paddy_fields

Web five.

I've made a CMS with a form that allows jobs to be posted to my database. I also want the job to be posted to 'reed.co.uk', a UK job board simultaneously. In their documentation the only way to post 'automatically' ie not via their site is by sending a POST request to their specified URL I want this to happen via the php processing MY form into MY database, and not have the user have to fill out another form (the reed version) with the same data. From a blitz of Google it looks like CURL can be used to automatically send POST data, like in the code below; <?php $ch = curl_init(); $data = array('name' => 'phpnoob', 'address' => 'somewhere'); curl_setopt($ch, CURLOPT_URL, 'http://localhost/url/to/your/php/form.php'); // use the URL that shows up in your <form action="...url..."> tag curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_exec($ch); ?> Is this the right solution for this? I could have the CURL code on the same PHP page that inserts the data into my own database right? Any pointers would be very much appreciated, I've never worked with CURL before., Before I get down to writing it it would be nice to know I'm on the right track! For reference the Reed instructions are here: http://www.reed.co.uk/recruiter/uploadreference

I make a prepared statement in the manner below; $stmt = $db->prepare("SELECT * FROM table WHERE id = ?"); $stmt->bind_param('i',$id); $stmt->execute(); $result = $stmt->fetch_assoc(); $stmt->close(); But I've seen certain scripts initialising the statement first using stmt_init In what scenario would this be necessary/benifitial to do so?

Change <input type="button" value="submit" id="btn"/> to <button type="submit" value="submit" id="btn">Submit</button>

Oh, I know. It's because I haven't defined $message before the first loop. Face... palm.

Haha, right you are. I wasn't expecting it to work for some reason and so when I got a Notice I assumed the email hadn't sent. Do you know why I'd be getting the notice though? It doesn't display when I simply use $message = <<<MESSAGE Notice: Undefined variable: message in /Users/pat/Sites/recruitment/1_DummySite/email-alert-sandbox.php on line 68

Hi, I'm creating an email alert and need the entire list of results to be stored in $message so I can use it in the mail() function As the script loops I'm trying to append each result to $message but I can't work out how to do this using the <<< method (I've forgotten what it's called so I can't google it!) I've tried the $x = $x."new data" method but this clearly doesn't work. Can someone point me in the right direction? //display the job results for that particular alert while($row = $jobResult->fetch_assoc()){ $title = $row['title']; $location = $row['location']; $subject = $row['subject']; //begining of HTML message $message = $message.<<<MESSAGE <h3>$title</h3> <p>$location</p> <p>$subject</p> <hr> MESSAGE; }

Assuming your SQL query is working correctly... EDIT: Just read the part where you said it fails $num_rows = mysql_num_rows($getVisitor); if($num_rows==0){ // there were no matches, so do this } else { // there were matches, so do this }

You should be using a redirect instead of the refresh. change: // refresh page after adding data39. echo '<meta http-equiv="refresh" content="0">'; to: header('location:mypage.php?id='.$news_id); Obviously changing 'mypage.php' to your page name.

Have you actually tried it? Your 'confirmpwd' is also being cleared by the javascript function, so that will always cause the code processing your form to fail the condition. EDIT: Bare in mind that you'll want to add server side validation if you want this to be harder to mess with, javascript validation can be easily bypassed. case 3: //we are submitting a new password (only for encrypted) if ($_POST['user_id'] == '' || $_POST['security_key'] == '') header("location: ../login.php"); if ($_POST['p'] == '') { $error = true; $show = 'recoverForm'; } else { $error = false; $show = 'recoverSuccess'; updateUserPassword($_POST['user_id'],$_POST['p'],$_POST['security_key']); } break

Thanks, that makes a lot of sense.

That 'sitevalor' website link you've posted also has 'quizzes for kids' and 'online alarm clock' amongst it's portfolio. I wouldn't rely on it's accuracy too much when evaluating the value of multi billion dollar websites. As it is based on utter nonsense.

If they own the site, then they own the images. If they're paying you to do a new site for them then why on earth wouldn't they give the material. If for whatever reason they don't want to give you access to their FTP then they could just post you the images on a DVD.

Philip, I just had a quick read about non-compete's .... 'agrees not to enter into or start a similar profession or trade' ... haha, now that would definitely send people running for the hills.

Thank you, I've been reading more about it here http://blog.jpl-consulting.com/2012/04/why-i-wont-sign-your-nda/ - and it does seem to be the wrong way to go about things. I was just curious if any common methods were used, but I suppose it'll come down to trust.

Haha, I don't.. which is what I suggested to the OP.

I explained this in a previous post. The javascript function that is being called appends an element 'p' to the form, and clears the contents of 'password'. The 'p' is a hashed version of 'password', with the process aimed at a security measure of not sending the unhashed password via headers.

Say, for example, I wanted to pay a programmer to cast their eye over my code and let me know of any major security flaws, is there any sort of legal protection I can put in place to prevent them simply stealing my code? I know in a physical sense I can't stop them, but if they were to launch a rival site for example based on my code, where do you stand? Can you get freelancers to sign some sort of 'non-disclosure' agreement so that you have some proof if it went to court?

The password not updating in the database is to do with whatever page that link is sending you to, which is why I suggested a new thread. As for the link not working when copied into the address bar... why would you want to do that? It's just that the link isn't being built properly... it's text anchor is reffering to http://jhbvcstracking/ instead of your local directory. $passwordLink = "<a href=\"?a=recover&email=" . $security_key . "&u=" . urlencode(base64_encode($user_id)) . "\">http://jhbvcstracking/resetpwd.php?a=recover&email=" . $security_key . "&u=" . urlencode(base64_encode($user_id)) . "</a>"; I kmow it's probably not that helpful at this point, but you really should go back and try and learn som eof the basics here. Read up on POST and GET and just general HTML tags. The code you've found and are trying to implement is going to be a massive headache like this constantly if you don't vaguely understand what the logic is behind it

If it is just now a case that your link doesn't work (ie, it doesn't update the users password when clicked) then you should open a new thread as it is a new issue. You'll get more responses.

Add $securityUser = $_POST['user_id'] to Rule 1 as well.

If you add $securityUser = $_POST['user_id']; to rule 3, then yes that will deal with the notice and I would imagine it will display the security question again. So everything works as expected when you enter the answer correctly or incorrectly on the first form submission? It's just on the second attempt that the problems occur? I agree, I think it something to do with $securityUser, but this is what you need to then test! After <div id="page"> put something like <h1>USER ID: <?php echo $securityUser; ?></h1> and the see if it is displayed once you submit the form for a second time. If it doesn't, then you know for sure and can try and work out why. Just as a quick attempt, in your form change <input type="hidden" name="user_id" value="<?= $securityUser; ?>" /> to <input type="hidden" name="user_id" value="<?php echo $securityUser; ?>" /> .

It's not 'forgetting' anything. When you send the form, the data is being sent to the same page so all of the variables are effectively cleared and rely on the POST data you have just sent in your form. Below I've tried to explain what your code is doing and what the notices mean. Two questions; what happens when you enter your security question correctly, and when you answer it incorrectly does a new question appear? //we just submitted the security question for verification if ($_POST['user_id'] != "" && $_POST['security_a'] != "") { $result = checkSecAnswer($_POST['user_id'],$_POST['security_a']); if ($result == true) { //RULE 1 //answer was right $error = false; $show = 'successPage'; $passwordMessage = sendPasswordEmail($_POST['user_id']); $_SESSION['badCount'] = 0; } else { //RULE 2 //answer was wrong $error = true; $show = 'securityForm'; $securityUser = $_POST['user_id']; $_SESSION['badCount']++; } } else { //RULE 3 $error = true; $show = 'securityForm'; } Rule 1: A security question answer was entered, and was correct. So the sendPasswordEmail() function is called. Rule 2. A secrurity question answer was entered, and was wrong. The security form is shown again, and $securityUser is set to $_POST[‘user_id’] Rule 3. No security answer was entered, so $securityUser is not set. Hence the variable notice.

The notices are telling you what the problem is, and there isn't enough code posted here to solve this. My best advice is to take the notices into account and try and solve them one by one - think logically about what you're expecting the code to do. For example, Notice: Undefined variable: securityUser in C:\htdocs\includes\resetpwd.php on line 134, means that $securityuser is empty, so analyse/debug your code and try and find why that variable is not being set.

$total_results = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM rental WHERE $where "),0) ; $total_pages = ceil($total_results/$max_results); if ($total_results > $max_results) { if(!isset($_GET['page'])){ $page = 1; } else { $page2 = $_GET['page']; } $from =(($page * $max_results) - $max_results ); } if($page2>1) { $pages="Page $page2 of $total_pages"; } else { $pages="Page $page of $total_pages"; }