PHP - Online Quote Tool
So I am trying to make my life easier at work. I have this idea that I can automate the sales quote via a simple website. I have the entire product list in MySQL and I can query for the individual catagories etc etc and get them to display.
The display shows the SKU, Description, Price, and a third field to select quantity. The issue is that once they select a quantity of a paticular line item I need that line item (sku, description, and price fields) to be carried over to the final quote page where the math is done. Not sure how to key the paticular line item fields off the quantity field. Any ideas greatly appreciated... Code: [Select] <?php $query = "SELECT * FROM tbl_prods WHERE cat = 'fruit'"; $target = mysql_query($query); confirm_query($target); while($row = mysql_fetch_assoc($target)) { ?> <form action="quoter.php" method="POST"> <tr> <td><input name="sku" type="text" value="<?php echo $row[sku]; ?>" size="20" /></td> <td><textarea name="desc" cols="150" rows="2"><?php echo $row[desc]; ?></textarea></td> <td><input name="price" type="text" value="<?php echo $row[price]; ?>" size="20" /></td> <td><input name="quantity" type="text" value="0" size="3" maxlength="2" /></td> </tr> <?php } ?> </table> <input type="hidden" name="cust" value="<?php echo $cust; ?>"></p> <input type="hidden" name="reg" value="<?php echo $region; ?>"></p> <input type="submit" name="submit" value="Submit"></p> </form> Similar TutorialsSorry if this is a silly question lol. I want to know if there is an online tool I can use to check and see what PHP code will ouput server side. For example: <?php $tomorrow = mktime(0, 0, 0, date("m") , date("d")+1, date("Y")); ?> I just finished adding the ability to add Comments after Articles on my website. Now it would be nice if people could Quote other Posts/Comments juts like you can do here on PHPFreaks. The problem is that I have this code to eliminate any security issues with HTML... echo ' <div class="userPost"> <span class="commentDate">Posted on: ' . date('Y-m-d g:ia', strtotime($createdOn)) . '</span> <span class="commentNo">#' . $commentCount . '</span> <p>' . nl2br(htmlentities($comments, ENT_QUOTES)) . '</p> </div>'; Any suggestions to have it both ways? Thanks, Debbie Hi, I'm trying to delete a string that's single quoted. From: Cyto's to Cyto, but doesn't work. It works when I add 's to the string with stripslashes, but I can't seem to delete a quote from a string. Does someone know how? My $_post code: Code: [Select] $name=mysql_real_escape_string(stripslashes($_POST["ename"])); Cheers I need some help working out this MySQL query:
I need it to pull a random quote, that hasn't been used before (that's the 'checked' part of the query), and it needs to find it based on a specific category. I am using this alongside PHP with MySQLI Prepared method.
SELECT `id`, `word`, `def` FROM `dictionary` AS `r1` JOIN (SELECT (RAND() * (SELECT MAX(`id`) FROM `dictionary`)) AS `id`) AS `r2` WHERE `r1`.`id` >= `r2`.`id` AND `category`=? AND `checked`=0 ORDER BY `r1`.`id` ASC LIMIT 1This query yields an error stating that the id column is ambiguous. Hi, I am trying to send input Don't, can't or anything else which contains '. But Ajax sends it like: t_name=Don%27t&_=1589636831048 and then I got an error while trying to insert to mysql. I only have problem with '. I tried lots of thing but something is missing. I couldn't figure it out. Could somebody help me? My Ajax: var t_name = document.getElementById(mydiv).value; $.ajax( { type: "GET", url: './api/objects/add.php', async:false, cache:false, contentType: "application/x-www-form-urlencoded;charset=ISO-8859-1", dataType: 'json', data: { t_tsk: id, t_name: t_name }, success: function (result) { }, error: function(xhr, status, error) { document.getElementById("errorDiv").hidden = false; if (xhr.responseText) { } else { } } }); My url when I write don't to input area: /add.php?t_tsk=1&t_name=Don%27t&_=1589636831048 My php code: <?php // include database and object files include_once '../config/database.php'; include_once '../objects/myObject.php'; // get database connection $database = new Database(); $db = $database->getConnection(); $myObject = new MyObject($db); $myObject->t_id = isset($_GET['t_tsk']) ? $_GET['t_tsk'] : die(); $myObject->name = isset($_GET['t_name']) ? utf8_decode($_GET['t_name']) : die(); if($myObject->create()){ http_response_code(200); $myObject_arr=array( "status" => true, "message" => "Successfully created!", "id" => $myObject->id, "name" => $myObject->name ); } else{ http_response_code(401); $myObject_arr=array( "status" => false, "message" => "Error!" ); } print_r(json_encode($myObject_arr)); ?> Thank you all. Good Day everyone. I'm looking at creating a quote calculator, it will be like a form with questions about what the user wants to buy or quote and will give out a number in dollars based on what product the user selects from a drop down list. Example: What sandwich would you like to buy? (List Items) Price:(prices will be echo here). 1. Roast beef 2. Chicken 3. vegetable 4. Fish Now if the user selects Roast Beef, the price of the Roast Beef sandwich will be echo or printed. What would you like on your sandwich? (Check boxes must be use because user may need more then one condiment added.) 1. Ketchup 2. Cheese 3. Mustard 4. Lettuce Now if the user add ketchup, Cheese, ect, the price will add to the price of the sandwich and echo a total. Would you like a drink with your order? Again check boxes, user can select more then one drink, price added and totaled. 1. Diet Coke 2. Sprite 3. Root Beer 4. Mountain Dew. Also I need to be able to change the prices of each product in the script. The user does not see the price. The price only becomes visible when the item selected and added to the total. I would like to do this myself but novice to php, I have never done this kind of script befor and have been searching for tutorials and other resources but nothing close to this. Does anybody know where I can find an example, tutorials? Thanks everyone. IC Hey, I just wondered if someone could help me with this small problem? Here's the code: <?php if($_GET['act'] == "generate_quotes") { $db = mysql_connect("*", "*", "*") or die ("Unable to connect to database."); mysql_select_db("quote") or die ("Unable to select database."); $offset_result = mysql_query( " SELECT FLOOR(RAND() * COUNT(*)) AS `offset` FROM `quote` "); $offset_row = mysql_fetch_object( $offset_result ); $offset = $offset_row->offset; $result = mysql_query( " SELECT * FROM `quote` LIMIT $offset, 1 " ); $fetch = mysql_fetch_array($result); echo "<blockquote>".$fetch['q_quote']; mysql_close($db); } else { echo "<img src=\"1.png\">"; } ?> <a href='gen.php?act=generate_quotes'>Generate</a> Basically what it does is shows an image until a link is clicked, then the image disappears and some quotes are generated in it's place. When you click the link, sure enough, the image disappears and the quotes are read from the database. But after that the link doesn't change the quote. [it's meant to randomly cycle through the quotes in the database]. The quote still changes when refreshing the page, but this link: <a href='gen.php?act=generate_quotes'>Generate</a> does nothing after 'generate_quotes' has been set. any ideas how to fix this? thanks in advance. While playing with some code, I wrote these few lines of script. $_SESSION["favcolor"] = green; echo "Session variable is ". $_SESSION["favcolor"] ;
I tested the code and everything worked fine. I corrected the code $_SESSION["favcolor"] = "green"; But when I tested it, the page would not open/load.
Then I removed the quote marks and restored the line to it's original state $_SESSION["favcolor"] = green; And things worked fine.
Shouldn't the quote marks be required? If this were an example post in a forum: Code: [Select] $post = '[quote author=james]hello this is a quote[/quote] here is some mor text between the next coming quote [quote author=david]hello this is another quote[/quote]'; What is the best way to replace the [quotes author=x] with opening html tag eg: Code: [Select] <div class="quote"><div class="quoteTitle">author=x</div> And then determine if the next is a [/quote ] is an opener or close quote? And then of course there is the issue of the user deleting a [/quote] or even placing a [/quote] before an open quote... Does anyone know of an example to look at? I am making a simple script for my friend that uses mod_rewrite, but for testing I don't use the mod_rewrite link. The page is video.php The extension is ?title= I have having a problem when I type the title with a Single Quote in it('). Example. video.php?title=The-Sorcerer's-Apprentice I have str_replace for the dash(-) to be replaced as a space, so that's not the problem. Here's my code. <?php if($_GET) { $title="{$_GET['title']}"; $title = str_replace('_', ' ', $title); $title = str_replace('-', ' ', $title); if ($list = mysql_query("SELECT * FROM videos WHERE title='". mysql_real_escape_string($title) ."'") or die (mysql_error())); { if(mysql_num_rows($list) > 0){ if (mysql_num_rows($list)) { while($videos=mysql_fetch_array($list)) { ?> <div id="content"> <center><h3><?php echo $videos['title']; ?></h3> <object width="640" height="385"><param name="movie" value="<?php echo $videos['youtubelink']; ?>"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="<?php echo $videos['youtubelink']; ?>" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="640" height="385"></embed></object> <br/><br/><a onclick="javascript:history.go(-1)" href="#">Go Back</a> </center> </div> <?php } } } ?> This topic has been moved to PHP Freelancing. http://www.phpfreaks.com/forums/index.php?topic=320289.0 Hi all, I have an issue on a form that when it gets submitted a slash '/' appears before every quote symbol. I had help solving the issue on one of the fields (the name field), but then later it was discovered that the slashes appear in all the fields whenever a quote was used (agreed, poor testing). Can someone be so good to help me solve this? My php knowledge is not so great which is exactly why I'm asking here Please see my code below. If this problem can be solved in the same manner as the name field was solved, then there are 2 files which will need the edits. They are below: (some trivial information purposely removed for security reasons) preview.php <div id="card"> <img id="logo" src="logo.jpg" /> <div id="card1"><?php echo stripslashes($_REQUEST['text1']); ?> </div> <div id="card2"><?php echo $_REQUEST['text2']; ?> </div> <div id="card3"><?php echo $_REQUEST['text3']; ?> </div> <?php if($_REQUEST['text4'] != '' && $_REQUEST['text5'] != '') $text = $_REQUEST['text4'].' • '.$_REQUEST['text5']; else $text = $_REQUEST['text4'].$_REQUEST['text5']; ?> <div id="card4"><?php echo $text; ?> </div> <div id="card5"><?php echo $_REQUEST['text6']; ?> </div> </div> second_form.php <?php session_start(); $db_host = 'localhost'; $db_name = ''; $db_user = ''; $db_pass = ''; $admin_email = "admin@aserver.com"; if(isset($_REQUEST['text1'])) $_REQUEST['text1'] = stripslashes($_REQUEST['text1']); $from = 'orders@mycompany.com'; if($_REQUEST['count'] != '50' && $_REQUEST['count'] != '100') { header( 'Location: order.php' ); die(); } $card_number = trim($_REQUEST['card_number']); $card_security = $_REQUEST['card_security']; $card_exp_m = sprintf("%02d",((int)$_REQUEST['car_exm_m'])%100); $card_exp_y = sprintf("%02d",((int)$_REQUEST['car_exm_y'])%100); $count = $_REQUEST['count']; $shipping = 8.65; $price = $shipping; switch($count) { case 50: $price += 25; break; case 100: $price += 38; break; } //$price = 0.01; //$shipping = 0.01; $price = sprintf("%0.2f",$price); $fd_xsd = 'http://***'; $v1_xsd = 'http://***'; $a1_xsd = 'https://***'; //$email_rep = str_replace('@','[at]',$_REQUEST['text4']); $soap = <<<SOAP <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header /> <SOAP-ENV:Body> <fdggwsapi:FDGGWSApiOrderRequest xmlns:fdggwsapi="$fd_xsd" xmlns:v1="$v1_xsd"> <v1:Transaction> <v1:CreditCardTxType> <v1:Type>sale</v1:Type> </v1:CreditCardTxType> <v1:CreditCardData> <v1:CardNumber>$card_number</v1:CardNumber> <v1:ExpMonth>$card_exp_m</v1:ExpMonth> <v1:ExpYear>$card_exp_y</v1:ExpYear> </v1:CreditCardData> <v1:Payment> <v1:ChargeTotal>$price</v1:ChargeTotal> <v1:Shipping>$shipping</v1:Shipping> </v1:Payment> <v1:Billing> <v1:Name>{$_REQUEST['text1']} - {$_REQUEST['text2']} - {$_REQUEST['text3']}</v1:Name> <v1:Email>{$_REQUEST['text4']}</v1:Email> <v1:Phone>{$_REQUEST['text5']}</v1:Phone> <v1:Address2>{$_REQUEST['text5']}</v1:Address2> <v1:Address1>{$_REQUEST['text6']}</v1:Address1> </v1:Billing> <v1:Shipping> <v1:Name>{$_REQUEST['info_name']}</v1:Name> <v1:Address1>{$_REQUEST['info_street']} {$_REQUEST['info_APT']}</v1:Address1> <v1:City>{$_REQUEST['info_city']}</v1:City> <v1:State>{$_REQUEST['info_state']}</v1:State> <v1:Zip>{$_REQUEST['info_zip']}</v1:Zip> </v1:Shipping> </v1:Transaction> </fdggwsapi:XXXApiOrderRequest> </SOAP-ENV:Body> </SOAP-ENV:Envelope> SOAP; // echo htmlentities($soap); $link = "https://ws.firstdataglobalgateway.com/****"; $store_id = "***"; $user_id = "***"; $pass = "***"; $key_pass = "***"; $uss_pass = ('WS'.$store_id.'***:'.$pass); $path = "/home/hoster/ssl_firstdata/"; $pem_path = $path . "***.pem"; $key_path = $path. "***_.1.key"; $ch = curl_init($link); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml") ); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);curl_setopt($ch, CURLOPT_USERPWD, $uss_pass); curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, $soap); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSLCERT, $pem_path);//pem file curl_setopt($ch, CURLOPT_SSLKEY, $key_path); // crt file curl_setopt($ch, CURLOPT_SSLKEYPASSWD, $key_pass); $res = curl_exec($ch); //$xml = simplexml_load_string('<?xml version="1.0" encoding="UTF-8"? >'.$res); $xml = simplexml_load_string('<?xml version="1.0" encoding="UTF-8"?>'.$res); $ch = $xml->children('SOAP-ENV',true);$ch = $ch[1];$ch = $ch->children('fdggwsapi',true);$response = $ch[0]; $orderId = trim((string)$response->OrderId); mysql_connect($db_host , $db_user, $db_pass); if(!mysql_select_db($db_name)) { echo "Create the database please"; exit; } $result = array( 'Order Number' => $orderId, 'errorMessage' => (string)$response->ErrorMessage, 'response' => $res, "\n\nv_name" => $_REQUEST['text1'], 'v_degree' => $_REQUEST['text2'], 'v_graduation' => $_REQUEST['text3'], 'v_email' => $_REQUEST['text4'], 'v_phone' => $_REQUEST['text5'], 'v_address' => $_REQUEST['text6'], "\n\nOrder Details" => "\n", 'v_quantity' => $_REQUEST['count'], 'cost' => ($_REQUEST['count'] == '50' ? '$25.00' : '$38.00'), 'shipping and handling' => '$8.65', 'total price' => ($_REQUEST['count'] == '50' ? '$33.65' : '$46.65'), "\n\nShipping Information" => "\n", 'name' => $_REQUEST['info_name'], 'street' => $_REQUEST['info_street'], 'apt' => $_REQUEST['info_APT'], 'city' => $_REQUEST['info_city'], 'state' => $_REQUEST['info_state'], 'zip' => $_REQUEST['info_zip'] ); if(strlen($orderId) != 0 && strpos((string)$response->ErrorMessage,'database error') === false)//success { $result['success'] = 1; $link = 'order.php?step=3'; $subject = "order submitted"; } else { $result['success'] = 0; $link = 'order.php?step=-3'; $subject = "Error occured while creating order"; } $_SESSION['data'] = $result; $into = array(); $values = array(); foreach($result as $key => $val) { $into[] = "`$key`"; if($key == 'v_quantity') $values[] = addslashes ($val); else $values[] = "'".addslashes($val)."'"; } $query = "INSERT INTO `***`.`orders` (".implode(', ',$into).") VALUES (".implode(', ',$values).");"; require_once "send_mail.php"; $sendTo = array($admin_email,$result['v_email']); send_mails($sendTo,$from,$subject,$result); mysql_query($query); header('Location: '.$link); exit; function render() { global $res,$xml; // var_dump($_REQUEST); // echo $res; // echo htmlentities($res); /* */ var_dump($xml); } ?> I am trying to do the seemingly simple thing - replace all single quotes in text str_replace ("'", "´", $text); It does not replace anything. I trying escaping single quote, using other similar functions - nope. Also tried to google What I an doing wrong? Any help would ne much appreciated. This will have been posted before, but I can't find a solution that works. Most people say to try mysql_real_escape_string, I have tried lots of variations and it doesn't seem to work. Could anyone help with the below code? It is part of a form that returns a syntax error when adding a single quotation mark e.g. entering "Bryan's" into the form causes the error. I'd be really grateful for any assistance. Steven P.S. Before anyone mentions it, the mysql connect does work - I just haven't included the full page of code. Code: [Select] mysql_connect($dbserver, $dbusername, $dbpassword); mysql_select_db($dbname); $sitetitle = htmlentities($_POST[sitetitle]); $query = mysql_query("UPDATE site_settings SET sitetitle = '$sitetitle'"); echo("<b>Settings Updated!</b>"); I have a form that people can fill out, and then it echos the string, however right now they can't use single quotes. Below is how I have it settup. Code: [Select] $side = '<p>About Me:</p> <ul> <li>Birth Date: October, 23rd, 2010</li> <li>Hometown: Rapid City, SD</li> <li>Height: 4\'</li> <li>Weight: 50lbs</li> <li>Foot Size: 4</li> <li>Favorite Movie: All of the Shrek Movies!</li> <li>Favorite Book: Winnie the Pooh Series</li> <li>Favorite Cartoon Character: Eeyore or Donkey from Shrek!</li> <li>Favorite TV Show: Anything on Animal Planet!</li> <li>Favorite Food: Hay</li> <li>Favorite Pro Sports Team: Rapid City Rush</li> <li>Favorite Mascot: Nugget, of course!</li> <li>Favorite Game: Donkey Kong!<br /> </li> </ul>'; if ($side != NULL){ echo "<div class=\"grid_6\" id=\"tertiary\"> $side </div>"; }else{ } And I would be able to use $side = "whatever I want to write"; because then they would still need to escape the double quotes with \" if they wanted to put in a link or anything. How do I do this with allowing them to just use single quotes when they enter their data so they don't have to \' (escape the single quote)? Thanks Hi, I am able to parse php variable in double quote but not in single quote. How can I parse in single quote. Following example shows 2 results and I want same result in both. First Name : Zohaib First Name : $firstname Code: [Select] // Connecting, selecting database $link = mysql_connect('localhost', 'root', 'password'); mysql_select_db('dbname'); // Performing SQL query $query = 'SELECT first_name FROM tablename'; $result = mysql_query($query); // Printing results in HTML while ($row = mysql_fetch_assoc($result)) { $firstname=$row['first_name']; } echo"<table> <tr> <td>First Name : </td> <td>$firstname</td> </tr></table>"; echo'<table> <tr> <td>First Name : </td> <td>$firstname</td> </tr></table>'; What are the changes I need to do to achieve same result. Any solution ? - Thanks. How would I go about making a small feature for my moderators that allows them to select multiple threads while viewing a forum then take action? All I need is an idea of how I would do this. Wouldn't I use the explode() function? Example: http://i490.photobucket.com/albums/rr267/brannenclass/ex.png So I built a tool for my cms a while back and have decided to share it. The only 2 things that I know of that are similar in nature is phpmyadmin or sql buddy. Now my tool is not nearly as in depth as either of those but what it lets you do is run any query string right from the webpage. But the cool thing that it has over phpmyadmin and sql buddy is that it has buttons for many of the common commands and a ajax select to get the available column names for the selected table. So now you don't have to try and remember what table had what column and "how did I spell that column again".
I use this to test sql strings for syntax and to quickly see if it returns the results I expect without having to edit the code and then save, upload or hit refresh or whatever. Since all the the stuff is done via ajax, it's all quickly displayed and you can change the query immediately and hit the Run Query button again.
I just thought that this could be helpful and useful for others. You can download it here http://amecms.com/ar...ckly-and-Easily
Ideally just one word authentication and pretty simple, but effective. Preferebly one that does not use Sessions because then the user is unable to press the back button to go back to the original page after submitting the form... I know I could just put a text link there but not all users would click that link... |