DeanWhitehouse

http://uk3.php.net/manual/en/function.strip-tags.php Read it then you will understand you can do it with strip_tags(); by using the second argument.

I think you can do this on php, although you may be able to run a program to do this, using php to do so. But first off all what will the message be.

I would say it would be better to save it even if it was unsuccessful, this way you can find out what people have failed to send and if need be recover it. <?php $mail=mail($recipient, $subject, $mail_body, $header); if($mail) { $success = 1;//means successful } else { $success = 0;//means un-successful } mysql_query("INSET INTO table (row,success) VALUES ('value','$success')"); ?>

where the code sends the mail make it save the details to a database or flat file storage system. The database could be set up like: sender would not be needed if it is always sent by one person, and recipient can be changed to a number if you have a members table with unique id's.

Yeah, i don't think i will need to worry about the other words with spaces etc. If i decide to i will need to write a regex i think.

Ah, yep , i always see it when i am looking at string functions but never use it. Will that sort out the problem of F*cK?

I have made this bad word filter, and i want it to be able to find the bad word whether it is in lowercase (e.g. f*ck), uppercase (e.g. F*CK) or a mixture (e.g. F*cK) I want to do this without changing the comment (it's a comment system) to lowercase or uppercase. This is how i tried it <?php $bad = array('removed for younger/more sensitive readers. In summary it contained a list of banned words, with variations. Some in mixed cases'); if(isset($_POST['Go!'])) { $name = make_safe($_POST['name']); $message = make_safe($_POST['msg']); foreach($bad as $low) { $bader[] = strtolower($low); } foreach($bad as $high) { $worse[] = strtoupper($high); } foreach($bad as $first) { $omg[] = ucfirst($first); } $name = str_replace($bader,"*****",$name); $name = str_replace($worse,"*****",$name); $name = str_replace($omg,"*****",$name); $name = str_replace($bad,"*****",$name); $message = str_replace($bad,"*****",$message); $message = str_replace($bader,"*****",$message); $message = str_replace($worse,"*****",$message); $message = str_replace($omg,"*****",$message); echo $name."<br>".$message; } ?> <form action="" method="post"> Name <input type="text" name="name" id="nme" maxlength="20" size="15" value="<?php if(isset($_POST['nme'])){echo $_POST['nme'];}?>" ><br> Message <p><textarea rows="5" cols="53" name="msg" id="txt"><?php if(isset($_POST['msg'])){echo $_POST['msg'];}?></textarea></p> <p class="links"><input type="submit" value="Submit" name="Go!" id="x" > <input type="reset" value="Reset" name="reset" id="x"></p> </form> Now as you can tell this is not the most efficient way of doing it, what would you advise? EDIT: This is only a small part of the code.

Ahh, thank you, its good to get someone to read over your code. I didn't notice that.

That shouldn't affect it though should it

I don't post here often now, but this one really has got me stuck. This is my site, and i have added a comment system. http://djw-webdesign.awardspace.com/comment.php?id=1 The count is not wrong there are 2 comments, but only one is shown, and when there was only one comment it didn't show it. This is the comment.php code, i removed the add comment code to make it shorter to read. <?php ob_start(); include 'Includes/header.php'; include 'Includes/nav.php'; ?> </div> <div id="wrapper"> <div id="page"> <div id="content"> <?php if(isset($_GET['id']) && is_numeric($_GET['id'])) { $id = $_GET['id']; $id = stripslashes($id); $sql = "SELECT * FROM djw_comments WHERE parent_id = ".$id." ORDER BY time DESC"; $sql = mysql_query($sql); $nums = mysql_num_rows($sql); $r = mysql_fetch_assoc($sql); $sql1 = mysql_query("SELECT * FROM djw_blog WHERE id =".$id); $rows = mysql_fetch_assoc($sql1); if(!$sql || !$sql1 || $id <= 0 || mysql_num_rows($sql1) == 0) { header("Location:http://djw-webdesign.awardspace.com/index.php"); exit(); } ?> <div class="post"> <h1 class="title"><a href="http://djw-webdesign.awardspace.com/blog.php#blog_id_<?php echo $rows['id']; ?>"><?php echo $rows['title'];?></a></h1> <p class="byline"><small>Posted on <?php echo date("F jS, Y",strtotime($rows['time'])); ?> by <a href="about.php?what=me"><?php echo $rows['poster']; ?></a></small></p> <div class="entry"> <p><?php echo nl2br($rows['content']); ?></p> </div> </div> <div class="post"> <h1 class="title">Comments(<?php echo $nums;?>)</h1><p class="byline"><small><a href="#comment">Comment</a></small></p> <?php while($row = mysql_fetch_assoc($sql)) { ?> <div class="entry"> <h3><a name="id<?php echo $row['id']; ?>"></a>Posted on <?php echo date("F jS, Y",strtotime($row['time'])); ?> by <a href="Javascript:void();"><?php echo wordwrap($row['poster'],40,"<br>",true); ?></a></h3> <?php $cont = $row['content']; $cont = wordwrap($cont,65,"<br>",true); $cont = nl2br($cont); $cont = preg_replace("#(^|[\n ])((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*)#is", "\\1<a href=\"http://\\2\" target=\"_blank\">\\2</a>", $cont); $cont = preg_replace("#(^|[\n ])([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*)#is", "\\1<a href=\"\\2\" target=\"_blank\">\\2</a>", $cont); ?> <p><?php echo $cont; ?></p> </div> <?php } ?> </div> <?php } else { header("Location:http://djw-webdesign.awardspace.com/index.php"); exit(); } ?> </div> <?php include 'Includes/sidebar.php'; include 'Includes/footer.php'; ?>

tedbalog: If you are just wanting a simple login system for your site, pm me with more details and i will make you own.

I have changed the snippets link's size a little bit, although i am planning on changing this page slightly soon, yes i am going to create a new banner soon hopefully. The site looks more to the left because i removed all the right hand side design near-enough, but i will be replacing it soon with a quick search feature or something similar. I don't ever have a clue what to put in the footer, any ideas?

This is my site, what do people think Any criticisms or comments? It is a site that will be eventually used as my main site ,but for now it will just have a contact form and some code snippets. Also how is the security, i don't think there are any security gaps. http://djw-webdesign.awardspace.com/

Maybe, you can use strpos to check for certain letters but it will not be efficient , the best way is with a regex probably, and yes it is most likely over your head.

In that case you could do something that checks for certain letters in the word and if there are a certain amount of the correct ones then the answer is close to correct, otherwise you will need to rely on the user to spell correctly or have multiple choice answers.

Yeah, that could be a way, but i believe he maybe under the impression that it will be a simple task, when it will be fairly complicated, especially to someone who doesn't have a decent knowledge of mysql statements and php - mysql interaction.

Ahh, i'm not sure if file inclusion will exit the page you are viewing, i believe the exit works but only on the page it's in, not when included. If that makes sense, <?php //page 1 echo"test"; exit(); echo"stopped"; ?> <?php //page 2 include "page1.php"; echo "<br>test2"; ?> That code will stop anything after the exit on page 1 being sent to page 2, but the exit won't affect page 2.

Unless he is using $_REQUEST instead of using $_POST and $_GET, but it is unadvised as it is a security risk i believe.

mysql_real_escape_string();?

Yeah, that's the problem without knowing his database structure i have to guess a lot of it.

ok, first off then add error_reporting(E_ALL); ini_set('display_errors','On'); to the top of the page, just in case there is an error we can't see then if there are no errors try <?php echo "test"; exit(" did work"); echo " didn't work"; ?> And see if that works.

Yes, although i was under the impression it was dynamically created radio buttons, with the answer stored in the value.

Have you tried die("exited out");

Without knowing your database structure it is hard to say, but something like; <?php //connected already $sql = "SELECT * FROM table_questions ORDER BY RAND() LIMIT 0,1";//this way you will display one question from random from the database, you will need a way to check what questions they have answered. $sql = mysql_query($sql) or die ("Error!<br>".mysql_error()); $sql = mysql_fetch_assoc($sql); echo $sql['question'];//echo the question //user form, and user input $ans = $_POST['answer']; if($ans == $sql['answer']) { echo "correct answer"; } ?>

Hmm, i don't see what is causing the error, this should help you in some ways. http://uk2.php.net/features.file-upload And maybe http://uk2.php.net/manual/en/ini.core.php#ini.post-max-size http://uk2.php.net/manual/en/ini.core.php#ini.upload-max-filesize