[Is my form script secure]

Thank you Requinix. Your help and advice is much appreciated mate!

[Is my form script secure]

Hi, can someone let me know if this script looks secure. I have tried to take as many security measures as possible (within my coding ability):

    <?php
    
    // define variables and set to empty values
    $nameErr = $telephoneErr = $emailErr = $detailsErr = $msgStatus = "";
    $name = $telephone = $email = $details = "";

    // if the button has been pressed
    if ($_SERVER["REQUEST_METHOD"] == "POST") {
      
      if (empty($_POST["name"])) {
        $nameErr = "Name is required";
      } else {
        $name = test_input($_POST["name"]);
        // check if name only contains letters and whitespace
        if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
          $nameErr = "Only letters and white space allowed"; 
        }
      }
      
      if (empty($_POST["telephone"])) {
        $telephoneErr = "Telephone is required";
      } else {
        $telephone = test_input($_POST["telephone"]);
      }
      
      if (empty($_POST["email"])) {
        $emailErr = "Email is required";
      } else {
        $email = test_input($_POST["email"]);
        // check if e-mail address is well-formed
        if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
          $emailErr = "Invalid email format"; 
        }
      }
      
      if (empty($_POST["details"])) {
        $detailsErr = "Details is required";
      } else {
        $details = test_input($_POST["details"]);  
      }
      
      //there are no errors so we are ok to print the submitted post
      $to = "mymainemail.com";
      $subject = "You have a new message from your website";

      $message = "$name <br> $telephone <br> $email <br> $details";
        
      // Always set content-type when sending HTML email
      $headers = "MIME-Version: 1.0" . "\r\n";
      $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";

      // More headers
      $headers .= 'From: <webmaster@myemail.co.uk>' . "\r\n";

      if (!empty($nameErr) && !empty($telephoneErr) && !empty($emailErr) && !empty($detailsErr)) {
        $msgStatus = "Failed to send";
      } else {
        mail($to,$subject,$message,$headers);
        $msgStatus = "<span style='color: green;'>Successful</span>";
      }
      
    }
    
    function test_input($data) {
      $data = trim($data);
      $data = stripslashes($data);
      $data = htmlspecialchars($data);
      return $data;
    }
    
    ?>

<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
              <span class="title">24 hour free callback request</span>
              <div class="form-group">
                <label for="name">Name *</label>
                <input type="text" class="form-control" name="name">
                <span class="error"><?php echo $nameErr; ?></span>
              </div>
              <div class="form-group">
                <label for="telephone">Telephone</label>
                <input type="text" class="form-control" name="telephone">
                <span class="error"><?php echo $telephoneErr; ?></span>
              </div>
              <div class="form-group">
                <label for="email">Email *</label>
                <input type="email" class="form-control" name="email">
                <span class="error"><?php echo $emailErr; ?></span>
              </div>
              <div class="form-group">
                <label>Looking For:</label>
                <div class="checkbox">
                  <label><input type="checkbox" value="Insect Control" name="service">Insect Control</label>
                </div>
                <div class="checkbox">
                  <label><input type="checkbox" value="Rodents & Vermin" name="">Rodents & Vermin</label>
                </div>
                <div class="checkbox disabled">
                  <label><input type="checkbox" value="General Enquiry" name="">General Enquiry</label>
                </div>
              </div>
              <div class="form-group">
                <label for="details">Further Details: *</label>
                <textarea class="form-control" rows="5" name="details"></textarea>
                <span class="error"><?php echo $detailsErr; ?></span>
              </div>
              <div class="form-group">
                <button type="submit" class="btn btn-cta">Contact Us</button><br>
                <span class="error"><?php echo $msgStatus; ?></span>
              </div>
            </form>

[Ahhh! How to assign active class to menu item]

I have my menu in an include file called menu.php and I want to assign a class called 'active' to the <li> to the page that I am on. How can I do this in PHP?

<!-- navigation -->
<nav class="navbar navbar-default" role="navigation">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
</div>
<div class="collapse navbar-collapse" id="collapse">
<ul class="nav navbar-nav navbar-right">
<li><a href="index.php">Home</a></li>
<li><a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Insect Control <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="insect-control.php">Insect Control</a></li>
<li><a href="ant-cockroach-control.php">Ant & Cockroach Control</a></li>
<li><a href="bed-bug-treatment.php">Bed Bug Treatments</a></li>
<li><a href="fly-control.php">Fly Control</a></li>
<li><a href="wasp-hornets-bee-control.php">Wasp, Hornet & Bee Control</a></li>
</ul>
</li>
<li><a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Rodent & Vermin <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="rodent-vermin.php">Rodent & Vermin</a></li>
<li><a href="rats-mice-infestation.php">Rats & Mice Infestation</a></li>
<li><a href="squirrel-control.php">Squirrel Control</a></li>
</ul>
<li><a href="#">Contact</a></li>
</ul>
</div>
</nav>
<!-- end navigation -->

[Featured image not showing on home.php]

Hi,

 

I have checked the source code and I can see the below. The URL seems empty as does the banner-box div which should pull in the data from the metabox.

<div class="jumbotron" style="background-image: url('');">
        <div class="banner-box"><h1></h1></div>
      </div>

[Featured image not showing on home.php]

I cant work this one out for the life of me. The following code works great on my page.php, but cant get the same result on home.php

 

<!-- Main component for a primary marketing message or call to action -->


      <?php $feat_image = wp_get_attachment_url( get_post_thumbnail_id($post->ID) ); ?>


      <div class="jumbotron" style="background-image: url('<?php echo $feat_image; ?>');">

        <div class="banner-box"><h1><?php $meta_value = get_post_meta( get_the_ID(), 'meta-text', true ); echo $meta_value; ?></h1></div>

      </div>

 

 

Anyone?

[Fatal Error urgent help!]

Hi I have appears to be an issue with the plugin

[Fatal Error urgent help!]

Hi,

 

Does anyone know how I can fix this?

 

Fatal error: Call to undefined function pmpro_https_filter() in /home/wholondo/public_html/wp-content/plugins/pmpro-register-helper-master/pmpro-register-helper.php on line 177

 

www.wholondon.co.uk

 

 

Happened after updating my pmpro plugin

[Dropdown with PHP help]

wezhind, many many thanks i really appreciate all your help

[Dropdown with PHP help]

Thanks, all this information is a little to advanced for me I guess. This code was a plugin I found online for Joomla.

 

My test site is local

[Dropdown with PHP help]

Any help from anyone would be much appreciated

[Dropdown with PHP help]

O sh#t I am really at a loss now. I dont need the page to refresh as once the option is selected it directs to another page. http://www.synergyhealthclinic.co.uk/dayview?dateparam=20150109

 

Any more help would be AMAZZZZZ

[Dropdown with PHP help]

Hi maxxd, thanks for the advise. I have gone away and managed to get the times appearing as the options value, however I have lost the hyperlink to book that particular time. Where have I gone wrong?

<form>
	<select>
		
		<?php while ($this->day_dt_start <= $this->dt_last_slot) :?>
		<?php $slot_end = date_create($this->day_dt_start->format(DATE_ATOM),new DateTimezone(PBBOOKING_TIMEZONE));?>
		<?php $slot_end->modify('+ '.$this->config->time_increment.' minutes');?>
		
			<option value="<?php echo Jhtml::_('date',$this->day_dt_start->format(DATE_ATOM),JText::_('COM_PBBOOKING_SUCCESS_TIME_FORMAT'));?>"><?php echo Jhtml::_('date',$this->day_dt_start->format(DATE_ATOM),JText::_('COM_PBBOOKING_SUCCESS_TIME_FORMAT'));?></option>
			
			<?php foreach ($this->cals as $cal) :?>
				
				<button class="pbbooking-<?php echo (!$cal->is_free_from_to($this->day_dt_start,$slot_end)) ? 'free' : 'busy';?>-cell">
					<?php if ($this->day_dt_start>date_create("now",new DateTimeZone(PBBOOKING_TIMEZONE)) && !$cal->is_free_from_to($this->day_dt_start,$slot_end)) :?>
						<a href="<?php echo JRoute::_('index.php?option=com_pbbooking&task=create&dtstart='.$this->day_dt_start->format('YmdHi').'&cal_id='.$cal->cal_id);?>">
							<?php echo (!$cal->is_free_from_to($this->day_dt_start,$slot_end)) ? JText::_('COM_PBBOOKING_FREE') : JText::_('COM_PBBOOKING_BUSY');?>
						</a>
					<?php else :?>
						<?php echo JText::_('COM_PBBOOKING_BUSY');?>
					<?php endif;?>
				</button>
				
			<?php endforeach;?>
		<?php $this->day_dt_start->modify('+ '.$this->config->time_increment.' minutes');?>
	<?php endwhile;?>
		
	</select>
	
</form>

[Dropdown with PHP help]

Hi all. I kinda need some from a more advanced PHP expert. I have a table that displays time slots that are available to be booked. As you can see I have a table with two columns, The 1st column displays the times and the 2nd column has a link that says 'Available'. I want to be able to put all this in a select dropdown box to save space, but how can I do this?

<?php 
	
	$doc = JFactory::getDocument();
	$doc->addStyleSheet(JURI::root(false)."components/com_pbbooking/user_view.css");
?>

<style>
table#pbbooking td, table#pbbooking th {padding: 0em;}
</style>


<h1><?php echo JText::_('COM_PBBOOKING_DAY_VIEW_HEADING').' '.Jhtml::_('date',$this->dateparam->format(DATE_ATOM),JText::_('COM_PBBOOKING_DAY_VIEW_DATE_FORMAT'));?></h1>
<table id="pbbooking">
<!-- Draw header row showing calendars across the top....-->
	<tr>
		<th></th> <!-- first column left blank to display time slots -->
		<?php foreach ($this->cals as $cal) :?>
			<th><?php echo $cal->name;?></th>
		<?php endforeach;?>
	</tr>


	<!-- draw table data rows -->

	<?php while ($this->day_dt_start <= $this->dt_last_slot) :?>
		<?php $slot_end = date_create($this->day_dt_start->format(DATE_ATOM),new DateTimezone(PBBOOKING_TIMEZONE));?>
		<?php $slot_end->modify('+ '.$this->config->time_increment.' minutes');?>
		<tr>
			<th><?php echo Jhtml::_('date',$this->day_dt_start->format(DATE_ATOM),JText::_('COM_PBBOOKING_SUCCESS_TIME_FORMAT'));?></th>
			<?php foreach ($this->cals as $cal) :?>
				<td class="pbbooking-<?php echo (!$cal->is_free_from_to($this->day_dt_start,$slot_end)) ? 'free' : 'busy';?>-cell">
					<?php if ($this->day_dt_start>date_create("now",new DateTimeZone(PBBOOKING_TIMEZONE)) && !$cal->is_free_from_to($this->day_dt_start,$slot_end)) :?>
						<a href="<?php echo JRoute::_('index.php?option=com_pbbooking&task=create&dtstart='.$this->day_dt_start->format('YmdHi').'&cal_id='.$cal->cal_id);?>">
							<?php echo (!$cal->is_free_from_to($this->day_dt_start,$slot_end)) ? JText::_('COM_PBBOOKING_FREE') : JText::_('COM_PBBOOKING_BUSY');?>
						</a>
					<?php else :?>
						<?php echo JText::_('COM_PBBOOKING_BUSY');?>
					<?php endif;?>
				</td>
			<?php endforeach;?>
		</tr>
		<?php $this->day_dt_start->modify('+ '.$this->config->time_increment.' minutes');?>
	<?php endwhile;?>

	<!-- end draw table data rows-->

</table>

[Website critique]

Hi,

 

I have a built a website and I want to get some feedback from the members at this forum. I can't seem to post this topic in the Website Critique forum.

 

Thanks

 

Moved by Ch0cu3r