES)
deal with the XSS vulnerability?
@adm83
I'm not sure what you mean by "create an empty list".
-
Here is what I believe you are looking for.
Please note: The following code is a rough draft and meant as a guide. Not for any production site.
<?php // database variables $host = "localhost"; $user = "user"; $pass = "pass"; //database connection $conn = mysql_connect($host, $user, $pass); mysql_select_db("database", $conn); // create form to get number of fields if (!isset($_POST['submit']) && !isset($_POST['formfields'])) { $form = '<h2>Choose Number Of Items</h2><form method="post" action="' . $_SERVER['PHP_SELF'] . '"> <select style="width:225px" name="formfields"> <option value=1>1</option> <option value=2>2</option> <option value=3>3</option> <option value=4>4</option> <option value=5>5</option> <option value=6>6</option> <option value=7>7</option> <option value=8>8</option> <option value=9>9</option> <option value=10>10</option> </select><br /><br /> <input type="submit" name="submit" value="Submit" /> </form>'; } // generate inputs if user chose number of items if (isset($_POST['submit']) && $_POST['formfields'] != '') { $items = $_POST['formfields']; $form = "<h2>Enter Your Items</h2> <form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">"; for($in=1;$in<=$items;$in++){ if ($in >= 11){ break; } $form .= "<p>Item</p>" . $in . ": <input style=\"width:200px\" type=\"text\" name=\"formvalue[]\" /><br /><br />"; } $form .= "<input type=\"hidden\" name=\"formfields\" value=\"" . $_POST['formfields'] . "\" /> <input type=\"submit\" name=\"submit\" value=\"Submit\" /></form>"; } //check form items submitted if (isset($_POST['submit']) && isset($_POST['formvalue'])) { //check missing user input foreach($_POST['formvalue'] as $value) { if(!isset($value) || $value == "") { $emptyvalue = TRUE; } } if ($emptyvalue) { //view if missing user input echo $form; exit(); } } else { //view if no submit echo $form; exit(); } //step through post array and make safe for sql foreach($_POST['formvalue'] as $value) { $sqlsafe[] = '("' . mysql_real_escape_string($value) . '")'; } // build query $query = "INSERT INTO tbl_clients (Calias) VALUES " . implode(",", $sqlsafe); // insert to database or error if(!mysql_query($query,$conn)) { die('Error: ' . mysql_error()); } // debugging echo $query; ?>Please note: Depending on how many items you are allowing users to choose, in the for loop "$in >= 11" must be adjusted. The current value is for 10 items.
-
Let me rephrase my above post to suit your needs.
This line:
$query = "INSERT INTO tbl_clients (Calias) VALUES " . implode(",", $sqlsafe);outputs this:
INSERT INTO tbl_clients (Calias) VALUES ("value1_from_field_1"),("value2_from_field_2"),("value3_from_field_3"),etc,etc,etc.... to how ever many items your user needs.
-
** see post below for correction **
-
Are you referring to something like this?
Notice the form input names. You can have a page that generates fields with a drop down list of numbers.
<?php // database variables $host = "localhost"; $user = "user"; $pass = "pass"; //database connection $conn = mysql_connect($host, $user, $pass); mysql_select_db("database", $conn); //check form submitted if (isset($_POST['submit'])) { //check missing user input foreach($_POST['formvalue'] as $value) { if(!isset($value) || $value == "") { $emptyvalue = TRUE; } } if ($emptyvalue) { //view if missing user input $form = "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\"> Value: <input type=\"text\" name=\"formvalue[]\" /><br /> Value: <input type=\"text\" name=\"formvalue[]\" /><br /> Value: <input type=\"text\" name=\"formvalue[]\" /><br /> <input type=\"submit\" name=\"submit\" value=\"Submit\" /> </form>"; echo $form; exit(); } } else { //view if no submit $form = "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\"> Value: <input type=\"text\" name=\"formvalue[]\" /><br /> Value: <input type=\"text\" name=\"formvalue[]\" /><br /> Value: <input type=\"text\" name=\"formvalue[]\" /><br /> <input type=\"submit\" name=\"submit\" value=\"Submit\" /> </form>"; echo $form; exit(); } //step through post array and make safe for sql foreach($_POST['formvalue'] as $value) { $sqlsafe[] = '("' . mysql_real_escape_string($value) . '")'; } // build query $query = "INSERT INTO userinput (formvalue) VALUES " . implode(",", $sqlsafe); // insert to database or error if(!mysql_query($query,$conn)) { die('Error: ' . mysql_error()); } // debugging echo $query; ?>Then your form generation page could be something like:
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <select style="width:225px" name="formfields"> <option value=1>1</option> <option value=2>2</option> <option value=3>3</option> <option value=4>4</option> <option value=5>5</option> </select><br /><br /> <input type="submit" value="Submit" /> </form>
You will have to link the 2 pages together with the appropriate coding if this is what you're trying to achieve.
-
That works to check if the array is there, but I'm talking about individual array values. My code works I just wanted an experts opinion on the method I used and if there is a better way to achieve it.
-
Hey all. I have a form with inputs "menuitem[]" array. Upon no user input to one of these fields I want to set a variable error and include the form generation page.
Is my following code a feasible way to do this?
foreach($_POST['menuitem'] as $value) { if(!isset($value) || $value == "") { $emptyvalue = TRUE; } } if ($emptyvalue) { $erroralert = "You must fill in all the form fields! Please try again!"; include "views/addmenus.php"; exit(); }If works but just a bit unsure about it.
Cheers!
-
UHHGG, I hate it when I do that!
Thanks a bunch.
-
Hey all. I have a page that dynamically creates form input fields called "menuitem[]".
So on the page that checks the values I need to check if any of those fields were not filed in. My syntax is wrong any help would be great.
test.php
foreach($_POST['menuitem'] as $key => $value) { if(!isset($value) || $value = "") { echo "Please fill in all values. You left key " . $key . "empty."; } }Nothing gets echoed when I leave the fields empty so I'm doing something wrong here.
-
Hey all. I have a question or two about securing pages that use $_GET method. $_POST I have a good grasp on but $_GET has some different issues.
If I have a switch that calls on the url to display a proper page, do I need to sanitize that variable before passing it to the switch?
Example:
URL = www.example.com/index.php?page=calendar
// see comments
$url = $_GET['page']; // Is this $url variable safe in my script or is there needed sanitation? switch ($url) { case "calendar": include "views/calendar.php"; break; default: include "views/main.php"; }I was reading about XSS and I had some questions. Can someone just pass a function to the url like mail() and start sending mail from my web page in the above example or steal cookies or anything else? I'm referring to my example above.
Is there any good reading around on the topic of $_GET and security?
Cheers all!
-
Worked. Thanks much again.
-
Anyone help with a solution to get rid of that about 10px space between the header and menu bar in the above post?
Cheers!
-
Thanks again for the reply Haku. That did not work unfortunately.
Here is the entire code I'm using on one page.
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>Testing</title> <style> #header { margin-left:auto; margin-right:auto; width:998px; height:125px; border:1px solid #006400; background-image:url('imgs/h_lime.gif'); background-repeat:repeat-x; } /* begin menu formatting */ a.menu:link,a.menu:visited { margin-top:0px; float:left; margin-right:2px; font-weight:bold; font-size:0.875em; color:#F5F5DC; border:1px solid #006400; background-color:#008000; text-align:center; padding:2px; text-decoration:none; } a.menu:hover,a.menu:active { background-color:#91C991; } /* end menu formatting */ div.topmenu { background-color:#008000; margin-left:auto; margin-right:auto; width:1000px; margin-top:0px; } p.date { color:#F5F5DC; padding:3px 10px 3px; text-align:right; font-size:0.875em; font-weight:bold; } /* end display blocks */ </style> </head> <body> <div id="header"></div> <div class="topmenu"> <a class="menu" href="home.php">HOME</a> <a class="menu" href="contact.php">CONTACT US</a> <a class="menu" href="about.php">ABOUT US</a> <a class="menu" href="blog.php">BLOG</a> <a class="menu" href="photos.php">PHOTO GALLERY</a> <p class="date">November 8, 2010</p> </div> </body> </html>You can see there is roughly 15-20px of white space between the header and the menu when using "float:left;" for the menu. You will see that if you remove the "float:left;" from the a.menu.link removes the white space but it messes up the date alignment.
I can't figure it out.
-
OK this worked fine but when I add the float:left the entire top menu gets pushed down about 5px. What's the remedy for this?
-
Worked, thank you.
-
Hey all. I can't seem to figure out how to horizontally align my top menu and the date. The date always starts on a new line. I want it aligned horizontally with the top menu and I want it aligned to the right.
Here's what I have.
a.menu:link,a.menu:visited { display:inline; font-weight:bold; font-size:0.875em; color:#F5F5DC; border:1px solid #006400; background-color:#008000; text-align:center; padding:2px; text-decoration:none; } #topmenu { background-color:#008000; margin-left:auto; margin-right:auto; width:1000px; margin-top:5px; height:21px; } <div id="topmenu"> <a class="menu" href="index.php">HOME</a> <a class="menu" href="indexte.php">CONTACT US</a> <a class="menu" href="indextk.php">ABOUT US</a> <a class="menu" href="indexh.php">BLOG</a> <a class="menu" href="indext.php">PHOTO GALLERY</a> <p>Monday, November 08, 2010</p> </div>The date is always on a new line and not aligned to the right.
I want it too look like this:
HOME CONTACT US ABOUT US BLOG PHOTO GALLERY Monday, November 08, 2010
my own mvc framework
in PHP Coding Help
Posted
This http://anantgarg.com/2009/03/13/write-your-own-php-mvc-framework-part-1/ is a good read on the topic.