|
PHP - Record Part Of Input To Variable?
So basically I want to take this input "site:google.com"
And record only the "google.com" part as a variable. Any idea how to do that? Similar TutorialsHi guys, I want to create a piece of script that takes my users to a website based of there input in a form. Basiaclly what they input into a text field will become part of the URL used in action at the top of the form. So it would look like this: http://www."their input from form".mydomain.com does anyone have any suggestions on how to accomplish this? Thanks I have some code where I am inserting a record into a database. Code: [Select] <?php error_reporting(E_ALL ^ E_NOTICE); ini_set("display_errors", 1); require_once ('./includes/config.inc.php'); require_once (MYSQL); $add_cat_errors = array(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Check for a name: if (empty($_POST['product'])) { $add_cat_errors['product'] = 'Please enter the name!'; } // Check for a description: if (empty($_POST['prod_descr'])) { $add_cat_errors['prod_descr'] = 'Please enter the description!'; } // Check for a category: if (!isset($_POST['cat']) || !filter_var($_POST['cat'], FILTER_VALIDATE_INT, array('min_range' => 1))) { $add_product_errors['cat'] = 'Please select a category!'; } // Check for a price: if (empty($_POST['price']) || !filter_var($_POST['price'], FILTER_VALIDATE_FLOAT) || ($_POST['price'] <= 0)) { $add_cat_errors['price'] = 'Please enter a valid price!'; } // Check for an image: if (is_uploaded_file ($_FILES['image']['tmp_name']) && ($_FILES['image']['error'] == UPLOAD_ERR_OK)) { $file = $_FILES['image']; $size = ROUND($file['size']/1024); // Validate the file size: if ($size > 512) { $add_cat_errors['image'] = 'The uploaded file was too large.'; } // Validate the file type: $allowed_mime = array ('image/gif', 'image/pjpeg', 'image/jpeg', 'image/JPG', 'image/X-PNG', 'image/PNG', 'image/png', 'image/x-png'); $allowed_extensions = array ('.jpg', '.gif', '.png', 'jpeg'); $image_info = getimagesize($file['tmp_name']); $ext = substr($file['name'], -4); if ( (!in_array($file['type'], $allowed_mime)) || (!in_array($image_info['mime'], $allowed_mime) ) || (!in_array($ext, $allowed_extensions) ) ) { $add_cat_errors['image'] = 'The uploaded file was not of the proper type.'; } // Move the file over, if no problems: if (!array_key_exists('image', $add_cat_errors)) { // Create a new name for the file: $new_name = (string) sha1($file['name'] . uniqid('',true)); // Add the extension: $new_name .= ((substr($ext, 0, 1) != '.') ? ".{$ext}" : $ext); // Move the file to its proper folder but add _tmp, just in case: $dest = "../db/images/$new_name"; if (move_uploaded_file($file['tmp_name'], $dest)) { // Store the data in the session for later use: $_SESSION['image']['new_name'] = $new_name; $_SESSION['image']['file_name'] = $file['name']; // Print a message: echo '<h4>The file has been uploaded!</h4>'; } else { trigger_error('The file could not be moved.'); unlink ($file['tmp_name']); } } // End of array_key_exists() IF. } elseif (!isset($_SESSION['image'])) { // No current or previous uploaded file. switch ($_FILES['image']['error']) { case 1: case 2: $add_cat_errors['image'] = 'The uploaded file was too large.'; break; case 3: $add_cat_errors['image'] = 'The file was only partially uploaded.'; break; case 6: case 7: case 8: $add_cat_errors['image'] = 'The file could not be uploaded due to a system error.'; break; case 4: default: $add_cat_errors['image'] = 'No file was uploaded.'; break; } // End of SWITCH. } // End of $_FILES IF-ELSEIF-ELSE. // Check for a stock: if (empty($_POST['stock']) || !filter_var($_POST['stock'], FILTER_VALIDATE_INT, array('min_range' => 1))) { $add_cat_errors['stock'] = 'Please enter the quantity in stock!'; } if (empty($add_cat_errors)) { $query = 'INSERT INTO product (product, product_descr, catID, price, image, stock) VALUES (?, ?, ?, ?, ?, ?)'; // Prepare the statement: $stmt = mysqli_prepare($dbc, $query); // For debugging purposes: // if (!$stmt) echo mysqli_stmt_error($stmt); // Bind the variables: mysqli_stmt_bind_param($stmt, 'isssdi', $name, $desc, $_POST['cat'], $_POST['price'], $_SESSION['image']['new_name'], $_POST['stock']); // Make the extra variable associations: $name = strip_tags($_POST['product']); $desc = strip_tags($_POST['prod_descr']); // Execute the query: mysqli_stmt_execute($stmt); if (mysqli_stmt_affected_rows($stmt) == 1) { // If it ran OK. // Print a message: echo '<h4>The product has been added!</h4>'; // Clear $_POST: $_POST = array(); // Clear $_FILES: $_FILES = array(); // Clear $file and $_SESSION['image']: unset($file, $_SESSION['image']); } else { // If it did not run OK. trigger_error('The product could not be added due to a system error. We apologize for any inconvenience.'); unlink ($dest); } } // End of $errors IF. } else { // Clear out the session on a GET request: unset($_SESSION['image']); } // End of the submission IF. require_once ('./includes/form_functions.inc.php'); ?> <form enctype="multipart/form-data" action="add_product.php" method="post" accept-charset="utf-8"> <input type="hidden" name="MAX_FILE_SIZE" value="524288" /> Product<br /><?php create_form_input('product', 'text', $add_cat_errors); ?> Description<br /><?php create_form_input('prod_descr', 'textarea', $add_cat_errors); ?> Category<br /><select name="cat"<?php if (array_key_exists('cat', $add_cat_errors)); ?>> <option>Select One</option> <?php // Retrieve all the categories and add to the pull-down menu: $q = 'SELECT catID, cat FROM category ORDER BY cat ASC'; $r = mysqli_query ($dbc, $q); while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) { echo "<option value=\"$row[0]\""; // Check for stickyness: if (isset($_POST['cat']) && ($_POST['cat'] == $row[0]) ) echo ' selected="selected"'; echo ">$row[1]</option>\n"; } ?> </select><?php if (array_key_exists('cat', $add_cat_errors)) echo $add_product_errors['cat']; ?> Price<br /><?php create_form_input('price', 'text', $add_cat_errors); ?> Image<br /><?php // Check for an error: if (array_key_exists('image', $add_cat_errors)) { echo $add_cat_errors['image'] . '<br /><input type="file" name="image"/>'; } else { // No error. echo '<input type="file" name="image" />'; // If the file exists (from a previous form submission but there were other errors), // store the file info in a session and note its existence: if (isset($_SESSION['image'])) { echo "<br />Currently '{$_SESSION['image']['file_name']}'"; } } // end of errors IF-ELSE. ?> Stock<br /><?php create_form_input('stock', 'text', $add_cat_errors); ?> <input type="submit" value="Add This Product" class="button" /> </fieldset> </form> However, I have a problem - i get this error message; An error occurred in script 'C:\Users\David Morgan\Desktop\WEBSITES\hairz_&_graces\site\admin\add_product.php' on line 124: mysqli_stmt_bind_param() expects parameter 1 to be mysqli_stmt, boolean given How do I solve this as I think I have everything in place (variable associations, etc)? Hey there. Thinking this should be an easy one but I can only seem to find info on the string replace function. What I'm trying to do is strip everything after the @ from an email variable. So for example $mail variable comes in as me@gmail.com How would I strip the variable to only contain me and remove the @gmail.com I'll keep searching for the answer myself but if anyone can throw me a bone it's be appreciated. Cheers Hello all. I am very new to PHP, and I am not sure where to look or what I'm looking for in my current assignment. My task is to take in two numbers between 0-100. Once I take in that number, it should state beside it "The __ was accepted." The program should not accept any numbers greater than 100 or any characters. Once I do this, I must take a second number and do a similar thing. Finally, I must have a statement show up at the bottom stating which number is greater. Essentially, I need help in determining what I should use to place parameters, and how I can keep the program from echo ing any statement until input has been taken and tested for parameters. Any help you can provide will be greatly appreciated! Code: [Select] <? $out = preg_replace('/^(.{701}[^.]*).*/i','$1.',$detrsltnewsrow[news_desc]); echo $out; ?> </td></tr><tr><td colspan="2" class="para" style="padding-left:10px;"> <?= substr(stripslashes(trim($detrsltnewsrow[news_desc])),701) ?> </td></tr> I have the above snippet.. The first php statement, basically grasp the first 701 characters with the closet next stop "." character and out puts it. then out puts the HTML tags I have a problem with the second statement. I want to output anything after what has been outputted by: Code: [Select] <? $out = preg_replace('/^(.{701}[^.]*).*/i','$1.',$detrsltnewsrow[news_desc]); echo $out; ?> So need the correct syntax for Code: [Select] <?= substr(stripslashes(trim($detrsltnewsrow[news_desc])),701) ?> Currently it breaks at exactly the 701 character, want it to continue from the sentence the first code ended in. My query gets the results and orders by one of the fields. Once I get the MySQL results I would like to find the first entry that has a letter as the first character of the same field that the list was ordered by, then split the results in to two parts and swap them. So that the results that have a letter at the start of the same sorted field are as the begining and the results that have the numbers as the start at the end of the array. But also so that the array works the same way as the original results string, so i can use say $results['mysqlfield'] I have a form that users input user name, password, and email... all writes to csv fine. My problem is I need to concatenate a a string with a variable and some html code will preserving the html when written to the csv.. I need the csv to be this username,password,email,user,category,text with http://sub.domain..com/splash/,something,something here's what i have Code: [Select] <?php if($_POST['formSubmit'] == "Submit") $varUserName = $_POST['username']; $varPW = $_POST['PW']; $varEmail = $_POST['email']; { $fs = fopen("testcsv.csv","a"); fputcsv($fs, array($varUserName,$varPW,$varEmail,"user","title",",category","some text '<a href="http://$varUserName.url.com/splash/>site.com</a>',)); fclose($fs); exit; } ?> and of course I'm getting Parse error: syntax error, unexpected T_STRING, expecting ')' on line 9 Well this may sound confusing. I tried to findways to allow users to input an integer value and then assign it to a variable called $quantity, but all I could find from the internet was the usage of forms. Do I have to use forms, or can I just try this this simple syntax: $quantity = "<input name='quantity' type='text' id='quantity' size='3' maxlength='3'>"; If I do have to use forms, then how can I ever assign user's input value to a variable? Please help. Hi. I need some help getting my preg_match regex working with a variable input. I'm trying to limit visits to once per day, after you come the first time, you are added to data.txt and will be denied if you come again. The code works, but I need to limit the searches using ^ and $ and I'm having some difficulty. $number will be a number input from an html form ranging from 1-1000+ and I want to make sure that 1,10,100 etc., aren't treated as the same. here is my preg_match, how do I use regular expressions with $number? Code: [Select] preg_match("/$number/", $file, $match) from what I have read, it should be like this, but it doesn't work Code: [Select] preg_match('/^+$' , "/$number/", $file, $match) heres the full code Code: [Select] $filename = "data.txt"; $handle = fopen($filename, "r"); $file = fread($handle,filesize($filename)); if (preg_match("/$number/", $file, $match)) { echo " Sorry, Already visited today"; exit; } else { fclose($file); $file=fopen(data.txt,"a") or exit("Unable to open file!"); fwrite($file, "$number"); fwrite($file, "\n"); fclose($file); echo " Accepted!"; exit; } Thanks Here's a question for all you great php programmers. What I want to do is use a variable username as the name of a select input of a form. I.E echo"<select name='$user'>"; Of course this code doesn't work though I feel sure that there must be a way to do this. Anyone know it? Unless buffer overflows or breaking out of code to perform a new command are problems that have been solved.... I am trying to figure out the proper PHP method for setting a boundary on a variable within a script. I have this variable $name which is fed a value from $_POST['name'] from a form field. Now this form field is limited in the HTML to accept only 20 characters, but someone could easily edit the form or outgoing post data. So I want to know how to limit the variable size in the script. In other languages it could be something like this: var name(20). So how do I do that in PHP? Is it no problem to give the SUM of integers in a column, but is it also possible to give the SUM of integers in a record (automatically)?
I'm trying to update records in a Db. I have a record called "classOffering" and I have associated records for that offering called "classSessions". You have 1 classOffering for 1 to 6 classSessions. The process I use has the user create the classOffering and say how many classSession there will be then I create how ever many sessions they say. I then display the classSessions so they can be edited and updated in the Db. I can't seem to update and set more than one record even though there are more. I know I need to use a while or foreach statement, but I can't seem to do it. Here's my code so far: $sessSet = "UPDATE classSessions SET startDate= '$startDate', startTime= '$startTime', time= '$time' WHERE classSessions.sessionId = $sessionId "; Thanks for any help. I hope I can explain what is happening. I have created two forms in PHP. The first 'almost' works, i.e. it shows the data. But I have two problems - 1) the second pulldown menu is always empty and 2) $value from the first pulldown menu ALWAYS equals the last entry thus the last 'if' in the function subdomains ($domains) is always called (but still empty). The code may explain this better than me:
<!DOCTYPE html>
<html>
<body>
<!-- processDomains.php is this file - it calls itself (for testing purposes so I can see what is happening) -->
<form action="processDomains.php" method="post">
<?php
// create the domains array (there are actually several entries in the array but I cut it down for testing)
$domains = array (1 => 'Decommission', 'Migration');
echo "Select Domain:";
echo "<br>";
// Make the domain pull-down menu - this displays correctly
echo '<select name="domain">';
foreach ($domains as $key => $value) {
echo "<option value=\"$key\">$value</option>\n";
}
echo '</select>';
// input doesn't matter what is 'submitted', always goes to last $value
echo '<input type="submit" name="submit" value="Submit">';
// call function subdomains
subdomains ($value);
function subdomains ($domains) {
// define values for each array - each array contains available choices for the subdomain pulldown menu
$migration = array (1 => 'Application Migration', 'Application Patch', 'Application Upgrade');
$decommission = array (1 => 'Applications', 'Servers', 'Storage');
if ($domains === 'Migration') {
echo "Select subdomain:";
echo "<br>";
// Make the Migration pull-down menu
echo '<select name="migration">';
foreach ($migration as $key => $value) {
echo "<option value=\"$key\">$value</option>\n";
}
echo '</select>';
} else if ($domains === 'Decommission') {
/* ===
* since 'Decommission' is the last entry in the 'Domains' pulldown list, $value ALWAYS equals
* 'Decommission' and $domains equals $value. So this menu SHOULD work but is always
* empty. Thus, two problems - the pulldown menu is always empty and $value isn't based
* upon user input.
*/
echo "Select subdomain:"; // this prints so I know I'm in 'Decommission (I eliminated the echo "$domain" to show I'm always coming here)'
echo "<br>";
// Make the 'Decommission' pull-down menu
echo '<select name="decommission">';
foreach ($decommission as $key => $value) {
echo "<option value=\"$key\">$value</option>\n";
}
echo '</select>';
echo '<input type="submit" name="submit" value="Submit">'
) // end of 'if-else'
} // end of function 'subdomain'
?>
</form>
</body>
</html>
Let me say thank you in advance and I appreciate the help! I know I'm doing something (or more than one thing) wrong and I hope someone can tell me what it is.
Best Regards!
Edited by mac_gyver, 19 January 2015 - 09:37 PM. code tags around posted code please I am writing a script that will parse my PHP classes and check for things like coupling, visualize my objects and connections, dependencies, check for convention usage, etc.
So, I have a simple file upload. I'm never saving the files, just get contents and dump the file and work with the string version.
I'm writing it for me, but I figure I might want to open it for others to use in the future, so I may as well write it that way to begin with -- so I need to validate user input. Problem is, the user input is supposed to be valid PHP code. I'm thinking that, as long as I'm careful, I shouldn't be executing any code contained in strings, but I'm no security expert and I want a warm fuzzy that my thought on this is correct. What kinds of things do I need to look out for? Is it possible to inject when working with strings?
My initial thought is to regex the entire file and replace key portions with known replacements. So ( and ) would become !* and !^ or $ would become @~ (combinations that -- I think -- don't make sense to php?) But that may be completely unnecessary processing time if I'm not in any danger, here. Thanks ahead of time for any help.
PS - as a side question -- what's the best way to verify a file is a php file? I know of getimagesize for images, but should I just check for <? to verify it's php? That seems like it would be too easy to fool -- then again, it might not matter much.
-Adam
I am having problems making it so that if I typed site.php?url=http://example.com it would auto get rid of the http://. Here's my code. $url="{$_GET['url']}"; str_replace('http://', '', $url); echo "<a href=\"http://$url\">$url</a>"; I am creating a sticky topic feature for my forum and dont know how to keep all topics marked sticky at the top of the list generated by the while loop. Any one have any ideas? They are ordered by the post date column. Here is the query: $posts_info_query = $db->query("SELECT p.post_id, p.topic_id, p.forum_id, p.post_poster, p.post_subject, p.post_content, p.post_time, p.post_edit_by, p.post_edit_date, p.post_edit_num, p.post_approved, p.post_quoting, m.user_id, m.user_username, m.user_group, m.user_regdate, m.user_birthday, m.user_online, m.user_sex, m.user_location, m.user_show_sex, m.user_show_location, m.user_show_status, m.user_avatar, m.user_sig, m.user_posts FROM ".DB_PREFIX."posts as p LEFT JOIN ".DB_PREFIX."members as m ON p.post_poster = m.user_username WHERE p.topic_id = '$topic_id' ORDER BY p.post_time ASC LIMIT $start, $limit") or trigger_error("SQL", E_USER_ERROR); Thanks How to pull just I record of a column out of the 20 columns? This is not showing the results. $SomeVar = 'pets'; $query = "SELECT field1 FROM db1 WHERE id1 = '".$SomeVar."'"; $results=mysql_query($link); echo $link; Hi, I have a simple mySQL database and I would like to update using a simple html form. One of the field is "accepted" and is type "boolean". I have a texbox where I will write the record id and another button which will change the "accepted" value from 0 to 1 for that record id. The problem is that I don't know how to start.... Thanks in advance Sergio |
|||||||