|
PHP - Php Guestbook Wont Accept Colon ( : ).
Hi
I just implementet a PHP Guestbook in my Flash site, and it works almost perfectly. But i have one problem. Every time i try to write on the guestbook, and include a Colon : <---- , it wont work. How do i make it work? You can see the guestbook he http://www.meny-graphics.dk/blog by pressing "Mere" under the first entry, and scrolling down. The PHP file can be found he http://www.meny-graphics.dk/blog/GuestBook.php Thanks in advance! Similar TutorialsHi guys, I have xml that looks like: <item> <title></title> <link></link> <description></description> <dc:date>2011-02-27T16:42:31-05:00</dc:date> </item> I can access title, link, and description just fine. But how do I access a tag that has a colon? I tried this: Code: [Select] $x = new SimpleXmlElement($content); $entry = $x->item; $entry->children('dc', true)->date; Thanks for looking. LR Hi SMF forum use semi-colom in url for example http://www.phpfreaks.com/forums/profile/?area=showposts;u=71740 after showposts there is semi-colon. Sometimes use hash(#) how can i do this with superglobal $_GET??? Within PHP I am attempting to insert some data into a MySQL table, however the value that needs to be stored inside the database field contains a semi-colon ; $q_options_data = "INSERT INTO mytable SET myfield = 'a:5:{s:13:\"administrator\";a:2:{s:4:\"name\";s:13:\"Administrator\";'"; I tried just escaping the ; with a \; but that didn't work I am using PHP 5.2.9 and MySQL 5.0.91-community Thanks, Chad I'm saving customer comments in an MYSQL. But the when I use mysql_real_escape_string() to filter the input data it's causing wired signs when it's displayed in the guest book. (E.g. whenever there is a ' sign, the output is \'). Is it safe to have a guest book without mysql_real_escape_string( or please suggest how should I go about creating this guest book on my website. Thanks. Bickey. I am trying to modify Guestbook. In order to access the page, the user must log in using a screen name and email address that has been registered with the website. What I want to take the log in information and automatically populate the Name and email field of the input comment form. I have set up SESSION Variables (see below for the login php). <?php session_start(); require_once("dbcon.php"); $form = "<table> <form action='login.php' method='post'> <tr> <td>Username: </td><td><input type='text' name='user' size='20' /> </tr> <tr> <td>Email: </td><td><input type='text' name='emad' size='30' /> </tr> <tr> <td><input type='submit' name='submit' value='Login' /> <td><a href='New Contact.html'>New Account </a> </tr> </form> </table>"; // Do NOT use \" when you still have the option to use singlequotes, looks so messy... $user = $_POST['user']; $emad = $_POST['emad']; //defining these in the start makes the source looks nicer if(!$_POST['submit']) die($form); // just kill the rest of the script if the form isn't submitted. if(!$user || !$emad) die("Required fields missing<br /><br /> $form"); // killing the rest of the script and echoing the form and error $sql = "SELECT ident FROM Mix WHERE password = '$pass' AND username = '$user'"; // just like with the variables and prints/echoes, you don't need to ".$var." anything with double quotemarks $res = mysql_query($sql) or die(mysql_error()); if(mysql_num_rows($res) > 0) { $row = mysql_fetch_assoc($res); $_SESSION['uid'] = $row['id']; $_SESSION['un'] = $_POST['user']; //Setup user name into session variable. $_SESSION['ua'] = $_POST['emad']; //Setup email address into session variable. echo "You have been logged in as $user at $emad. Click <a href=\"gbook.php\">here</a> to the member page."; } else { echo "That username/password combination doesn't exist!<br /><br/> $form"; } ?> Below is a copy of the Sign Form. php. I am trying to populate teh Name and email fields but the SESSION variables don't show up. Can someone figure out what I AM DOING WRONG. <?php session_start (); $un = $_SESSION['un']; $ua = $_SESSION['ua']; ?> <div id="gbook_guestbook" align="center"> <span class="gbook_guestbook"><?php echo $lang['t48']; ?></span><br class="clear" /> <span class="gbook_required"><?php echo $lang['t49']; ?></span> </div> <form action="gbook.php" method="post"> <!--SIGN FORM --> <div id="gbook_entries"> <?php if ($error) { echo '<div class="gbook_sign_error">'.$error.'</div>'; } ?> <div class="gbook_left"><span class="gbook_entries"><b><?php echo $lang['t50']; ?></b></span></div> <div class="gbook_right"><input type="hidden" name="<?php echo $myfield['name']; ?>" value="<?php echo $un; ?>" /></div> <?php echo $un; ?> <div class="clear"></div> <div class="gbook_left"><span class="gbook_entries"><?php echo $lang['t51']; ?></span></div> <div class="gbook_right"><input type="text" name="from" value="<?php echo $from; ?>" size="45" /></div> <div class="clear"></div> <?php if ($settings['use_url']) { ?> <div class="gbook_left"><span class="gbook_entries"><?php echo $lang['t53']; ?></span></div> <div class="gbook_right"><input type="text" name="url" value="<?php echo $url; ?>" size="45" maxlength="80" /></div> <div class="clear"></div> <?php } ?> <div class="gbook_left"><span class="gbook_entries"><?php echo $lang['t52']; ?></span></div> <div class="gbook_right"><input type="hidden" name="email" value="<?php echo $ua; ?>" /> <?php echo $ua; ?> <?php if ($settings['hide_emails']) { ?> <br class="clear" /><span class="gbook_entries"><i><?php echo $lang['t66']; ?></i></span> <?php } ?> </div> <div class="clear"></div> <div class="gbook_left"><span class="gbook_entries"><b><?php echo $lang['t16']; ?></b></span></div> <div class="gbook_right"><span class="gbook_entries"><i><?php echo $lang['t54']; ?></i></span></div> <textarea name="<?php echo $myfield['cmnt']; ?>" rows="12" cols="57" id="cmnt"><?php echo $comments; ?></textarea> <!--BOTTOM IMAGES --> <div id="gbook_bottom_images" class="gbook_bottom_images"> <a href="#" onclick="document.getElementById('cmnt').value += ' ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/bigsmile.gif" alt="" title="" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :!cool: ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/cool.gif" alt=":!cool:" title=":!cool:" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :!cry: ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/crying.gif" alt=":!cry:" title=":!cry:" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :!devil: ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/devil.gif" alt=":!devil:" title=":!devil:" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/smile.gif" alt="" title="" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :!mad: ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/mad.gif" alt=":!mad:" title=":!mad:" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :!thinking: ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/thinking.gif" alt=":!thinking:" title=":!thinking:" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' :p ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/tongueout.gif" alt=":p" title=":p" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/wink.gif" alt="" title="" width="19" height="19" /></a> <a href="#" onclick="document.getElementById('cmnt').value += ' ';return false;"><img src="<?php echo $settings['tpl_path']; ?>images/emoticons/blush.gif" alt="" title="" width="19" height="19" /></a> <a href="javascript:openSmiley()" class="gbook_submitted"><?php echo $lang['t26']; ?></a><br /> <label><input type="checkbox" name="nosmileys" value="Y" class="gbook_checkbox" <?php echo $nosmileys; ?> /><span class="gbook_entries"><?php echo $lang['t28']; ?></span></label><br class="clear" /> <?php /* Private mesasges */ if ($settings['use_private']) { ?> <label><input type="checkbox" name="private" value="Y" class="gbook_checkbox" <?php echo $isprivate; ?> /><span class="gbook_entries"><?php echo $lang['t55']; ?></span></label><br class="clear" /> <?php } /* Print anti-SPAM features */ echo $settings['antispam']; ?> </div> <!--BOTTOM IMAGES END --> <div align="center"> <div class="clear"> </div> <!--SPAM TRAPS --> <!-- DON'T DELETE THESE HIDDEN FIELDS AND COMMENTS, THEY HELP CATCH STUPID SPAMBOTS! --> <input type="hidden" name="name" /> <input type="hidden" name="<?php echo $myfield['bait']; ?>" /> <!-- > <input type="text" name="comments" value="1" /> < --> <!--SPAM TRAPS END--> <input type="hidden" name="a" value="add" /> <input type="submit" value="<?php echo $lang['t88']; ?>" class="submit" /> </div> <p> </p> </div> <!--SIGN FORM END --> </form> I have a guestbook that writes an entry to a text file, but when I first run it I get this error: Warning: fread() [function.fread]: Length parameter must be greater than 0 in C:\xampp\htdocs\xampp\index.php on line 66 Is there a way I can get rid of that error and still be able to use my guestbook until I actual update my guestbook using a database? Hi All, Hope you can help. I am doing a very basic guestbook. Having problems with the posting method. The code is below all I am doing is insert a record into a mysql table but when I post getting a blank page with no obvious errors! code is below. if ($_POST['submit']) { $name = $_POST['name']; $email = $_POST['email']; $message = $_POST['message']; $date = $_POST("Y-m-d"); $time = $_POST("H:i:s"); if($name&&$email&&$message) { $querypost = mysql_query("INSERT INTO guestbook (id, name, email, message, date, time) VALUES ('','$name','$email','$message','$date','$time')"); echo "Please wait.... <meta http-equiv='refresh' content='2'>"; } else echo "Please fill out all fields."; } I've found an example of guestbook that I would like to use on my site, but when I tested it I got the following error: Warning: fread() [function.fread]: Length parameter must be greater than 0 in C:\xampp\htdocs\xampp\index.php on line 66 I've included the bits of code for addguestbook.php guestbook.txt(didnt not include) and index.php. Also, is there a way that I could allow the client to look through out entries? I know very little about php, so any help is much appreciated. Code: [Select] ------ addguestbook.php code ------ <HTML> <HEAD> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><style type="text/css"> <!-- body,td,th { font-size: 12px; color: #000000; } a:link { text-decoration: none; color: #0066FF; } a:visited { text-decoration: none; color: #0066FF; } a:hover { text-decoration: underline; color: #0066FF; } a:active { text-decoration: none; } body { background-color: #CCCCCC; SCROLLBAR-FACE-COLOR: #0066FF; MARGIN: 0px; SCROLLBAR-HIGHLIGHT-COLOR: #0066FF; SCROLLBAR-SHADOW-COLOR: #0066FF; SCROLLBAR-3DLIGHT-COLOR: #0066FF; SCROLLBAR-ARROW-COLOR: #51B0F2; SCROLLBAR-TRACK-COLOR: #51B0F2; Courier New; SCROLLBAR-DARKSHADOW-COLOR: #000000 } --> </style> </HEAD> <BODY> <?php $file = "guestbook.txt"; $name = $_POST['name']; $email = $_POST['email']; $site = $_POST['site']; $msg = $_POST['msg']; $site = stripslashes($site); $msg = stripslashes($msg); $email = stripslashes($email); $name = stripslashes($name); $msg = str_replace ("<","<",$msg); $msg = str_replace ("\n","<br>",$msg); $site = str_replace ("<","<",$site); $site = str_replace ("\n","<br>",$site); $email = str_replace ("<","<",$email); $email = str_replace ("\n","<br>",$email); $name = str_replace ("<","<",$name); $name = str_replace ("\n","<br>",$name); if(empty($email) || empty($name) || empty($msg)) { echo "<h3>Sorry all fields are required</h3>"; } else { $fp = fopen($file,"a"); fwrite($fp, ' <font size="3"> <BR><BR> Name: '.$name.'<BR> Email: <a href="mailto:'.$email.'">'.$email.'</a><BR> Home Page: <a href="'.$site.'">'.$site.'</a><BR>Message: '.$msg.'<BR> '); fclose($fp); echo '<font size="3"><p align="center">Thank you '.$name.' for singing my guestbook</p></font>'; } ?> <div align="center"></div> <div align="center"></div> <div align="center"></div> <div align="center"></div> <p align="center"><a href="YOU`R INDEX.PHP LINK HERE">Back to GuestBook</a></p> <div align="center"></div> </BODY> </HTML> ---- finish ----- ---- index.php code ----- <HTML> <HEAD> <style type="text/css"> <!-- .style1 {font-size: 12px} body,td,th { font-size: 14px; } a { font-size: 12px; } body { background-color: #CCCCCC; SCROLLBAR-FACE-COLOR: #0066FF; MARGIN: 0px; SCROLLBAR-HIGHLIGHT-COLOR: #0066FF; SCROLLBAR-SHADOW-COLOR: #0066FF; SCROLLBAR-3DLIGHT-COLOR: #0066FF; SCROLLBAR-ARROW-COLOR: #51B0F2; SCROLLBAR-TRACK-COLOR: #51B0F2; Courier New; SCROLLBAR-DARKSHADOW-COLOR: #000000 } a:link { color: #0066FF; text-decoration: none; } a:visited { text-decoration: none; color: #0066FF; } a:hover { text-decoration: underline; color: #0066FF; } a:active { text-decoration: none; } --> </style> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><BODY> <form method="post" action="addguestbook.php"> <div align="center"></div> <div align="center"></div> <div align="center" class="style1"></div> <div align="center"><span class="style1">Name:</span><br /> <input name="name" type="text" size="30" maxlength="40" /> <br /> <span class="style1"><br /> Email:</span><br /> <input name="email" type="text" size="30" maxlength="40" /> <br /> <br /> <span class="style1">Home Page:</span><br /> <input name="site" type="text" size="30" value="http://" maxlength="40" /> <br /> <br /> <span class="style1">Message:</span><br /> <textarea name="msg" cols="22" rows="6"></textarea> <br /> <br /> <input type="reset" value="Reset" /> <input type="submit" value="Send" /> </div> <div align="center"> <p> </p> <?php $file = "guestbook.txt"; if (fopen($file, "r")) { $fil = "guestbook.txt"; $fo = fopen ($fil, "r"); $con = fread ($fo,filesize ($fil)); fclose ($fo); echo "$con"; } else { echo "<h3>Sorry there was an error please contact us now<h3>"; } ?></div> </BODY> </HTML> ---- finish ----- Hello! I am trying to make a Guestbook with help from the internet. I have created all sites what i need, but i have some problems with the Input. For example here is the Name inputfrom the "sign.php" <form id="form1" name="form1" method="post" action="addguestbook.php"> <td> <table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td width="117">Name</td> <td width="14">:</td> <td width="357"><input name="name" type="text" id="name" size="40" /></td> </tr> And here is the "insert sequence" from the "guestbook.php": $sql="INSERT INTO $tbl_name(name, email, comment, datetime) VALUES('$name', '$email', '$comment', '$datetime')"; $result=mysql_query($sql); If i open the guestbook.php i just can see the datetime. What went wrong? Thanks, Mark p.S.: sorry for my english. Okay I am extremely new to PHP and am trying to make a 2 page guestbook, where one page has the form to submit a message to the guestbook and the other page displays the messages. However I am having some errors, one being that when I submit a test message it still shows the "please enter your name and comments" thing I have set when people don't fill the required fields. The other error I'm having is if I put two test messages into the guestbook some of the info from the last message fills in the fields of the other one instead of what was actually filled into the form. For example, if I insert the name "Pat" and the comment "testing 1 2 3" into one message and than insert the name "Bob" and the comment "hi" for another message when I submit the second message it may instead of putting "hi" it'll put "testing 1 2 3" so I get: Posted by: Pat testing 1 2 3 ________________ Posted by: Bob testing 1 2 3 instead of: Posted by: Pat testing 1 2 3 ________________ Posted by: Bob hi Like it should.... What am I doing wrong???? My PHP code for submition is: Code: [Select] <?php //connecting to the Database $connect = mysql_connect("127.0.0.1","patben_guestbook","") or die("Error"); //selecting the table mysql_select_db("patben_guestbookdatabase") or die("Error"); //selecting ALL data $queryget = mysql_query("SELECT * FROM guestbook") or die("Error"); //sort the data while ($row = mysql_fetch_assoc($queryget)) { $id = $row['id']; $date = $row['date']; $name = $row['name']; $email = $row['email']; $song = $row['song']; $part = $row['part']; $comments = $row['comments']; //processing data echo " <table> <tr> <td> <b>Posted by:</b> $name ($email)<br /> <b>$date</b><br /> <b>Favorite Pat Song:</b> $song<br /> <b>Favorite Part of the Site:</b> $part </td> </tr> <tr> <td> ".nl2br(strip_tags($comments))." <hr /> </td> </tr> </table> "; } if ($_POST['submit']); { $date = date("Y-m-d"); $name = $_POST['name']; $comments = $_POST['comments']; if ($name&&$comments) { $queryget = mysql_query("INSERT INTO guestbook (id,date, name, email, song, part, comments) VALUES ('','$date','$name','$email','$song','$part','$comments')"); echo "Please wait... <meta http-equiv='refresh' content='2'>"; echo mysql_error(); } else echo "Please enter your name and comments"; } ?> And my HTML form is: Code: [Select] <form action="process.php" method="post"> <table width="500" border="0" cellspacing="2" cellpadding="0"> <tr valign="top"> <td width="500px" class="name"><span style="color:#ff0000"><b>*</b></span>Name:</td> <td width="500px"><input name="name" type="text" id="name" size="32" /></td> </tr> <tr valign="top"> <td width="500px" class="bodytext"> Email Address:</td> <td width="500px"><input name="email" type="text" id="email" size="32" /></td> </tr> <tr valign="top"> <td width="500px" class="pat"> Your Favorite Pat Song?:</td> <td width="500px"><input name="song" type="text" id="song" size="32" /></td> </tr> <tr valign="top"> <td width="500px" class="part"> Your Favorite Part of my Site?:</td> <td width="500px"><input name="part" type="text" id="part" size="32" /></td> </tr> <tr valign="top"> <td width="500px" class="comments"><span style="color:#ff0000"><b>*</b></span> Comment:</td> <td width="500px"><textarea name="comments" id="comments" cols="28" rows="6" class="comments"></textarea></td> </tr> <tr valign="top"> <td class="bodytext"> </td> <td align="left" valign="top"><input type="submit" name="Submit" value="Post" class="btn" /></td> </tr> </table> </form> I have a working guestbook, but adjusting the time is whats getting me. I am trying to get the time to change depending on the timezone. And I also trying to get the time in the format 1:00 PM, not 21:00. Then on a different note, how can I stop spamming and injections. Index page for guestbook Code: [Select] <HTML> <HEAD> <style type="text/css"> <!-- .style1 {font-size: 12px} body,td,th { font-size: 14px; } a { font-size: 12px; } body { background-color: #CCCCCC; SCROLLBAR-FACE-COLOR: #0066FF; MARGIN: 0px; SCROLLBAR-HIGHLIGHT-COLOR: #0066FF; SCROLLBAR-SHADOW-COLOR: #0066FF; SCROLLBAR-3DLIGHT-COLOR: #0066FF; SCROLLBAR-ARROW-COLOR: #51B0F2; SCROLLBAR-TRACK-COLOR: #51B0F2; Courier New; SCROLLBAR-DARKSHADOW-COLOR: #000000 } a:link { color: #0066FF; text-decoration: none; } a:visited { text-decoration: none; color: #0066FF; } a:hover { text-decoration: underline; color: #0066FF; } a:active { text-decoration: none; } --> </style> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><BODY> <form method="post" action="addguestbook.php"> <div align="center"></div> <div align="center"></div> <div align="center" class="style1"></div> <div align="center"><span class="style1">Name:</span><br /> <input name="name" type="text" size="30" maxlength="40" /> <br /> <span class="style1"><br /> Email:</span><br /> <input name="email" type="text" size="30" maxlength="40" /> <br /> <br /> <span class="style1">Home Page:</span><br /> <input name="site" type="text" size="30" value="http://" maxlength="40" /> <br /> <br /> <span class="style1">Message:</span><br /> <textarea name="msg" cols="22" rows="6"></textarea> <br /> <br /> <input type="reset" value="Reset" /> <input type="submit" value="Send" /> </div> <div align="center"> <p> </p> <?php $file = "guestbook.txt"; if (fopen($file, "r")) { $fil = "guestbook.txt"; $fo = fopen ($fil, "r"); $con = fread ($fo,filesize ($fil)); fclose ($fo); echo "$con"; } else { echo "<h3>Sorry there was an error please contact us now<h3>"; } ?></div> </BODY> </HTML> addguestbook.php Code: [Select] <HTML> <HEAD> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><style type="text/css"> <!-- body,td,th { font-size: 12px; color: #000000; } a:link { text-decoration: none; color: #0066FF; } a:visited { text-decoration: none; color: #0066FF; } a:hover { text-decoration: underline; color: #0066FF; } a:active { text-decoration: none; } body { background-color: #CCCCCC; SCROLLBAR-FACE-COLOR: #0066FF; MARGIN: 0px; SCROLLBAR-HIGHLIGHT-COLOR: #0066FF; SCROLLBAR-SHADOW-COLOR: #0066FF; SCROLLBAR-3DLIGHT-COLOR: #0066FF; SCROLLBAR-ARROW-COLOR: #51B0F2; SCROLLBAR-TRACK-COLOR: #51B0F2; Courier New; SCROLLBAR-DARKSHADOW-COLOR: #000000 } --> </style> </HEAD> <BODY> <?php function is_leapyear($year = 2004) { return ($year%4)==0; } $file = "guestbook.txt"; $name = $_POST['name']; $email = $_POST['email']; $site = $_POST['site']; $msg = $_POST['msg']; $site = stripslashes($site); $msg = stripslashes($msg); $email = stripslashes($email); $name = stripslashes($name); $msg = str_replace ("<","<",$msg); $msg = str_replace ("\n","<br>",$msg); $site = str_replace ("<","<",$site); $site = str_replace ("\n","<br>",$site); $email = str_replace ("<","<",$email); $email = str_replace ("\n","<br>",$email); $name = str_replace ("<","<",$name); $name = str_replace ("\n","<br>",$name); if(empty($email) || empty($name) || empty($msg)) { echo "<h3>Sorry all fields are required</h3>"; } else { $fp = fopen($file,"a"); $timestamp=date("M/D/Y h:m:s"); fwrite($fp, ' <font size="3"> <BR><BR> Posted: '.$timestamp.'<br /> Name: '.$name.'<BR> Email: <a href="mailto:'.$email.'">'.$email.'</a><BR> Home Page: <a href="'.$site.'">'.$site.'</a><BR>Message: '.$msg.'<BR> '); fclose($fp); echo '<font size="3"><p align="center">Thank you '.$name.' for singing my guestbook</p></font>'; } ?> <div align="center"></div> <div align="center"></div> <div align="center"></div> <div align="center"></div> <p align="center"><a href="index.php">Back to GuestBook</a></p> <div align="center"></div> </BODY> </HTML> I try to adjust my date and time to ("M-d-Y h:i:s A"), but when I do, I get 0's for the both the date and time. Code: [Select] <table width="400" border="0" align="center" cellpadding="3" cellspacing="0"> <tr> <td><strong>Test Sign Guestbook </strong></td> </tr> </table> <table width="400" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form id="form1" name="form1" method="post" action="addguestbook.php"> <td> <table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td width="117">Name</td> <td width="14">:</td> <td width="357"><input name="name" type="text" id="name" size="40" /></td> </tr> <tr> <td>Email</td> <td>:</td> <td><input name="email" type="text" id="email" size="40" /></td> </tr> <tr> <td valign="top">Comment</td> <td valign="top">:</td> <td><textarea name="comment" cols="40" rows="3" id="comment"></textarea></td> </tr> <tr> <td> </td> <td> </td> <td><input type="submit" name="Submit" value="Submit" /> <input type="reset" name="Submit2" value="Reset" /></td> </tr> </table> </td> </form> </tr> </table> <table width="400" border="0" align="center" cellpadding="3" cellspacing="0"> <tr> <td><strong><a href="viewguestbook.php">View Guestbook</a> </strong></td> </tr> </table> Code: [Select] <?php $mysql_host = "myhost"; $mysql_database = "guest"; $mysql_user = "myusername"; $mysql_password = "mypassword"; //$db_name="guest"; This is not needed, as db_name is $mysql_database above, so please delete this line. $tbl_name="guestbook"; // Table name // Connect to server and select database. mysql_connect("$mysql_host", "$mysql_user", "$mysql_password") or die("cannot connect server "); mysql_select_db("$mysql_database") or die("cannot select DB"); $name = $_POST['name']; $email = $_POST['email']; $comment = $_POST['comment']; $datetime=date("y-m-d h:i:s"); //date time $sql="INSERT INTO $tbl_name (name, email, comment, datetime) VALUES ('$name', '$email', '$comment', '$datetime')"; $result=mysql_query($sql); //check if query successful if($result){ echo "Successful"; echo "<BR>"; echo "<a href='viewguestbook.php'>View guestbook</a>"; // link to view guestbook page } else { echo "ERROR"; } mysql_close(); ?> Code: [Select] <table width="400" border="0" align="center" cellpadding="3" cellspacing="0"> <tr> <td><strong>View Guestbook | <a href="guestbook.php">Sign Guestbook</a> </strong></td> </tr> </table> <br> <?php $mysql_host = "myhost"; $mysql_database = "guest"; $mysql_user = "myusername"; $mysql_password = "mypassword"; $tbl_name="guestbook"; // Table name // Connect to server and select database. mysql_connect("$mysql_host", "$mysql_user", "$mysql_password") or die("cannot connect server "); mysql_select_db("$mysql_database") or die("cannot select DB"); $sql="SELECT * FROM $tbl_name"; $result=mysql_query($sql); while($rows=mysql_fetch_array($result)){ ?> <table width="400" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <td><table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td>ID</td> <td>:</td> <td><? echo $rows['id']; ?></td> </tr> <tr> <td width="117">Name</td> <td width="14">:</td> <td width="357"><? echo $rows['name']; ?></td> </tr> <tr> <td>Email</td> <td>:</td> <td><? echo $rows['email']; ?></td> </tr> <tr> <td valign="top">Comment</td> <td valign="top">:</td> <td><? echo nl2br($rows['comment']); ?></td> </tr> <tr> <td valign="top">Date/Time </td> <td valign="top">:</td> <td><? echo $rows['datetime']; ?></td> </tr> </table></td> </tr> </table> <BR> <? } mysql_close(); //close database ?> I have a simple guestbook set up. Even when I set the max post size to 6000000 (if you're wondering why Id allow that its cause I'm just using it as a private message board with one other person), after a certain amount of characters, it splits the post up into several messages and in place of the name of the poster, it's an IP. Any ideas why this is happening? Thanks. Hi, I've just installed a guestbook but when posting a message (signing in) it shows 'no entries yet'. On clicking the submit a very quick screen splashes up with a load of writing out of whoch I could just read ...line function open data file... You can check it out at www.qualitycarersdirect.com/careasp/portal.asp then click on 'post on the baord' it is a php file. Dear people here at phpfreaks
I am working on updating an old guestbook with outdated code (predecated). I will follow the suggestions I have received here on this forum already by using the new MySQL PDO technique. I am pretty rusty on PHP and MySQL, since I haven't been using it for years. So it took me a while to get Xampp running and installing Virtual hosts, so I can test my code locally. This is all working now. I have decided to start from scratch, building my guestbook up gradually in order to be able to understand each step better. I am inspired by the following tutorial:
http://wiki.hashphp....ySQL_Developers
So far I have created four files
1. contribution_to_guestbook.html
2. put_in_guestbook.php
3. show_content_of_guestbook.php
4. mysql_functions.php
The guestbook is implemented as a table with the name guestbook in the MySQL database with the name my_database. The database contains six fields, which a id, time, ip, name, email and contribution. The user can write a contribution by filling in his name, email address and contribution in the form placed in the first file. These data for the fields name, email and contribution respectively are being sent to the second file. At the same time the datetime is automatically registered along with the IP address of the users computer in the fields time and ip. When inserted in the table in the database via the second file, the primary field id is automatically added and incremented by 1. After the insertion in the database, the user is directed to file 3, where the content of the whole guestbook is being displayed for the user to see. The 4th file is containing the connection details for the database, including the password.
NB! The IP address of the users computer is not being displayed but only collected in the case one want to block spammers from specific computers with fixed IP addresses. In order to better block for spam from computer bots, I will later place a question in the first file to only admit humans ...
My questions
Is the structure of my guestbook convenient? Would it be appropriate to create functions to make the code more readable and if so, how can I do it? I wanted to make a prepared statement in the 3. file in which I select the content on the guestbook in order to display it. Can it be done, and if so how do the code look like? I know I need more error handling. Also I need to test user input. For example if no contribution is being written, an error message should be shown to the user, etc. Do you have some suggestions here and how to do it? What about security? I hope the password for my database will not be accessible in any way? I will appreciate any comments on the four questions above and eventual something else I have overlooked! I hope my thread is not too long. Hope for some replies ... Here is my code so far (still just a framework!): 1. contribution_to_guestbook.html
<!doctype html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Contribution to Guestbook</title>
<style type="text/css">
body,td,th {font-family: Verdana, Geneva, sans-serif;}
form1 table tr td {color: #06C;}
h1 {color: #0000A0;}
</style>
</head>
<body>
<form method="POST" action="put_in_guestbook.php">
<h1>Contribution to Guestbook</h1>
<table border="0" cellspacing="5" cellpadding="5">
<tr>
<td>Name</td>
<td>
<INPUT type="text" name="name" size=40 maxlength=100>
</td>
</tr>
<tr>
<td>Email</td>
<td>
<INPUT type="text" name="email" size=40 maxlength=100>
</td>
</tr>
<tr>
<td valign="top">Contribution</td>
<td>
<TEXTAREA name="contribution" cols=60 rows=10></TEXTAREA>
</td>
</tr>
<tr>
<td></td>
<td align="center">
<INPUT type="submit" value="Submit contribution">
</td>
</tr>
</table>
</form>
<p></p>
</body>
</html>
2. put_in_guestbook.php
<?php
require("mysql_functions.php");
$ip = $_SERVER['REMOTE_ADDR']; //Clients IP address collected
$name = $_POST['name']; //Data from input form etc.
$email = $_POST['email'];
$contribution = $_POST['contribution'];
try {
$db = new PDO('mysql:host='.$server.';dbname='.$database.';charset=utf8mb4', $username, $password); //Connecting to database
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$stmt = $db->prepare("INSERT INTO guestbook(`time`, `ip`, `name`, `email`, `contribution`) VALUES(NOW(), ?, ?, ?, ?)");
$stmt->execute(array($ip, $name, $email, $contribution)); //Placing the new contribution with details in Guestbook
$db = NULL; //Closing database
header("Location: show_content_of_guestbook.php"); //Redirecting to another page to show content of guestbook
} catch(PDOException $ex) {
echo "Could not insert into guestbook";
}
?>
3. show_content_of_guestbook.php
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf8mb4" />
<title>Guestbook</title>
</head>
<body>
<?php
require("mysql_functions.php");
header('Content-Type: text/html; charset=utf-8');
try {
$db = new PDO('mysql:host='.$server.';dbname='.$database.';charset=utf8mb4', $username, $password); //Connecting to database
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
foreach ($db->query('SELECT * FROM guestbook') as $row) {
echo "Contribution number: ".$row['id']."<br/>";
echo "Time: ".$row['time']."<br/>";
echo "Name: ".$row['name']."<br/>";
echo "Email: ".$row['email']."<br/>";
echo "Contribution: ".$row['contribution']."<br/>"."<br/>";
$db=NULL; //Closing database
}
} catch(PDOException $ex) {
echo "An error ocurred";
}
?>
</body>
</html>
4. mysql_functions.php
<?php $server = 'localhost'; $username = 'root'; $password = 'my_password'; $database = 'my_database'; ?>Regards, Erik Edited by erikla, 16 July 2014 - 07:52 AM. Hello everyone, When someone starts an OC (Organised Crime) On my game, they invite 3 people. I was just testing it and found that everything is fine up until 1 point, the actual Inbox mail that the invited user gets. I can't click Accept or Reject? Here's the bit of code i have... Code: [Select] if (strip_tags($_POST['inv']) == "inv_we"){ $inv_username=strip_tags($_POST['inv_username']); $check = mysql_num_rows(mysql_query("SELECT * FROM users WHERE username='$inv_username'")); if ($check == "0"){ echo "No such user."; }elseif ($check != "0"){ if ($oc->we != "0"){ echo "You need to kick the Weapons expert before you invite someone else."; }elseif ($oc->we == "0"){ $invite_text=" <div align=center>You have been invited to join $username's Organised crime as the Weapons Expert, please choose one of the following options:<br> <input name=Decline type=submit id=Decline class=button value=Decline> | <input name=inv_button type=submit class=button id=inv_button value=Accept> </div><input type=hidden name=place value=we><input type=hidden name=oc_id value=$oc->id> "; mysql_query("INSERT INTO `inbox` ( `id` , `to` , `from` , `message` , `date` , `read` ) VALUES ( '', '$inv_username', '$inv_username', '$invite_text', '$date', '0' )"); echo "Weapons expert invited"; mysql_query("UPDATE oc SET we_inv='$inv_username' WHERE id='$oc->id'"); Is there any way to have a PHP script automate the acceptance of a SSL certificate? I have a php script running on a windows machine in lighttpd. Hy ya'll! I've been trying to programatically read a string, but with no success. Code: [Select] function get_between($input, $start, $end) { $substr = substr($input, strlen($start)+strpos($input, $start), (strlen($input) - strpos($input, $end))*(-1)); return $substr; } $string = 'open -greetings hello -bye seeya'; echo get_between($string, '-greetings ', ' -bye'); // Output: hello echo get_between($string, '-greetings ', ' -'); // Outputs nothing echo get_between($string, '-greetings ', ' '); // Outputs nothing } It turns out that I don't know if "-bye" will always follow the value of "-greetings", so I can't call everything in between like the first way even tough it works fine in this example. Given that those values will always be a single word, I can use a whitespace as a delimiter to the right, but for some reason it won't return anything whatsoever, not even an error code. Any ideas how to get it done? Txs a bunch! I have a question,
I have a fully working PHP mail form, but I can't seem to find one problem.
I thought it had something to do with the data cleansing like trim, htmlspecialcharacters and stripslashes, but unfortunately that wasn't.
My form has to be able to process characters like é è á ó etc.
Just that now when you fill those characters in it shows some weird code in the mail.
(é becomes é in the mail) and this is highly inconvenient.
Could any1 tell me how I can fix this?
this is the PHP code for my form:
<?php
if(isset($_POST['submit']))
{
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$error = "";
//Keep Values
$Papillon_checked = (isset($_POST['ras']) && $_POST['ras'] == 'Papillon') ? 'checked' : '';
$Phalene_checked = (isset($_POST['ras']) && $_POST['ras'] == 'Phalene') ? 'checked' : '';
$Babyklasse_checked = (isset($_POST['klasse']) && $_POST['klasse'] == 'Babyklasse') ? 'checked' : '';
$Puppyklasse_checked = (isset($_POST['klasse']) && $_POST['klasse'] == 'Puppyklasse') ? 'checked' : '';
$Jeugdklasse_checked = (isset($_POST['klasse']) && $_POST['klasse'] == 'Jeugdklasse') ? 'checked' : '';
$Tussenklasse_checked = (isset($_POST['klasse']) && $_POST['klasse'] == 'Tussenklasse') ? 'checked' : '';
$Openklasse_checked = (isset($_POST['klasse']) && $_POST['klasse'] == 'Openklasse') ? 'checked' : '';
$Kampioensklasse_checked = (isset($_POST['klasse']) && $_POST['klasse'] == 'Kampioensklasse') ? 'checked' : '';
$Fokkersklasse_checked = (isset($_POST['klasse']) && $_POST['klasse'] == 'Fokkersklasse') ? 'checked' : '';
$Veteranenklasse_checked = (isset($_POST['klasse']) && $_POST['klasse'] == 'Veteranenklasse') ? 'checked' : '';
//Validate form fields
if (!empty($_POST['ras'])) {
$ras = $_POST['ras'];
} else {
$error .= "- Klik het ras van uw hond aan. <br />";}
if (!empty($_POST['kleur'])) {
$kleur = test_input($_POST['kleur']);
} else {
$error .= "- Vul de kleur van uw hond in. <br />";}
if (!empty($_POST['geslacht'])) {
$geslacht = test_input($_POST['geslacht']);
} else {
$error .= "- Vul het geslacht van uw hond in. <br />";}
if (!empty($_POST['naamhond'])) {
$naamhond = test_input($_POST['naamhond']);
} else {
$error .= "- Vul de naam van uw hond in. <br />";}
if (!empty($_POST['stamboom'])) {
$stamboom = test_input($_POST['stamboom']);
} else {
$error .= "- Vul het stamboomnummer van uw hond in. <br />";}
if (!empty($_POST['geboorte'])) {
$geboorte = test_input($_POST['geboorte']);
} else {
$error .= "- Vul de geboortedatum van uw hond in. <br />";}
if (!empty($_POST['klasse'])) {
$klasse = $_POST['klasse'];
} else {
$error .= "- Klik de gewenste klasse aan. <br />";
}
if (!empty($_POST['fokker'])) {
$fokker = test_input($_POST['fokker']);
} else {
$error .= "- Vul de naam van de fokker in. <br />";}
if (!empty($_POST['vader'])) {
$vader = test_input($_POST['vader']);
} else {
$error .= "- Vul de naam van de vaderhond in. <br />";}
if (!empty($_POST['moeder'])) {
$moeder = test_input($_POST['moeder']);
} else {
$error .= "- Vul de naam van de moederhond in. <br />";}
if (!empty($_POST['initialen'])) {
$initialen = test_input($_POST['initialen']);
} else {
$error .= "- Vul uw initialen in. <br />";}
if (!empty($_POST['eigachternaam'])) {
$eigachternaam = test_input($_POST['eigachternaam']);
} else {
$error .= "- Vul uw achternaam in. <br />";}
if (!empty($_POST['minitialen'])) {
$minitialen = test_input($_POST['minitialen']);}
if (!empty($_POST['meigachternaam'])) {
$meigachternaam = test_input($_POST['meigachternaam']);}
if (!empty($_POST['straat'])) {
$straat = test_input($_POST['straat']);
} else {
$error .= "- Vul uw straatnaam in. <br />";}
if (!empty($_POST['huisnr'])) {
$huisnr = test_input($_POST['huisnr']);
} else {
$error .= "- Vul uw huisnummer in. <br />";}
if (!empty($_POST['postcode'])) {
$postcode = test_input($_POST['postcode']);
} else {
$error .= "- Vul uw postcode in. <br />";}
if (!empty($_POST['plaats'])) {
$plaats = test_input($_POST['plaats']);
} else {
$error .= "- Vul uw woonplaats in. <br />";}
if (!empty($_POST['land'])) {
$land = test_input($_POST['land']);}
if (!empty($_POST['email'])) {
$email = $_POST['email'];
if (!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $email)){
$error .= "- U heeft een ongeldig e-Mail adres ingevuld. <br/>";}
} else {
$error .= "- Vul uw e-Mail adres in. <br />";}
if (!empty($_POST['telefoon'])) {
$telefoon = test_input($_POST['telefoon']);}
if (!empty($_POST['peradres'])) {
$peradres = test_input($_POST['peradres']);}
if (!empty($_POST['eerstehond'])) {
$eerstehond = test_input($_POST['eerstehond']);}
if (!empty($_POST['verderehond'])) {
$verderehond = test_input($_POST['verderehond']);}
if (!empty($_POST['babypup'])) {
$babypup = test_input($_POST['babypup']);}
if (!empty($_POST['koppelklas'])) {
$koppelklas = test_input($_POST['koppelklas']);}
if (!empty($_POST['koppelhond1'])) {
$koppelhond1 = test_input($_POST['koppelhond1']);}
if (!empty($_POST['koppelhond2'])) {
$koppelhond2 = test_input($_POST['koppelhond2']);}
if (!empty($_POST['totaal'])) {
$totaal = test_input($_POST['totaal']);}
if (!empty($_POST['naamjh'])) {
$naamjh = test_input($_POST['naamjh']);}
if (!empty($_POST['leeftijdjh'])) {
$leeftijdjh = test_input($_POST['leeftijdjh']);}
if (!empty($_POST['akkoord'])) {
$akkoord = $_POST['akkoord'];
} else {
$error .= "- U moet akkoord gaan met de voorwaarden voordat u het bericht kunt versturen. <br />";}
//no errors were set
if(empty($error))
{
//code to send the email
//The form has been submitted, prep a nice thank you message
$output = '<center><b>Het Inschrijfformulier is verzonden <br />We zullen de gegevens verwerken <br/><u>Papillon & Phalène Vereniging Nederland</u></b></center>';
//Set the form flag to no display (cheap way!)
$flags = 'style="display:none;"';
//Deal with the email
$to = 'joke@pp-vn.nl';
$from = $_POST['email'];
$subject = 'Inschrijfformulier';
$message = 'From: ' .$initialen .' ' .$eigachternaam . ' <' . $email . '>' ."\n\n";
$message .= 'Ras: ' .$ras ."\n";
$message .= 'Kleur: ' .$kleur ."\n";
$message .= 'Geslacht: ' .$geslacht ."\n";
$message .= 'Naam v/d hond: ' .$naamhond ."\n";
$message .= 'Stamboomnummer: ' .$stamboom ."\n";
$message .= 'Geboortedatum: ' .$geboorte ."\n";
$message .= 'Klasse: ' .$klasse ."\n";
$message .= 'Naam Fokker: ' .$fokker ."\n";
$message .= 'Naam Vaderhond: ' .$vader ."\n";
$message .= 'Naam Moederhond: ' .$moeder ."\n";
$message .= 'Eigenaar: ' .$initialen .' ' . $eigachternaam ."\n";
$message .= 'Mede-eigenaar: ' .$minitialen .' ' .$machternaam ."\n";
$message .= 'Adres: ' .$straat .' ' .$huisnr .' ' .$postcode .' ' .$plaats .' ' .$land ."\n";
$message .= 'Telefoon: ' .$telefoon ."\n";
$message .= 'e-Mail: ' .$email ."\n";
$message .= 'Per Adres: ' .$peradres ."\n";
$message .= 'Inschrijving eerste hond: ' .$eerstehond . "\n";
$message .= 'Andere honden ingeschreven: ' .$verderehond . "\n";
$message .= 'Baby- Puppyklasse: ' .$babypup . "\n";
$message .= 'Koppelklasse: ' .$koppelklas . "\n";
$message .= 'Koppelklasse Hond 1: ' .$koppelhond1 . "\n";
$message .= 'Koppelklasse Hond 2: ' .$koppelhond2 . "\n";
$message .= 'Totaalbedrag: ' .$totaal . "\n";
$message .= 'Naam Juniorhandler: ' .$naamjh . "\n";
$message .= 'Leeftijd Juniorhandler: ' .$leeftijdjh . "\n";
$message .= 'Akkoord: ' .$akkoord ."\n";
$attachment = chunk_split(base64_encode(file_get_contents($_FILES['file']['tmp_name'])));
$filename = $_FILES['file']['name'];
$boundary =md5(date('r', time()));
$headers = "From: fransien@pp-vn.nl";
$headers .= "\r\nMIME-Version: 1.0\r\nContent-Type: multipart/mixed; boundary=\"_1_$boundary\"";
$message="This is a multi-part message in MIME format.
--_1_$boundary
Content-Type: multipart/alternative; boundary=\"_2_$boundary\"
--_2_$boundary
Content-Type: text/plain; charset=\"iso-8859-1\"
Content-Transfer-Encoding: 7bit
$message
--_2_$boundary--
--_1_$boundary
Content-Type: application/octet-stream; name=\"$filename\"
Content-Transfer-Encoding: base64
Content-Disposition: attachment
$attachment
--_1_$boundary--";
mail($to, $subject, $message, $headers);
mail($from, $subject, $message, $headers);
}
else
{
//display errors
echo '<center><span class="error"><strong>Uw bericht is niet verstuurd<br/> De volgende fout(en) zijn opgetreden:</strong><br/>' . $error . '<br /><strong><u>Pas op: Bij een foutmelding indien nodig Kampioenstitel opnieuw toevoegen!!</u></strong></span></center>';
}
}
?>
I have created a php guestbook for my site. The only problem I have with it is that when a user puts a carriage return in their entry, it is not replicated in the viewed post. I'm trying to figure out how I turn these returns into <br /> tags for display. Do I do something with the php that handles the input (i.e. somehow replace carriage returns with <br />'s) or is it to do with the output php code? Any pointers would be gratefully appreciated. This is the php for the guestbook entries output: Code: [Select] <?php include "connection.php"; $table = "guestbook"; $data = mysql_query("SELECT * FROM $table ORDER BY id DESC") or die(mysql_error()); echo "<div class='divide_message'>"; while($info = mysql_fetch_array( $data )) { $date = date("d/m/y",strtotime($info['date'])); echo "<div class='block message'>"; echo "<div class='message_name'>" . $info['name'] . ""; echo "<span class='date'>" . $date . "</span></div><br />"; echo "<div class='message_message'>" . $info['message'] . "</div>"; echo "</div>"; } echo "</div>"; ?> |
|||||||