|
PHP - Hide Php Variables In The Html?
Hide PHP variables in the html? Hi all I've started working again on this type testing thing http://www.ttmt.org.uk/forum/index.php The text, size and font to use are past to a php function that uses the GD library to create the image using the font at the set size. My problem is from the source code of the page I can see the location of the fonts which I can't have - I don't want people to be able to download the fonts. Code: [Select] <img src="imageftt.php?text=Handgloves&size=24&font=/fonts/corbelb.ttf"> </div> How can I hide the variables in the html code or hide the location of the fonts. Any help would be greatly appreciated. html Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <title>untitled</title> <link rel="stylesheet" href="style.css" type="text/css" /> </head> <body> <div id="wrap"> <form action="index.php" method="post"> <select name="text" > <option value="<?php echo $_POST['text'];?>">Text</option> <option value="ABCDEFGHJIKLMNOPQRSTUVWXYZ">ABCDEFGHIJKLMNOPQRSTUVWXYZ</option> <option value="abcdefghijklmnopqrstuvwxyz">abcdefghijklmnopqrstuvwxyz</option> </select> <select name="size"> <option value="<?php echo $_POST['size'];?>">Size</option> <option value="31">30</option> <option value="48">48</option> <option value="72">72</option> <option value="84">84</option> <option value="108">108</option> </select> <input type="submit" name="submit" value="Set →" /> </form> <div id="top"> <?php $theFont="/fonts/corbelb.ttf"; if(!empty($_POST['submit'])){ $myText = $_POST['text']; $mySize = $_POST['size']; echo '<img src="imageftt.php?text='.$myText.'&size='.$mySize.'&font='.$theFont.'">'; }else{ $myText = "Handgloves"; $mySize = 24; echo '<img src="imageftt.php?text='.$myText.'&size='.$mySize.'&font='.$theFont.'">'; } ?> </div> </div> </body> </html> PHP Code: [Select] <?php header('Content-Type: image/png'); $im = imagecreatetruecolor(1000, 200); $gray = imagecolorallocate($im, 240, 240, 240); $black = imagecolorallocate($im, 0, 0, 0); imagefilledrectangle($im, 0, 0, 1000, 199, $gray); $text = $_GET['text']; $textSize = $_GET['size']; $font = $_GET['font']; imagefttext($im, $textSize, 0, 15, 160, $black, $font, $text); imagepng($im); imagedestroy($im); ?> Similar TutorialsHi all. I have a question and don't know if it belongs in the PHP section or the Javascript section so I apologize in advance if I am in the wrong place. Basically what I am trying to do is change a URL with the following variables Code: [Select] index.php?id=16&?pid=23-P27-16&cid=1324353245 to something more secure....like Code: [Select] index.php I think doing it this way would add an extra layer of security to my website. If this is not possible, is there a way I can track whether or not a user attempted to edit something in the URL. For example, if the cid=13243543 and they go in a change it to 13243654 instead, can I have PHP check that? I have a great deal of security already, but I think this would truly be the highest layer, completely controlling what happens in the user's address bar. As always, thanks in advance! Bl4ck Maj1k is there anyway to hide the action URL from html form example: <form name="afrom" action="hide.php" method="post"> so it end up from the user side: <form name="afrom" action="" method="post"> Thanks! I'm working a membership application page for my amateur radio club. I'm currently stumped passing a variable from HTML to PHP. The variable is called "nametag" and it's a "radio" type. No Matter if I select 10 or 0. I still get 15 being passed to PHP.
Any help is appreciated.
Thanks -HP Garcia Hi I am having a major problem with trying to get the HTML value attribute to display the a value stored in a array from SQL Query. So i have done an SQL query then outputted it all to the screen, but i cant set the value attribute on my HTML form to the variable $Name. Can anyone please tell me where i am going wrong? Thanks Nick while($nt=mysql_fetch_array($result)){ echo "$nt[photo_url] $nt[Name] $nt[Education] $nt[Skills] $nt[Aboutme] <br>"; // name class and mark will be printed with one line break at the end } $Photo_url = $_POST["photo_url"]; $Name = $_POST["Name"]; $Education = $_POST["Education"]; $Skills= $_POST["Skills"]; $Aboutme = $_POST["Aboutme"]; ?> <form method="post" action="updateaboutme.php"> Photo Url:<input type="text" size="12" maxlength="12" name="Photo_url" value="<?php echo $nt['Name'] ?>" <br /> <input type="submit" value="submit" name="submit"> </form> Basically atm I am trying to accomplish a way to $_POST a selection from my dropdown box in to a PHP variable for use elsewhere. The eventual goal being a form that will allow you to select a user from the dropdown box; then via a HTML form with some additional text fields, add/update database table records for that person. I have been searching and searching, and I cant find anything that addresses using a dropdown box that pulls names from my SQL in a html web form. All I can find are tons of guides on simple html only forms. At the moment, the dropdown box is working, It is pulling names from my database/table. But when I select a name from the list and then click on my submit button the $_POST does not seem to be pulling the value for "username". I have the following for the index page: <?php include('/nav.php'); include('/config.php'); include('/dbopen.php'); echo "Select a name: <select name='$name'>"; $query="select * from players"; $result=mysql_query($query); while($row=mysql_fetch_array($result)){ $name=$row['PLAYER_NAME']; echo "<option name=username value='$name'>$name</option>"; } echo "</select>"; ?> <html> <body> <form action="moduser.php" method="post" /> <input type="submit" value="CLICK!" /> </form> </body> </html> and the following for a test page to see if my form is being submitted correctly: <?php include('/nav.php'); include('/config.php'); include('/dbopen.php'); $username="$_POST[username]"; echo "Hello $username"; ?> NOTE: My includes are tested and working default scripts to connect to database, define some global vars etc. Should not be relevant to my particular problem Thanks Much, Dega. Hi everyone. I am David and I am new to web design and php. I am following a Lynda.com tutorial on php and sql. I have reached a certain point in the tutorial where I am reading values back from my database in to a php variable. The variable is holding an array data type and I am accessing the element within the array. I want a HTML select control and 2 radios buttons to reflect the values in the database. Therefore the Select control should read a numeric value of type int and the radio buttons are reflecting either a 1 or a 0. Firstly the code for the Select control uses a for loop to count the array elements and load the count into the Select control. The example uses php mixed with html. The for loop will count the number of element and add a number to the select control. The an If statment is used to make a decision if the count variable equals the value in the array element $sel_subject['position'] then select that value. This does not happen, and I can not seem to get it to work. <p>Position: <select name="position"> <!--use a php block so as to use some php variables --> <!--Use these variables with the get_all_sublects function. --> <!-- This function will return all the dataset --> <?php $sel_subject = get_all_subjects(); //Then use the mysql fuction to retuen the numberic value of all the rows. $subject_count = mysql_num_rows($sel_subject); //$subject_count + 1 becauce we are adding a subject for($count=1; $count <= $subject_count+1; $count++) { echo "<option value=\"{$count}\""; if ($sel_subject['position'] == $count) { echo " selected"; } echo ">{$count}</option>"; } ?> </select> </p> Secondly the radio buttons do something similar in that i want them to reflect the value in the array element. If a 1 then True and so be checked or 0 and so false and so be unchecked. <p>Visible: <input type= "radio" name= "visible" value= "0" <?php if ($sel_subject['visible'] == 0) { echo 'checked=" checked"'; } ?> >No</input> <input type= "radio" name= "visible" value= "1" <?php if ($sel_subject['visible'] == 1) { echo 'checked=" checked"'; } ?> >Yes</input> </p> Again this doesn't work either. So in summary, I cant get the php code to affect the html form controls and relay the stored data to the user. I have been racking my brain for days and getting no where. Please can anyone help me with this. I would be very grateful. All the best Irish_Dave does anyone know how to decode this XML variable value into string values? I also need to know the oposite way: creating variable values into xml. I've tried several code examples but they did filter the requested data. Code: [Select] $xml='<?xml version="1.0" encoding="utf-8"?> <elements> <text identifier="ed9cdd4c-ae8b-4ecb-bca7-e12a5153bc02"> <value/> </text> <textarea identifier="a77f06fc-1561-453c-a429-8dd05cdc29f5"> <value><![CDATA[<p style="text-align: justify;">Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.</p>]]></value> </textarea> <textarea identifier="1a85a7a6-2aba-4480-925b-6b97d311ee6c"> <value><![CDATA[<p style="text-align: justify;">Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.</p>]]></value> </textarea> <image identifier="ffcc1c50-8dbd-4115-b463-b43bdcd44a57"> <file><![CDATA[images/stories/red/cars/autobedrijf.png]]></file> <title/> <link/> <target/> <rel/> <lightbox_image/> <width><![CDATA[250]]></width> <height><![CDATA[187]]></height> </image> <text identifier="4339a108-f907-4661-9aab-d6f3f00e736e"> <value><![CDATA[Kramer 5]]></value> </text> <text identifier="ea0666d7-51e3-4e52-8617-25e3ad61f8b8"> <value><![CDATA[6000 RS]]></value> </text> <text identifier="90a18889-884b-4d53-a302-4e6e4595efa0"> <value><![CDATA[Eindhoven]]></value> </text> <text identifier="410d72e0-29b3-4a92-b7d7-f01e828b1586"> <value><![CDATA[APK Pick up and return]]></value> </text> <text identifier="45b86f23-e656-4a81-bb8f-84e5ea76f71f"> <value><![CDATA[15% korting op grote beurt]]></value> </text> <text identifier="3dbbe1c6-15d6-4375-9f2f-f0e7287e29f3"> <value><![CDATA[Gratis opslag zomerbanden]]></value> </text> <text identifier="2e878db0-605d-4d58-9806-8e75bced67a4"> <value><![CDATA[Gratis abonnement of grote beurt]]></value> </text> <text identifier="94e3e08f-e008-487b-9cbd-25d108a9705e"> <value/> </text> <text identifier="73e74b73-f509-4de7-91cf-e919d14bdb0b"> <value/> </text> <text identifier="b870164b-fe78-45b0-b840-8ebceb9b9cb6"> <value><![CDATA[040 123 45 67]]></value> </text> <text identifier="8a91aab2-7862-4a04-bd28-07f1ff4acce5"> <value/> </text> <email identifier="3f15b5e4-0dea-4114-a870-1106b85248de"> <value/> <text/> <subject/> <body/> </email> <link identifier="0b3d983e-b2fa-4728-afa0-a0b640fa34dc"> <value/> <text/> <target/> <custom_title/> <rel/> </link> <relateditems identifier="7056f1d2-5253-40b6-8efd-d289b10a8c69"/> <rating identifier="cf6dd846-5774-47aa-8ca7-c1623c06e130"> <votes><![CDATA[1]]></votes> <value><![CDATA[1.0000]]></value> </rating> <googlemaps identifier="160bd40a-3e0e-48de-b6cd-56cdcc9db892"> <location><![CDATA[50.895711,5.955427]]></location> </googlemaps> </elements>'; This topic has been moved to JavaScript Help. http://www.phpfreaks.com/forums/index.php?topic=359179.0 Hi. I have some code which needs to return a single variable from the function and stored as a variable within this page, so it can be echoed later on in the page. I couldn't get it to return as a variable, so i used "return compact();" to return the variable and "extract (myFunction());" to extract it to variables. However, when I turned on php's display errors and error reporting function, I got an error message saying "Warning: extract() [function.extract]: First argument should be an array in /my/web/site/index.php on line 6" (which is where my extract function is). This works fine with passing more than one variables through, is there another way pass one variable from a function to be stored as a variable on the page which called the function? Here is the function: Code: [Select] <?php //This is a list of numeric error codes against their text. this will return the error code as the variable $issue function checkLoginIssue() { //If there is an error code if (isset($_GET["issue"])) { //cycle through the list until the code is reached, return the text and break the switch switch ($_GET["issue"]) { case "1": $issue = '<p class="warning">Please log in to view this page</p>'; break; case "2": $issue = '<p class="warning">Wrong Username or Password</p>'; break; case "3": $issue = '<p class="warning">No user found with those details</p>'; break; } //return the variable in an array with a single value return compact('issue'); } } ?> And here is the code which calls the function: Code: [Select] <?php extract(checkLoginIssue()); ?> Does showing .php on the end of web pages pose any security risk? My websites uses mod_rewrites pretty extensively, e.g.
www.mysite.com/profiles/saranaclake www.mysite.com/subscribe/view-offers
However I still have a lot of web pages which are static pages that end with .php and I'm wondering if I should clean that up both for aesthetic reasons and for security...
Hi I need a script to hide IP address with proxy and read a web page
$username="myuser"; The script doesn't work, it doesn't show me the page output. Any solution? It is possible to hide the data in the url?! I have something like this: ?action=viewArticle&articleid=1 I have a particular PHP file which is publicly located, however, I don't want anyone but me to access. Below are my thoughts how to do so. Please comment.
Use an uncommon name, and definitely not index.php.
Either include a file called index.html in the same directory, or set up Apache not to show them using Options -Indexes, or maybe both for good measure.
Require some variable to be set to a given value in either the GET or POST array, and if not set, throw a 404 header and display the 404 missing file HTML. Hi guys I would like one of you to help me. I have a bit of trouble with the echo, where I don't want to print out on the php page. The echo that I don't want to print out on my page is "The information have already been updated in the database". I don't want to get rid of them, but I want to hide them in the php unless I update some information using with the methods through $username and $name. Here's the code: <?php session_start(); define('DB_HOST', 'localhost'); define('DB_USER', 'myuser'); define('DB_PASSWORD', 'mypass'); define('DB_DATABASE', 'mydbname'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($var){ return mysql_real_escape_string(strip_tags($var)); } $username = clean($_GET['user']); $password = clean($_GET['pass']); $user = clean($_GET['user']); $image = clean($_GET['image']); $name = clean($_GET['name']); if($username == '') { $errmsg_arr[] = 'username ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'PASSWORD ID missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; echo implode('<br />',$errmsg_arr); } else { $qry="SELECT * FROM members WHERE username='$username' AND passwd='$password'"; $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error()); if(mysql_num_rows($result) > 0) { $qrytable1="SELECT id, image, name FROM favorites WHERE username='$username'"; $result1=mysql_query($qrytable1) or die('Error:<br />' . $qry . '<br />' . mysql_error()); $row = mysql_fetch_row($result); echo "The information have already been updated in the database"; } else { if(isset($_GET['user'])) { $insert[] = 'username = \'' . clean($_GET['user']) .'\''; } if(isset($_GET['image'])) { $insert[] = 'image = \'' . clean($_GET['image']) . '\''; } if(isset($_GET['name'])) { $insert[] = 'name = \'' . clean($_GET['name']) . '\''; } $names = implode(',',$insert); $sql = "INSERT INTO favorites (username, image, name) VALUES ('$user','$image','$name')"; if (!mysql_query($sql,$link)) { die('<br>Error: ' . mysql_error() . "<br>Query: $sql" ); } echo "The information have been updated."; } while ($row = mysql_fetch_array($result1)) { echo "<p id='image'>"; echo $row['image'] . "</p>"; echo "<p id='name'>"; echo $row['name'] . "</p>"; echo '<p id="delete"> <a href="delete.php?id='.$row['id'].'">Delete</a></td>'; } } ?> Any advise would be much appreicate. Thanks, Mark Here is what is echoing the string "Resource id #1". However I do not know if it is the php or javascript that is outputting this. Can anyone tell me why this is showing and how to make it not show? PHP: Code: [Select] $directory = "Images/items/$product/"; //get all image files with a .jpg extension. $images = glob($directory . "*.jpg"); $imgone = $images[0]; $gallery = '<tr><td valign="top" align="center">'; foreach($images as $image) { $tn = explode("/", $image); $tnname = $tn[3]; $gallery .= '<a href="#" rel="'.$image.'" class="image" alt="Images/items/'.$product.'/large/'.$tnname.'"><img src="Images/items/'.$product.'/thumbs/'.$tnname.'" class="thumb" border="1" style="margin-bottom:7px;"/></a> '; } if(is_dir("Images/items/".$product)) $gallery .= "</td></tr><tr><td width='300'>".$link."<div id='image' class='bigimg' align='left'>"; if(is_dir('Images/items/'.$product)) $gallery .= '<img src="'.$imgone.'" border="0"/></div></a></td></tr>'; JS (jQuery) Code: [Select] $(function() { $(".image").click(function() { var image = $(this).attr("rel"); var large = $(this).attr("alt"); $('#image').hide(); $('#image').fadeIn('slow'); $('#image').html('<a href="' + large + '" ><img src="' + image + '"/></a>'); return false; }); }); Hi all I know this contains a bit of JavaScript but it comes from some dynamically created pages using php which are causing it an issue. Here's my scenario. I have a DB with locations, regions, jobtitles and names in it. My users can select from the DB a specific job title or a location. This can produce a report of information from a couple of people, up to over 100 (who can still be filtered by any of the above DB columns) I want to dynamically produce some JS buttons to show / hide any sections which are irrelevant to the user. eg I select by job title, it gives me all the managers, duty managers, staff, cleaners, etc from the DB for all locations. I then want 5 buttons to be on the page, each with a different region on it. (this I can do) I can dynamically label the divs around each of the user information. The issue I have is making the buttons do what I want. So if you press a button labelled "North West" it hides all records which are not from northwest region. Here's what I have so far, I just can't seem to get the functionality right as I know very little about JS. Code: [Select] <script language=javascript type='text/javascript'> function showdiv(pass) { var divs = document.getElementsByTagName('div'); for(i=0;i<divs.length;i++){ if(divs[i].id.match(pass)){//if they are 'see' divs if (document.getElementById) // DOM3 = IE5, NS6 divs[i].style.visibility="visible";// show/hide else if (document.layers) // Netscape 4 document.layers[divs[i]].display = 'visible'; else // IE 4 document.all.divs[i].visibility = 'visible'; } else { if (document.getElementById) divs[i].style.visibility="hidden"; else if (document.layers) // Netscape 4 document.divs[i].visibility = 'hidden'; else // IE 4 document.all.divs[i].visibility = 'hidden'; } } } </script> and then one my php has processed I get a record such as. Code: [Select] <div id='NEREGION'> <table border='1' > <tr><td colspan='4'>Glasgow </td></tr> <tr><td colspan='2' >Employee Name : **********</td><td >Employee Number : *****</td><td colspan='2'>Start Date 25th November 2002</td></tr> <tr><td colspan='3'> </td><td rowspan='3'><img src='image.php?ed=2063&y2007=1&y2008=1&y2009=0&y2010=0&y2011=0&forename=1234&surname=5436' height ='400px' width='350px'></td></tr><tr><td colspan='2'>20th June 2007</td><td> NFR Petrol Delivery - Refresher Course</td></tr><tr><td colspan='2'>2nd December 2008</td><td> Incremental Sales</td></tr></table></div> Any ideas? hi everyone. i need to figure out how to display one tr or another based on if N/A appears in one of the TR's. if i use: 'if ($result['NoChargeFile'] = 'N/A')' it repeats N/A for all rows. if i use: 'if ($result['NoChargeFile'] = N/A)' only the TotalFees TR is displays. What i need to do is display the TOTALFEES if the NOCHARGEFILE is not N/A. If NOCHARGEFILE is N/A, display N/A instead of the TOTALFEES. Any ideas how to fix this issue? thanks. Code: [Select] <?php echo "<table width='100%' border='0' cellpadding='1'>"; $string = $string."$pages->limit"; $query = mysql_query($string) or die (mysql_error()); $result = mysql_fetch_array($query); if($result==true) { do { echo "<tr>"; echo '<td nowrap>' . $result['CompanyName'] . '</td>'; echo '<td nowrap>' . $result['CompanyReferenceNumber'] . '</td>'; if ($result['NoChargeFile'] = 'N/A') { echo '<td nowrap>' . $result['NoChargeFile'] . '</td>'; } else { echo '<td nowrap>' . $result['TotalFees'] . '</td>'; } echo '<td nowrap>' . $result['DateRecorded'] . '</td>'; echo '<td nowrap>' . $result['DateClosed'] . '</td>'; echo "</tr>"; } while($result = mysql_fetch_array($query)); } // close table> echo "</table><hr>"; ?> I figured it out. i need == not =. Hi, I have a question, just to satisfy my curiosity. How do people hide their copyright text or links? For example there are a lot of free source like joomla extension with their signature on the bottom. I wanted once to remove a text of copyright from a php script, but i couldn't find it. I even use kind of search word in files software. Ok.. I stopped looking for it, but I'm still curious. How do they do that? Do they include from outside the scirpt? Hi can any one help iv built a cms but when i had a page how easy is it to have a show or hide while making changes to the page many thanks for any help |
|||||||