Jump to content

[SOLVED] strip slashes function is not working

cluce

By cluce
in PHP Coding Help

 Share

Recommended Posts

cluce Advanced Member

cluce

Posted
Posted

I am trying to error proof my web site but when I input a tag in the text field the tag still disrupts my web page. Can someone give me any suggestions?

It looks like I am using the strip slashes function correctly. Is their some other code I need to add to this? My trim function works fine but not the strip slashes. I even took out the trim function and still no go.  ???

 

here is my code

<?php
//initialize the session
if (!isset($_SESSION)) {
  session_start();
}

//connects to database
$mysqli = mysqli_connect("localhost", "root", "", "test");

//check to see if email exists in database/table
$usercheck = strip_tags(trim($_POST['username']));
$check = mysqli_query($mysqli,"SELECT email FROM auth_users WHERE email = '$usercheck' LIMIT 1"); 
$check2= mysqli_num_rows($check);

//if the email does not exist, it gives an error
if ($check2 != 0) {
    echo ("email exists");

     //create and issue the query
     //$sql = "SELECT username, password FROM auth_users WHERE email = '".$_POST["email"]."';
     //$res = mysqli_query($mysqli, $sql);
    	
    //$to = "cluce@reaganpower.com";
//$subject = "Website Inquiry Form";
//$body = "$sql";
//mail ($to, $subject, $body);
//header("Location: http:reaganpower.com/thankyou.html");

}else{
    $_SESSION['emailExists'] = "<font color='red'>The email"." ".$_POST['email']." "."does not exist in our database.<br>You may register for free by filling out the online registration form.</font>";	
header ("Location: forgot_password.php");
}

mysqli_close($mysqli);
?>

Link to comment
Share on other sites
cluce Advanced Member

cluce

Posted
  • Author
Posted

my mistake on the code. :(

 

 

this is what I have...

 

<?php
//initialize the session
if (!isset($_SESSION)) {
  session_start();
}

//connects to database
$mysqli = mysqli_connect("localhost", "root", "", "test");

//check to see if email exists in database/table
$usercheck = stripslashes(trim($_POST['email']));
$check = mysqli_query($mysqli,"SELECT email FROM auth_users WHERE email = '$usercheck' LIMIT 1"); 
$check2= mysqli_num_rows($check);

//if the email does not exist, it gives an error
if ($check2 != 0) {
    echo ("email exists");

     //create and issue the query
     //$sql = "SELECT username, password FROM auth_users WHERE email = '".$_POST["email"]."';
     //$res = mysqli_query($mysqli, $sql);
    	
    //$to = "cluce@reaganpower.com";
//$subject = "Website Inquiry Form";
//$body = "$sql";
//mail ($to, $subject, $body);
//header("Location: http:reaganpower.com/thankyou.html");

}else{
    $_SESSION['emailExists'] = "<font color='red'>The email"." ".$_POST['email']." "."does not exist in our database.<br>You may register for free by filling out the online registration form.</font>";	
header ("Location: forgot_password.php");
}

mysqli_close($mysqli);
?>

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.