Jump to content

Don the dragon

Members
 View Profile  See their activity

  • Posts

    20

  • Joined

  • Last visited

    Never

 Content Type 

Everything posted by Don the dragon

  1. Don the dragon
    I appreciate the assistance. What I dont appreciate, is your undermining attitude. It seems that you get good at what you do and then everyone that is just getting started is below you and your standards. I moved the code around, but still cannot seem to get it right. But dont worry about a response though because I be will looking elsewhere.
  2. Don the dragon
    I apologise for it being a bit messy. I have been following several books and have tried to join the code where I thought it would be appropriate. It doesnt seem that the foreach loop in question is the problem. Correct me if Im wrong, but should I not run an array once the upload is complete. If that is the case, Im still unsure as to how and where I would implement this. I have amended the code as best as possible. Please can someone have another look. if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { // define a constant for the maximum upload size define ('MAX_FILE_SIZE', 58000); // define constant for upload folder define ('UPLOAD_DIR', 'upload/'); //convert the maximum size to KB $max = number_format(MAX_FILE_SIZE/1024, 1).'KB'; // create an array of permitted MIME types $permitted = array('image/gif','image/jpeg','image/pjpeg','image/png'); foreach ($_FILES['image']['name'] as $number => $file) { // replace any spaces in orginal filename with undercores $file = str_replace(' ','_', $file); // begin by assuming the file is unacceptable $sizeOK = false; $typeOK = false; //check that the file is within the permitted size if ($_FILES['image']['size'][$number] > 0 || $_FILES['image']['size'][$number] <= MAX_FILE_SIZE) { $sizeOK = true; } //check that file is of a permitted MIME type foreach ($permitted as $type) { if ($type == $_FILES['image']['type'][$number]) { $typeOK = true; break; } } if ($sizeOK && $typeOK) { switch($_FILES['image']['error'][$number]) { case 0: // make sure file of same name does not already exist if (!file_exists(UPLOAD_DIR.$file)) { // move the file to the upload folder and rename it $success = move_uploaded_file($_FILES['image']['tmp_name'][$number], UPLOAD_DIR.time().$file); } else { // get the date and time ini_set('date.timezone','Europe/London'); $now = date('Y-m-d-His'); $success = move_uploaded_file($_FILES['image']['tmp_name'][$number], UPLOAD_DIR.$now.$file); } if ($success) { $result[] = "$file was successfully uploaded"; } else { $result[] = "Error uploading $file. Please try again."; } break; case 3: $result[] = "Error uploading $file. Please try again."; default: $result[] = ""; } } elseif ($_FILES['image']['error'][$number] == 4) { $result[] = 'No file was selected'; } else { $result[] = "$file cannot be uploaded because the image size is too large. The Maximum size is $max. Please re-size and try again. Or you have an incorrect file type. Acceptable file types are gif, jpg, png."; } } $insertSQL = sprintf("INSERT INTO sothebys (address, areas, bedrooms, bathrooms, garages, pool, security, property_type, facing, storey, waterfront, sole_mandate, floor_area, carport, levies_rates, garden, pets_allowed, recreational, prop_desc, price, image) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['address'], "text"), GetSQLValueString($_POST['areas'], "text"), GetSQLValueString($_POST['bedrooms'], "int"), GetSQLValueString($_POST['bathrooms'], "int"), GetSQLValueString($_POST['garages'], "text"), GetSQLValueString($_POST['pool'], "text"), GetSQLValueString($_POST['security'], "text"), GetSQLValueString($_POST['property_type'], "text"), GetSQLValueString($_POST['facing'], "text"), GetSQLValueString($_POST['storey'], "text"), GetSQLValueString($_POST['waterfront'], "text"), GetSQLValueString($_POST['sole_mandate'], "text"), GetSQLValueString($_POST['floor_area'], "text"), GetSQLValueString($_POST['carport'], "text"), GetSQLValueString($_POST['levies_rates'], "text"), GetSQLValueString($_POST['garden'], "text"), GetSQLValueString($_POST['pets_allowed'], "text"), GetSQLValueString($_POST['recreational'], "text"), GetSQLValueString($_POST['prop_desc'], "text"), GetSQLValueString($_POST['price'], "int"), GetSQLValueString($file, "text")); mysql_select_db($database_propList, $propList); $Result1 = mysql_query($insertSQL, $propList) or die(mysql_error()); }
  3. Don the dragon
    Oh great. Ill give it a go right now. Thanks
  4. Don the dragon
    Im not really sure which is the right code for this as Im still fairly new to php, but the problem that Im having is that when I test my work eg: I want to upload 12 images to a folder and reference them in the database under a column called "images". When I do the upload part and press "submit", the database reflects 12 new entries instead of just one with 12 image references
  5. Don the dragon
    Hi Please can someone help me with a query on a property website that i am developing. I have a drop-down list of areas in which people can select which area they would like to search, then i have a 'price from' to a 'price to' and then another drop down list in which people can choose from a list of options such as if it is a waterfront property, north facing etc. What i would like to know is how to make them all work together and particulary how to do the 'price from' to 'price to' function and how to make it search the db and bring up the results. Thanks Donovan
  6. Don the dragon
    Hi I have a bit of a problem. I have a multiple image upload(12 images) section in my form. The problem is, is that when I submit to the database, I get 12 new entries in the database. What I want is for the DB to reflect 12 references of the images in one entry. <?php require_once('../../Connections/propList.php'); ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { // define a constant for the maximum upload size define ('MAX_FILE_SIZE', 58000); if (array_key_exists('upload', $_POST)) { // define constant for upload folder define ('UPLOAD_DIR', 'upload/'); //convert the maximum size to KB $max = number_format(MAX_FILE_SIZE/1024, 1).'KB'; // create an array of permitted MIME types $permitted = array('image/gif','image/jpeg','image/pjpeg','image/png'); foreach ($_FILES['image']['name'] as $number => $file) { // replace any spaces in orginal filename with undercores $file = str_replace(' ','_', $file); // begin by assuming the file is unacceptable $sizeOK = false; $typeOK = false; //check that the file is within the permitted size if ($_FILES['image']['size'][$number] > 0 || $_FILES['image']['size'][$number] <= MAX_FILE_SIZE) { $sizeOK = true; } //check that file is of a permitted MIME type foreach ($permitted as $type) { if ($type == $_FILES['image']['type'][$number]) { $typeOK = true; break; } } if ($sizeOK && $typeOK) { switch($_FILES['image']['error'][$number]) { case 0: // make sure file of same name does not already exist if (!file_exists(UPLOAD_DIR.$file)) { // move the file to the upload folder and rename it $success = move_uploaded_file($_FILES['image']['tmp_name'][$number], UPLOAD_DIR.time().$file); } else { // get the date and time ini_set('date.timezone','Europe/London'); $now = date('Y-m-d-His'); $success = move_uploaded_file($_FILES['image']['tmp_name'][$number], UPLOAD_DIR.$now. $file); } if ($success) { $result[] = "$file was successfully uploaded"; } else { $result[] = "Error uploading $file. Please try again."; } break; case 3: $result[] = "Error uploading $file. Please try again."; default: $result[] = ""; } } elseif ($_FILES['image']['error'][$number] == 4) { $result[] = 'No file was selected'; } else { $result[] = "$file cannot be uploaded because the image size is too large. The Maximum size is $max. Please re-size and try again. Or you have an incorrect file type. Acceptable file types are gif, jpg, png."; } $insertSQL = sprintf("INSERT INTO sothebys (address, areas, bedrooms, bathrooms, garages, pool, security, property_type, facing, storey, waterfront, sole_mandate, floor_area, carport, levies_rates, garden, pets_allowed, recreational, prop_desc, price, image) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['address'], "text"), GetSQLValueString($_POST['areas'], "text"), GetSQLValueString($_POST['bedrooms'], "int"), GetSQLValueString($_POST['bathrooms'], "int"), GetSQLValueString($_POST['garages'], "text"), GetSQLValueString($_POST['pool'], "text"), GetSQLValueString($_POST['security'], "text"), GetSQLValueString($_POST['property_type'], "text"), GetSQLValueString($_POST['facing'], "text"), GetSQLValueString($_POST['storey'], "text"), GetSQLValueString($_POST['waterfront'], "text"), GetSQLValueString($_POST['sole_mandate'], "text"), GetSQLValueString($_POST['floor_area'], "text"), GetSQLValueString($_POST['carport'], "text"), GetSQLValueString($_POST['levies_rates'], "text"), GetSQLValueString($_POST['garden'], "text"), GetSQLValueString($_POST['pets_allowed'], "text"), GetSQLValueString($_POST['recreational'], "text"), GetSQLValueString($_POST['prop_desc'], "text"), GetSQLValueString($_POST['price'], "int"), GetSQLValueString($file, "text")); mysql_select_db($database_propList, $propList); $Result1 = mysql_query($insertSQL, $propList) or die(mysql_error()); } } } mysql_select_db($database_propList, $propList); $query_propType = "SELECT * FROM proptype ORDER BY property_type"; $propType = mysql_query($query_propType, $propList) or die(mysql_error()); $row_propType = mysql_fetch_assoc($propType); $totalRows_propType = mysql_num_rows($propType); mysql_select_db($database_propList, $propList); $query_getProp = "SELECT * FROM areas ORDER BY areas"; $getProp = mysql_query($query_getProp, $propList) or die(mysql_error()); $row_getProp = mysql_fetch_assoc($getProp); $totalRows_getProp = mysql_num_rows($getProp); mysql_select_db($database_propList, $propList); $query_listProp = "SELECT * FROM sothebys"; $listProp = mysql_query($query_listProp, $propList) or die(mysql_error()); $row_listProp = mysql_fetch_assoc($listProp); $totalRows_listProp = mysql_num_rows($listProp); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Insert a new property</title> </head> <body> <p>Insert a new property listing</p> <form action="<?php echo $editFormAction; ?>" method="post" id="form1" enctype="multipart/form-data"> <table> <tr valign="baseline"> <td align="right">Address:</td> <td><input type="text" name="address" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Areas:</td> <td><select name="areas" id="areas"> <option value="menuitem1" >Choose an area</option> <?php do { ?><option value="<?php echo $row_getProp['areas']?>"><?php echo $row_getProp['areas']?></option><?php } while ($row_getProp = mysql_fetch_assoc($getProp)); $rows = mysql_num_rows($getProp); if($rows > 0) { mysql_data_seek($getProp, 0); $row_getProp = mysql_fetch_assoc($getProp); } ?> </select> </td> </tr> <tr valign="baseline"> <td align="right">Property_type:</td> <td><select name="property_type" id="property_type"> <option value="menuitem1" >Choose a property type</option> <?php do { ?><option value="<?php echo $row_propType['property_type']?>"><?php echo $row_propType['property_type']?></option> <?php } while ($row_propType = mysql_fetch_assoc($propType)); $rows = mysql_num_rows($propType); if($rows > 0) { mysql_data_seek($propType, 0); $row_propType = mysql_fetch_assoc($propType); } ?> </select> </td> </tr> <tr valign="baseline"> <td align="right">Price:</td> <td><input type="text" name="price" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Levies_rates:</td> <td><input type="text" name="levies_rates" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Floor_area:</td> <td><input type="text" name="floor_area" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Bedrooms:</td> <td><input type="text" name="bedrooms" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Bathrooms:</td> <td><input type="text" name="bathrooms" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Garages:</td> <td><input type="text" name="garages" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Facing:</td> <td><input type="text" name="facing" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Storey:</td> <td><input type="text" name="storey" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Carport:</td> <td><input type="text" name="carport" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Security:</td> <td valign="baseline"><table> <tr> <td> <input <?php if (!(strcmp($row_listProp['security'],"y"))) {echo "checked=\"checked\"";} ?> type="radio" name="security" value="y" /> Yes <input <?php if (!(strcmp($row_listProp['security'],"n"))) {echo "checked=\"checked\"";} ?> type="radio" name="security" value="n" checked="checked" /> No </td> </tr> </table></td> </tr> <tr valign="baseline"> <td align="right">Waterfront:</td> <td valign="baseline"><table> <tr> <td> <input <?php if (!(strcmp($row_listProp['waterfront'],"y"))) {echo "checked=\"checked\"";} ?> type="radio" name="waterfront" value="y" /> Yes <input <?php if (!(strcmp($row_listProp['waterfront'],"n"))) {echo "checked=\"checked\"";} ?> type="radio" name="waterfront" value="n" checked="checked" /> No </td> </tr> </table></td> </tr> <tr valign="baseline"> <td align="right">Pool:</td> <td valign="baseline"><table> <tr> <td> <input <?php if (!(strcmp($row_listProp['pool'],"y"))) {echo "checked=\"checked\"";} ?> type="radio" name="pool" value="y" /> Yes <input <?php if (!(strcmp($row_listProp['pool'],"n"))) {echo "checked=\"checked\"";} ?> type="radio" name="pool" value="n" checked="checked" /> No </td> </tr> </table></td> </tr> <tr valign="baseline"> <td align="right">Garden:</td> <td valign="baseline"><table> <tr> <td> <input <?php if (!(strcmp($row_listProp['garden'],"y"))) {echo "checked=\"checked\"";} ?> type="radio" name="garden" value="y" /> Yes <input <?php if (!(strcmp($row_listProp['garden'],"n"))) {echo "checked=\"checked\"";} ?> type="radio" name="garden" value="n" checked="checked" /> No </td> </tr> </table></td> </tr> <tr valign="baseline"> <td align="right">Pets_allowed:</td> <td valign="baseline"><table> <tr> <td> <input <?php if (!(strcmp($row_listProp['pets_allowed'],"y"))) {echo "checked=\"checked\"";} ?> type="radio" name="pets_allowed" value="y" /> Yes <input <?php if (!(strcmp($row_listProp['pets_allowed'],"n"))) {echo "checked=\"checked\"";} ?> type="radio" name="pets_allowed" value="n" checked="checked" /> No </td> </tr> </table></td> </tr> <tr valign="baseline"> <td align="right">Sole_mandate:</td> <td valign="baseline"><table> <tr> <td> <input <?php if (!(strcmp($row_listProp['sole_mandate'],"y"))) {echo "checked=\"checked\"";} ?> type="radio" name="sole_mandate" value="y" /> Yes <input <?php if (!(strcmp($row_listProp['sole_mandate'],"n"))) {echo "checked=\"checked\"";} ?> type="radio" name="sole_mandate" value="n" checked="checked" /> No </td> </tr> </table></td> </tr> <tr valign="baseline"> <td align="right">Recreational:</td> <td><input type="text" name="recreational" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Prop_desc:</td> <td><input type="text" name="prop_desc" value="" size="32" /></td> </tr> <tr valign="baseline"> <td align="right">Upload up to 12 images: <label for="image">Upload image:</label> <input type="file" name="image[]" /><br/> <label for="image">Upload image:</label> <input type="file" name="image[]" /><br/> <label for="image">Upload image:</label> <input type="file" name="image[]" /><br/> <label for="image">Upload image:</label> <input type="file" name="image[]"/><br/> <label for="image">Upload image:</label> <input type="file" name="image[]"/><br/> <label for="image">Upload image:</label> <input type="file" name="image[]"/><br/> <label for="image">Upload image:</label> <input type="file" name="image[]"/><br/> <label for="image">Upload image:</label> <input type="file" name="image[]"/><br/> <label for="image">Upload image:</label> <input type="file" name="image[]"/><br/> <label for="image">Upload image:</label> <input type="file" name="image[]"/><br/> <label for="image">Upload image:</label> <input type="file" name="image[]"/><br/> <label for="image">Upload image:</label> <input type="file" name="image[]"/><br/> </td> <?php //if the form has been submitted, display result if (isset($result)) { echo '<ol>'; foreach ($result as $item) { echo "<strong><li>$item</li></strong>"; } echo '<ol>'; echo 'Please view your listing in the area inserted'; } ?> </tr> </table> <img src="upload/<?php echo $row_listProp['image']; ?>" alt="" /> <table> <tr valign="baseline"> </tr> <tr valign="baseline"> <td align="right"> </td> <td> <input type="submit" value="upload" name="upload" id="upload" /></td> </tr> </table> <input type="hidden" name="MM_insert" value="form1" /> </form> <p> </p> </body> </html> <?php mysql_free_result($propType); mysql_free_result($getProp); mysql_free_result($listProp); ?> Thanks Donovan
  7. Don the dragon
    Hi Thank you for all your help. I think i know what the problem was. I had and old form that was connected to the same submittion page. Cheers Donovan
  8. Don the dragon
    I tried using preg_match on the form validations, but someone is still submitting blank forms. How is it possible for anyone to get passed my validations?
  9. Don the dragon
    I tried the method of using 'preg_match'. It still seems that this person is able to submit the form without any data in it. Donovan
  10. Don the dragon
    Wow. That looks complicated. Excuse my ignorance, Im still quite new to php, but would I do that for all the other fields to? Donovan
  11. Don the dragon
    I just tried the above techniques and it doesnt seem to have any effect
  12. Don the dragon
    Thats exactly right. It seems that someone is messing around with my form and only submits a random name. The rest of the form is blank.
  13. Don the dragon
    Oh ok. Ill give it a go. Thanks Donovan
  14. Don the dragon
    Ok. Got it. <?php session_start(); $_SESSION['sess'] = session_id(); require_once ('includes/recaptchalib.php'); $publickey = "**** **** ***"; // you got this from the signup page require_once ('includes/recaptchalib.php'); $privatekey = "**** ***** *****"; // you got this from the signup page // boolean (TRUE or FALSE) $is_confirmation = false; // set default CSS class $class = 'default'; // set default form action $form_action = $_SERVER['PHP_SELF']; // inputs read only? $read_only = null; // check posted data if (array_key_exists('submit', $_POST)) { // validate the input, beginning with name $name = trim($_POST['name']); if (empty($name)) { $error['name'] = 'error'; } $email = $_POST['emailaddress']; // check for valid email address $pattern = '/^[^@]+@[^\s\r\n\'";,@%]+$/'; if (!preg_match($pattern, trim($email))) { $error['emailaddress'] = 'error'; } $contact = trim($_POST['contact']); if (empty($contact)) { $error['contact'] = 'error'; } $fax = trim($_POST['fax']); // check the content of the text area $comments = trim($_POST['comments']); if (empty($comments)) { $error['comments'] = 'error'; } // check captcha $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) $error['captcha'] = 'Invalid captcha input. Please try again.'; if (!$error) { // no errors - now change variables to set up confirmation page // change CSS class for confirmation $class = 'confirm'; // change form action $form_action = 'orders/contact_sendmail.php'; // set inputs as readonly $read_only = 'readonly="readonly"'; // set is_confirmation to true $is_confirmation = true; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Contact us</title> <link rel="stylesheet" type="text/css" href="stylesheets/new_index.css" /> <link rel="stylesheet" type="text/css" href="stylesheets/contact_us.css" /> <link rel="stylesheet" type="text/css" href="stylesheets/forms.css" /> </head> <body> <div id="wrapper"> <div id="header_border"> </div> <div id="header"> <span id="top_border"> </span> <h1>S´s Tiles<span></span></h1> <object width="615" height="344" type="application/x-shockwave-flash" data="multimedia/fading_square.swf"> <param value="multimedia/fading_square.swf" name="movie" /> <img src="images_1/flash_img1.jpg" width="615" height="344" alt="Beautiful bathroom" id="no_flash" /> </object> <ul> <li><a href="index.php" title="Link to the home page">Home</a></li> <li><a href="about_us.html" title="Link to the about us page">About Us</a></li> <li><a href="services.html" title="Link to the services page">Services</a></li> <li><a href="tiling_tips.html" title="Link to the tiling tips page">Tiling tips</a></li> <li><a href="contact_us.html" title="Link to the contact us page">Contact Us</a></li> <li><a href="find_us.html" title="Link to the find us page">Find Us</a></li> </ul> </div> <div id="contain"> <div id="welcome"> <?php if (!$is_confirmation) : ?> <h2 title="Contact Us">Contact Us<span></span></h2> <?php elseif ($is_confirmation) : ?> <h2 title="Confirm information" id="confirm">Confirm Information<span></span></h2> <?php endif; ?> <div id="info_form"> <form action="<?php echo $form_action; ?>" method="post" id="booking" name="booking"> <p><?php if ($is_confirmation) { echo 'Below are the details that will be placed. <br/>If you want to change any of the items, please click the "back" button of your web browser and change the needed items and then re-submit the order.<br/> If everything is correct on this form, please click the "submit" button below.'; } ?></p> <fieldset> <legend>Contact Details :</legend> <label for="name">Full name <span class="require">*</span></label> <input name="name" type="text" id="name" value="<?php echo $name; ?>" class="<?php echo $error['name']; ?> <?php echo $class; ?>" <?php echo $read_only; ?> /> <?php if (isset($error['name'])) { ?> <p class="warning">Please add your name</p> <?php } ?> <label for="emailaddress">E-mail address <span class="require">*</span></label> <input name="emailaddress" type="text" id="emailaddress" value="<?php echo $email; ?>" class="<?php echo $error['emailaddress']; ?> <?php echo $class; ?>" <?php echo $read_only;?> /><br /> <?php if (isset($error['emailaddress'])) { ?> <p class="warning">Please add your email address</p> <?php } ?> <label for="contact">Contact number <span class="require">*</span></label> <input name="contact" type="text" id="contact" value="<?php echo $contact; ?>" class="<?php echo $error['contact']; ?> <?php echo $class; ?>" <?php echo $read_only;?> /><br /> <?php if (isset($error['contact'])) { ?> <p class="warning">Please add your contact number</p> <?php } ?> <label for="fax">Fax number<span class="require"> </span></label> <input name="fax" type="text" id="fax" value="<?php echo $fax; ?>" class="<?php echo $class; ?>" <?php echo $read_only;?> /><br /> <label for="comments">Comments <span class="require">*</span></label> <textarea name="comments" cols="30" rows="5" id="comments" class="<?php echo $error['comments']; ?> <?php echo $class; ?>" <?php echo $read_only;?>><?php echo $comments; ?></textarea> <?php if (isset($error['comments'])) { ?> <p class="warning">Please add your comments</p> <?php } ?> <?php if (!$is_confirmation) : ?> <?php /* this is only displayed if not on the confirmation page */ ?> <div id="capcha_block"><?php echo recaptcha_get_html($publickey); ?></div> <?php endif; ?> <?php if (isset($error['captcha'])) { ?> <p class="warning"><?php echo $error['captcha']; ?></p> <?php } ?> <br /> <br /> <input type="submit" name="submit" value="submit" class="button" /> <input type="reset" name="reset" value="start over" class="button" /> </fieldset> </form> </div> </div> </div> <div id="footer"> </div> </div> </body> </html>
  15. Don the dragon
    Is anyone going to get back to me on this issue? ???
  16. Don the dragon
    Ha ha.. sorry about that. The code is shown below : ------------------------------------------- <?php session_start(); $_SESSION['sess'] = session_id(); require_once ('includes/recaptchalib.php'); $publickey = "**** **** ***"; // you got this from the signup page require_once ('includes/recaptchalib.php'); $privatekey = "**** ***** *****"; // you got this from the signup page // boolean (TRUE or FALSE) $is_confirmation = false; // set default CSS class $class = 'default'; // set default form action $form_action = $_SERVER['PHP_SELF']; // inputs read only? $read_only = null; // check posted data if (array_key_exists('submit', $_POST)) { // validate the input, beginning with name $name = trim($_POST['name']); if (empty($name)) { $error['name'] = 'error'; } $email = $_POST['emailaddress']; // check for valid email address $pattern = '/^[^@]+@[^\s\r\n\'";,@%]+$/'; if (!preg_match($pattern, trim($email))) { $error['emailaddress'] = 'error'; } $contact = trim($_POST['contact']); if (empty($contact)) { $error['contact'] = 'error'; } $fax = trim($_POST['fax']); // check the content of the text area $comments = trim($_POST['comments']); if (empty($comments)) { $error['comments'] = 'error'; } // check captcha $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) $error['captcha'] = 'Invalid captcha input. Please try again.'; if (!$error) { // no errors - now change variables to set up confirmation page // change CSS class for confirmation $class = 'confirm'; // change form action $form_action = 'orders/contact_sendmail.php'; // set inputs as readonly $read_only = 'readonly="readonly"'; // set is_confirmation to true $is_confirmation = true; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Contact us</title> <link rel="stylesheet" type="text/css" href="stylesheets/new_index.css" /> <link rel="stylesheet" type="text/css" href="stylesheets/contact_us.css" /> <link rel="stylesheet" type="text/css" href="stylesheets/forms.css" /> </head> <body> <div id="wrapper"> <div id="header_border"> </div> <div id="header"> <span id="top_border"> </span> <h1>S´s Tiles<span></span></h1> <object width="615" height="344" type="application/x-shockwave-flash" data="multimedia/fading_square.swf"> <param value="multimedia/fading_square.swf" name="movie" /> <img src="images_1/flash_img1.jpg" width="615" height="344" alt="Beautiful bathroom" id="no_flash" /> </object> <ul> <li><a href="index.php" title="Link to the home page">Home</a></li> <li><a href="about_us.html" title="Link to the about us page">About Us</a></li> <li><a href="services.html" title="Link to the services page">Services</a></li> <li><a href="tiling_tips.html" title="Link to the tiling tips page">Tiling tips</a></li> <li><a href="contact_us.html" title="Link to the contact us page">Contact Us</a></li> <li><a href="find_us.html" title="Link to the find us page">Find Us</a></li> </ul> </div> <div id="contain"> <div id="welcome"> <?php if (!$is_confirmation) : ?> <h2 title="Contact Us">Contact Us<span></span></h2> <?php elseif ($is_confirmation) : ?> <h2 title="Confirm information" id="confirm">Confirm Information<span></span></h2> <?php endif; ?> <div id="info_form"> <form action="<?php echo $form_action; ?>" method="post" id="booking" name="booking"> <p><?php if ($is_confirmation) { echo 'Below are the details that will be placed. <br/>If you want to change any of the items, please click the "back" button of your web browser and change the needed items and then re-submit the order.<br/> If everything is correct on this form, please click the "submit" button below.'; } ?></p> <fieldset> <legend>Contact Details :</legend> <label for="name">Full name <span class="require">*</span></label> <input name="name" type="text" id="name" value="<?php echo $name; ?>" class="<?php echo $error['name']; ?> <?php echo $class; ?>" <?php echo $read_only; ?> /> <?php if (isset($error['name'])) { ?> <p class="warning">Please add your name</p> <?php } ?> <label for="emailaddress">E-mail address <span class="require">*</span></label> <input name="emailaddress" type="text" id="emailaddress" value="<?php echo $email; ?>" class="<?php echo $error['emailaddress']; ?> <?php echo $class; ?>" <?php echo $read_only;?> /><br /> <?php if (isset($error['emailaddress'])) { ?> <p class="warning">Please add your email address</p> <?php } ?> <label for="contact">Contact number <span class="require">*</span></label> <input name="contact" type="text" id="contact" value="<?php echo $contact; ?>" class="<?php echo $error['contact']; ?> <?php echo $class; ?>" <?php echo $read_only;?> /><br /> <?php if (isset($error['contact'])) { ?> <p class="warning">Please add your contact number</p> <?php } ?> <label for="fax">Fax number<span class="require"> </span></label> <input name="fax" type="text" id="fax" value="<?php echo $fax; ?>" class="<?php echo $class; ?>" <?php echo $read_only;?> /><br /> <label for="comments">Comments <span class="require">*</span></label> <textarea name="comments" cols="30" rows="5" id="comments" class="<?php echo $error['comments']; ?> <?php echo $class; ?>" <?php echo $read_only;?>><?php echo $comments; ?></textarea> <?php if (isset($error['comments'])) { ?> <p class="warning">Please add your comments</p> <?php } ?> <?php if (!$is_confirmation) : ?> <?php /* this is only displayed if not on the confirmation page */ ?> <div id="capcha_block"><?php echo recaptcha_get_html($publickey); ?></div> <?php endif; ?> <?php if (isset($error['captcha'])) { ?> <p class="warning"><?php echo $error['captcha']; ?></p> <?php } ?> <br /> <br /> <input type="submit" name="submit" value="submit" class="button" /> <input type="reset" name="reset" value="start over" class="button" /> </fieldset> </form> </div> </div> </div> <div id="footer"> </div> </div> </body> </html> ----------------------------------------------- Donovan
  17. Don the dragon
    Hi I have a form that has php validation. when I receive responses from the form, it seems that hackers are able to by-pass the validation and send blank responses. How can I prevent this from happening? Thanks Don
  18. Don the dragon
    Hi I am having a small problem with a form submission. I have a capcha on my form, so every time I submit the form, the "confirm" page tells me that the capcha wasnt filled in correctly. Im not really sure how I can resolve this. Below is my code. <?php session_start(); $_SESSION['sess']=session_id(); require_once('includes/recaptchalib.php'); $publickey = "******** **************"; // you got this from the signup page //echo recaptcha_get_html($publickey); ?> <?php if (array_key_exists('submit', $_POST)) { // validate the input, beginning with name $name = trim($_POST['name']); if (empty($name)) { $error['name'] = '*'; } $contact = trim($_POST['contact']); if (empty($contact)) { $error['contact'] = '*'; } $email = $_POST['emailaddress']; // check for valid email address $pattern = '/^[^@]+@[^\s\r\n\'";,@%]+$/'; if (!preg_match($pattern, trim($email))) { $error['emailaddress'] = '*'; } // check the content of the text area $comments = trim($_POST['comments']); if (empty($comments)) { $error['comments'] = '*'; } if(!$error) { header("location:orders/contact/contact_confirm.php"); } } ?> Cheers Donovan
  19. Don the dragon
    thank you very much. Ill give it a try now. Cheers Donovan
  20. Don the dragon
    Hi I have a bit of a problem that I cant sort out (a newbie thing). I want to submit my form, after it has passed its validation to a 'confirm' page. Where do I state this, as the action in the form is being used for other purposes. <?php session_start(); $_SESSION['sess']=session_id(); require_once('includes/recaptchalib.php'); $publickey = "6LeX0gIAAAAAAHQ9qrhR9otZToT2ttxPCgmtnGSs"; // you got this from the signup page //echo recaptcha_get_html($publickey); ?> <?php if (array_key_exists('submit', $_POST)) { // validate the input, beginning with name $name = trim($_POST['name']); if (empty($name)) { $error['name'] = '*'; } $contact = trim($_POST['contact']); if (empty($contact)) { $error['contact'] = '*'; } $email = $_POST['emailaddress']; // check for valid email address $pattern = '/^[^@]+@[^\s\r\n\'";,@%]+$/'; if (!preg_match($pattern, trim($email))) { $error['emailaddress'] = '*'; } // check the content of the text area $comments = trim($_POST['comments']); if (empty($comments)) { $error['comments'] = '*'; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Contact Us</title> </head> <body> <div id="wrapper"> <div id="main_pic"> <?php if ($error) { ?> <h2>Please correctly fill in all fields</h2> <?php } else { ?> <h2>Contact us</h2> <?php } ?> <form action="<?php $_SERVER['PHP_SELF']; ?>" method="post" id="booking" name="booking"> <fieldset> <legend>Contact Details</legend> <label for="name">Full name :</label> <input name="name" type="text" id="name" <?php if(isset($error)) {echo "value='$name'";} ?> /><?php if (isset($error['name'])) { ?> <span class="warning"><?php echo $error['name']; ?></span> <?php } ?> <br /> <label for="contact">Contact number :</label> <input name="contact" type="text" id="contact" <?php if(isset($error)) {echo "value='$contact'";} ?> /><?php if (isset($error['contact'])) { ?> <span class="warning"><?php echo $error['contact']; ?></span> <?php } ?> <br /> <label for="emailaddress">E-mail address :</label> <input name="emailaddress" type="text" id="emailaddress" <?php if(isset($error)) {echo "value='$email'";} ?> /><?php if (isset($error['emailaddress'])) { ?> <span class="warning"><?php echo $error['emailaddress']; ?></span> <?php } ?> <br /> <label for="comments">Comments :</label> <textarea name="comments" cols="30" rows="5" id="comments"><?php if(isset($error)) {echo $comments;} ?></textarea><?php if (isset($error['comments'])) { ?> <span class="warning"><?php echo $error['comments']; ?></span> <?php } ?> <br /> <br /> <div id="capcha_block"><?php echo recaptcha_get_html($publickey); ?></div> <input type="submit" name="submit" value="submit" class="button_one" /> <input type="reset" name="reset" value="start over" class="button_one" /> </fieldset> </form> </div> </div> </body> </html> Cheers Donovan
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.