PHP - Clearing Out Form

I am currently building a website which uses postbacks.
How can I clear the postback so that it can only be posted once because at the minute when i refresh the page it keeps adding the same entry.
Any help would be appreciated

For some reason if the user has the user has 5 failed attempts at logging in and then they have to wait 10 minutes to try again well if they are able to login successfully its supposed to clear the locked out user and for some reason its not. Anyone see why it isn't?


Code: [Select]
<?php
// User is registered and verified
                    $query = "SELECT * FROM users_logins_attempts WHERE users_id = '".$users_id."'";
                    $result = mysqli_query($dbc,$query);
                    $row = mysqli_fetch_array($result);
                    
                    $lock_date = $row['lock_date'];

                    // Find out if user is locked out of their account
                    if (($lock_date != "0000-00-00 00:00:00") && strtotime($lock_date) >= time()) {
                        $locked = "yes";

                            // Account locked error
                            $errors = true;
                            $message = "Account is locked! Please try again later!";
                            
                            $output = array('errorsExist' => $errors, 'message' => $message);
                            
} else {
                            $locked = "no";
                            // Clear the lock
                            $query = "UPDATE users_logins_attempts SET lockDate = NULL, ip_address = NULL, failed_logins = 0 WHERE users_id = '".$users_id."'";
                            $result = mysqli_query($dbc,$query);
                            
                            // Account locked error
                            $errors = true;
                            $message = "Account is unlocked. You may now try to log in again!";
                            
                            $output = array('errorsExist' => $errors, 'message' => $message);

}
                            
                    if($locked == "yes"){
/*hack around messy nested if statments*/    
                    } else {
                        
                        if ($lock_date != "0000-00-00 00:00:00") {
                            $locked = "yes";
    
                            // Clear the lock
                            $query = "UPDATE users_logins_attempts SET lockDate = NULL, ip_address = NULL, failed_logins = 0 WHERE users_id = '".$users_id."'";
                            $result = mysqli_query($dbc,$query);   
                                
     } 
?>

I downloaded a script for a poll/voting kinda thing for all my site visitors a while ago and then I tweaked it a bit. It is linked to a database. It grabs the question and possible answers from one database. It also stores user votes, ip addresses, and the date they voted in a database.    I went to change the question and possible answers in my poll by simply changing the options in the Database. This worked fine, but I found a big problem! If you have already voted in the poll, then it displays the results to you every time you visit the site . I assumed this was based off your IP since it is recorded in the database. So logically I thought if you cleared all the IP's in the DB, then the new question would display for every user, but to my alarm it is based off cookies. This is problem because even though I changed the question and options, if people have not cleared their cookies from the last time then the poll still displays the results even though they have not voted on the new question yet. Is there someway to clear everyone cookies or make the poll start fresh for everyone without drastically changing the code and how the entire thing works?
Edited by ryanmetzler3, 24 May 2014 - 09:33 PM.

 
I'm calling a function that resets a couple arrays:


public function resetStuff() {
$this->someArray = array();
$this->someOtherArray = array();
}

However, someOtherArray is not resetting!! How could that be?

I can add debug statements to echo the size of the arrays before and after the function calls. It shows that:
someArray went from n to 0
someOtherArray went from n to n

How is that possible??

This topic has been moved to Third Party PHP Scripts.

http://www.phpfreaks.com/forums/index.php?topic=359149.0

Morning All,

Should be a quick one for the seasoned veterans! I'm learning the in's and out's of sanitizing my variables for input into my database (mysql).

The following is my code;

Code: [Select]
$Username = mysql_real_escape_string($_POST['username']);
$PWord = mysql_real_escape_string($_POST['pword']);
$Email = mysql_real_escape_string($_POST['email']);
$Fullname = mysql_real_escape_string($_POST['fullname']);
$Address_1 = mysql_real_escape_string($_POST['address_1']);
$Address_2 = mysql_real_escape_string($_POST['address_2']);
$City = mysql_real_escape_string($_POST['city']);
$Zip = mysql_real_escape_string($_POST['zip']);
$Country = mysql_real_escape_string($_POST['country']);

The following is my output;

Error executing INSERT statement - INSERT INTO tblUser(User_Name, Full_Name, Email, Address_1, Address_2, City, Zip, Country, PWord)VALUES ('','','','','','','','','')

Any ideas?

Also; is mysql_real_escape_string valid for use on all types of input from the input box?

I'm teaching myself a bit of OOP in php.  found that i could pass an object into the SESSION array if i serialize() the object and then unserialize() it where i need it in other page files.  all seems to work well until it comes time for a user to logout from my application and attempt to destroy the session.  at times, when they log back in, this serialized SESSION value seems to still be set while other SESSION values have been cleared.  at least i *thinnk* this is what is going on.   in my logout handler, i have the following:

    $_SESSION = array(); // clear all SESSION vars
    setcookie(); // clear cookies
    session_destroy();

but the above does not seem to be working.  my guess is there is something native to serialized SESSION values that im not yet aware of.  any help here would be much appreciated.

I'm trying to use this php to clear out the session variables and return to the index page.  However it's not clearing them out. Any ideas?

logout.php
Code: [Select]
<?php 
session_start();
        unset($_SESSION['user_id']);
        unset($_SESSION['username']);
session_destroy();
header("Location: http://aaronhaas.com/pitchshark6/index.php?vid_id=1"); 
?>

then in my navigation I'm using this code to either display their username and a logout link to logout.php or if they are not logged in display a sign in link.

Code: [Select]
<?php
         // if logged in
if (isset($_SESSION['user_id'])) 
{
// display 
echo "<a href='#'>".$_SESSION['username']."</a>&nbsp; &nbsp;";
echo "<a href='scripts/logout.php'>Log Out</a>&nbsp; &nbsp;";
}
        // if not logged in
else
{      // display login link
echo "<a href='login.php'>Sign In</a>";
}
?>


here is my super simple login script
Code: [Select]
$username = $_POST['username'];
$password = $_POST['password'];

//Check if the username or password boxes were not filled in
if(!$username || !$password){
//if not display an error message
echo "<center>You need to fill in a <b>Username</b> and a <b>Password</b>!</center>";
}else{
// find user by username and password - working
$userQuery = 'SELECT * FROM users WHERE user_name ='.'"'. $username.'" AND password='.'"'. $password.'"' ;
$users = mysql_query($userQuery);

$user = mysql_fetch_array($users);
$_SESSION['user_id'] = $user['user_id'];
$_SESSION['username'] = $user['username'];
header("Location: http://aaronhaas.com/pitchshark6/index.php?vid_id=1");

}

I am following along in a PHP, MySQL book and the way they clear session variables is by:

Code: [Select]
session_start();
session_unset();
session_destroy();

They clear session variables like that in that exact order.

My question is that this apparently clears ALL session variables for the browser in use. Every website I have visited when you click a LOGOUT button ONLY logs you out of their specific site and DOES NOT seem to clear ALL session variables as this would log you out of any other websites that you might be logged into with that same browser.

So, I went to the PHP website and found out that instead of using the session_unset () function you can clear individual session variables using the unset ($_SESSION['varname']) function.

Is this a good way of clearing session variables ONLY for a PARTICULAR website and NOT clearing session variables for the WHOLE browser? If so, would I then NOT use the session_destroy () function after clearing each individual session variable specific to that ONE website using unset ($_SESSION['varname'])?

Thank you in advance! 

I'm learning PHP, and in the course of this, I'm writing a little app which posts to the same php file. HOWEVER, when I run the app again, the POST values remain. I can use unset() but, is there another way to clear POST data?

RON

Hello, I have coded a contact form in PHP and I want to know, if according to you, it is secure! I am new in PHP, so I want some feedback from you.

Moreover, I have also two problems based on the contact form. It is a bit complicated to explain, thus, I will break each of my problem one by one.

FIRST:The first thing I want to know, is if my contact form secure according to you:

The HTML with the PHP codes:

Code: [Select]
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {

//Assigning variables to elements
$first = htmlentities($_POST['first']);
$last = htmlentities($_POST['last']);
$sub = htmlentities($_POST['subject']);
$email = htmlentities($_POST['email']);
$web = htmlentities($_POST['website']);
$heard = htmlentities($_POST['heard']);
$comment = htmlentities($_POST['message']);
$cap = htmlentities($_POST['captcha']);

//Declaring the email address with body content
$to = 'alithebestofall2010@gmail.com';
$body ="First name: '$first' \n\n Last name: '$last' \n\n Subject: '$sub' \n\n Email: '$email' \n\n Website: '$web' \n\n Heard from us: '$heard' \n\n Comments: '$comment'";

//Validate the forms
if (empty($first) || empty($last) || empty($sub) || empty($email) || empty($comment) || empty($cap)) {
echo '<p class="error">Required fields must be filled!</p>';
header ('refresh= 3; url= index.php');
return false;

} 
elseif (filter_var($first, FILTER_VALIDATE_INT) || filter_var($last, FILTER_VALIDATE_INT)) {
echo '<p class="error">You cannot enter a number as either the first or last name!</p>';
return false;
} 
elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo '<p class="error">Incorrect email address!</p>';
return false;
}
elseif (!($cap === '12')){
echo '<p class="error">Invalid captcha, try again!</p>';
return false;
}
else {
mail ($to, $sub, $body);
echo '<p class="success">Thank you for contacting us!</p>';
}
}
?>
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<p>Your first name: <span class="required">*</span></p>
<p><input type="text" name="first" size="40" placeholder="Ex: Paul"/></p>

<p>Your last name: <span class="required">*</span></p>
<p><input type="text" name="last" size="40" placeholder="Ex: Smith"/></p>

<p>Subject: <span class="required">*</span></p>
<p><input type="text" name="subject" size="40" placeholder="Ex: Contact"/></p>

<p>Your email address: <span class="required">*</span></p>
<p><input type="text" name="email" size="40" placeholder="Ex: example@xxx.com"/></p>

<p>Website:</p>
<p><input type="text" name="website" size="40" placeholder="Ex: http//:google.com"/></p>

<p>Where you have heard us?: <span class="required">*</span></p>
<p><select name="heard">
<option>Internet</option>
<option>Newspapers</option>
<option>Friends or relatives</option>
<option>Others</option>
</select></p>

<p>Your message: <span class="required">*</span></p>
<p><textarea cols="75" rows="20" name="message"></textarea></p>

<p>Are you human? Sum this please: 5 + 7 = ?: <span class="required">*</span></p></p>
<p><input type="text" name="captcha" size="10"/></p>

<p><input type="submit" name="submit" value="Send" class="button"/>
<input type="reset" value="Reset" class="button"/></p>
</form>

SECOND PROBLEM:If a user has made a mistake, he gets the error message so that he can correct! However, when a mistake in the form occurs, all the data the user has entered are disappeared! I want the data to keep appearing so that the user does not start over again to fill the form.

THIRD: When the erro message is displayed to notify the user that he made a mistake when submitting the form, the message is displaying on the top of the page. I want it to appear below each respective field. How to do that? In JQuery it is simple, but in PHP, I am confusing!

Stumped!  I have a client who has a form where they upload files to their server: title, two password fields, and the file They have been unable to upload anything over 10m   Small (under 10mb) files work. Larger doesn’t I’ve tracked it down, I think, that the processing page appears to be dropping the form values when the file takes a bit to upload.   I echo’ed the values that are grabbed from the form, and they return empty strings if it takes a while for the file to upload (a large file) - they pass fine if the file is smaller.   I think I've got the php info set correctly, but cannot for the life of me figure out how to adjust the timing out issue, or even where to troubleshoot.   Here's my phpinfo:   Max Requests Per Child: 750 - Keep Alive: off - Max Per Connection: 100 Timeouts Connection: 120 - Keep-Alive: 5     Directive Local Value Master Value allow_call_time_pass_reference Off Off allow_url_fopen On On allow_url_include Off Off always_populate_raw_post_data Off Off arg_separator.input & & arg_separator.output & & asp_tags Off Off auto_append_file no value no value auto_globals_jit On On auto_prepend_file no value no value browscap /etc/browscap.ini /etc/browscap.ini default_charset no value no value default_mimetype text/html text/html define_syslog_variables Off Off disable_classes no value no value disable_functions leak,posix_getpwuid,posix_getpwnam,posix_getgrid,posix_getgrnam,posix_getgroups leak,posix_getpwuid,posix_getpwnam,posix_getgrid,posix_getgrnam,posix_getgroups display_errors Off Off display_startup_errors Off Off doc_root no value no value docref_ext no value no value docref_root no value no value enable_dl Off Off error_append_string no value no value error_log /mnt/Target01/337846/945285/www.dermerrealestate.com/logs/php_errors.log no value error_prepend_string no value no value error_reporting 30711 30711 exit_on_timeout Off Off expose_php Off Off extension_dir /usr/lib64/php/modules /usr/lib64/php/modules file_uploads On On highlight.bg #FFFFFF #FFFFFF highlight.comment #FF8000 #FF8000 highlight.default #0000BB #0000BB highlight.html #000000 #000000 highlight.keyword #007700 #007700 highlight.string #DD0000 #DD0000 html_errors On On ignore_repeated_errors Off Off ignore_repeated_source Off Off ignore_user_abort Off Off implicit_flush Off Off include_path .:/usr/share/pear:/usr/share/php .:/usr/share/pear:/usr/share/php log_errors On On log_errors_max_len 1024 1024 magic_quotes_gpc On On magic_quotes_runtime Off Off magic_quotes_sybase Off Off mail.add_x_header On On mail.force_extra_parameters no value no value mail.log no value no value max_execution_time 30 30 max_file_uploads 20 20 max_input_nesting_level 64 64 max_input_time 60 60 max_input_vars 1000 1000 memory_limit 128M 128M open_basedir no value no value output_buffering no value no value output_handler no value no value post_max_size 8M 8M precision 14 14 realpath_cache_size 4M 4M realpath_cache_ttl 120 120 register_argc_argv On On register_globals Off Off register_long_arrays On On report_memleaks On On report_zend_debug On On request_order no value no value safe_mode Off Off safe_mode_exec_dir no value no value safe_mode_gid Off Off safe_mode_include_dir no value no value sendmail_from no value no value sendmail_path /usr/sbin/sendmail -t -i /usr/sbin/sendmail -t -i serialize_precision 100 100 short_open_tag On On SMTP localhost localhost smtp_port 25 25 sql.safe_mode Off Off track_errors Off Off unserialize_callback_func no value no value upload_max_filesize 8M 8M upload_tmp_dir /tmp /tmp user_dir no value no value user_ini.cache_ttl 300 300 user_ini.filename .user.ini .user.ini variables_order EGPCS EGPCS xmlrpc_error_number 0 0 xmlrpc_errors Off Off y2k_compliance On On zend.enable_gc On On  

Hello, first time poster..  I've looked the web over for a long time and can't figure this one out.

- Below is basic code that successfully checks MySQL for a match and displays result.  I was debugging and forced the "height" and "width" to be 24 and 36 to make sure that wasn't the problem.  That's good.. 
- I'd like to give the user ability to select width and height from a form.. and have it do an onchange this.form.submit so the form can be changing as fields are altered (thus the onchange interaction)
- In a normal coding environment I've done this numerous times with no "Page cannot be displayed" problems.  It would simply change one select-option value at a time til they get down the form and click submit...  but in WordPress I'm having trouble making even ONE single onchange work!
- I've implemented the plugins they offer which allows you to "copy+paste" your php code directly into their wysiwyg editor.  That works with basic tests like my first bullet point above.
- I've copied and pasted the wordpress url (including the little ?page_id=123) into the form "action" url... that didn't work...  tried forcing it into an <option value=""> tag.. didn't work.  I'm just not sure. 

I've obviously put xx's in place of private info..

Why does this form give me Page Cannot Be Displayed in WordPress every time?  It won't do anything no matter how simple.. using onchange..

Code..

$con = mysql_connect("xxxx.xxxxxxx.com","xxxxxx","xxxxx");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
mysql_select_db("xxxxxx", $con);
$myprodwidth=24;
$myprodheight=36;
$result = mysql_query("SELECT * FROM product_sizes WHERE prodwidth='$myprodwidth' and prodheight='$myprodheight'");
while($row = mysql_fetch_array($result))
  {
  echo $row['prodprice'];
  }
mysql_close($con);


<form method="post" action="">
<select name="myheight" onchange="this.form.submit();">
<option selected="selected" value="">select height</option>
<option value="xxxxxxxxx.com/wordpress/?page_id=199&height=36">36</option>
<option value="xxxxxxxxx.com/wordpress/?page_id=199&height=36">48</option>
</select>

I have read around and can't seem to find the right coding for what I need on this forum and some other other forums.

I have a contact form (as listed below) and I need 2 locations (Print Name and Title) fields to auto-populate on a separate form (can be a doc, pdf, etc. any form of document which is easiest) and this form can be totally back end and the individual using the form never is going to see the form.

It's going on a contract form, that we would like to auto-populate.

Also is there a simple attachment code so individuals can attach documents to the code?


<p style: align="center"><form action="mailtest.php" method="POST">
<?php
$ipi = getenv("REMOTE_ADDR");
$httprefi = getenv ("HTTP_REFERER");
$httpagenti = getenv ("HTTP_USER_AGENT");
?>

<input type="hidden" name="ip" value="<?php echo $ipi ?>" />
<input type="hidden" name="httpref" value="<?php echo $httprefi ?>" />
<input type="hidden" name="httpagent" value="<?php echo $httpagenti ?>" /> 
<div align="center">
<p class="style1">Name</p> 
<input type="text" name="name">
<p class="style1">Address</p> 
<input type="text" name="address">
<p class="style1">Email</p> 
<input type="text" name="email">
<p class="style1">Phone</p> 
<input type="text" name="phone">
<p class="style1">Debtor</p> 
<input type="text" name="debtor">
<p class="style1">Debtor Address</p> 
<input type="text" name="debtora">
<br />
<br />
<a href="authoforms.php" target="_blank" style="color:#ffcb00"  vlink="#ffcb00">Click here to view Assignment Agreement and Contract Agreement</a>

<p class="style1"><input type='checkbox' name='chk' value='I Have read and Agree to the terms.'> I have read and agree to the Assignment and Contract Agreement <br></p>
<p class="style1">Print Name</p> 
<input type="text" name="pname">
<p class="style1">Title</p> 
<input type="text" name="title">


<p class="style1">I hear by agree that the information I have provided is true, accurate and the information I am submitting is <br />
not fraudulent. Please click the agree button that you adhere to Commercial Recovery Authority Inc.'s terms:</p>
<select name="agree" size="1">
<option value="Agree">Agree</option>
<option value="Disagree">Disagree</option>
</select>
<br />
<br />
<p class="style1">Employee ID:</p> 
<input type="text" name="employee">

<br />

<input type="submit" value="Send"><input type="reset" value="Clear">
</div>
</form>
</p>


The mailtest php is this
?php
$ip = $_POST['ip'];
$httpref = $_POST['httpref'];
$httpagent = $_POST['httpagent'];
$name = $_POST['name'];
$address = $_POST['address'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$debtor = $_POST['debtor'];
$debtora = $_POST['debtora'];
$value = $_POST['chk'];
$pname = $_POST['pname'];
$title = $_POST['title'];
$agree = $_POST['agree'];
$employee = $_POST['employee'];
$formcontent=" From: $name \n Address: $address \n Email: $email \n Phone: $phone \n Debtor: $debtor \n Debtor's Address: $debtora \n 'Client' has read Assignment and Contract Agreement: $value \n Print Name: $pname \n Title: $title \n I hear by agree that the information I have provided is true, accurate and the information I am submitting is not fraudulent. Please click the agree button that you adhere to Commercial Recovery Authority Inc.'s terms: $agree \n \n  Employee ID: $employee \n IP: $ip";
$recipient = "mail@crapower.com";
$subject = "Online Authorization Form 33.3%";
$mailheader = "From: $email \r\n";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
echo "Thank You!" . " -" . "<a href='index.php' style='text-decoration:none;color:#ffcb00;'> Return Home</a>";
$ip = $_POST['visitoraddress']
?>

There are two pieces to this- The HTML Form and the resulting php. I can't seem to make the leap, from the code to having the form produce the php page so others can view it until the form is again submitted overwriting the php, thus generating new content.

The environment I am working in is limited to IIs 5.1 and php 5.2.17 without mySQL or other DB

I'm new to php, this isn't homework,or commercialization,  it's for children.  I am thinking perhaps fwrite / fread but can't get my head around it.

Code snipets below. Any help, please use portions of this code in hopes I can understand it

Thanks

Code snipet from Output.php
Code: [Select]
<?php
$t1image = $_POST["t1image"];
$t1title = $_POST["t1title"];
$t1info = $_POST["t1info"];
$t2image = $_POST["t2image"];
$t2title = $_POST["t2title"];
$t2info = $_POST["t2info"];
?>
...
<tbody>
    <tr><!--Headers-->
      <td style="vertical-align: top; text-align: center; background-color: rgb(204, 255, 255);">Animal</td>
      <td style="vertical-align: top; text-align: center; background-color: rgb(204, 255, 255);">Image thumb<br>
      </td>
      <td style="vertical-align: top; text-align: center; background-color: rgb(204, 255, 255);">Date<br>
      </td>
      <td style="vertical-align: top; text-align: center; background-color: rgb(204, 255, 255);">Information<br>
      </td>
    </tr>
    <tr>
      <td style="vertical-align: top; text-align: center;">Monkey
      </td>
      <td style="vertical-align: top; text-align: center;"><img src="<?php echo $t1image.'.gif'; ?>"><!--single image presented selected from radio buttons-->
      </td>
      <td style="vertical-align: top; text-align: center;"><?php echo date("m/d/Yh:i A"); ?><!--time stamp generated when submitted form populates all fields at once-->
      </td>
      <td style="vertical-align: top; text-align: center;"><a href="#monkey" rel="facebox"><?php echo $t1title ?></a><!--Link name provided by "Title 1", that links to hidden Div generated page with content from "Info1" field-->
  <div id="Monkey" style="display:none">
<?php echo $t1info; ?>
</div>
      </td>
    </tr>
    <tr>
      <td style="vertical-align: top; text-align: center;">Cat<br>
      </td>
      <td style="vertical-align: top; text-align: center;"><img src="<?php echo $t2image.'.gif'?>"></td>
      <td style="vertical-align: top; text-align: center;"><?php echo date("m/d/Yh:i A"); ?></td>
      <td style="vertical-align: top; text-align: center;"><a href="#Cat" rel="facebox"><?php echo $t2title ?></a>
  <div id="Cat" style="display:none">
<?php echo $t2info; ?>
</div>
      </td>
    </tr>
    <tr>

This replicates several times down the page around 15-20 times ( t1### - t20###)


Code Snipet from HTML Form
Code: [Select]
<form action="animals.php" method="post">
<div style="text-align: left;"><big
style="font-family: Garamond; font-weight: bold; color: rgb(51, 51, 255);"><big><big><span>Monkey</span></big></big></big><br>
<table style="text-align: left; width: 110px;" border="0"
cellpadding="2" cellspacing="0">
<tbody><tr>
<td style="vertical-align: top;">Image thumb<br>
<input type="radio" name="t1image" value="No opinion" checked><img src="eh.gif" alt="Eh">
<input type="radio" name="t1image" value="Ok"><img src="ok.gif" alt="ok">
<input type="radio" name="t1image" value="Like"><img src="like.gif" alt="Like">
<input type="radio" name="t1image" value="Dont"><img src="dont.gif" alt="Don't Like">
<input type="radio" name="t1image" value="Hate"><img src="hate.gif" alt="Hate">
<input type="radio" name="t1image" value="Other"><img src="other.gif" alt="Other">
<br>
Why Title:<input type="text" name="t1title" size="45" value="..."/></td>
<td style="vertical-align: top;">
Explain:<br>
<textarea name="t1info" cols=45 rows=3 value="..."></textarea>
</td></tr></table>
<br>
<!--Next-->

How do I get the Form data to save to the php page for others to view?