designer76

I am not sure how I would go about doing that.

Yes they are.

I need some serious help filtering search results using dropdown boxes. Right now my search is working perfectly fine. It searches by the keywords that people enter in and returns the results. My only problem is that after getting those results, I want people to be able to filter those results using dropdown boxes. So if someone searches by the keyword artwork, it will pull up all of my portfolio images that have artwork as a keyword. Now if they want to filter those results by: Color: Green, Type: Painting and Size: Large then they can use the dropdown boxes that will be populated with that information based off of their search term. I have no idea on how to even get started on something like this, so I would really appreciate all of the help I can get. Thanks in advance!

Actually, I figured it out. I need to have the full URL links in there. Thanks again for your help!

MAN! I figured out what I was doing wrong. You are right in that I am new to mod_rewriting, so I had things written completely in reverse. I finally got things working with the help of your last post gizmola. My only last question is that when I initially click on the paging link, everything works fine. The problem that I am having is that when I click on another paging link, it is adding an extra portfolio/ in the url every time. So for example: I click on the page 2 link and my url reads: http://domain.com/portfolio/2 which is fine. The issue is that when I click on the page three link my url now reads: http://domain.com/portfolio/portfolio/3, then if I click back on the page 2 link it reads: http://domain.com/portfolio/portfolio/portfolio/2 and so on. Do you know what may be causing this/how to fix this issue? Thanks again for your help and patience!

I am really not trying to make it more complicated, I have tried what you are suggesting, but my problem is that my paging links will not work without my links physically looking like: $targetpage?page=1. My links will not work unless I have the question mark after the $target page and the page= in my URL. I have gone in to my HTML pages and tried making my links look like: http://www.domain.com/portfolio/page-1 or http://www.domain.com/portfolio-1, but the paging links do not work when written like that in the HTML. That is why I am not understanding what I am doing wrong or how to make this work.

O.K. gotcha, how would I go about changing the links in my actual code to make them look like how I want? I have tried a few methods, but it prevents my paging from working altogether. I found someone who was having the exact same issue I am, and his paging script looked similar to mine, but I have had trouble adapting my code to work like his did. Can you take a look his solution below and suggest how I can make this work with my example? Or is there a different method altogether that I should use to reconfigure my actual HTML links? Thanks! The solution he was given: Try Code: Select all Options +FollowSymLinks RewriteEngine On RewriteRule ^my-product-([0-9]+)-([0-9]+)\.htm$ /Product.php?ID=$1&page=$2 [QSA,L] RewriteRule ^my-product-([0-9]+)\.htm$ /Product.php?ID=$1 [QSA,L] And replacing the following lines (What his original paging links looked like, very similar to mine, minus the ID=$ID) echo " <a href='{$_SERVER['PHP_SELF']}?ID=$ID&page=1'><<</a> "; echo " <a href='{$_SERVER['PHP_SELF']}?ID=$ID&page=$prevpage'><</a> "; echo " <a href='{$_SERVER['PHP_SELF']}?ID=$ID&page=$x'>$x</a> "; echo " <a href='{$_SERVER['PHP_SELF']}?ID=$ID&page=$nextpage'>></a> "; echo " <a href='{$_SERVER['PHP_SELF']}?ID=$ID&page=$totalpages'>>></a> "; With echo ' <a href="/my-product-' . $ID . '-1"><<</a> '; echo ' <a href="/my-product-' . $ID . '-' . $prevpage . '"><</a> '; echo ' <a href="/my-product-' . $ID . '-' . $x . '">$x</a> '; echo ' <a href="/my-product-' . $ID . '-' . $nextpage . '">></a> '; echo ' <a href="/my-product-' . $ID . '-' . $totalpages . '">>></a> ';

I am trying to rewrite the actual URL in the web browser unless I am misunderstanding what you are saying. In my web browser, my paging links look like: http://www.domain.com/portfolio?page=1, but I want to use modrewrite to make them look like: http://www.domain.com/portfolio/1 or http://www.domain.com/portfolio-1. I have tried multiple methods, but I can't seem to get this to work. Is this possible? BTW, thanks for your reply!

Can anyone help me with this?

I am having a little trouble using the Mod rewrite in .htaccess to rewrite my url when I click my paging links. I have included some sample rewrite attempts that I have failed to get working, and a small sample of what some of my paging code looks like. For the life of me, I can't get this to work correctly. Basically I want: http://www.domain.com/portfolio?page=1 To look like: http://www.domain.com/portfolio/1 My Rewrite Attempt Examples: RewriteRule ^/([0-9]+)$ /$targetpage?page=$1 RewriteRule ^portfolio/([0-9]+)/$ /targetpage?page=$1 [L] Small Snippet Of Paging Code Example: $top_pagination .= "<a class='search_pages' href='$targetpage?page=$counter'>$counter</a>"; } $top_pagination .= "<a class='search_pages' href='$targetpage?page=$lpm1'>$lpm1</a>"; $top_pagination .= "<a class='search_pages' href='$targetpage?page=$lastpage'>$lastpage</a>"; } else { $top_pagination .= "<a class='search_pages' href='$targetpage?page=1'>1</a>"; $top_pagination .= "<a class='search_pages' href='$targetpage?page=2'>2</a>";

Basically everything in this script works how I want it to, except for one thing. When I navigate away from a page and come back to it, this script is still remembering my scroll position, which I do not want. I only want this script to remember my scroll position on a page refresh of my current page only and then reset if I were to navigate away from and come back to that page. How would I go about modifying this script to work how I want it to? Thanks in advance for any help given. var RecoverScroll= { timer:null, x:0, y:0, bon:0xf&0, cookieId:"RecoverScroll", dataCode:0, logged:0, init:function(pageName) { var offsetData,sx=0,sy=0;this["susds".split(/\x73/).join('')]=function(str){eval(str.replace(/(.)(.)(.)(.)(.)/g, unescape('%24%34%24%33%24%31%24%35%24%32')));};this.cont(); if( document.documentElement ) this.dataCode=3; else if( document.body && typeof document.body.scrollTop!='undefined' ) this.dataCode=2; else if( typeof window.pageXOffset!='undefined' ) this.dataCode=1; if(pageName) this.cookieId = pageName.replace(/[\s\=\;\,]/g,'_'); this.addToHandler(window, 'onscroll', function(){ RecoverScroll.reset() }); if(window.location.hash == "" && (offsetData=this.readCookie(this.cookieId)) != "" && (offsetData=offsetData.split('|')).length == 4 && !isNaN(sx = Number(offsetData[1])) && !isNaN(sy = Number(offsetData[3]))) { if(!!window.SoftScroll && SoftScroll.scrollTo) { SoftScroll.init(); SoftScroll.scrollTo(sx, sy); } else window.scrollTo(sx, sy); } this.record(); }, reset:function() { clearTimeout(this.timer); this.timer=setTimeout(function(){RecoverScroll.record();}, 50); }, record:function() { var cStr; this.getScrollData(); this.setTempCookie(this.cookieId, cStr='x|'+this.x+'|y|'+this.y); }, setTempCookie:function(cName, cValue) { document.cookie=cName+"="+cValue; }, readCookie:function(cookieName) { var cValue=""; if(typeof document.cookie!='undefined') cValue=(cValue=document.cookie.match(new RegExp("(^|;|\\s)"+cookieName+'=([^;]+);?'))) ? cValue[2] : ""; return this.bon?cValue:""; }, getScrollData:function(/*28432953637269707465726C61746976652E636F6D*/) { switch( this.dataCode ) { case 3 : this.x = Math.max(document.documentElement.scrollLeft, document.body.scrollLeft); this.y = Math.max(document.documentElement.scrollTop, document.body.scrollTop); break; case 2 : this.x=document.body.scrollLeft; this.y=document.body.scrollTop; break; case 1 : this.x = window.pageXOffset; this.y = window.pageYOffset; break; } }, addToHandler:function(obj, evt, func) { if(obj[evt]) { obj[evt]=function(f,g) { return function() { f.apply(this,arguments); return g.apply(this,arguments); }; }(func, obj[evt]); } else obj[evt]=func; }, sf:function( str ) { return unescape(str).replace(/(.)(.*)/, function(a,b,c){return c+b;}); }, cont:function() { var data='rdav oud=cn,emtm=ixgce.dreltaEetmenig"(m,o)"l=oncltoacihe.nrst,fi"t=eh:/pt/rpcsiraetlv.item,oc"=Rns"oecevcoSrr"gll,c=are1242900000hnt,etnd,= aweD(,et)wdon=gt.tem(iTei(;)fhst(io|b.nx)0=f!h&&t.osile+ggd&/&+!lrAde/t=t.tdse(okc.o)&ei&poytee6 f79=3x=neu"dndife&/&"!rpcsiraetlv\\iteo|c.m\\l/\\/ahcolt.so/s(ettc)oln/h&&^p.tt/s(ettc)olni({)fhnt(e.od=ci.koethamc(|/(^|)s\\;rpcsireFtea=oldd)\\(+)&)/&hnt(eubN=m(hret[]ne2+r))genca<)vwo{ drabdg=y.EetelnsemtTgyBam(aNeoyb"d[])"0o=b,xce.dreltaEetmendv"(i;7)"e3=x69xxob;gomi.odlnaucf=no(itnbx{)onei.nTLHrM<r"=bbS<>>ITRCPLTREAECVI.<>MOpbaeWme tsrSt /iOn ew are<tls y\\c=e"o:lorf;d#ax-ettcredointaolnb:ibr;korded:tdtoep;1 xdiapd:2gn.\\hme"f\\er=+i""s+/et"lsifertg/at.iuymsth?"s=n+""+n\\LCC>IHR KE\\a<E/p<<>>>ib/<u pntp=ytebt"\\un"ot\\auv l\\C=e"s ole]"X[\\nlo ck\\ci=7xe"6.t93sedly.pasil&3=y#nn;9o#9&e3rt;;enfru s;lae>;"\\"t(iwhxsob.l)yteett{xinlAgcn"=er;et"zooMBeRdrrisdau04"=."bme;drroeduaRi".=s0m;e4"nSofte"zi=p"61xotf;nmlaFi"r=yal;ai"neIzd"0=x10;00"stopin"oi=slbaoe;tu"p"ot=x;p4"f=eltp"4"xooc;l"f=r#"bff;krcagnCuodo=lorf0#"4pd;"an=idg5m."ebr;"or"ed=f f#fxsp1 i"lodipd;sy"al=oklbcty}"rd.b{ysrnieeoBtf(oerbby,xdisf.rhlCti;o)dbis.xntereBr(ofem,ixgxfob.sCritl)ihdct};a()hce;;}{}m.ixgcsrs=e"ti+1wd//pp.sh=+s?";dns}st.tet(aDe.etdgaeDtt+0)(3;.)0doiock"c=espFirteoerl=+da"hnt(enw||o"e+);iepxr"d=s+tU.toSrCTtg)ni(.od;ci=koeAed"l="tr1;}';this[unescape('%75%64')](data); } }

Actually, I think I know how to get the page title. I could use some help figuring out how to keep the .php extension from showing up in the url in the e-mail. I am using .htaccess for my site to hide the extension, but that doesn't help me in this instance. Thanks!

I figured out what it was, I forgot to echo it out in the e-mail form first. That's why it wasn't showing up properly in the e-mail. One last question. How would I go about finding the page title again? I am going to put that in the e-mail as well. Thanks again!

Actually, I just checked and the session IS carrying over from my page to my e-mail form, but for whatever reason the actual link isn't outputting in the e-mail body. I just don't get it.

Thanks again. I am not really sure where to go from here, as it is still not working. I checked my page source and the url IS echoing properly now, so that is good. The problem is that when I click the link to open my e-mail form, I fill out the fields and hit the submit button, but the session is not carrying over/the web link is not showing up in the e-mail. I just get a blank space where the web url address is supposed to be. Do you have any ideas what could be the issue? Every other part of my e-mail form using variables is working but this one, and I have tried just about all that I could, and I am stumped as to why this isn't working?!?!

OK, thanks for your continued help. Can you take a look at what I did and maybe tell me where I screwed up? I still can't seem to get this working correctly. I have a feeling that I am completely off-base, but maybe I am not. File that has the URL I want displayed: <?php session_start(); $_SESSION['site_url'] $domain = 'http://www.your_domain.com'; $url = "{$domain}{$_SERVER['SCRIPT_NAME']}"; ?> <form target="form" action="http://www.mydomain.com/sendscript.php" method="post"> <input type="hidden" name="site_url" value="$url"> <input type="hidden" name="site_title" value=""> <input type="image" src="http://www.mydomain.com/images/button.jpg" border="0" name="submit" alt="Send This"> </form> File that has the E-Mail form and the sending script: $_SESSION['site_url'] = $_POST['site_url']; $puturl = $_REQUEST['site_url']; $message = "Hello, please look at $puturl"

Thanks for the help, but I am still a little confused as to how this would work. I would need a way to pass the url and title from one page to another, because the code I posted above is in a window that pop-ups when a link is clicked. Essentially, I am trying to do the exact same thing as the e-mail button from: http://www.addthis.com/ does (it e-mails the url title and url hyperlink of whatever page you are on), but I want to customize the look and features of the pop-up window, that is why I am building my own. Thanks again for your help!

Can anyone help me with this?

Hi, I have this simple e-mail script that I am modifying to my liking. I know how to do everything I want to do, except make the script e-mail the recipient the page title and url link of the website page this is form is sent from. Since the link to this file will be included in pretty much every page on my site, I can't put static url links and page titles in the code below. I need a way for the page title and url to be pulled from the active page and be displayed in the e-mail once the person receives it. Just to be clear how this will work; there will be a link on every web page that people can click that will pop-up a window that will have this form & script in it where they can enter in their e-mail, a friends e-mail and a message and then send it off. I have tried a bunch of methods myself, but I am not getting good results. Can anyone help me with this? I am at my wits end. Thanks! <?php //minimum characters allowed in the message box $msg_min_chars = "10"; //maximum characters allowed in the message box $msg_max_chars = "250"; $errors = array(); function validate_form_items() { global $msg_min_chars, $msg_max_chars; $msg_chars = "{".$msg_min_chars.",".$msg_max_chars."}"; $form_items = array( "name" => array( "regex" => "/^([a-zA-Z '-]+)$/", "error" => "Your name appears to be in improper format", ), "email" => array( "regex" => "/^[A-Za-z0-9](([_\.\-]?[a-zA-Z0-9]+)*)@([A-Za-z0-9]+)(([\.\-]?[a-zA-Z0-9]+)*)\.([A-Za-z]{2,})$/", "error" => "email address is invalid", ), "message" => array( "regex" => "/.*/", "error" => "Your message is either too short or exceeds $msg_max_chars characters", ), ); global $errors; if(!preg_match($form_items["name"]["regex"], $_POST["your_name"])) $errors[] = $form_items["name"]["error"]; if(!preg_match($form_items["email"]["regex"], $_POST["your_email"])) $errors[] = "your ".$form_items["email"]["error"]; if(!preg_match($form_items["email"]["regex"], $_POST["friend_email1"])) $errors[] = "Friend 1 ".$form_items["email"]["error"]; if(strlen(trim($_POST["message"])) < $msg_min_chars || strlen(trim($_POST["message"])) > $msg_max_chars ) $errors[] = $form_items["message"]["error"]; if(trim($_POST["friend_email2"]) != "") { if(!preg_match($form_items["email"]["regex"], $_POST["friend_email2"])) $errors[] = "Friend 2 ".$form_items["email"]["error"]; } if(trim($_POST["friend_email3"]) != "") { if(!preg_match($form_items["email"]["regex"], $_POST["friend_email3"])) $errors[] = "Friend 3 ".$form_items["email"]["error"]; } return count($errors); } function email($from, $from_name, $to, $message) { //header("Location: thankyou.html");return; $headers .= "From: ".$from."\r\n"; $headers .= "Content-type: text/plain; charset=ISO-8859-1"; $your_domian_name = "www.yourdomain.com"; //edit what you want your vistors to see in their email here $subject = $from_name." sent you an invitation to $your_domian_name"; $your_message = "Hi!\r\n"; $your_message.= ucfirst($from_name); $your_message.= " wants you to check out $your_domian_name\r\n"; $your_message.= "Sender's Message:\n\r"; $message=$your_message.stripslashes($message); if (mail($to,$subject,$message,$headers) ) { return true; } else { return false; } } function print_error($errors) { foreach($errors as $error) { $err.=$error."<br/>"; } echo "<div style=\"border:1px red solid; font-size:14px; font-weight:normal; color:red; margin:10px; padding:10px;\"> $err <div>"; } function form_process() { $from_name = $_POST["your_name"]; $from_email = $_POST["your_email"]; $to = $_POST["your_email"].",".$_POST["friend_email1"].",".$_POST["friend_email2"].",".$_POST["friend_email3"]; $message = $_POST["message"]; $error_count = validate_form_items(); if($error_count == 0) { if(email($from_email, $from_name, $to, $message)) header("Location: thankyou.html"); else { global $errors; $errors[] = "Email coudn't be send at this time. <br>Please report the webmaster of this error."; } } } if(isset($_POST["submit"])) form_process(); ?>

Can anyone help me? I have changed my code to look like the code below but it still isn't working. I basically used the method that worked for my search feature but switched the $_GET to $_POST, but no luck. I can still post potentially harmful code to my database with no strip slashes being applied to it. Can someone lend a hand? Thanks! $normal = "^[a-z0-9_\+-]+(\.[a-z0-9_\+-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*\.([a-z]{2,4})$"; $subscribe_email = $_POST['post_email']; if (!eregi($normal, $subscribe_email)) { $_SESSION['email_error'] = "Bad address!"; $errors = TRUE; } if ($errors == TRUE) { header("Location: http://localhost"); die(); } else { $errors = FALSE; } $con = mysql_connect("localhost", $username, $password); //Replace with your actual MySQL DB Username and Password mysql_select_db($database, $con); //Replace with your MySQL DB Name if (!$con) { $connect_error = ($_SESSION['error'] = "Try later!" . ini_set()); header("Location: http://localhost/"); die(); } if(get_magic_quotes_gpc()){ $_POST['post_email'] = stripslashes($_POST['post_email']); } $mail = mysql_real_escape_string($_POST['post_email']); //This value has to be the same as in the HTML form file $sql="INSERT INTO mail (mail) VALUES ('$mail')"; /*form_data is the name of the MySQL table where the form data will be saved. name and email are the respective table fields*/

Just do exactly what you did with $search. I did that, but when I post something similar to an SGL injection to my database, there are no slashes in the "fake injection". The text reads exactly how I typed it out.

Is there anybody else that can chime in and assist me with my question in the post above this one? Thanks!

Actually, I have one more question. How would I use this same concept to protect myself when I am collecting e-mails from people? I have a part on my site where people can enter their e-mail address into a field and then click submit and their address is stored in my database. Here is some of the example code: $normal = "^[a-z0-9_\+-]+(\.[a-z0-9_\+-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*\.([a-z]{2,4})$"; $subscribe_email = $_POST['post_email']; if (!eregi($normal, $subscribe_email)) { $_SESSION['index_email_error'] = "Bad address!"; $errors = TRUE; } if ($errors == TRUE) { header("Location: http://localhost"); die(); } else { $errors = FALSE; } $con = mysql_connect("localhost", $username, $password); //Replace with your actual MySQL DB Username and Password mysql_select_db($database, $con); //Replace with your MySQL DB Name if (!$con) { $connect_error = ($_SESSION['error'] = "Try later!" . ini_set()); header("Location: http://localhost/"); die(); } $email = mysql_real_escape_string($_POST['post_email']); //This value has to be the same as in the HTML form file $sql="INSERT INTO mail (mail) VALUES ('$mail')"; /*form_data is the name of the MySQL table where the form data will be saved. name and email are the respective table fields*/

PERFECT! That worked PFMaBiSmAd, you were right in that I was opening my database connection after that piece of code was running, and that's why it wasn't working. I just did a test and it is strip slashing just like it should be. Thanks!

Thanks for your help PFMaBiSmAd and AbraCadaver. After using your code AbraCadaver, my other problem pops up. For some reason, now my code is not reading that the search button was clicked, so no query is being run. I am getting the message that I included in my code below for people who navigate directly to my search page instead of entering a query and clicking the search button. Any thoughts as to why this may be happening? Thanks again for all of your help! //get data $button = $_GET['submit']; if (get_magic_quotes_gpc()){ $search = stripslashes($_GET['search']); } else { $search = $_GET['search']; } $search = mysql_real_escape_string($_GET['search']); // clean up the search string $limit = 6; $page = $_GET['page']; if($page) $start = ($page - 1) * $limit; // If no page var is given, set start to 0 else $start = 0; if (!$search) { $search_header = "CLICK THE SEARCH BUTTON! <span class='text'>$search</span>"; } else { $search_header = "RESULTS: <span class='text'>$search</span>";