|
PHP - Contact Form - Post/sent , Then Reuse Variables
Hello,
I need to do the following: I have 2 forms on two different pages: Form 1: Name, Email, Phone Form 2: Name, Email, Phone, Address, etc. 1. User fills out Form 1, presses submit 2. Form 1 gets processed and I receive an email with the visitors Name, Email, Phone 3. After the Form has been processed I need to redirect the visitor to a new page (Form 2) 4. When Form 2 loads, fill in the form with the posted variables (Name, Email, Phone) from the previous process Here is my code: Form 1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> </head> <body> <form method="post" action="process_form.php"> <input type="text" name="name" /> <input type="text" name="email" /> <input type="text" name="phone" /> <input type="submit" name="submit" value="submit" /> </form> </div> </body> </html> process_form.php <?php $name = $_POST['name']; $email = $_POST['email']; $phone = $_POST['phone']; $to = 'email@provider.com'; $subject = "Contact Form"; $message = "Contact Information\r\n" ."$name\r\n" ."$email\r\n" ."$phone\r\n\"; $headers = "From: $email\r\n"; mail($to, $subject, $message, $headers); // Redirect header("Location: http://www.domain.com/form2/"); ?> Form 2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> </head> <body> <form method="post" action="process_form_2.php"> <input type="text" name="name" /> <input type="text" name="email" /> <input type="text" name="phone" /> <input type="text" name="address" /> <input type="text" name="city" /> <input type="text" name="state" /> . . . <input type="submit" name="submit" value="submit" /> </form> </div> </body> </html> The form does get processed and I do get an email with the visitor's info. But I'm not able to pass on the variables from From1 to Form2. Thank you in advance. Similar TutorialsThis topic has been moved to JavaScript Help. http://www.phpfreaks.com/forums/index.php?topic=347360.0 what I am trying to accomplish is for the user to select the state they wish, hit submit. At this point another form should show asking which county based on the state they picked, then hit search. At this point, I'm having an issue having the state variable being passed to the 2nd form also having the state they selected stay selected. <?php $default = "Step 1. Pick Your State"; $select = "<option name='statebox'>$default</option>"; echo "<br/><form method='POST' action=".$_SERVER['PHP_SELF']." >"; echo "<select name='search'>"; echo "$select"; /////////////////////////////////////////////////////////////// //Connect to the database include_once 'phpforms/connect.php'; $sql = mysql_query("SELECT * FROM states"); while($row = mysql_fetch_array($sql)){ $state = $row['states']; echo "<option name='statebox'>$state</option>"; }//End While /////////////////////////////////////////////////////////////// echo "</select>"; echo "<input align='left' type='submit' name='stateboxbutton' value='Ok'> "; echo "</form>"; echo "</td>"; echo "<td>"; if(isset($_POST['stateboxbutton'])){ $statesearch = $_POST['statebox']; $selected = $_POST['statebox']; $select = "<option name='statebox'>$selected</option>"; echo "<br/><form action='../search-results.php' method='POST'>"; echo "<select name='search'>"; echo "<option name='default'>Step 2. Pick Your County</option>"; /////////////////////////////////////////////////////////////// //Connect to the database include_once 'phpforms/connect.php'; $sql = mysql_query("SELECT * FROM counties WHERE state LIKE '$statesearch'"); while($row = mysql_fetch_array($sql)){ $co = $row['counties']; echo "<option name='county'>$co</option>"; }//End While /////////////////////////////////////////////////////////////// echo "</select>"; echo "<input align='left' type='submit' name='button' value='Search'> "; echo "</form>"; }else{ }//End Else ?> Hello dear friends, say i've form with 2 variables which i want to post to another file file 1 Code: [Select] <script type="text/javascript"> // <![CDATA[ $(document).ready(function(){ $('#loader').hide(); $('#inner').children().click(function(){ var a = $(this).attr("name"); $.post("rating.php?value="+a,{}, function(response){ $('#inner').fadeOut(); $('#inner').html(unescape(response)); $('#inner').fadeIn(); setTimeout("hideMesg();", 2000); }); }); }); function hideMesg(){ $('.rating_message').fadeOut(); $.post("rating.php?show=1", {}, function(response){ $('#inner').html(unescape(response)); $('#inner').fadeIn('slow'); }); } // ]]> </script> this will post the following ( the value of name ) Code: [Select] <div class="rating_dis" name="<?php echo $k?>" id="<?=$id?>"> </div> but i want it also to post the value of the (id) here is the second file which should get the name Code: [Select] if($_REQUEST['value']){ $name = $_REQUEST['value']; $query = "insert into rating (rated, channelid) values ('$name', '$idz')"; mysql_query( $query); } so the problem is how to send from file 1 to file 2 both the (name) and (id) how to double this ? Code: [Select] var a = $(this).attr("name"); $.post("rating.php?value="+a,{}, to be also Code: [Select] var a = $(this).attr("id"); $.post("rating.php?any="+a,{}, then i can get it from file 2 easily get both. thank you Hey Guys. I am working with a form that shows the grand total on the checkout page. The value of the grand total is inside a hidden field. When click on submit, the _POST array doesn't get back the last value of the grand total. I need to hit the button twice to get the last value. The weird thing is when I echo the value of the grand total it display the latest value, but not with the POST array
For example. If the grand total is $10.00 and I click on submit. It will show the POST['grand_total'] as empty. If I click on submit again it will show the grand total of $10.00.
Below is my code that I am working with. Any help would be really appreciated.
if(isset($_POST['submit'])) {
/* Doesn't show if i put it after if($_POST['submit'] */
if(isset($_POST['grand_total'])) {
echo $_POST['grand_total'];
}
}
//A bunch of other html/php code. Another class calculates the subtotal assigns it the variable $subtotal
$cart_totals = new cartTotals($subtotal, $discounted_amount,$post_values->tip); // Cart class is shown below
/* Doesn't show if i put it before if($_POST['submit'] */
if(isset($_POST['grand_total'])) {
echo $_POST['grand_total'];
}
echo "<input name='grand_total' type='hidden' value='$cart_totals->grand_total' />"; // Shows the grand total after second from submission
echo "$cart_totals->grand_total"; // Shows grand total after the first submission
Cart Totals Class
class cartTotals {
public $subtotal;
public $sales_tax;
public $tip;
public $grand_total;
public $discount_amount;
public $href_page;
public $invalidCouponMessage;
const TEST_ENVIORMENT = FALSE;
/**
* [ Function gets constructed in the order summary where the [$discount_amount= ""] arg does need to be passed.
* But does get passed in when called on the checkout.php page. Therefore we set the default value to an empty string.]
* @param [float] $subtotal [subtotal get passed in from the parent class coreCartFunction]
* @param string $discount_amount [The class checkCouponCode calculates this discount amount based on the
* subtotal and the discount amount. It gets instantiated on the clients side and passed is this construction function.
* This is all done on the checkout page.]
*/
/*The way the construct function works is by invoking all the methods the passed arguments
When the methods get invoked the do all the work and set the properties its values. The properties then get echoed out
on the client side. */
function __construct($subtotal="", $discount_amount= "", $tip=""){
$this->subTotal($subtotal, $discount_amount);//SubTotal method takes the discount amount and subtracts it from the subtotal.
$this->salesTax($subtotal, $discount_amount);
$this->tip = $tip;
$this->grandTotal();
}
private function subTotal($subtotal,$discount_amount) {
$rounded_subtotal = round($subtotal-$discount_amount,2);
$money_format_subtotal = money_format('%i',$rounded_subtotal);
$this->subtotal = $money_format_subtotal;
}
private function salesTax($subtotal, $discount_amount =""){
$sales_tax = (STORE_SALES_TAX)?(float)STORE_SALES_TAX:8.875;
$sales_tax =(($this->subtotal)*$sales_tax)/100;
$sales_tax = round($sales_tax,2);
$this->sales_tax = $sales_tax;
}
public function Tip() {
//global $post_values;
//$last_tip_selected = $post_values->tip > 0 ? $post_values->tip : "" ;
$tip_output = "<select id='tip' name='tip'>";
for($tip=0.00; $tip<=11.75; $tip+=0.25){
if( $tip == "2") {$selected = " selected";} else {$selected ="";}
$formatted_tip = money_format('%i',$tip);
$tip_output .= "<option {$selected} id='selected_tip' value='$formatted_tip'>"."$".$formatted_tip ."</option>".PHP_EOL;
}
$tip_output .= "</select>";
return $tip_output;
}
private function grandTotal(){
$grand_total = round($this->sales_tax+$this->subtotal+$this->tip,2);
$grand_total_formatted = money_format('%i',$grand_total);
$this->grand_total = $grand_total_formatted;
}
I have a form that is producing the following : Array ( [formID] => 3154008308 [q1_applicationDate] => Array ( [month] => 11 [day] => 15 [year] => 2010 ) [q4_fullName4] => Array ( [first] => TOM [last] => STONE ) [q5_email] => TSTONE@YAHOO.COM [q6_address6] => Array ( [addr_line1] => 325 E LINCOLN [addr_line2] => [city] => GENESEE [state] => NY [postal] => 33256 [country] => United States ) [q38_selectProvider38] => Sprint [q39_selectPlan] => Individual [website] => [simple_spc] => 3154008308-3154008308 ) HOW do I automatically get each item above into it's own PHP variable? The page that receives this Array is the second page of a 3 or 4 page form. I need to send the above information on through the remainder of the form?? Would appreciate any help! Thanks! I have sort of an odd request. I wish make a POST to roblox.com with the Xsrf token, let me give you what code might help then ill explain more.
So, I need to parse the page http://www.roblox.co...spx?gid=1039951 to get
the token, which is between the (' ') below (this is taken from the site, as an example and the token changes each time the page refreshes/changes.
<script type="text/javascript">Roblox.XsrfToken.setToken('IVzHt8XOUJpy');</script>
After you get the token, I need to make a post with that token to http://www.roblox.co...nge-member-rank with the variables:
groupId=
newRoleSetId= ,
targetUserId= ,
X-CSRF-TOKEN: IVzHt8XOUJpy,
X-Requested-With: XMLHttpRequest
I also might need to log in?
which I think is done like so:
POST https://m.roblox.com/Login HTTP/1.1
Host: m.roblox.com
Content-Length: 29
Content-Type: application/json
{"username":"","password":""}
but I am not sure, that is just something I found during my research. I know this is possible, I have seen it done multiple times in the past, and I think I have something going... Just not sure how to put it all together...
All of my form POST data (from multiple forms) is managed through a file called formdata.php. Formdata.php and check_input() performs trim/stripslashes/htmlspecialchars etc on the posted variables. (it also indirectly calls relevant database functions such as insert or select). What is the correct way to add all of the variables to an array so that I can so that I can pass the array(ofvariables) to a function. ie the checked variables (only a few of them): Code: [Select] $subject = check_input($_POST['subject']); $repphone = check_input($_POST['repphone']); $repfirstname = check_input($_POST['repfirstname']); $replastname = check_input($_POST['replastname']); $streetnum = check_input($_POST['streetnum']); $streetname = check_input($_POST['streetname']); $suburb = check_input($_POST['suburb']); $postcode = check_input($_POST['postcode']); there will be many subjects and many more variables so instead of listing the variables such as: Code: [Select] function post_to_table(){ // variables global $subject;, $streetnum, $streetname, $suburb, $postcode; global $repphone, $repfirstname, $replastname; if ($subject === "specifiedsubject"){ post_to_appropriate_table($streetnum, $streetname, $suburb, $postcode, $repphone, $repfirstname, $replastname); } I would rather use an array instead of passing each variable individually: Code: [Select] function post_to_appropriate_table ($streetnum, $streetname, $suburb, $postcode $repphone, $repfirstname, $replastname) { global $database; $sql = "INSERT INTO incident ("; $sql .= "streetnum, "; $sql .= "streetname, "; $sql .= "suburb, "; $sql .= "postcode, "; $sql .= "repphone, "; $sql .= "repfirstname, "; $sql .= "replastname"; $sql .= ") "; $sql .= "VALUES ("; $sql .= "'{$streetnum}', "; $sql .= "'{$streetname}', "; $sql .= "'{$suburb}', "; $sql .= "'{$postcode}', "; $sql .= "'{$repfirstname}', "; $sql .= "'{$replastname}'"; $sql .= ") "; // echo $sql; //for debugging if required; return $database->query($sql); } how can I ditch the ever growing list of variables and use an array? Thanks. Code: [Select] <?php if(isset($_POST['submit'])) { $drop = mysql_real_escape_string($_POST['drop_1']); $tier_two = mysql_real_escape_string($_POST['Subtype']); $Name = mysql_real_escape_string($_POST["Name"]); $Phone = mysql_real_escape_string($_POST["Phone"]); $Email = mysql_real_escape_string($_POST["Email"]); $Postcode = mysql_real_escape_string($_POST["Postcode"]); $Website = mysql_real_escape_string($_POST["Website"]); if($Name == '') { ....... ?> Could I remove this code and use the below code and still have the same effect? Code: [Select] <?php if(isset($_POST['submit'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysql_real_escape_string($value); } ?> This works: $result = mysql_query("SELECT * FROM mydatabase WHERE username = 'billybob'"); This does not: $user = "billybob" $result = mysql_query("SELECT * FROM mydatabase WHERE username = $user"); Shouldn't these be identical? If I echo $user, I get, of course, "billybob", so does anyone know why the variable isn't working in the query itself? Hello, I have coded a contact form in PHP and I want to know, if according to you, it is secure! I am new in PHP, so I want some feedback from you. Moreover, I have also two problems based on the contact form. It is a bit complicated to explain, thus, I will break each of my problem one by one. FIRST:The first thing I want to know, is if my contact form secure according to you: The HTML with the PHP codes: Code: [Select] <?php if ($_SERVER['REQUEST_METHOD'] == 'POST') { //Assigning variables to elements $first = htmlentities($_POST['first']); $last = htmlentities($_POST['last']); $sub = htmlentities($_POST['subject']); $email = htmlentities($_POST['email']); $web = htmlentities($_POST['website']); $heard = htmlentities($_POST['heard']); $comment = htmlentities($_POST['message']); $cap = htmlentities($_POST['captcha']); //Declaring the email address with body content $to = 'alithebestofall2010@gmail.com'; $body ="First name: '$first' \n\n Last name: '$last' \n\n Subject: '$sub' \n\n Email: '$email' \n\n Website: '$web' \n\n Heard from us: '$heard' \n\n Comments: '$comment'"; //Validate the forms if (empty($first) || empty($last) || empty($sub) || empty($email) || empty($comment) || empty($cap)) { echo '<p class="error">Required fields must be filled!</p>'; header ('refresh= 3; url= index.php'); return false; } elseif (filter_var($first, FILTER_VALIDATE_INT) || filter_var($last, FILTER_VALIDATE_INT)) { echo '<p class="error">You cannot enter a number as either the first or last name!</p>'; return false; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { echo '<p class="error">Incorrect email address!</p>'; return false; } elseif (!($cap === '12')){ echo '<p class="error">Invalid captcha, try again!</p>'; return false; } else { mail ($to, $sub, $body); echo '<p class="success">Thank you for contacting us!</p>'; } } ?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <p>Your first name: <span class="required">*</span></p> <p><input type="text" name="first" size="40" placeholder="Ex: Paul"/></p> <p>Your last name: <span class="required">*</span></p> <p><input type="text" name="last" size="40" placeholder="Ex: Smith"/></p> <p>Subject: <span class="required">*</span></p> <p><input type="text" name="subject" size="40" placeholder="Ex: Contact"/></p> <p>Your email address: <span class="required">*</span></p> <p><input type="text" name="email" size="40" placeholder="Ex: example@xxx.com"/></p> <p>Website:</p> <p><input type="text" name="website" size="40" placeholder="Ex: http//:google.com"/></p> <p>Where you have heard us?: <span class="required">*</span></p> <p><select name="heard"> <option>Internet</option> <option>Newspapers</option> <option>Friends or relatives</option> <option>Others</option> </select></p> <p>Your message: <span class="required">*</span></p> <p><textarea cols="75" rows="20" name="message"></textarea></p> <p>Are you human? Sum this please: 5 + 7 = ?: <span class="required">*</span></p></p> <p><input type="text" name="captcha" size="10"/></p> <p><input type="submit" name="submit" value="Send" class="button"/> <input type="reset" value="Reset" class="button"/></p> </form> SECOND PROBLEM:If a user has made a mistake, he gets the error message so that he can correct! However, when a mistake in the form occurs, all the data the user has entered are disappeared! I want the data to keep appearing so that the user does not start over again to fill the form. THIRD: When the erro message is displayed to notify the user that he made a mistake when submitting the form, the message is displaying on the top of the page. I want it to appear below each respective field. How to do that? In JQuery it is simple, but in PHP, I am confusing! I have read around and can't seem to find the right coding for what I need on this forum and some other other forums. I have a contact form (as listed below) and I need 2 locations (Print Name and Title) fields to auto-populate on a separate form (can be a doc, pdf, etc. any form of document which is easiest) and this form can be totally back end and the individual using the form never is going to see the form. It's going on a contract form, that we would like to auto-populate. Also is there a simple attachment code so individuals can attach documents to the code? <p style: align="center"><form action="mailtest.php" method="POST"> <?php $ipi = getenv("REMOTE_ADDR"); $httprefi = getenv ("HTTP_REFERER"); $httpagenti = getenv ("HTTP_USER_AGENT"); ?> <input type="hidden" name="ip" value="<?php echo $ipi ?>" /> <input type="hidden" name="httpref" value="<?php echo $httprefi ?>" /> <input type="hidden" name="httpagent" value="<?php echo $httpagenti ?>" /> <div align="center"> <p class="style1">Name</p> <input type="text" name="name"> <p class="style1">Address</p> <input type="text" name="address"> <p class="style1">Email</p> <input type="text" name="email"> <p class="style1">Phone</p> <input type="text" name="phone"> <p class="style1">Debtor</p> <input type="text" name="debtor"> <p class="style1">Debtor Address</p> <input type="text" name="debtora"> <br /> <br /> <a href="authoforms.php" target="_blank" style="color:#ffcb00" vlink="#ffcb00">Click here to view Assignment Agreement and Contract Agreement</a> <p class="style1"><input type='checkbox' name='chk' value='I Have read and Agree to the terms.'> I have read and agree to the Assignment and Contract Agreement <br></p> <p class="style1">Print Name</p> <input type="text" name="pname"> <p class="style1">Title</p> <input type="text" name="title"> <p class="style1">I hear by agree that the information I have provided is true, accurate and the information I am submitting is <br /> not fraudulent. Please click the agree button that you adhere to Commercial Recovery Authority Inc.'s terms:</p> <select name="agree" size="1"> <option value="Agree">Agree</option> <option value="Disagree">Disagree</option> </select> <br /> <br /> <p class="style1">Employee ID:</p> <input type="text" name="employee"> <br /> <input type="submit" value="Send"><input type="reset" value="Clear"> </div> </form> </p> The mailtest php is this ?php $ip = $_POST['ip']; $httpref = $_POST['httpref']; $httpagent = $_POST['httpagent']; $name = $_POST['name']; $address = $_POST['address']; $email = $_POST['email']; $phone = $_POST['phone']; $debtor = $_POST['debtor']; $debtora = $_POST['debtora']; $value = $_POST['chk']; $pname = $_POST['pname']; $title = $_POST['title']; $agree = $_POST['agree']; $employee = $_POST['employee']; $formcontent=" From: $name \n Address: $address \n Email: $email \n Phone: $phone \n Debtor: $debtor \n Debtor's Address: $debtora \n 'Client' has read Assignment and Contract Agreement: $value \n Print Name: $pname \n Title: $title \n I hear by agree that the information I have provided is true, accurate and the information I am submitting is not fraudulent. Please click the agree button that you adhere to Commercial Recovery Authority Inc.'s terms: $agree \n \n Employee ID: $employee \n IP: $ip"; $recipient = "mail@crapower.com"; $subject = "Online Authorization Form 33.3%"; $mailheader = "From: $email \r\n"; mail($recipient, $subject, $formcontent, $mailheader) or die("Error!"); echo "Thank You!" . " -" . "<a href='index.php' style='text-decoration:none;color:#ffcb00;'> Return Home</a>"; $ip = $_POST['visitoraddress'] ?> I'm stuck at trying to figure out out to complete the 3 Step scripts to accomplish passing $variables between 2 different servers. Since there will actually be 12 Non-POST $variables involved in the SERVER #1 to SERVER #2 transfer , it doesn't appear that trying to put these all in a URL string and going the 'GET' route is practical.
I'm just using 3 short test variables in the examples. My eyeballs started rolling within I ran across something about 'CURL' that might be a necessary part of the solution?
The code I have been able to hammer out so far is below as STEP 1, STEP 2 and STEP 3.
STEP 1
<?php // submit.php // STEP 1 // On (LOCAL) SERVER #1 TO relay $variables to 'process.php' on (REMOTE) SERVER #2 // To submit $variables to directly another destination server script // NOTE: The $variable are NOT the result of Form Input !!! // For login Authenticaion ALL 3 must match db entries on SERVER #2 // NOTE: (Again) The $variables are NOT the result of Form Input !!! $userid = "adam"; $passwd = "eve"; $pscode = "peterpan"; // NOTE: (Again) The $variable are NOT the result of Form Input !!! // These $variables are needed for MySQL db INSERT on the destination URL server // For testing simplicity (actual data will be 12 $variables) $a = "apple"; $b = "banana"; $u = "1234567; // // Not sure if something called 'CURL' is needed here ??? // $submit_to_url = http://www.blahblah.com/process.php"; ?>STEP 2
<?php
// processor.php
// STEP 2
// ON SERVER #2 TO RECEIVE DATA DIRECTLY FROM SERVER #1 'submit.php'
// To receive and process the $variables into a MySQL db on SERVER #2
// NOTE: The $variables are NOT the result of Form Input !!!
// First validate $userid, $passwd & $pscode against `verify` table MySQL records
require '/SERVER_2_securelocation_for_database_connection/secret_mysqli.php';
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
//
// Not sure if something called 'CURL' is needed here ???
//
// These login $variables are from submit.php on SERVER #1
$userid
$passwd
$pscode
$sql="SELECT `userid`, `passwd`, `pscode` FROM `verify`
WHERE `userid` = '$userid'" AND `passwd` = '$passwd` AND `pscode` = '$pscode';
$result = mysqli_query($con,$sql);
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
//
// Then some Authentication code if ALL 3 components match
//
// If Authentication = true then $passed = "YES" must sent
// be sent back to the 'finalstep.php' script on SERVER #1
// If Authentication (or connection) = false ... $passed = "NO"
$return_to_url = http://www.blahblah.com/finalstep.php";
// These $variables are from submit.php on SERVER #1
$a = "apple";
$b = "banana";
$u = "1234567";
$sql="INSERT INTO `data` (`a`, `b`, `u`)
VALUES ('$a', '$b', '$u')";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
// If $SQL INSERT into `data` on SERVER #2 works ...
// $status = "Pending" must be sent back to the 'finalstep.php'
// script on SERVER #1 for MySQL db Table insertion
// If $SQL INSERT into `data` = false, then $status = "Error"
// NOTE: The '$u' $variable also needs send back to finalstep.php !!!
$return_to_url = http://www.blahblah.com/finalstep.php";
mysqli_close($con);
?>
STEP 3
<?php
// finalstep.php
// STEP 3
// ON SERVER #1 TO RECEIVE DATA DIRECTLY BACK FROM SERVER #2 process.php
// To receive the $passed, $status and $u $variables for final step action
// NOTE: The $variable are NOT the result of Form Input !!!
require '/SERVER_1_securelocation_for_database_connection/secret_mysqli.php';
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// These $variables are from process.php on SERVER #2
$passed
$status
$u
$sql="UPDATE `tracking`
SET `passed` = '$passed',
`status` = '$status'
WHERE `uniqueid` = '$u' ";
$result = mysqli_query($con,$sql);
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
mysqli_close($con);
?>
Thanks very much for any assistance and guidance.
-freakingOUT
Hi all, Thanks for reading. I'm developing my first website with user registration, login, and account settings, and I was wondering what the best way would be to prevent the site from security flaws, SQL injection, etc. I've read up on it, but, as an example, would the following be suitable? Code: [Select] $username = trim(stripslashes(mysql_real_escape_string($_POST['username']))); I guess what I'm asking is, is the above normal? Is there a simpler way to make input from the user secure? Thank you. This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=315683.0 I want to reuse the data from getFaq for different levels of a website.
$fcid is the variable. Creating the full page in the getFaq function could work but limits the function to one set of results, Do I need to create a new function if I want to create another page with the data and a new call to the database? It seems to me there must be a way to store the array from $fcid and call it from another page to get a subset of the data. I added the getFP class as an attempt to do just that but I am getting no results. If I place the code in the getFP class in the getFAQ function the script works as envisioned. I want to create a getFAQpage, a getFAQheader and a getFAQsubset based on categories. The data is all there in $fcid but I have no idea on how to access it from outside the class.
Dbh is the PDO connection.
Class GetData extends Dbh {
public function getFaq($site) {
$sql = "SELECT faq_cats.faqc_name, faqs.faq_question, faqs.faq_answer FROM faq_cats INNER JOIN faqs ON faq_cats.faqc_id = faqs.faq_cat WHERE faq_cats.faqc_site = ? ORDER BY faq_cats.faqc_name";
$stmt = $this->connect()->prepare($sql);
$stmt->execute([$site]);
$fcid = $stmt->fetchAll();
return $fcid;
}
}
Class getFP extends GetData {
public function getFaqPage([$fcid]) {
$fcid = $this->fcid;
$fhead = null;
foreach ($fcid as $faq) {
$fname = $faq["faqc_name"];
$fquest = $faq["faq_question"];
$fans = $faq["faq_answer"];
if ($fhead != $fname) {
echo "<h2>".$fname."</h2>";
}
echo $fquest."<br />".$fans."<br /><br />";
$fhead = $fname;
}
}
}
$faqob = new getFP();
$faqob->getFaqPage([$fcid]);
Can I use the data fetched with the mysql_fetch_assoc command more than once? What I'm trying to do is query a MySQL DB, and print a list of the results by gender. So far I've only been able to do it by querying the DB twice, and I know there's got to be a more efficient way. I think I should be able to go through the array once, print all the males, then go through the array again and print all the females. But I'm stumped as to how to do it. Here's basically what I'm doing to get my results: Code: [Select] $cxn=mysqli_connect("localhost","username","password","table_name") or die ("Could not connect to database"); $query= "SELECT * FROM blah blah blah"; $result=mysqli_query($cxn,$query) or die ("Couldn't execute query."); while ( $row = mysqli_fetch_assoc($result)) { extract($row); IF ($gender == 'M') { echo "Here is my data for Males"; } } I basically want to re-run the WHILE statement, but check for $gender == 'F', without having to re-run the $result=mysqli_query command again. But when I do that, nothing is displayed and the script ends. Is it just a matter of moving a pointer to the beginning of an array or something similar? Thanks in advance. Im having a problem with my form mail on my websites. Now the problem I have only happens with sites that I upload to my hosting accounts with Host gator. The mail will only deliver to the domain email address it wont deliver to gmail or yahoo or any other email address. I tested the script on an old domain with an Irish hosting account and it works perfectly it delivers to gmail and yahoo and my domain email account. Ive been pulling my hair out talking to Hostgator staff all weekend they keep blaming gmail and yahoo and insist the problem is not on there end. Anyway I was wondering is there anything I can add to my PHP script to make sure it delivers to gmail and yahoo or is there anything wrong with my script as hostgator are saying. Maybe there is a security issue or something Im very new to php so i could be missing something simple.
Thanks for the Help
<?php /* Set e-mail recipient */ $myemail = "info@shaneswebdesign.com"; /* Check all form inputs using check_input function */ $yourname = check_input($_POST['yourname'], "Enter your name"); $subject = check_input($_POST['subject'], "Write a subject"); $email = check_input($_POST['email']); $website = check_input($_POST['website']); $likeit = check_input($_POST['likeit']); $how_find = check_input($_POST['how']); $comments = check_input($_POST['comments'], "Write your comments"); /* If e-mail is not valid show error message */ if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email)) { show_error("E-mail address not valid"); } /* If URL is not valid set $website to empty */ if (!preg_match("/^(https?:\/\/+[\w\-]+\.[\w\-]+)/i", $website)) { $website = ''; } /* Let's prepare the message for the e-mail */ $message = "Hello! Your contact form has been submitted by: Name: $yourname E-mail: $email URL: $website Area of Interest? $how_find Comments: $comments End of message "; /* Send the message using mail() function */ mail($myemail, $subject, $message); /* Redirect visitor to the thank you page */ header('Location: http://www.shanesweb...m/thanks.php'); exit(); /* Functions we used */ function check_input($data, $problem='') { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); if ($problem && strlen($data) == 0) { show_error($problem); } return $data; } function show_error($myError) { ?> <html> <body> <b>Please correct the following error:</b><br /> <?php echo $myError; ?> </body> </html> <?php exit(); } ?> I was able to edit this code from my word press theme.. I wanted to add a social club ID to as a text field, i was able to add the text field but i cannot seem to get the information from that field sent with the email I edited this contact form file on my word press to try and include a Social ID field, i was able to add the content to the form but i'm unable to get the information sent in the email, keeps giving me awkward results. help plz.
<?php session_start();
/**
* Template Name: Contact Form
*/
global $theme; get_header(); ?>
<div id="main">
<?php $theme->hook('main_before'); ?>
<div id="content">
<?php $theme->hook('content_before'); ?>
<?php
if (have_posts()) : while (have_posts()) : the_post();
/**
* Find the post formatting for the pages in the post-page.php file
*/
get_template_part('post', 'page');
endwhile;
else :
get_template_part('post', 'noresults');
endif;
?>
<div class="contact-form">
<?php
if ($_POST['contact_form_submit'] ) {
if(!$_POST['contact_form_name'] || !$_POST['contact_form_email'] || !$_POST['contact_form_subject'] || !$_POST['contact_form_socialid'] || !$_POST['contact_form_question'] || !$_POST['contact_form_message']) {
?><div class="error"><?php _e('Please fill in all required fields!','themater'); ?></div><?php
} elseif(!is_email($_POST['contact_form_email'])) {
?><div class="error"><?php _e('Invalid email!','themater'); ?></div><?php
} elseif(($_SESSION['contact_form_number_one'] + $_SESSION['contact_form_number_two']) != $_POST['contact_form_question']) {
?><div class="error"><?php _e('You entered the wrong solution..','themater'); ?></div><?php
} else {
wp_mail($theme->get_option('contact_form_email'), sprintf( '[%s] ' . esc_html($_POST['contact_form_subject']), get_bloginfo('name') ), esc_html($_POST['contact_form_message']),'From: "'. esc_html($_POST['contact_form_name']) .'" <' . esc_html($_POST['contact_form_email']) . '>');
unset($_POST);
?><div class="message"><?php _e('Thanks for contacting Devils First MC.','themater'); ?></div><?php
}
if ( isset($_SESSION['contact_form_number_one'] ) ) unset( $_SESSION['contact_form_number_one'] );
if ( isset($_SESSION['contact_form_number_two'] ) ) unset( $_SESSION['contact_form_number_two'] );
}
if ( !isset($_SESSION['contact_form_number_one'] ) ) $_SESSION['contact_form_number_one'] = $contact_form_number_one = rand(1, 9);
else $contact_form_number_one = $_SESSION['contact_form_number_one'];
if ( !isset($_SESSION['contact_form_number_two'] ) ) $_SESSION['contact_form_number_two'] = $contact_form_number_two = rand(1, 9);
else $contact_form_number_two = $_SESSION['contact_form_number_two'];
?>
<form method="post" action="">
<input type="hidden" name="contact_form_submit" value="true" />
<div class="contact-form-label alignleft <?php if($_POST && !$_POST['contact_form_name']) { echo 'contact-form-required'; } ?>"><?php _e('Name','themater'); ?>:</div>
<div class="contact-form-input"><input type="text" name="contact_form_name" value="<?php if ( isset($_POST['contact_form_name']) ) { echo esc_attr($_POST['contact_form_name']); } ?>" /></div>
<div class="contact-form-label alignleft <?php if($_POST && !$_POST['contact_form_socialid']) { echo 'contact-form-required'; } ?>"><?php _e('Social Club ID','themater'); ?>:</div>
<div class="contact-form-input"><input type="text" name="contact_form_socialid" value="<?php if ( isset($_POST['contact_form_socialid']) ) { echo esc_attr($_POST['contact_form_socialid']); } ?>" /></div>
<div class="contact-form-label alignleft <?php if($_POST && !$_POST['contact_form_email']) { echo 'contact-form-required'; } ?>"><?php _e('Email','themater'); ?>:</div>
<div class="contact-form-input"><input type="text" name="contact_form_email" value="<?php if ( isset($_POST['contact_form_email']) ) { echo esc_attr($_POST['contact_form_email']); } ?>" /></div>
<div class="contact-form-label alignleft <?php if($_POST && !$_POST['contact_form_question']) { echo 'contact-form-required'; } ?>"><?php echo $contact_form_number_one; ?> + <?php echo $contact_form_number_two; ?> = ?</div>
<div class="contact-form-input"><input type="text" name="contact_form_question" value="" /></div>
<div class="contact-form-label alignleft <?php if($_POST && !$_POST['contact_form_subject']) { echo 'contact-form-required'; } ?>"><?php _e('Subject','themater'); ?>:</div>
<div class="contact-form-input"><input type="text" name="contact_form_subject" value="<?php if ( isset($_POST['contact_form_subject']) ) { echo esc_attr($_POST['contact_form_subject']); } ?>" /></div>
<div class="contact-form-label alignleft <?php if($_POST && !$_POST['contact_form_message']) { echo 'contact-form-required'; } ?>"><?php _e('Message','themater'); ?>:</div>
<div class="contact-form-input"><textarea name="contact_form_message" ><?php if ( isset($_POST['contact_form_message']) ) { echo esc_textarea($_POST['contact_form_message']); } ?></textarea></div>
<div class="contact-form-label alignleft"> </div>
<div class="contact-form-input" style="text-align: center;"><input type="submit" value="<?php _e('Submit','themater'); ?>" /></div>
</form>
</div>
<?php $theme->hook('content_after'); ?>
</div><!-- #content -->
<?php get_sidebars(); ?>
<?php $theme->hook('main_after'); ?>
</div><!-- #main -->
<?php get_footer(); ?>
Hey, I have my contact form in my website working fine I'm just asking a simple question because I don't know so much about php and php syntax I have my html file calling this code below when i'm clicking on the submit button Just take a look at the last line when there is the 'echo' script I want it to go to this link, and instead it's just writing the link what is the right command/code that should i use? <? $subject="from ".$_GET['fName']; $headers= "From: ".$_GET['fEmail']."\n"; $headers.='Content-type: text/html; charset=UTF-8' . "\r\n"; mail("mymail@example.com", $subject, " <html> <head> <title> My Title </title> </head> <body> <br> ".$_GET['fName']. " <br> ".$_GET['fPhone']." <br> ".$_GET['fEmail']." <br><br> ".$_GET['pBody']." </body> </html>" , $headers); echo "http://avrikim123.co.cc/sent.html"; ?> |
|||||||