|
PHP - Client Side Verification? Any Use?
I'm in the habit of verifying input client side. For example, there is a field to enter a number, and I ensure that it is within a particular range using Javascript.
My backend PHP code does not do such checking... Is this bad? Should I be doing checking using my backend code and send a response back to the client to display a message? Admittedly, I avoid it, since it's a little extra work -- well more extra than just javascripts, IF-THEN-ALERT type statement. Similar TutorialsI have a web portal which is scripted using client side scripting language i.e HTML. I want to create a login page in .php and want the other pages to be in .hmtl. Can i do so? I want to do this because i want the login password to be stored in a database. Also I want the password to get encrypted (by either MD5 javascript or OpenSSL ) when user enters it inside the login form. I cannot create the entire portal in php because my portal makes use of C code. And php doesn't have an interface with C language. Can a user get directed to a .html page after a secure login from login.php page ? My main aim is to secure the access to my web portal using a password. I tried to authenticate the login using javascript where the password was stored in an array. But i feel any one having moderate knowledge can easily break that password. Any help would be greatly appreciated!! is it true that all the server side code runs before the client side code when accessing a webpage? if that is true, what about PHP code that is embedded inside HTML tags? wouldn't that result in an error a lot of times? I wish to create validation rules once which are used both on the client and on the server.
For instance, I will start off with the following PHP object:
stdClass Object
(
[rules] => stdClass Object
(
[email] => stdClass Object
(
[required] => 1
[email] => 1
[remote] => stdClass Object
(
[url] => check-email.php
[type] => post
[data] => stdClass Object
(
[username] => function() {return $( '#username' ).val();}
)
)
)
)
[messages] => stdClass Object
(
[email] => stdClass Object
(
[required] => an email is required
)
)
)
When the edit page is downloaded to the client, I will include this object in some format suitable to the client.
The client will then use the jQuery Validation plugin (http://jqueryvalidation.org/) along with the validation object, and client side validate the page.
When the form passes client side validation and is uploaded, PHP will use the same validation object to serverside validate the form (I have this part working as desired).
My question is how should I pass this data to the client? Originally, I would just use PHP to write some JavaScript.
exit('var myObj='.json_encode($myObj));
Note that when I json_encode the object, the value of $myObj->rules->email->remote->data->username is a string with quotes around it, however, I can easily use PHP to strip these tags before sending it to the client.
As Jacques1 pointed out in http://forums.phpfre...ascript-client/, I should never ever use PHP to generate JavaScript, and should use AJAX to download the JSON directly. I tried doing the later, but found that a callback function could not be included in the JSON.
Please advise on the best way to accomplish this.
Thank you
Hello guys. I was thinking on posting this under the mysql thread. but i think this can be solved by php.. anyway, i want to dump mysql data on the client side whenever a user logs out. how can i do this? thanks in advance. I was wondering about developing simple client side graphical apps.
I was thinking of using php with an ODBC connection to the data store.
The data store might be a text file in CSV format or something similar. (maybe even a spreadsheet)!
I was wondering what would be a very simple minimally useful web server to run on the client?
The client would probably be MS Windows XP/7.
What are your thoughts?
We have a website that allows the user to upload his/her picture so we use the ftp_put() command. I use Code: [Select] <?php $path = getcwd(); echo $path; ?> This is the output: Code: [Select] /home/vol10/000a.biz/a000b_7363341/htdocs/gankgame to determine the absolute path where my website is stored. My website "CAN" connect to the ftp server but it can't upload files. Uploading always fail. I can't determine the right path. "My code is attached" I want to do simple client side validation but I don't know Javascript. Can someone point me to an easy example on how to implement or post something here? Is it possible adding a button with PHP, which could be used for adding an optional text input field by client side user? My purpose is actually very simple: The client side users could be free creating and adding more and customized variables, which are intended to be used as strings and related or associated variables. So, am I able to do these kind of tasks simply using PHP alone? Or, should I use some JavaScript like technologies to make those functions available in real world's practices? Hi All - I'm trying to see if the below is possible using PHP. is it possible for php to allow a user to check if a port is open/listening on a remote server/PC, from their local machine. I've seen scripts on the web that talk about opening cmd.exe - this won't work as not all of my users will be on windows. Also saw fsock.. but the remote server is not serving http page(s). Also saw telnet, but again, some of my users may not have that windows feature enabled. Desired workflow: 1. user enters the server hostname/IP and a port 2. my php webapp will emulate checking if that hostname and port is open from the local user's computer.
thanks! I’m trying to write a post-panel where the user can see the preview of his post to the right of the text area he’s writing into. I tried the following into a file called writepost.php : <?php $text=(isset($_GET['message']))?$_GET['message']:''; $formatted_text=nl2br(stripslashes(htmlspecialchars($text))); echo '<form method="post" action="proceedtopost.php?>'. '<table>'. '<td style width="50%"><tr>'. '<fieldset> Write your post here : <br> <textarea cols="50" rows="12" '. 'id="message" name="message">'.$text.'</textarea>'. '</fieldset> <p> '. '<input type="submit" name="submit" formaction="writepost.php" value="Preview" /> '. '<input type="submit" name="submit" value="Sent" /> '. '</p>'. '</td>'. '<td>'. '<fieldset> Your post will appear as follows :<br><p> '. $formatted_text. '</fieldset>'. '</td></tr>'. '</table>'. '</form>';There are several things wrong with this code : 1) When the user hits the "Preview" button, I expect writepost.php to be reloaded (this is what happens), and the current content of the textarea to be stored in $_GET['message'] (this is not what happens). 2) Why does my browser output the preview part under the text area (or in other words outputs the HTML table as a single column of two cells), when I insist in my HTML code for the table to be displayed as a single row ? need a little help guys! I use the script below to display profile images, trouble is it shows 1 on top of the other, and i need it to double up 2 profile images on top of 2 profile images ect any ideas how i can do this. require("./include/mysqldb.php"); $con = mysql_connect("$dbhost","$dbuser","$dbpass"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("$dbame", $con); $result = mysql_query("SELECT * FROM Search_profiles_up WHERE upgrade_one ='1' ORDER BY RAND() LIMIT 40"); print "<table width=\"293\" height=\"111\" border=\"0\"> <tr>\n"; while($row = mysql_fetch_array($result)) { print "<td width=\"142\"><img src=" . $row['search_small_image'] . " width=\"144\" height=\"169\" /></td>\n"; print " </tr>\n"; print " <tr> \n"; print "<td>" . $row['star'] . "</td>\n"; print " </tr>\n"; print " <tr>\n"; print "<td>" . $row['username_search'] . "</td>\n"; print " </tr>\n"; print " <tr> \n"; print "<td>" . $row['phone_search'] . "</td>\n"; print " </tr> \n"; } print "</table>"; mysql_close($con); ?> Hi - I'm fairly new to php and am working a lot off of old page created before me and modifying them. I have to do an age verification page for an alcoholic beverage client (has to be 21+) and I'm having problems with the script actually redirecting correctly based on the birthdate entered. I have a html page with a form that calls this php file. Here is the php script I'm trying to get working: <?php $age = $_POST['year']; if($age > 1990) { header('Location: http://www.underagelink.com'); exit; } else { header('Location: http://legalagelink.com'); exit; } ?> Thanks! Okay, so I'm pretty new to jQuery but I am pretty experienced with PHP. I am about to begin coding a script written mostly in jQuery. It will use AJAX to verify that an article tag a user provides exists in a database. When a user goes to write an article on my website, my form will ask them to add keyword tags which will be used in searches. Basically only admins will be allowed to create new tags, so this is why I check the tags first. And also to prevent duplicates and similar tag entries in the database.
The form will have a single input that the user will use to search for a tag. Once the user hits the enter key, it will search the database for tags that already exist. Once the ajax is complete, a list of related tags will pop up and the user will be able to select their desired tag by either clicking the tag link in the list or by pressing enter.
This is a very crude demonstration of what my idea is.
I am about to build a site for a liqueur brand and have to create a simple screen that asks if the user is of the right age. This does not have to be linked to a credit card, just a simple yes or no screen. I am thinking this would probably be done via a cookie, but I am not sure. Somehow it would have to work where it gets checked each time anyone goes to the site, regardless of the entry point. So for example it would get checked on mydomain.com, but also on mydomain.com/about, or mydomain.com/somethingelse. The yes or no screen would of course only show the first time the user came to site. Via what technology would I do this? Cookie? Can cookies have an expiration date? I would love some comments or direction on how this is done best. Thanks a lot! Hi guys. I'm using php to randomly generate a simple math verification question. But, I'm having a hard time validating the input. Can someone please tell me what I'm doing wrong? Thank you } else if(trim($verify) != $_SESSION['UserData']['Math'][0]+$_SESSION['UserData']['Math'][1]){ $error = '<div class="error_message">Attention! The verification number you entered is incorrect.</div>'; } <?php echo "<span class='label'><span class='required'>*</span>What is ".$_SESSION['UserData']['Math'][0]." + ".$_SESSION['UserData']['Math'][1]."?</span> "; ?> <input name="verify" type="text" id="verify" size="3" value="<?=$verify;?>" /><br /><br /> I know there has to be a better way to do this. My usernames and passwords are stored in a text file. This is what I'm doing now, and all it does is return the error statement. This is the php from after the log in page. <?php $user = $_POST["username"]; $password = $_POST["password"]; $un = "no"; $pw = "no"; $fh = fopen("users.txt","r"); while (!feof($fh)) { $line = fgets($fh); $data = explode("$",$line); if ($data["0"] == $user){ $un = "yes"; } if ($data["1"] == $password){ $pw = "yes"; } } if (($un === "yes") && ($pw === "yes")){ echo "<h4> Hello <em>$user</em>!\n<br />"; }else { echo "<h3>Your username and/or password is incorrect.</h3>\n<br />"; echo "<a href='login.html'>Return to the login page.</a>\n<br />"; } fclose($fh); ?> How would I go about settings up a verification system with scripts that I write, so that I could sell scripts but if they were to get leaked or something I could kill the script, is there a way to set up a IP verification system when a script is run through CLI so it only runs if someones IP matches the one in the script? So, If I want to store something like: Code: [Select] Hello<br /> <b>This is a sentence </b> I would need to use htmlentities() So I could output the HTML after it's stored in the database safely? I have the following code: <?php include "connect.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Welcome</title> <script type="text/javascript" src="js/jquery.min.js"></script> <script type="text/javascript" src="js/jquery.ketchup.js"></script> <script type="text/javascript" src="js/jquery.ketchup.messages.js"></script> <script type="text/javascript" src="js/jquery.ketchup.validations.basic.js"></script> <script language="javascript" type="text/javascript" src="niceforms.js"></script> <link rel="stylesheet" type="text/css" media="all" href="niceforms-default.css" /> <link rel="stylesheet" type="text/css" media="screen" href="css/jquery.ketchup.css" /> </head> <body> <div id="container"> <?php if(!empty($_SESSION['connection_status']) && !empty($_SESSION['username'])) { ?> <form action="logout.php" class="niceform"> <fieldset> <legend>Member Area</legend> <div id= "container"> <p>Thanks for logging in <b><?=$_SESSION['username']?></b> !</p> <p><input type="submit" name="submit" id="submit" value="Logout" /></p> </div> </fieldset> </form> <?php } elseif(!empty($_POST['username']) && !empty($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $validation = mysql_query("SELECT * FROM users WHERE username = '".$username."' AND password = '".$password."'"); if(mysql_num_rows($validation) == 1) { $row = mysql_fetch_array($validation); $email = $row ['email']; $_SESSION['username'] = $username; $_SESSION['email'] = $email; $_SESSION['connection_status'] = 1; echo "<h1>Success</h1>"; echo "<p>Members area is loading.</p>"; echo "<meta http-equiv='refresh' content='=4;index.php' />"; } else { echo "<h1>Error</h1>"; echo "<p> There was an error, please try again <a href=\"index.php\">here </a> .</p>"; } } else { ?> <form method="post" action="index.php" name="loginform" id="loginform" class="niceform"> <fieldset> <legend>Member Login</legend> <p>Thanks for visiting. Please login below or click <a href="register.php">here</a> to register.</p> <dl> <dt><label for="username">Username:</label><br /></dt> <dd><input type="text" name="username" id="username" class= "validate(rangelength(4,30))"/></dd> </dl> <dl> <dt><label for="password">Password:</label><br /></dt> <dd><input type="password" name="password" id="password" class= "validate(rangelength(4,30))" /></dd> </dl> <p><a href="forgot_password.php">Forgot password?</a></p> </fieldset> <fieldset class="action"> <input type="submit" name="submit" id="submit" value="Sign In" /> </fieldset> </form> <?php } ?> </div> <script type = "text/javascript"> $(document).ready(function() { $('#loginform').ketchup(); }); </script> </boby> </html> When I try to login with true username/password, I always get: There was an error, please try again here . I'm trying to create a series of web pages that will lead to a FINAL SALE page. At that point, I require TWO things to happen. First, the customer must pay the displayed total. Second, some kind of automated receipt needs to be generated so that a script can allow the customer to progress further. An applicable example would be a customer navigating through web pages of paintings by different artists and then choosing to see Alfred's latest unreleased paintings for a $2 fee. After paying the $2, the next web page would validate receipt of the payment, and now allow the customer to access Alfred's gallery. Is there a template for this sort of thing? Obviously, an online payment would require a credit card. Any recommendations for service providers would be appreciated. I have contacted Pay Pal, but they seem trained to encourage Ebay type sales and insist that the email I receive as confirmation would be sufficient. However, that would require me to check my email and manually grant access to galleries without ever sleeping. LOL. I'm sure there is a more viable solution, but need some advice and guidance from those that have already traversed this obstacle. |
|||||||