PHP - Protecting Input Fields From Illegal Characters.
Hi all,
I'm working on this site which I'll soon ask the guys in the testing forum to have a peek at. It's essentially an online community that was a uni project that has spiraled and grown exponetially. I've spent many many hours in front of books and tutorals etc to put it together and as far as scripting goes, it seems to be fine. The problem i'm having...The tut's that I read / watched were using eregi_replace to protect text fields and this is now unsuported. I want my site to be as secure as it can be, within reason. I've tried using preg_replace instead and have searched for the syntax but i keep getting strang results. I'm working on the "bio" field at the moment and then when that works I can move on and a-ply the same idea to the other fields. This si what I have and what I've changed. if ($_POST['parse_var'] == "bio"){ $bio_body = $_POST['bio_body']; //$bio_body = str_replace("'", "'", $bio_body); (WAS TESTING THIS BUT NO JOY) //$bio_body = str_replace("`", "'", $bio_body); $bio_body = mysql_real_escape_string($bio_body); $bio_body = nl2br(htmlspecialchars($bio_body)); $bio = $_POST['bio']; $bio = eregi_replace("'", "'", $bio); (This works but is not as secure) $bio = eregi_replace("`", "'", $bio); $bio = mysql_real_escape_string($bio); $bio = nl2br(htmlspecialchars($_POST['bio'])); $sqlUpdate = mysql_query("UPDATE members SET bio='$bio' WHERE id='$id'"); and so on....} When I change it to str_replace if I type in don't the whole word is deleted. when I type in preg I get an error. Can someone please give me the correct code / syntax for getting the result I want. I just want to make sure that every single field that has a user input is protected against any malicious attacks. Thanks. Similar TutorialsHi Guys, This should be a simple one. I am looking for the best way to ensure that any illegal characters are removed from an input. I have a user registration form and login page. What I want to do is prevent against sql injection and therefore should be limiting the characters that can be entered. For example I want a username to include only letters and numbers so I ideally want to strip out any white space, illegal characters such as " ' ( ) etc... My issue with this is with the password, I would ideally like the user to be able to put as complex a password as they would like, so how would i prevent against illegal characters in this instance?? Cheers Hey I wasn't able to add/edit some text to the mysql database because of some character how can i bypass them should i use the mysql_real_escape_string() ? if yes how do i make it work with the code i got? thaks <?php include "../configdb.php"; $id = $_GET['id']; if(isset($_POST['submit'])) { //global variables $name = $_POST['name']; $footer = $_POST['footer']; //run the query which adds the data gathered from the form into the database $result = mysql_query("UPDATE pages SET name='$name', footer='$footer' WHERE id='$id' ",$connect); echo "<b>Your Page have been edited successfully"; // echo "<meta http-equiv=Refresh content=2;url=index.php>"; } elseif($id) { $result = mysql_query("SELECT * FROM pages WHERE id='$id' ",$connect); while($row = mysql_fetch_assoc($result)) { ?> <h3>::Edit Page</h3> <form method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>?id=<?php echo $row['id']?>"> <input type="hidden" name="id" value="<?php echo $row['id']?>"> <textarea name="name"><?php echo $row['name']?></textarea> <input name="footer" size="40" maxlength="255" value="<?php echo $row['footer']?>"> <input type="submit" name="submit" value="Submit"> <?php } } ?> Hey guys,
Thank you in advance... here is my situation, I have a form with three (3) fields in it, the 'student name' is unlimited textfield with an "add more" button to it and I have two select fields ('number of shirts' and 'trophies') that depend on the number of entries for 'student name'...
I want to create the select fields based on this math, for as many 'student name' entries:
1- i want to have the select form for 'number of shirts' to be 0 up to that number... so if there are 6 'student name' entries, the select options will be 0,1,3,4,5,6,7
2- I want to have the select form for 'trophies' to be 5 'student name' entries to 1 'trophies', for example if there are 6 'student name' entries, the select options will be 0,1... if there are 13 entries, options will be 0,1,2... So if there are less than 5 'student name' entries, the select field will not show (hidden)
of course if there are no 'student name' entries, these two fields won't show up (hidden)
let me know if that make sense and ANY help or directions will be GREATLY APPRECIATED.
Thanks guys!
I have a calendar select date function for my form that returns the date in the calendar format for USA: 02/16/2012. I need to have this appear as is for the form and in the db for the 'record_date' column, but I need to format this date in mysql DATE format (2012-02-16) and submit it at the same time with another column name 'new_date' in the database in a hidden input field. Is there a way to do this possibly with a temporary table or something? Any ideas would be welcome. Doug Hiya peeps, I am using preg_match to validate URLS; preg_match("/(((https?|ftp|gopher):\/\/|(mailto|file|news):)[^' <>\"]+|(www|web|w3).[-a-z0-9.]+)[^' .,;<>\":]/i", $this->_searchString) I works great, the only issue I have is I am using it in an if statment, and what I need to do is something like this. if(preg_match("/(((https?|ftp|gopher):\/\/|(mailto|file|news):)[^' <>\"]+|(www|web|w3).[-a-z0-9.]+)[^' .,;<>\":]/i", $this->_searchString)) { CHECK IF $this->_searchString has http:// at the start of it or if it has a / at the end and remove them if it does. I need $this->_searchString to end up with only www.SITE.co.uk before I can input it into the relevant function. } else { } Many thanks, James. I have a website with a variable number of inputs in various categories. I want to allow the user to add rows to the table with the input lines in every category. The table looks like this:
<tr><th>Working Capital Changes</th></tr><tr><td><input type="hidden" name="category_code[]" value="WORK"><input type="text" name="description[]" value="Increase (decrease) in working capital" size="60"></td> <td><input type="text" name="amount[1][]" value="" onblur="this.value = formatNumber2Comma(this.value);" ></td></tr> <tr><td><input type="hidden" name="category_code[]" value="WORK"><input type="text" name="description[]" value="" size="60"></td> <td><input type="text" name="amount[1][]" onblur="this.value = formatNumber2Comma(this.value);" ></td></tr> <tr><th>Depreciation and Amortization</th></tr><tr><td><input type="hidden" name="category_code[]" value="DEPR"><input type="text" name="description[]" value="Depreciation and Amortization (for taxes)" size="60"></td> <td><input type="text" name="amount[1][]" value="" onblur="this.value = formatNumber2Comma(this.value);" ></td></tr> <tr><td><input type="hidden" name="category_code[]" value="DEPR"><input type="text" name="description[]" value="" size="60"></td><td><input type="text" name="amount[1][]" onblur="this.value = formatNumber2Comma(this.value);" ></td></tr>I tried adding the following near the top of the page: <script src="//ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script> <script type="text/javascript"> var count = 0; $(function(){ alert ('wow'); $('tr#add_field').click(function(){ alert ('whee'); count += 1; $('#container').append('<table><tr><td><input id="field_' + count + 'type="hidden" name="category_code[]" value="DEPR"><input type="text" name="description[]" value="" size="60"></td><td><input type="text" name="amount[1][]" onblur="this.value = formatNumber2Comma(this.value);" ></td></tr></table>' ); }); });I get the wow alert on page load and whee when I click the link: <tr id="add_field"><th><a href="#">Click to add another line</a></th></tr>that I added to the bottom of the table before the </table> but I do not get an additional line I have tried moving the add_field line outside of the table and changing the <tr></tr> to a <p></p> but that does not help. Hello, i need to validate 200 input fields if they are not empty, i have the following code where i'm stuck and i'm missing something any help is appreciated Code: [Select] if($_SERVER['REQUEST_METHOD'] == 'POST') { //print_r($_POST); foreach ($_POST as $value) { if (empty($value)){ echo 'empty'; } else { echo 'notempty'; } } } I have 2 fields, one for Mother's mobile, the other for Father's mobile. I want to ensure that at least one of the 2 fields contains a number. This is what I have: Code: [Select] <?php if(!isset($_POST['guardian1_mobile']) && !isset($_POST['guardian2_mobile'])) { // no number entered in either field $errors[] = 'You must enter a mobile number in at least one of the Guardian1 or Guardian2 Mobile fields.'; } else { // if Mother mobile if(!is_numeric($_POST['guardian1_mobile']) || strlen(trim($_POST['guardian1_mobile'])) != 7) { // number must be numeric and exactly 7 digits $errors[] = '<strong>Guardian1 mobile</strong>: please enter a 7-digit number without spaces or dashes.'; } else { $_SESSION['guardian1_mobile'] = $_POST['guardian1_mobile']; } // if Father mobile if(!is_numeric($_POST['guardian2_mobile']) || strlen($_POST['guardian2_mobile']) != 7) { $errors[] = '<strong>Guardian2 mobile</strong>: please enter a 7-digit number without spaces or dashes.'; } else { $_SESSION['guardian2_mobile'] = $_POST['guardian2_mobile']; } } However, when I leave both fields blank, errors for the 'else' part of the condition are returned ('Please enter a 7-digit number...'). But it should never get as far as the 'else'.... Can anyone tell me what's wrong with my logic in the first line?... Thanks in advance. I have an email form that is sending to an email address. There are five fields where the person sending can input their Name, Address, City, State, and Zip. Everything is working, except I want the input from these fields to be the the headers in the PHP email. For instance it submits and send the letter, but I want the senders Name, Address, City, State, and Zip to be posted after the "Sincerely" in the letter sent. Here is what the input boxes of the form looks like: Code: [Select] <p>Sincerely,<br /> <label for="from">Name:</label> <input type="text" name="from" id="name" value="<?php echo $_POST['from'];?>"/><br /> <label for="street">Street:</label> <input type="text" name="street" id="street" value="<?php echo $_POST['street'];?>"/><br /> <label for="city">City:</label> <input type="text" name="city" id="city" value="<?php echo $_POST['city'];?>"/><br /> <label for="zip">Zip:</label> <input type="text" name="zip" id="zip" value="<?php echo $_POST['zip'];?>"/><br /> <label for="email">E-mail:</label> <input type="text" name="email" id="email" value="<?php echo $_POST['email'];?>"/></p> <input type="submit" class="button" value="Submit" /> How do I go about posting the PHP headers in the email upon submission? can someone tell me why this won't work? I just want to key in the amtpaid and have fields inserted. I get no errors but the only field inserted is the datepaid . <html><head> <script> function $_(IDS) { return document.getElementById(IDS); } function calculate_paid() { var amtpaid = parseInt($_("amtpaid").value); var rentdue = parseInt($_("rentdue").value); var prevbal = parseInt($_("prevbal").value); var secdep = parseInt($_("secdep").value); var latechg = parseInt($_("latechg").value); var damage = parseInt($_("damage").value); var courtcost = parseInt($_("courtcost").value); var nsf = parseInt($_("nsf").value); var hudpay = parseInt($_("hudpay").value); var late = ($_("late").value); var paidsum = parseInt($_("paidsum").value); var dateNow = new Date(); var dayNow = dateNow.getDate(); var datePaid = (dateNow.getMonth()+1)+"/"+dateNow.getDate()+"/"+dateNow.getFullYear(); $_('datePaid').value = datePaid; if(dayNow > 5) { late = "L"; prevbal = prevbal + 10; } paidsum = paidsum + amtpaid var tentpay = amtpaid - hudpay; var totOwed = rentdue + prevbal - hudpay; var left = totOwed - amtpaid; if (amtpaid <= totOwed) { prevbal = left; } left = amtpaid - totOwed; if (left <= secdep) { secdep = secdep - left; } left = left - secdep; if (left <= damage) { damage = damage - left; } left = left - damage; if (left <= latechg) { latechg = latechg - left; } left = left - latechg; if (left <= courtcost) { courtcost = courtcost - left; } left = left - courtcost; if (left <= nsf) { nsf = nsf - left; } prevbal = left - nsf; } </script> </head><body> <?php mysql_connect(localhost,root,""); mysql_select_db(test) or die( "Unable to select database"); if(!empty($_POST["submit"])) { $apt = $_POST['apt']; $query="SELECT * FROM testdata Where apt='$apt'"; $result=mysql_query($query); if(mysql_num_rows($result)) { echo "<form action='#' method='post'><b>Rent Payment :<br /><br /> <table cellspacing=0 cellpadding=0 border=1> <tr> <th>Name</th> <th>Apt</th> <th>Paid</th> <th>Due</th> <th>Prev Bal</th> <th>Sec Dep</th> <th>Late Chg</th> <th>Dmg</th> <th>Court Cost</th> <th>NSF</th> <th>Tent Pay</th> <th>Hud Pay</th> <th>Date Paid</th> <th>Late</th> <th>Comments</th> <th>Paidsum</th> </tr>"; while($row = mysql_fetch_assoc($result)) { echo "<tr> <td><input type='text' size=25 name='name' value='" . $row['name'] . "'></td> <td><input type='text' size=2 name='apt' value='" . $row['apt'] . "' ></td> <td><input type='text' size=4 id='amtpaid' name='amtpaid' value='" . $row['amtpaid'] ."' onBlur='calculate_paid(this)'></td> <td><input type='text' size=4 id='rentdue' name='rentdue' value='" . $row['rentdue'] . "'></td> <td><input type='text' size=4 id='prevbal' name='prevbal' value='" . $row['prevbal'] ."'></td> <td><input type='text' size=4 id='secdep' name='secdep' value='" . $row['secdep'] ."'></td> <td><input type='text' size=4 id='latechg' name='latechg' value='" . $row['latechg'] ."'></td> <td><input type='text' size=4 id='damage' name='damage' value='" . $row['damage'] ."'></td> <td><input type='text' size=4 id='courtcost' name='courtcost' value='" . $row['courtcost'] ."'></td> <td><input type='text' size=4 id='nsf' name='nsf' value='" . $row['nsf'] ."'></td> <td><input type='text' size=4 id='tentpay' name='tentpay' value='" . $row['tentpay'] . "'></td> <td><input type='text' size=4 id='hudpay' name='hudpay' value='" . $row['hudpay'] ."'></td> <td><input type='text' size=10 id='datepaid' name='datepaid' value='" . $row['datepaid'] . "'></td> <td><input type='text' size=1 id='late' name='late' value='" . $row['late'] . "'></td> <td><input type='text' size=25 name='comments' value='" . $row['comments'] . "'></td> <td><input type='text' size=4 id='paidsum' name='paidsum' value='" . $row['paidsum'] . "'></td> </tr>"; } echo "</table> <input type='submit' name='update' value='Make Payment' /> </form>"; } else{echo "No listing for apartment $apt.<br />Please select another.<br />";} } if(!empty($_POST["update"])) { $sql = "UPDATE testdata SET name = '" . mysql_real_escape_string($_POST['name']) . "', amtpaid = '" . mysql_real_escape_string($_POST['amtpaid']) . "', rentdue = '" . mysql_real_escape_string($_POST['rentdue']) . "', prevbal = '" . mysql_real_escape_string($_POST['prevbal']) . "', secdep = '" . mysql_real_escape_string($_POST['secdep']) . "', latechg = '" . mysql_real_escape_string($_POST['latechg']) . "', nsf = '" . mysql_real_escape_string($_POST['nsf']) . "', damage = '" . mysql_real_escape_string($_POST['damage']) . "', courtcost = '" . mysql_real_escape_string($_POST['costcost']) . "', tentpay = '" . mysql_real_escape_string($_POST['tentpay']) . "', hudpay = '" . mysql_real_escape_string($_POST['hudpay']) . "', datepaid = '" . mysql_real_escape_string($_POST['datepaid']) . "', late = '" . mysql_real_escape_string($_POST['late']) . "', comments = '" . mysql_real_escape_string($_POST['comments']) . "', paidsum = '" . mysql_real_escape_string($_POST['paidsum']) . "' WHERE apt='".$_POST["apt"]."'"; mysql_query($sql) or die("Update query failed."); echo "Record for apartment ".$_POST["apt"]." has been updated"; } ?><form method="post" action="#"> <br /> <input type="text" name="apt"/> <p> <input type="submit" name="submit" value="select apartment"/> </form> </body></html> Hello people, thank you to everyone that has helped me on this forum. You have been terrific. I am submitting a form to a database and am having a small problem with the validation scripts. Basically if the user doesn't put something into one of the fields they get an error message. However, I am keeping the information already submitted in the input box with the following code Code: [Select] <input type='text' name='username' size = '40' maxlength='30' value = '<?php echo $username; ?>'> This is so that the user doesn't have to input the same data again if he forgot one box. How do I do the same for "drop down" boxes? Here is the code from the form for the "ppr" (aviation terms 'Prior Permission Required') Code: [Select] <select name = "ppr"> <option value = "Yes">Yes </option> <option value="No">No </option> </select> The problem I have is that there are quite a number of these drop down boxes on the form I have created. And it always goes back to the first "option value" when there is an error. I do have a variable for $ppr, please could someone tell me how to incorporate it so that the user doesn't have to select the correct option value all over again. Hope my explanation is clear. Thanks in advance. Hi I have a form that is to input data from input fields to a table. The form is as follows: $query = $DB->query("SELECT country_code, country_id, IF(country_code = '".$country_code."', '', '') AS sel FROM exp_sme_countries WHERE site_id='".$this->settings['site_id']."' ORDER BY country_name ASC"); foreach ($query->result as $row) { $options .= '<label>' . 'Phrase for ' . $this->settings['countries'][$row['country_code']] . '</label>' . '<br />'; $options .= '<input style="width: 100%; height: 5%;" id="country_data" type="text" name="country_id[]" />' . '<br /><br />'; $options .= '<input type="hidden" name="country_data[' . $row['country_id'] . ']" value="'.$row['country_id'].'" />'; } This outputs: Code: [Select] <input style="width: 100%; height: 5%;" id="country_data" type="text" name="country_id[]" /> <input type="hidden" name="country_data[68]" value="68" /> <input style="width: 100%; height: 5%;" id="country_data" type="text" name="country_id[]" /> <input type="hidden" name="country_data[28]" value="28" /> What I need to do, is get the values from the input fields and then match them with the correct hidden field value So if in the first input field, I typed in 'Test data' and the second input, i typed 'This is great' On the POST, I need to find the the value ('Test data') and also the value from the hidden field. So something like: Quote The text you entered is: Test data with hidden value of 68 The text you entered is: This is great with hidden value of 28 I'd rather not use $_GET as this is a form that inserts data into a database. Could someone point my in the right direction or provide an example? Hey Guys. I have a quick question. Should i "prep" input values coming from a radio or checkbox input field? Can an SQL injection occur through those 2 input fields, or is it only text fields?
I built a basic form with certain fields required. When a required field isn't filled, the errors are echoed but not in the best area. I'd like for each error message to be displayed underneath their respected input fields. What do I need to look into? <?php if(!empty($_POST['submit'])) { // set variables $name = mysql_real_escape_string($_POST['name']); $email = mysql_real_escape_string($_POST['email']); $email2 = mysql_real_escape_string($_POST['email2']); $age = mysql_real_escape_string($_POST['age']); $city = mysql_real_escape_string($_POST['city']); $state = mysql_real_escape_string($_POST['state']); // 1A. REQUIRED FIELDS VERIFICATION if(!empty($name) && !empty($email) && !empty($email2) && !empty($city) && !empty($state)) { // 1B. END REQUIRED FIELDS VERIFICATION } else { echo '<img src="images/icon_error.png" alt="" title="" /> Please fill out the required fields.<br />'; if (empty($name)) { echo 'Whats your name?!<br />'; } if (empty($email)) { echo 'No email given.<br />'; } if (empty($email2)) { echo 'Please verify your email<br />'; } if (empty($city)) { echo 'What city are you from?<br />'; } if (empty($state)) { echo 'What State!<br />'; } echo '<br /><br />'; } // 1B. END REQUIRED FIELDS ERROR CODES } ?> <form action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> <div class="formSec"><label for="name" class="required">Full Name:</label> <input type="text" name="name" id="name" value="" /></div> <div class="formSec"><label for="email" class="required">Email:</label> <input type="text" name="email" id="email" value="" /></div> <div class="formSec"><label for="email2" class="required">Confirm Email:</label> <input type="text" name="email2" id="email2" value="" /></div> <div class="formSec"><label for="age" class="required">Age:</label> <input type="text" name="age" id="age" value="" /></div> <div class="formSec"><label for="city" class="required">City:</label> <input type="text" name="city" id="city" value="" /></div> <input class="submit" type="submit" name="submit" value="Submit" /> </form> I would like to split the field specific location on a page into two fields. ( This is how it looks now: http://qwikad.com/?view=post&cityid=269&lang=en&catid=3&subcatid=27&shortcutregion= ) I want keep the same MySQL table for that field but make it possible for visitors to enter 2 separate texts. This is how the code looks right now: <input name="area" type="text" size="40" class="input" maxlength="50" value="<?php echo $data['area']; ?>"> I am not strong in PHP programming at all, so I tried to copy and paste that field twice, but it only posts one entry out of the two. Can this be done? I have a problem w/ a widely used password protect php code. I use a business directory program that allows custom input fields. I'm using this code to password protect a business listing page in my directory code. I created custom fields for the username & password so a listing can enter their own user/pass but when I test it it won't work when I'm calling/echoing the fields. When I hardcode it w/ a user/pass it works. Any ideas on how I should recode this?: Quote <?php // Define your username and password $username = "<?php echo $custom_74; ?>"; $password = "<?php echo $custom_16; ?>"; if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) { ?> <h1>Login</h1> <form name="form" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>"> <p><label for="txtUsername">Username:</label> <br /><input type="text" title="Enter your Username" name="txtUsername" /></p> <p><label for="txtpassword">Password:</label> <br /><input type="password" title="Enter your password" name="txtPassword" /></p> <p><input type="submit" name="Submit" value="Login" /></p> </form> <?php } else { ?> I close the code correctly. <?php echo $custom_74; ?> & <?php echo $custom_16; ?> are just incidently my custom field echo codes. I have over 150 custom fields working fine for user/listee options. The password protect code won't accept echos it seems as coded above. Thanks, Gene On all my forms, after I send an empty string to one field, it will stop accepting values when I resubmit. My code passes through the W3C validator Any ideas?? Hello All: Trying to work with PHP on a contact form with a jQuery Validation to make certain that the visitors fill out the required information. I'll try to show everything that I have, and then the error I am getting when the visitor hits "submit." I don't know PHP all that well, and trying to learn my way through it. I used a couple of tutorials to add the features I needed and did my own styling on the live site. Here is the PHP that is currently in the header of my markup: <?php //If the form is submitted if(isset($_POST['submit'])) { //Check to make sure that the First name field is not empty if(trim($_POST['firstname']) == '') { $hasError = true; } else { $firstname = trim($_POST['firstname']); } //Check to make sure that the Last name field is not empty if(trim($_POST['lastname']) == '') { $hasError = true; } else { $lastname = trim($_POST['lastname']); } //Check to make sure that the Street Address 01 field is not empty if(trim($_POST['street01']) == '') { $hasError = true; } else { $street01 = trim($_POST['street01']); } //If Street02 is filled out, give it a value $street02 = $_POST['street02']; //Check to make sure that the City field is not empty if(trim($_POST['city']) == '') { $hasError = true; } else { $city = trim($_POST['city']); } //Check to make sure that the State field is not empty if(trim($_POST['state']) == '') { $hasError = true; } else { $state = trim($_POST['state']); } //Check to make sure that the Zip field is not empty if(trim($_POST['zip']) == '') { $hasError = true; } else { $zip = trim($_POST['zip']); } //If Email is filled out, give it a value $email = $_POST['email']; //If Telephone is filled out, give it a value $telephone = $_POST['telephone']; //Default Subject Value $subject = "VMC Inquiry"; //Check checkboxes foreach($_POST['check'] as $value) { $check_msg = "Checked: $value\n"; } //If Message is filled out, give it a value $comment = $_POST['comment']; //If there is no error, send the email if(!isset($hasError)) { $emailTo = 'xxxx.xxxx@gmail.com'; //Put your own email address here $body = "Name: $firstname $lastname \n\nStreet Address: $street01 \n\nStreet Address*: $street02 \n\nCity: $city \n\nState: $state \n\nZip: $zip \n\nEmail*: $email \n\nTelephone*: $telephone \n\nCheck Box: $check_msg \n\nMessage:\n $comment"; $headers = 'From: XXXXX <'.$emailTo.'>' . "\r\n" . 'Reply-To: ' . $email; mail($emailTo, $subject, $body, $headers); $emailSent = true; } } ?> So basically I am using classes to say whether or not something is required, which ties into the jQuery validation. If it isn't required, whatever the visitor types into the box is put into something like "$telephone" which is then printed in the e-mail. The markup for the forms in the body is the following: Code: [Select] <p class="contact-text-right">For more information, or to have a list of our properties mailed to you, please fill out the form below.</p> <div id="contact-wrapper"> <?php if(isset($hasError)) { //If errors are found ?> <p class="error">Please check if you've filled all the fields with valid information. Thank you.</p> <?php } ?> <?php if(isset($emailSent) && $emailSent == true) { //If email is sent ?> <p class="accept"><strong><?php echo $firstname;?>,Your Email Successfully Sent!</strong></p> <?php } ?> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" id="contactform"> <div id="names"> <label for="firstname"><strong>First Name:</strong></label> <input type="text" name="firstname" id="firstname" value="" class="required" /> <label for="lastname"><strong>Last Name:</strong></label> <input type="text" name="lastname" id="lastname" value="" class="required" /> </div> <div id="address01"> <label for="street01"><strong>Street Address:</strong></label> <input type="text" name="street01" id="street01" value="" class="required" /> </div> <div id="address02"> <label for="street02"><strong>Street Address*:</strong></label> <input type="text" name="street02" id="street02" value="" /> </div> <div id="city"> <label for="city"><strong>City:</strong></label> <input type="text" name="city" id="city" value="" class="required city" /> <label for="state"><strong>State:</strong></label> <input type="text" name="state" id="state" value="" class="required state" /> <label for="zip"><strong>Zip Code:</strong></label> <input type="text" name="zip" id="zip" value="" class="required zip" /> </div> <div id="email"> <label for="email"><strong>E-mail*:</strong></label> <input type="text" name="email" id="email" value="" class="email"/> <label for="telephone"><strong>Telephone*:</strong></label> <input type="text" name="telephone" id="telephone" value="" class="telephone" /> <p class="bottom">*Optional fields.</p> </div> <div class="checkbox"> <p><input type="checkbox" name="check[]" value="properties">XXX</p> <p><input type="checkbox" name="check[]" value="contact-regarding">XXXX</p> <p class="indent">(Please list properties or ask specific questions in the space below.)</p> </div> <div id="comment"> <label for="comment"></label> <textarea name="comment" id="comment" ></textarea> </div> <div id="button"> <input type="submit" value="Send Message" name="submit" /> </div> </form> All seems well until I hit submit on the live site. I think get this error returned to me: Warning: Invalid argument supplied for foreach() in ......./html/development/contact.php on line 64 The e-mail goes through, with all the information, no problems! I just can't get this error message to go away. Line 64 of contact.php is where the checkbox coding is: //Check checkboxes foreach($_POST['check'] as $value) { $check_msg = "Checked: $value\n"; } I know I've submitted a lot of code here, and tried to narrow you down to the exact spot I think the problem is, but hopefully some of you PHP gurus can pick out the flaw in a heartbeat. I really appreciate all the help. B Yeah I know one of those questions
Like you guys are lawyers on standby or something.
I just wanted to discuss the idea of creating a website mock up for a business that exists but you researched and they don't have a website yet.
I guess how, is the next question in terms of getting their prices of products... but mainly what I was going to do was following along Google Map's street view and screenshot their business logos which are visible to the public eye.
Then create a mock up of a website to show them on a tablet.
What do you guys think?
|