|
PHP - Code Critique: Using $_get. Critique Bashing Welcome!
As some of you know, I am still learning the fundamentals of good php code practice and have been working on a custom application for my own practice and personal schooling. My below code IS working as expected, but I wanted any ideas or critique on better, more secure, faster, etc methods of it.. Thanks for any input:
<?php $id = mysqli_real_escape_string($cxn, $_GET['id']); $city_name = mysqli_real_escape_string($cxn, $_GET['city_name']); $posts_by_city_sql = "SELECT id, city_id, title FROM postings WHERE city_id='$id'"; $posts_by_city_results = (mysqli_query($cxn, $posts_by_city_sql)) or die("Was not able to grab the Postings!"); $row_cnt = mysqli_num_rows($posts_by_city_results); if ($row_cnt == 0) { printf("We're sorry. There are %d postings in: <strong>$city_name</strong>", $row_cnt); } else { printf("Congratulations! There are %d postings in: <strong>$city_name</strong>", $row_cnt); echo "<ul>"; while ($posts_by_city_row = mysqli_fetch_array($posts_by_city_results)) { echo "<li><a href='posting_details.php?id=$posts_by_city_row[id]'>$posts_by_city_row[title]</a></li>"; } // end while loop echo "</ul>"; } // end row_cnt if mysqli_free_result($posts_by_city_results); mysqli_close($cxn); ?> Similar TutorialsHi, I hope this is still a relevant topic here. I don't have a lot of coding experience and haven't studied it a college -- I'm just self taught hobbyist. I was wondering what your opinion is of the way I have structured my code and solved what I needed to do. Any tips or feedback is greatly appreciated. Thanks. Code: [Select] <?php $form_submission=$_POST["query"]; $lines = file('eo_dic.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); preg_match_all('/[\w\'\ŝ\ĉ\ĵ\ŭ\ĥ\Ŝ\Ĉ\Ĵ\Ŭ\Ĥ]+|[,.;!"?-\s\\(\\)]/', $form_submission, $matches); foreach ($matches[0] as $value){ // Check if $value is a word or something else. if ($value == " " || $value == "," || $value == "." || $value == "(" || $value == ")" || $value == "!" || $value == "?" || $value == "-" || $value == ";" || $value == '"'){ echo $value; } else { // $value is a word. $titleText = array(); // store results in array. foreach ($lines as $line){ list($field1, $field2) = explode('=', $line); if (strcasecmp($field1, $value) == 0 || strcasecmp($field2, $value) == 0){ // Found string in DB. array_push($titleText, "$field1 = $field2"); // Store all finds in array before outputting. } } if (empty($titleText)) { // $value was not found -- array is empty. echo '<a name="translated" class="translated" title="Not found.">' . $value . '</a>'; } else { $arrayOut = implode(" / ", $titleText); // output the results found in the search. echo '<a name="translated" class="translated" title="' . $arrayOut . '">' . $value . '</a>'; } } } unset($value); ?> Hello, My script below IS finally working, but I was hoping for some aggressive, anal comments for critique. Keep in mind, I am developing for a php4 platform otherwise I would have used a newer php5 validation function. <?php if (isset($_POST['btnSubmit'])) { $first_name = mysql_real_escape_string($_POST['fname']); $last_name = mysql_real_escape_string($_POST['lname']); $title = mysql_real_escape_string($_POST['title']); $company = mysql_real_escape_string($_POST['company']); $address1 = mysql_real_escape_string($_POST['address1']); $address2 = mysql_real_escape_string($_POST['address2']); $city = mysql_real_escape_string($_POST['city']); $zip = mysql_real_escape_string($_POST['zip']); $phone = mysql_real_escape_string($_POST['phone']); $fax = mysql_real_escape_string($_POST['fax']); $email = mysql_real_escape_string($_POST['email']); if (!preg_match("/^[A-Za-z' -]{1,75}$/", $first_name)) { $error[] = "Please enter a valid first name."; } if (!preg_match("/^[A-Za-z' -]{1,75}$/", $last_name)) { $error[] = "Please enter a valid last name."; } if ($first_name === $last_name && $first_name != "") { $error[] = "First Name and Last Name cannot be the same."; } if (!preg_match("/^[A-Za-z' -]{1,150}$/", $company)) { $error[] = "Please enter a valid company name."; } if (!preg_match("/^[A-Za-z' -.]{1,150}$/", $title)) { $error[] = "Please enter a valid Title."; } if (!preg_match("/^[A-Za-z0-9' - . ]{1,150}$/", $address1)) { $error[] = "Please enter a valid mailing address."; } if (!preg_match("/^[A-Za-z0-9' - . ]{1,150}$/", $city)) { $error[] = "Please enter a valid city."; } if (!preg_match("/^[0-9' - . ( ) ]{1,150}$/", $phone)) { $error[] = "Please enter a valid phone number."; } if (!preg_match("/^[0-9' - . ( ) ]{1,150}$/", $fax)) { $error[] = "Please enter a valid fax number."; } if (!preg_match("/([a-z][a-z0-9_.-\/]*@[^\s\"\)\?<>]+\.[a-z]{2,6})/i", $email)) { $error[] = "Please enter a valid email address in the format: start@middle.end."; } if (is_array($error)) { echo "<div id='errorWrapper'><h2>There are errors in your input. Please correct the following fields:</h2>"; foreach ($error as $err_message) { echo "<span class='errorText'> >> $err_message" . "</span><br />"; } echo "</div>"; include('../includes/attendee_registration_form.php'); // this is the form exit(); } else { include('../includes/attendee_registration_mailer.php'); // this send the email and populates the table } } else { include('../includes/attendee_registration_form.php'); // this is the form exit(); } ?> Hi,
I have a built a website and I want to get some feedback from the members at this forum. I can't seem to post this topic in the Website Critique forum.
Thanks
Moved by Ch0cu3r
Edited by Ch0cu3r, 10 December 2014 - 06:25 AM. I am in the process of building my own MVC framework (just to learn the concepts) and I decided to throw some libraries and helpers in the mix to make things more convenient. Below is my email helper in which I want to be able to use an array as the "to" part of the mail() function. I was wondering what everyone thought of my class and if I can improve upon it. Thanks! Code: [Select] <?php /** * To use this email class in it's most basic form: * * $to must be an array even if you are sending to only one recipient. * You declare it like so: * $to = array('recipient'); * or * $to = array('one', 'two', 'three'); * $sendMail = new Email($to, 'subject', 'message'); * if ($sendMail->send()) { * // success * } else { * // failure * } * * To add various features (declare these before using $sendMail-send()): * To add a CC address: * $sendMail->setCC('email address'); * To add a BCC address: * $sendMail->setBCC('email address'); * To set the from name: * $sendMail->setFromName('name of sender'); * To set the from email: * $sendMail->setFromEmail('email of sender'); * To set a content type (default is text/html): * $sendMail->setContentType('content type'); * To set a charset (default is iso-8859-1): * $sendMail->setCharset('charset'); */ class Email { public $to = array(); public $subject; public $message; public $fromName; public $fromEmail; public $cc; public $bcc; public $contentType; public $charset; private $_headers; public function __construct($to, $subject, $message) { if (!is_null($to) && !is_array($to)) { throw new Exception('The recipient names must be an array, even if there is only one recipient.'); } if (is_null($to) || is_null($subject) || is_null($message)) { throw new Exception('There must be at least one recipient, a subject, and a message.'); } $this->to = $to; $this->subject = $subject; $this->message = $message; } public function setCC($cc = NULL) { $this->cc = $cc; } public function setBCC($bcc = NULL) { $this->bcc = $bcc; } public function setFromName($fromName = 'Website Name') { $this->fromName = $fromName; } public function setFromEmail($fromEmail = 'admin@website.com') { $this->fromEmail = $fromEmail; } public function setContentType($contentType = 'text/html') { $this->contentType = $contentType; } public function setCharset($charset = 'iso-8859-1') { $this->charset = $charset; } private function _setHeaders() { $this->_headers = "Content-type: " . $this->contentType . "charset=" . $this->charset . "\r\n"; $this->_headers .= "From: " . $this->fromName . "<" . $this->fromEmail . "> \r\n"; if ($this->cc != NULL) { $this->_headers .= "CC: " . $this->cc . "\r\n"; } if ($this->bcc != NULL) { $this->_headers .= "BCC: " . $this->bcc . "\r\n"; } } public function send() { $this->_setHeaders(); $this->setFromName(); $this->setFromName(); $sent = FALSE; foreach ($this->to as $recipient) { if (mail($recipient, $this->subject, $this->message, $this->_headers)) { $sent = TRUE; continue; } } if ($sent = TRUE) { return TRUE; } else { return FALSE; } } } I am fairly comfortable with procedural PHP but when it comes to classes and OO I am learning. I have written a small class to get all of the information from the URL. I am sure I have added my own style and broken about a million rules. I have already found places to improve this but I thought I would bounce it off everyone here before I started to make changes and started expanding it. I am also aware that there are classes that I can download that do this much better but I am trying to better understand how they work so I think this is a good start. Can you just look it over and point out things that I have done wrong and give me some general pointers on how to improve it. class uri extends mainframe{ private $path = null; private $pathParse = array(); private $component = null; private $view = null; private $host = null; private $dirDepth = null; public $queryString = array(); function __construct() { $this->getHost(); $this->getPath(); $this->getView(); $this->getQueryString(); } /* * Check to see if we are in the base folder */ function dirDepth($base) { $this->dirDepth = config::DDEPTH + $base; return $this->dirDepth; } /* * return the host address */ function getHost() { $this->host = $_SERVER['HTTP_HOST']; return $this->host; } /* * return the path information */ function getPath() { $this->path = $_SERVER['REQUEST_URI']; return $this->path; } /* * returns the query string in an array * * I am sure this isn't the right way to do this * but it is working. */ function getQueryString() { $this->getPath(); preg_match('/\?(.*)/', $this->path, $queryString); if ($queryString == true) { $queryPairs = array(); $queryString = (isset($queryString['1']) ? $queryString['1'] : null); $queryPairs = explode('&', $queryString); $queryStrings = array(); $pairs = array(); foreach ($queryPairs as $queryPairs) { preg_match('/(.*)=(.*)/', $queryPairs, $pairs); array_push($queryStrings, $pairs); } $key = array(); $value = array(); foreach ($queryStrings as $queryStrings) { array_push($value, (isset($queryStrings['2']) ? $queryStrings['2'] : null)); array_push($key, (isset($queryStrings['1']) ? $queryStrings['1'] : null)); } $this->queryString = array_combine($key, $value); return $this->queryString; }else{ unset($this->queryString); } } /* * returns the path in an array and removes the query string */ function pathParse() { self::getPath(); $this->pathParse = explode('/', $this->path); $endCheck = preg_replace('/\?(.*)/','', array_pop($this->pathParse)); array_push($this->pathParse, $endCheck); $this->pathParse = array_filter($this->pathParse); if(!empty($this->pathParse)) { return $this->pathParse; }else{ unset($this->pathParse); } } /* * returns the first part of the path */ function getComponent() { self::pathParse(); self::dirDepth('1'); if(!empty($this->pathParse[$this->dirDepth])) { $this->component = $this->pathParse[$this->dirDepth]; return $this->component; }else{ unset($this->component); } } /* * returns the second part of the path */ function getView() { self::pathParse(); self::dirDepth('2'); if(!empty($this->pathParse[$this->dirDepth])) { $this->view = $this->pathParse[$this->dirDepth]; return $this->view; }else{ unset($this->view); } } /* * Ummmmm need some help here for sure. */ function __destruct() { } } $uri = new uri(); Thank you in advance for your help! This is just my software assignment. We have to create a functioning vending machine. How does it look so far? Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Vending Machine Assignment</title> <link href="vending.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="vending_machine_base"> <img src="vending_machine_base.gif" alt="Vending Machine Base" title="Vending Machine Base" /> </div> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <p>Coke<input type="radio" name="item" value="Coke" /></p> <p>Sprite<input type="radio" name="item" value="Sprite" /></p> <p>Fanta<input type="radio" name="item" value="Fanta" /></p> <input type="text" size="15" name="quantity" value="Enter quantity here" /> $<input type="text" value="Enter your financial balance." name="credit_input" size="23" /> <input type="submit" value="Submit" /> </form> <?php error_reporting(E_ALL); // Cost of items $coke_price = "1.25"; $sprite_price = "1.50"; $fanta_price = "1.75"; // Quantity of items $coke_quantity = "7"; $sprite_quantity = "5"; $fanta_quantity = "3"; // Selected radio button into variable $selected_item = $_POST['item']; // Credit into variable $credit = $_POST['credit_input']; // If funds are less than price, dispay error message if (($_POST['submit']) && ($selected_radio = 'coke') && ($credit >= $coke_price)) { echo "You have purchased a $selected_item!"; } else { echo "You do not have sufficient funds to purchase a $selected_item."; } if (($_POST['submit']) && ($selected_radio = 'sprite') && ($credit >= $sprite_price)) { echo "You have purchased a $selected_item!"; } else { echo "You do not have sufficient funds to purchase a $selected_item."; } if (($_POST['submit']) && ($selected_radio = 'fanta') && ($credit >= $fanta_price)) { echo "You have purchased a $selected_item!"; } else { echo "You do not have sufficient funds to purchase a $selected_item."; } // Item quantity if (($_POST['submit']) && ($coke_quantity = 0)) { echo ""; } else { echo "Coke resources depleted."; } if (($_POST['submit']) && ($sprite_quantity = 0)) { echo ""; } else { echo "Sprite resources depleted."; } if (($_POST['submit']) && ($fanta_quantity = 0)) { echo ""; } else { echo "Fanta resources depleted."; } // Item cost subtracted from credit if (($coke_quantity >= 1) && ($credit >= $coke_price)) { $coke_price - $credit; } if (($sprite_quantity >= 1) && ($credit >= $sprite_price)) { $sprite_price - $credit; } if (($fanta_quantity >= 1) && ($credit >= $fanta_price)) { $fanta_price - $credit; } // Funds available echo "Your current funds accumlate to $credit "; ?> </body> </html> I'm developing my own CMS with a few functions and wanted to know how things are looking right now because I can't find a board for strickly CODING CRITIQUE so I put it in this board. There isn't a whole lot to go through. I know there is something wrong with my issets line but other than that just a general critique of how its shaping up? manager.php <?php session_start(); require "dbconfig.php"; require "functions.php"; if ((isset($_POST['username'])) && (isset($_POST['password']))) { $username = $_POST{'username'}; $password = SHA1($_POST{'password'}); validate($username, $password); } elseif ((!(isset('username'))) && (!(isset('password')))) { require_once "login.php"; } $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql="SELECT * FROM dbusers WHERE username='$username' and password='$password'"; $result = mysql_query($sql); ?> functions.php <?php // This page defines functions used by the login/logout process function validate($username, $password) { } ?> login.php <?php include_once ("globals.php"); ?> <html> <head> <title><?php echo $shortsitename; ?> EW Manager</title> <link rel="stylesheet" type="text/css" href="<?php echo "$stylesheet"; ?>" /> </head> <body> <p id="backtosite"><a href="#" title="Are you lost?">← Back to <?php echo $fedname ?></a></p> <div id="login"> <h1><?php echo $shortsitename; ?> Manager</h1> <form id="loginform" action="" method="POST"> <p><label>Username<br /><input type="text" name="username" id="user_login" class="input" size="15" /></label></p> <p><label>Password<br /><input type="password" name="password" id="user_pass" class="input" size="15" /></label></p> <p class="forgetmenot"><label><input name="rememberme" type="checkbox" id="rememberme" /> Remember Me</label></p> <p class="submit"> <input type="submit" value="Login" class="button-primary" /> </p> </form> </div> </body></html> I am after some advice about doing some rather basic things that wouldnt really be done in OOP and see if there's a better way of doing this. As I just said though I know this is not the required system just one displaying of a form but I think its really cool for just simplying OOP ( ), and I actually understand it, I always need to start off small, understand it all, before I start waffling will show you my code (in no way finished yet, as you can tell from some of the html elements but its principle works: <?php ini_set('display_errors',1); class Form{ public $to; public $user; public $email; public $subject; public $comment; function showForm(){ // displaying of form to the user: echo <<<userform <html> <head> <title>Jez's Contact Form</title> </head> <body> <form id="contact" name="contact" method="post" action="{$_SERVER['PHP_SELF']}"> <label for="">Enter something:</label><input type="text" id="user" </form> </body> </html> userform; } } if(!array_key_exists('submit',$_POST)) { $myForm = new Form; // now we construct the form: $myForm->showForm(); // print_r($myForm); } ?> If a submit button in the form hasnt been hit, then show form, later on going to do and try out some validation, just wanted some advice before I get too big for my boots as such. Any advice on improving it (obviously finishing my form off of course which is what I will do), but any further advice is greatly appreciated, Jez. All criticism/suggestions/improvements appreciated Registration.php Code: [Select] <?php $con = mysql_connect("localhost","","") or die(mysql_error()); mysql_select_db('Users'); if(isset($_COOKIE['ID_my_site'])) { $cookie_username = mysql_real_escape_string(filter_input(INPUT_COOKIE, 'ID_', FILTER_SANITIZE_FULL_SPECIAL_CHARS)); $cookie_password = sha1($_COOKIE['Key_']); $cookie_check = mysql_query("SELECT * FROM Users WHERE username = '$cookie_username'") or die(mysql_error()); $cookie_results = mysql_fetch_array($cookie_check); if ($cookie_password == $cookie_results['Password']) { echo "<div id=\"login_msg\">You are already logged on. Redirecting...</div><br />" && header("location:/index.php"); } } if(isset($_POST['submit'])) { $Username = mysql_real_escape_string(filter_input(INPUT_POST, 'Username', FILTER_SANITIZE_FULL_SPECIAL_CHARS)); $Email = mysql_real_escape_string(filter_input(INPUT_POST, 'Email', FILTER_SANITIZE_FULL_SPECIAL_CHARS)); $Password = sha1($_POST['Password']); $Password2 = sha1($_POST['Password2']); if (!$Username | !$Email | !$Password | !$Passord2) { echo "<div id=\"error_msg\">You did not complete all of the required fields, please try again.</div><br />"; } if ($Password != $Password2) { echo "<div id=\"error_msg\">Your passwords do not match, please try again.</div><br />"; } $check_username = mysql_query("SELECT * FROM Users WHERE (Username = $Username)"); $result_username = mysql_fetch_row($check_username); $check_email = mysql_query("SELECT * FROM Users WHERE (Email = $Email)"); $result_email = mysql_fetch_row($check_email); if ($result_username == true) { echo "<div id=\"error_msg\">The Username: '$Username', already exists. Please enter another username.</div><br />"; } if ($result_email == true) { echo "<div id=\"error_msg\">The Email Adress: '$Email', is already in our Database.</div><br />"; } $sql = "INSERT INTO Users (Id, Username, Email, Password) VALUES ('', '$Username','$Email','$Password')"; $add_member = mysql_query($sql) or die(mysql_error()); if (mysql_query($add_member)) { $week = time() + 604800; setcookie(ID_, $_POST['Username'], $week); setcookie(Key_, $_POST['Password'], $week); echo "<div id=\"login_msg\">Successfully added to our Database.</div><br />" && header ("location:/Login.php"); } else { echo "<div id=\"error_msg\">Invalid input.</div><br />"; } } ?> Login.php Code: [Select] <?php include("db.php"); if(isset($_COOKIE['ID_my_site'])) { $cookie_username = mysql_real_escape_string(filter_input(INPUT_COOKIE, 'ID_', FILTER_SANITIZE_FULL_SPECIAL_CHARS)); $cookie_password = sha1($_COOKIE['Key_']); $cookie_check = mysql_query("SELECT * FROM Users WHERE username = '$cookie_username'") or die(mysql_error()); $cookie_results = mysql_fetch_array($cookie_check); if ($cookie_password == $cookie_results['Password']) { echo "<div id=\"login_msg\">You are already logged on. Redirecting...</div><br />" && header("location:/index.php"); } } if(isset($_POST['submit'])) { $Username = mysql_real_escape_string(filter_input(INPUT_POST, 'Username', FILTER_SANITIZE_FULL_SPECIAL_CHARS)); $Password = sha1($_POST['Password']); if (!$Username | !$Password) { echo "<div id=\"error_msg\">You did not complete all of the required fields, please try again.</div><br />"; } $sql = "SELECT * FROM Users WHERE (Username, Password) = ('$Username', '$Password')"; $db_check = mysql_num_rows($sql) or die(mysql_error()); if (mysql_query($db_check)) { $week = time() + 604800; setcookie(ID_, $cookie_username, $week); setcookie(Key_, $cookie_password, $week); echo "<div id=\"login_msg\">Successfully Logged In.</div><br />" && header ("location:/index.php"); } elseif (($Username | $Password) != $db_check) { echo "<div id=\"error_msg\">Invalid username or password, please try again.</div><br />"; } } ?> Logout.php Code: [Select] <?php include("db.php"); if(isset($_COOKIE['ID_my_site'])) { $cookie_username = mysql_real_escape_string(filter_input(INPUT_COOKIE, 'ID_', FILTER_SANITIZE_FULL_SPECIAL_CHARS)); $cookie_password = sha1($_COOKIE['Key_']); $cookie_check = mysql_query("SELECT * FROM Users WHERE username = '$cookie_username'") or die(mysql_error()); $cookie_results = mysql_fetch_array($cookie_check); if ($cookie_password != $cookie_results['Password']) { header("location:/login.php"); } else { $past = time() - 604800; setcookie(ID_, gone, $past); setcookie(Key_, gone, $past); echo "<div id=\"error_msg\">Sucessfully logged out. Good Bye!</div><br />" && header ("location:/login.php"); } } ?> User clicks on a url, ie: example.com/AEQ438J When I perform this in the code below: Code: [Select] $referrer = $_GET['_url']; // echo $referrer displays the referrer ID contents correctly as "AEQ438J" if ( ! empty($referrer)) { $mysqli->query("UPDATE coming_soon_emails SET clicks = clicks + 1 WHERE code='" . $referrer ."'"); } // this also updates the database correctly as it should if (!empty($_POST['email'])){ // echo $referrer displays the referrer ID contents as BLANK. It should display "AEQ438J"! ..... $referrer displays correctly BEFORE if($_POST['form']), however during the if($_POST['form']) $referrer is empty. How can I fix my code so that $referrer is not empty during the time the user posts their email address in the form? Thank you! Complete PHP and HTML Code: [Select] <?php require "includes/connect.php"; //var_dump($_GET);die; function gen_code($codeLen = 7) { $code = ''; for ($i=0; $i<$codeLen; $i++) { $d=rand(1,30)%2; $code .= $d ? chr(rand(65,90)) : chr(rand(48,57)); } return $code; } function add_code($email_id) { global $mysqli; $code = gen_code(7); $mysqli->query("UPDATE coming_soon_emails SET code='" . $code ."' WHERE email_id='" . $email_id . "'"); if($mysqli->affected_rows != 1) { add_code($email_id); } else return $code; } $msg = ''; $referrer = $_GET['_url']; // echo $referrer displays the referrer ID contents correctly if ( ! empty($referrer)) { $mysqli->query("UPDATE coming_soon_emails SET clicks = clicks + 1 WHERE code='" . $referrer ."'"); } if (!empty($_POST['email'])){ // echo $referrer displays the referrer ID contents as BLANK // Requested with AJAX: $ajax = ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest'); try{ if(!filter_input(INPUT_POST,'email',FILTER_VALIDATE_EMAIL)){ throw new Exception('Invalid Email!'); } $mysqli->query("INSERT INTO coming_soon_emails SET email='".$mysqli->real_escape_string($_POST['email'])."'"); if($mysqli->affected_rows != 1){ throw new Exception('This email already exists in the database.'); } else { $email_code = add_code($mysqli->insert_id); } $msg = "http://www.example.com/" . $email_code; //the following doesn't work as referrer is now empty :( if ( ! empty($referrer)) { $mysqli->query("UPDATE coming_soon_emails SET signup = signup + 1 WHERE code='" . $referrer ."'"); } if($ajax){ die(json_encode(array('msg' => $msg))); } } catch (Exception $e){ if($ajax){ die(json_encode(array('error'=>$e->getMessage()))); } $msg = $e->getMessage(); } } ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title></title> <link rel="stylesheet" type="text/css" href="css/styles.css" /> </head> <body> <div id="launch"> <form id="form" method="post" action=""> <input type="text" id="email" name="email" value="<?php echo $msg;?>" /> <input type="submit" value="Submit" id="submitButton" /> </form> <div id="invite"> <p style="margin-top:20px;">The ID of who referred you: <?php echo $referrer; //this displays correctly?>)</p> <p style="margin-top:20px;"><span id="code" style="font-weight:bold;"> </span></p> </div> </div> <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script> <script src="js/script.js"></script> </body> </html> script.js Code: [Select] $(document).ready(function(){ // Binding event listeners for the form on document ready $('#email').defaultText('Your Email Address'); // 'working' prevents multiple submissions var working = false; $('#form').submit(function(){ if(working){ return false; } working = true; $.post("./index.php",{email:$('#email').val()},function(r){ if(r.error){ $('#email').val(r.error); } else { $('#email').val(r.msg); // not needed but gets hidden anyways... $('#launch form').hide(); $("#code").html(r.msg); $("#invite").fadeIn('slow'); } working = false; },'json'); return false; }); }); // A custom jQuery method for placeholder text: $.fn.defaultText = function(value){ var element = this.eq(0); element.data('defaultText',value); element.focus(function(){ if(element.val() == value){ element.val('').removeClass('defaultText'); } }).blur(function(){ if(element.val() == '' || element.val() == value){ element.addClass('defaultText').val(value); } }); return element.blur(); } htaccess Code: [Select] RewriteEngine on RewriteCond %{HTTP_HOST} ^my-url.com RewriteRule (.*) http://www.my-url.com/$1 [R=301,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^([a-z0-9]+)$ /index.php?_url=$1 [NC,L,QSA] table.sql Code: [Select] CREATE TABLE IF NOT EXISTS `coming_soon_emails` ( `email_id` int(11) NOT NULL auto_increment, `email` varchar(64) collate utf8_unicode_ci NOT NULL, `code` char(7) collate utf8_unicode_ci DEFAULT NULL, `clicks` int(64) collate utf8_unicode_ci DEFAULT 0, `signup` int(64) collate utf8_unicode_ci DEFAULT 0, `ts` timestamp NOT NULL default CURRENT_TIMESTAMP, PRIMARY KEY (`email_id`), UNIQUE KEY `email` (`email`), UNIQUE KEY `code` (`code`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; A few months ago, and a good amount of time before that, I had people telling me to use isset() instead of performing to see if the variable is empty, such as: !$_GET[''] I know the differences in the function and what they do, but when could isset() be used in a situation where it's better/more efficient then: !$_GET[''] I do use isset(), though. Hello can any one help me with this question iv only just started to use the get function like <code> if (isset($_GET['pageID'])){ echo $row['content']; } </code> can any one if me info how to make it safe how would i get this to work if they have click on the add page and the action is add i want it to do something how would i do it Code: [Select] <?php if(isset($_GET['action'])){ } ?> <a href="pages.php?action=add">Add Page</a> I am really confused about how people use $_GET to give a page a link so far what I understand is that $_GET grabs the information from a link So if my link was http://localhost/stargate/users/profile.php?goauld=Sam how do I turn this into viewing Sams profile soon as i type in that link with out having to hit a search button first would really appreciate if someone help me understand this please cause it appears i really need to know how to do this. Code: [Select] <?php if(isset($_POST['search'])) { // searches goaulds then displays them $search3 = "SELECT goauld,id FROM users WHERE goauld='".mysql_real_escape_string($_POST['goaulds'])."'"; $search2 = mysql_query($search3) or die(mysql_error()); WHILE($search1 = mysql_fetch_array($search2)){ $grab_goauld = $search1['goauld']; echo '<table width="300" height="5" border="1" align="center">'; echo '<th><center>Goauld Statistics</center></th>'; echo "<tr><td height='340'>$grab_goauld</td></tr>"; } } echo '</table>'; ?> I am a new programmer. I am working on a personal project for my portfolio, it is a simple blog. I am trying to give the user the ability to delete a blog entry. It works fine, the problem is that when you refresh the page, with out clicking 'delete' the entry is still deleted. $_GET is passing the $id to my function and it is executing. The code I have posted is my effort to fix the problem. How can I connect $_GET to the delete button ? I have tried using a hidden value but this is not working. Any help would be greatly appreciated. AL Code: [Select] // code to display message before deletion if($_GET['T']) { echo("<div style='float:right; width:25%; height:100px; position:absolute; top:150px; right:15%;'>"); echo("<h2>Are you sure you want to delete:<h2>"); echo $_GET['T']; echo("<form method='get' action='?'>"); echo("<input type='submit' name='button' value='Delete'>"); echo("<input type='hidden' name='submit_check' value='1'>"); echo("</form>"); echo("<form action='http://nuke.industry.com/Blogspiracy/UserPage/index.php'>"); echo("<input type='submit' value='Cancel'/>"); echo("</form>"); echo("</div>"); } // code to delete a selected blog entry function delete_blog($id) { global $dbh; $sql = "DELETE FROM tblBlog WHERE tblBlog.id = '$id' LIMIT 1;"; $sth = $dbh->prepare($sql); $sth-> execute(); return; } if (isset($_GET['id']) && ($_GET['submit_check'])) how do I "GET" the hidden value? { $remove = delete_blog($_GET['id']); } [code] Please i will like to know what this variable $_GET['id']is used for and how to use it Thanks Hi there, I am new to this forum want to say Hi to everyone . I just learn a little bit of PHP. I couldn't figure this out. Could someone please help me? Many thanks. 1. when I ran the 1st code below, it showed me "thank you" in the browser. <?php $title=$_GET[title]; echo $title; ?> 2. when I ran the 2nd code below, I got what I wanted. <?php $sql = "SELECT * FROM mytable WHERE title='thank you' "; ... ?> 3. when I ran the 3rd code below, it showed me a blank page . <?php $title=$_GET[title]; $sql = "SELECT * FROM mytable WHERE title='<?php echo $title; ?>' "; ... ?> How to make the 3rd code work like the 2nd one? It seems a php code under php is NOT working. I never really thought about it before, but recently I visited a site with a url like: www.example.com/?OR Which made me wonder how you would go about getting that keyname since it is without a value. Any ideas? how do i get the id from the url so i can use it hi all
new to webforum and php, how can I enter $_get['id] as I know this id...my code snippet is below
$sql = "SELECT x,y,z from tablename WHERE Id='" . $_GET["id"] . "'";
It works fine as it is getting the variable from a another webpage, but I know an id and want to enter it manually just to check a different webpage , thanks in advance....singhy
Please give example if the known id=xyztest
|
|||||||