msaz87

Is there any cURL-like function in javascript or only HTML that can post data to an external URL? I've used cURL to achieve this with PHP, but now I'm dealing with a form that's submitted and I want to be able to post some of the submitted fields to an external URL.

Your example works great, but is there any way to transfer the value associated in the array and not the label? The label displays in the text <input> and I'd like the corresponding value to go in the hidden <input>. Thanks for the help!

So in the jQuery there's actually two values, there's the "label" (jQuery, jQuery UI, Sizzle JS) and then the "value" (1, 2, 3). When the user selects what they want in the text <input> it displays the label, but I want the script to duplicate that entry in the hidden <input> but use the corresponding value. So if they chose "jQuery, Sizzle JS" in the text <input> then the hidden <input> would show "1, 3". Does that make sense? There's another example on the UI site that can display the different content, but I can't figure out how to merge that example with the one I'm currently working with, which allows for multiple entries: http://jqueryui.com/demos/autocomplete/#custom-data (this example only lets you input one response at a time).

I'm trying to modify an out-of-the-box jQuery UI autocomplete script, but I really don't know what I'm doing with javascript. The script works great as far as displaying what I want in the input where the autocomplete comes into play, but I want it to also insert each tag's hidden value into a hidden field. Here's the script (and link to UI page): <script> $(function() { var availableTags = [ { value: "1", label: "jQuery" }, { value: "2", label: "jQuery UI" }, { value: "3", label: "Sizzle JS" } ]; function split( val ) { return val.split( /,\s*/ ); } function extractLast( term ) { return split( term ).pop(); } $( "#tags" ) // don't navigate away from the field on tab when selecting an item .bind( "keydown", function( event ) { if ( event.keyCode === $.ui.keyCode.TAB && $( this ).data( "autocomplete" ).menu.active ) { event.preventDefault(); } }) .autocomplete({ minLength: 0, source: function( request, response ) { // delegate back to autocomplete, but extract the last term response( $.ui.autocomplete.filter( availableTags, extractLast( request.term ) ) ); }, focus: function() { // prevent value inserted on focus return false; }, select: function( event, ui ) { var terms = split( this.value ); // remove the current input terms.pop(); // add the selected item terms.push( ui.item.label ); // add placeholder to get the comma-and-space at the end terms.push( "" ); this.value = terms.join( ", " ); return false; } }); }); </script> The rest of the relevant code: <table class="formTable"> <th>Page(s) to add to:</th><td><input id="tags" name="pages" size="60" /> <input type="submit" value="submit" class="button" /></td> </table> <input type="hidden" name="pageIds" id="pageIds" /> So all I'm looking for it to do is to also insert the selected tags into the "pageIds" input, but use the value and not label as it's doing with the "tags" field. Any help is appreciated -- thanks!

I tried adding a reset, but it doesn't look like it affected the appearance in IE7 whatsoever

Hey All, I'm putting together a form and have run into an issue with the CSS as it degrade with IE7. The inputs/selects and labels don't line up. See the examples below for what I mean: IE7: All other browsers (except IE6): I can't figure out what in the CSS is causing the disruption... here's the relevant CSS: form.form { color:#515151 !important; font-size:12px !important; font-weight: normal; } form.form input.text { width: 145px; border: 1px solid #dfdede; margin: 0 0 6px 0; float: right; } form.form select { width: 145px; border: 1px solid #dfdede; margin: 0 0 6px 0; float: right; } form.form label { width: 100px; margin: 0 0 6px 0; padding: 0 16px 0 0; } Any help is greatly appreciated -- thanks!

Thanks -- I think that sounds reasonable. My main concern was to make sure I didn't miss anything before I got too far into the project and give myself the easiest way to add more protection down the road.

Well the point of those functions is to then stack all the sanitation methods within them so I'm not going back and changing anything outside of the functions. But I also was trying to gauge how much was going to be packed into each function and what considerations to include in it (since not every piece of data will have to sanitize the same way)

So my hope was to basically set up two functions, lets call them dataInSanitize() and dataOutSanitize(), and run those on every input/output from my database by the user. Would you say that for the In it's enough to just use something like mysql_real_escape_string() and for the out something like htmlspecialchars()?

I'm going to be sanitizing various user inputs that will later be displayed and or manipulated against each other and displayed. Some of it will be used to query, so I want to make sure it's safe also. I guess from your perspective I should only sanitize the data coming in that will be used in a query and then sanitize the rest when it's coming out?

I'm looking to build a library of data sanitation functions for going into a MySQL database and was looking to see if anyone had suggestions on where to start or if there were any prepackaged functions out there. I've done some searching and I know you need a multitude of functions depending on the kind of data you're sanitizing and what you're doing with it, but I didn't have a lot of luck finding a good starting point. Any suggestions appreciated -- thanks.

Your code is outputting a value before it reaches the header, which causes it to fail. Identify what it's spitting out beforehand.

Thanks! The answers definitely clear up my confusion.

I'm incorporating a dynamic salt into my user system, but I'm not sure how to store the salt itself. The password is hashed and added to the database, but wouldn't you need to store the salt as plain text in the database in order to verify the login later? Also, I've read that using both a dynamic and static salt is good practice. If this is the case, is the static salt simply defined within the PHP? Or is there another method to storing it? Thanks for the help

array_merge for combining the two. What are you trying to do for the output?