Jump to content

Recommended Posts

So I seem to know very little about php and coding in general.  I'm trying to use html anchors for a table of contents, but everytime I insert them into a php function, the page won't load.

 

<?php
 
include("./includes/egl_inc.php");
$secure = new secure();
$secure->secureGlobals();
page_protect();
 
$out[body]="
<strong><a href="#1">text here</a></strong><br>
 
 
";
 
 
 
include("$config
");
 
?>
 
Is this something even possible, is someone able explain to me the error I'm getting?
Edited by Otis17
Link to comment
https://forums.phpfreaks.com/topic/288300-inserting-html-anchors-in-php-script/
Share on other sites

Look at your quotes.  You need to learn to use single and double quotes or else learn how to escape them.

 

And - if you're a newbie where did you learn how to write this OOP code already?  You can't write a clean string but you are using classes/objects?

You have double quotes within a double quoted string, breaking that string.

 

You are missing quotes around the strings 'body' and 'html'.

 

You have quotes and braces places you don't need them.

 

You need to escape the inner quotes:

 

<?php
 
include "./includes/egl_inc.php";

$secure = new secure();
$secure->secureGlobals();
page_protect();
 
$out['body'] = "<strong><a href=\"#1\">text here</a></strong><br>";

include $config['html'];

Hi,

 

please get rid of this garbage class and stop stealing random bullshit from the internet.

 

I'm sorry for being so harsh, but this really is the cancer of PHP. Why don't you write you own code? Start with a blank file and write down your own ideas while you search the PHP manual for the right functions. Yes, this takes time, and your first scripts won't be very good. But they will be your scripts, and you'll learn from them.

 

There's nothing you could learn from that class you've copypasted. Whoever wrote it doesn't know anything whatsoever about PHP or security or good code. It's just an incredibly naïve attempt of implementing “Magic Quotes on steroids” or something like that. You should actually look at the code, it's pretty funny:

private function secureSuperGlobalGET(&$value, $key)
{
    $_GET[$key] = htmlspecialchars(stripslashes($_GET[$key]));
    $_GET[$key] = str_ireplace("<script", "<blocked", $_GET[$key]);
    $_GET[$key] = mysql_escape_string($_GET[$key]);
    $_GET[$key] = preg_replace('/DROP TABLE | TRUNCATE TABLE |EXECUTE /i', '', $_GET[$key]);

    return $_GET[$key];
}

What kind of drugs does it take to think this is a good idea?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.