|
PHP - $_post Problems
I have a code designed to build buildings on space colonies.
The problem is that once you click the form button, the building is built, but you need to reload the page before it will show the updated count. Is there a way to refresh a page so that the change shows up without the user doing anything? Code: [Select] <?php $dbhost = 'localhost:3306'; $dbuser = 'root'; $dbpass = 'root'; $dbname = 'aosdb'; $conn = mysql_connect($dbhost,$dbuser,$dbpass) or die ('Error connecting to mysql'); mysql_select_db($dbname); $query="SELECT * FROM IMPrints"; $result=mysql_query($query); $name = mysql_result($result, 0, 'name'); $work = mysql_result($result, 0, 'workers'); $effi = mysql_result($result, 0, 'efficiency'); $cost = mysql_result($result, 0, 'cost'); $iron = mysql_result($result, 0, 'iron'); $copp = mysql_result($result, 0, 'copper'); $silv = mysql_result($result, 0, 'silver'); $titan = mysql_result($result, 0, 'titanium'); $gold = mysql_result($result, 0, 'gold'); $uran = mysql_result($result, 0, 'uranium'); $plat = mysql_result($result, 0, 'platinum'); $diam = mysql_result($result, 0, 'diamonds'); $oil = mysql_result($result, 0, 'oil'); $water = mysql_result($result, 0, 'water'); ?> <div class="building"> <p class="bd" id="name">| Name: <?php echo $name ?></p> <p class="bd" id="workers">| Staff: <?php echo $work ?></p> <p class="bd" id="efficiency">| Effic: <?php echo $effi ?></p> <p class="bd" id="cost">| Cost: <?php echo $cost ?></p> <p class="bd" id="iron">| Ir: <?php echo $iron ?></p> <p class="bd" id="copper">| Cop: <?php echo $copp ?></p> <p class="bd" id="silver">| Silv: <?php echo $silv ?></p> <p class="bd" id="titanium">| Titan: <?php echo $titan ?></p> <p class="bd" id="gold">| Gol:<?php echo $gold ?></p> <p class="bd" id="uranium">| Uran: <?php echo $uran ?></p> <p class="bd" id="platinum">| Plat: <?php echo $plat ?></p> <p class="bd" id="diamonds">| Diam: <?php echo $diam ?></p> <p class="bd" id="oil">| Oi: <?php echo $oil ?></p> <p class="bd" id="water">| Wat: <?php echo $water ?></p> <?php $dbhost = 'localhost:3306'; $dbuser = 'root'; $dbpass = 'root'; $dbname = 'aosdb'; $conn = mysql_connect($dbhost,$dbuser,$dbpass) or die ('Error connecting to mysql'); mysql_select_db($dbname); $queryp = "SELECT Basic FROM IMBuilt WHERE idcol = $idcol"; $resultp = mysql_query($queryp); $Basic = mysql_result($resultp, 0); if(isset($_POST['built'])) { if($_POST) { $Badd = $Basic+$_POST['built']; $queryi="UPDATE IMBuilt SET Basic=$Badd WHERE idcol = $idcol"; mysql_query($queryi); } } ?> <p class="bd" id="built">| Built: <?php echo $Basic ?> |</p> <form class="bd" method="post" action="IronMineList.php"><input type="varchar" name="built"><input type="submit" value="Build"></form> </div> Similar TutorialsI posted a question on this topic, but didn't receive any replies, but my question has evolved since... I have a massive form sending post data to a page that I want to write the values to an XML below is an example of an echo that I did in the format of: E07_37_1 - 1 E07_37_2 - 1 Should be written in the XML, similar to: <E07_37>Data</E07_37> <E07_37>Data</E07_37> Many all of the elements will be embedded in a parent node to one level or another (some of them can get pretty deep) ie: Code: [Select] <...> <E07> <E07_37_0> <E07_37>Data</E07_37> ...For this I have a switch statement to determine what parent elements the given element belongs to ie: switch ($row){ ... case "E07_03": case "E07_04": case "E07_09": case "E07_10": case "E07_14": $cursub = $curblk."_03_0"; $xml->Header->Record->$curblk->$cursub[$multi]->$row = $value; break; I'm writing to the XML like so: $dom = new DOMDocument('1.0'); $dom->preserveWhiteSpace = false; $dom->formatOutput = true; $dom->loadXML($xml->asXML()); file_put_contents('output.xml', $dom->saveXML()); So, I have thought much of that stuff through, and I thought I was on the right track but from what I can tell, the values in $xml aren't updating (from the existing value to the new value) nor new elements aren't being added. The only thing that is changing from the old XML to the new is it's adding a random (and unwanted) element at the end of each <E##> parent block: <E>value of last element in parent structure</E> and some times <0>blah</0>. So I'm pretty much completely lost now and feel like most of what I've done is a complete waste of time. Someone please help! I'm sorry if my explanation is long and hard to understand but I figured it would be better than posting 300+ lines of code - So instead I attached it... Any help is greatly appreciated... Hello, My script here is not sending POST vars from form to script. I can't figure it out. Form: Code: [Select] <form action="train2.php" method="POST"> <tr> <td colspan="4"><center><img src="pic/toppage16.gif" /></center></td> </tr> <TR> <TD><FONT COLOR="white">Reassign Miners</FONT></TD> <TD align=right><FONT COLOR="white">0 Naquadah</FONT></TD> <TD align=middle><FONT COLOR="white"><INPUT size="6" maxlength="8" value="0" name="miner>"</FONT></TD> </TR> <TR> <TD><FONT COLOR="white">Reassign Normal Attackers</FONT></TD> <TD align=right><FONT COLOR="white">0 Naquadah</FONT></TD> <TD align=middle><FONT COLOR="white"><INPUT size="6" maxlength="8" value="0" name="atsold"></FONT></TD> </TR> <TR> <TD><FONT COLOR="white">Reassign Normal Defenders</FONT></TD> <TD align=right><FONT COLOR="white">0 Naquadah</FONT></TD> <TD align=middle><FONT COLOR="white"><INPUT size=6 maxlength=8 value=0 name="defsold"></FONT></TD> </TR> <TR> <TD><FONT COLOR="white">Reassign Covert Agents</FONT></TD> <TD align=right><FONT COLOR="white">0 Naquadah</FONT></TD> <TD align=middle><FONT COLOR="white"><INPUT size=6 maxlength=8 value=0 name="spy"></FONT></TD> </TR> <TR> <TD><FONT COLOR="white">Anti Covert Agents</FONT></TD> <TD align=right><FONT COLOR="white">0 Naquadah</FONT></TD><TD align=middle><FONT COLOR="white"><INPUT size="6" maxlength=8 value=0 name="spykiller"></FONT></TD></TR> <TR> <TD align=middle colSpan=3><FONT COLOR="white"><INPUT type="submit" value="UnTrain!" name="untrain"> </FONT> </TD> </form> Code: [Select] <?php if(isset($_POST['untrain'])){ die($_POST['miner']); $miners = securevar($_POST['miner']); $nattackers = securevar($_POST['atsold']); $ndefenders = securevar($_POST['defsold']); $covertunits = securevar($_POST['spy']); $anticovertunits = securevar($_POST['spykiller']); $totalunits+=$miners; $totalunits+=$nattackers; $totalunits+=$ndefenders; $totalunits+=$covertunits; $totalunits+=$anticovertunits; if($totalunits>=1){ $q = "UPDATE `accountinfo_db` SET `miners_1` = `miners_1`-'$miner', `attackers_1` = `attackers_1`-'$natta', `defenders_1` = `defenders_1`-'$ndefe', `covertagents` = `covertagents`-'$cover', `anticovertagents` = `anticovertagents`+'$antic', `untrainedunits` = `untrainedunits`+'$totalunits' WHERE `id` = '$id'"; $res = mysql_query($q) or die(mysql_error()); if(isset($res)){ header("Location: train.php?strmsg=".$totalunits."Troops Untrained! For 0 Naquadah."); } }else{ header("Location: train.php?strmsg=You must enter atleast 1 troop to be un-trained!"); } } ?> when I die($_GET['miner'); nothing is outputed even tho I submited the data. Thank you, Brian ok am workin on this script its a points market for a text based game but my money is not taking the amount of the players i points on the market ... just say i post 10 points for $29.000.000 ... and when the player buys the points it takes the money from that user and give the user points but .... when the user buy the points it dont give the user the money it give $290 ?? not sure is its my SQL av post that to Code: [Select] <?php include 'header.php'; $_POST['buypoints'] = abs(intval($_POST['buypoints']));{ $result = mysql_query("SELECT * FROM `pointsmarket` WHERE `id`='".$_POST['points_id']."'"); $worked = mysql_fetch_array($result); $price = $worked['price']; $amount = $worked['amount']; $totalcost = $price * prettynum($_POST['amount']); $newpointsinmarket = $amount - prettynum($_POST['amount']); $user_points = new User($worked['owner']); if ($worked['owner'] == $user_class->id) { echo Message("You have taken ".$_POST['amount']." points off the market."); $newpoints = $user_class->points + $_POST['amount'];; $result = mysql_query("UPDATE `grpgusers` SET `points` = '".$newpoints."' WHERE `id`='".$user_class->id."'"); $user_class = new User($_SESSION['id']); if ($newpointsinmarket == 0){ $result = mysql_query("DELETE FROM `pointsmarket` WHERE `id`='".$worked['id']."'"); } else { $result = mysql_query("UPDATE `pointsmarket` SET `amount` = '".$newpointsinmarket."' WHERE `id`='".$worked['id']."'"); } include 'footer.php'; die(); } $_POST['amount'] = abs(intval($_POST['amount'])); $_POST['points_id'] = abs(intval($_POST['points_id']));{ } $_POST['amount'] = abs(intval($_POST['amount'])); $_POST['points_id'] = abs(intval($_POST['points_id']));{ } if ($totalcost > prettynum($user_class->money)){ echo Message("You don't have enough money."); } if($_POST['amount'] >= 1 && $_POST['amount'] <= $amount && $totalcost <= $user_class->money){ echo Message("You have bought ".$_POST['amount']." points for $".$totalcost); $newpoints = $user_class->points + $_POST['amount']; $newmoney = $user_class->money - $totalcost; $result = mysql_query("UPDATE `grpgusers` SET `money` = '".$newmoney."', `points` = '".$newpoints."' WHERE `id`='".$user_class->id."'"); $newmoney = $user_points->money + $totalcost; $result = mysql_query("UPDATE `grpgusers` SET `money` = '".$newmoney."' WHERE `id`='".$user_points->id."'"); $user_class = new User($_SESSION['id']); if ($newpointsinmarket == 0){ $result = mysql_query("DELETE FROM `pointsmarket` WHERE `id`='".$worked['id']."'"); } else { $result = mysql_query("UPDATE `pointsmarket` SET `amount` = '".$newpointsinmarket."' WHERE `id`='".$worked['id']."'"); } } } $_POST['addpoints'] = abs(intval($_POST['addpoints'])); $_POST['id'] = abs(intval($_POST['id']));{ } if($_POST['amount'] < 1){ } if($_POST['price'] < 1){ } if ($_POST['amount'] >= 1 && prettynum($_POST['amount']) <= $user_class->points && $_POST['price'] >= 1){ echo Message("You have added ".$_POST['amount']." points to the market a price of $".$_POST['price']." per point."); $result= mysql_query("INSERT INTO `pointsmarket` (owner, amount, price)"."VALUES ('$user_class->id', '$_POST[amount]', '$_POST[price]')"); $newpoints = $user_class->points - $_POST['amount']; $result = mysql_query("UPDATE `grpgusers` SET `points` = '".$newpoints."' WHERE `id`='".$user_class->id."'"); $user_class = new User($_SESSION['id']); } ?> <link href="style.css" rel="stylesheet" type="text/css" /> <tr><td class="contenthead">Point Market</td></tr> <tr><td align="center" class="contentcontent"> <p> </p> <p><strong>You need to be a Respected Warrior to add points to the market</strong><br> Use this form to add points to the points market.</p> <p><strong>Bank Account[<? echo prettynum($user_class->bank) ?>]</strong><strong></strong><br /> <strong><a href="pointmarket.php">[Refresh</a>]</strong></p> <form method='post'> <table align="center"> <tr> <td>Amount of points</td><td> <input name='amount' type='text' class="areatest" value='0' size='10' maxlength='20'></td> </tr> <tr> <td>Price per point</td><td>$<input name='price' type='text' class="areatest" value="0" size='10' maxlength='20'></td> <tr><td align="center" colspan="2"><input name='addpoints' type='submit' class="buttong" value='Add Points'></form></td> </tr></table> </td></tr> <tr><td class="contentcontent"> <?php $result = mysql_query("SELECT * FROM `pointsmarket` ORDER BY `price` DESC"); while($line = mysql_fetch_array($result, MYSQL_ASSOC)) { $user_points = new User($line['owner']); if ($user_points->id == $user_class->id){ $submittext = "Remove"; } else { $submittext = "Buy"; } echo "<form method='post'>"; echo $user_points->formattedname." - ".$line['amount']." points for ".prettynum($line['price'],1)." per point <input type='text' name='amount' size='3' maxlength='20' value='".prettynum($line['amount'])."'><input type='hidden' name='points_id' value='".$line['id']."'><input type='submit' name='buypoints' value='".$submittext."'></form><br>"; } ?> </td></tr> <?php include 'footer.php'; ?> SQL Code: [Select] CREATE TABLE IF NOT EXISTS `pointsmarket` ( `owner` int(10) NOT NULL default '0', `amount` text NOT NULL, `price` text NOT NULL, `id` int(10) NOT NULL auto_increment, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC AUTO_INCREMENT=81 ; Hi guys, I have a form using radio buttons. For the radio button, lets just say i have the id name as 'rim' + number eg; rim0, rim1, rim2.... When i post the data to another file to execute the data collected, naturally i would use the: Code: [Select] $rim0=$_POST['rim0']; $rim1=$_POST['rim1']; .... $rim10=$_POST['rim10']; i tried to shorten this process using this method: Code: [Select] //$q is part of the post variable. for($x = 0; $x < count($q); $x++){ $rim[]=$_POST['"rim"."$x"']; } But i get this error Code: [Select] Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Notice: Undefined index: "rim"."$x" in D:\Apache Software Foundation\Apache2.2\htdocs\.....\#####.php on line 20 Is there something wrong with my POST syntax? I use a form to sent date and use php to display it . However , the code only can working on one page. I can not turn the page. I do not why . Please tell me reason . Thank you very much. <select name="kind"> <option >kind</option> <option value="Copier Toner">Copier Toner</option> <option value="Laser Toner">Laser Toner</option> <option value="MICR Toner">MICR Toner</option> <option value="Inkjet">Inkjet</option> php code if (isset($_GET["page"])) { $page = $_GET["page"]; } else { $page=1; }; $start_from = ($page-1) * 18; $select="select * from $chun where brand = '$_POST[brand]' or sort ='$_POST[kind]' or type='$_POST[type]' LIMIT $start_from, 18"; $result2=mysql_query($select, $connection) or die (mysql_error()); <?php $sql = "select count(*) from $chun where brand = '$_POST[brand]' or sort='$_POST[kind]' or type='$_POST[type]' "; $rs_result = mysql_query($sql,$connection); $row = mysql_fetch_row($rs_result); $total_records = $row[0]; $total_pages = ceil($total_records / 18); for ($i=1; $i<=$total_pages; $i++) { ?> <div class="trunpage"><a href='table2.php?page=<?php echo "$i" ; ?>&id=<?php echo "$_POST[brand]";?>&cd=<?php echo "$_POST[kind]";?>&td=<?php echo "$_POST[type]";?>' ><?php echo "$i" ; ?></a> </div> The first page is working fine. The second page I get error message. Undefined index: brand in C:\wamp\www\php1000\table2.php on line 234 hey guys I know this is html but I'm using the php $_POST to grab the information the user chooses, i can't figure out though how to grab the info i'm looking for in this select option form if they choose PasswordCracker v3.0 what is it i'm looking to set my $_post['']; to? <FORM action="buy.php" method="POST"> <select name="passwordcrakers"> <option value="v2.0">PasswordCracker V2.0</option> <option value="v3.0">PasswordCracker V3.0</option> <option value="v4.0">PasswordCracker V4.0</option> <option value="v5.0">PasswordCracker V5.0</option> <option value="v6.0">PasswordCracker V6.0</option> <option value="v7.0">PasswordCracker V7.0</option> <option value="v8.0">PasswordCracker V8.0</option> <option value="v9.0">PasswordCracker V9.0</option> <option value="v10">PasswordCracker V10</option> </select><br /> <input type="submit" value="Buy" name="submit" /> </FORM> Hi guys, running through this tutorial at the moment: http://www.tizag.com/phpT/forms.php I seem to keep having problems with the $_POST variable. Is that obsolete syntax now? Here's the part I get an error on: <html> <body> <?php $quantity=$_POST['quantity']; $item=$_POST['item']; echo "You ordered".$quantity."".$item.".<br/>."; echo "Thank you for ordering from Boombaby art supppplies!"; ?> </body> </html> Here's the error: ( ! ) Notice: Undefined index: quantity in C:\wamp\www\process.php on line 4 Call Stack # Time Memory Function Location 1 0.0009 363936 {main}( ) ..\process.php:0 ( ! ) Notice: Undefined index: item in C:\wamp\www\process.php on line 5 Call Stack # Time Memory Function Location 1 0.0009 363936 {main}( ) ..\process.php:0 You ordered. .Thank you for ordering from Boombaby art supppplies! Any help would be appreciated. I tried googling but everything didn't seem to answer my question or was too confusing. Thanks. Ok- I have seen it go both ways on this forum and I was wondering which is correct- or more secure. I have a script that receives $_POST variables from a form. Which is better- to change the name of the $_POST variable to do script manipulations or to simple do them with the $_POST['whatever'] $whatever = $_POST['var_from_form']; or simply utilize $_POST['var_from_form'] I know it would be less typing changing it to $whatever, but does it really matter? And yes- register_globals is off. Cheers- Hi All, I am having a bit of difficulty with a form I've built that has some PHP elements in it. The issue is it is just not sending the values (which are in hidden fields). Code is: Code: [Select] while($row = mysql_fetch_array($result)){ echo '<tr style="padding: 15px;">'; echo '<td>' . $row['product_id'] . '</td>'; echo '<td>' . $row['name'] . '</td>'; echo '<td>' . $row['catalogue_id'] . '</td>'; ?> <td> <form method="post" enctype="multipart/form-data" action="<?php echo str_replace( '%7E', '~', $_SERVER['REQUEST_URI']); ?>"> <!--Hidden Field Checks to see if form has already been sent--> <input type="hidden" name="editform" value="Y"> <!--Hidden Fields for Edit Job--> <input type="hidden" name="prodid" value="<?php echo $row['product_id'] ?>"> <input type="hidden" name="prodname" value="<?php echo $row['name'] ?>"> <input type="hidden" name="catalogue_id" value="<?php echo $row['catalogue_id'] ?>"> <input type="hidden" name="full_description" value="<?php echo $row['full_description'] ?>"> <input type="submit" name="Edit" value="<?php _e('Edit', 'pmimp_trdom' ) ?>" /> </form> </td> Would it have something to do with splitting up the php tags? Any help would be apprecited! Thanks! Hey guys i am using a global filter on my $_POST function filter($str){return htmlentities($str, ENT_QUOTES);} $_POST = array_map('filter', $_POST); It helps me encode the stuff into the database. It works great on all my fields exept my arrays ... Ex: fields like this <input type="text" name="name[]" size="20"> breaks Any sugestions on gething this global filter working? I have a form with radio buttons, depending on if a person selects yes, they will be given an answer after they hit submit. I don't want to do a bunch if un-necessary coding, so I'm trying something else, but it's not working. My form is this Code: [Select] <table width="100%" border="0" cellspacing="0" cellpadding="4"> <tr> <td align="center" valign="top">Yes</td> <td align="center" valign="top"><input type="radio" name="phone1" id="phone1" value="1" /></td> <td align="center" valign="top">No</td> <td align="center" valign="top"><input type="radio" name="phone1" id="phone1" value="2" /></td> </tr> </table> My code is this Code: [Select] <?php if(isset($_POST['submit'])) { $key; $key['phone1'] = "testing phone 1"; $key['phone2'] = "testing phone 2."; foreach( $_POST as $key => $value) { if($value == "1"){ echo $key."<br />"; } } } ?> Now, it does not show the wording associated with $key if the value is 1. Can anybody help me out here? This form is going to have over 100 questions. Thanks in advance. I think this belongs here, but my $_POST['gender'] won't grab the gender that was submitted through a form. I am using AJAX so the page doesn't have to reload so it can go in a smooth transition, but the AJAX is grabbing the value perfectly fine. I have a feeling the $_POST isn't grabbing the value because the page isn't reloading.. but I don't want to reload it. These codes are all on the same page. Here is my Javascript: Code: [Select] <script> function chooseGender() { var gender = $('input[name=gender]:checked', '#submitgender').val(); if(gender) { $.ajax( { type: "POST", url: window.location.pathname, data: gender, success: function() { alert("You have chosen to be a " + gender); //It's grabbing it perfectly fine! $("#submitgender").hide(); //It hides the gender table so they can't choose a gender since they already have chosen one. $("#rest").fadeIn(); //Shows the other table that's labeled "rest" as it's ID so they can choose what base, eyes, etc for that specific gender they've chosen. } }); } else { alert('Select a gender.'); } } $(function tabs() { $( "#tabs" ).tabs(); }); </script> But here is the PHP inside the #rest table: Code: [Select] <?php $gender = $_POST['gender']; $sql = "SELECT * FROM habases WHERE gender='".$gender."'"; $result = mysqli_query($cxn, $sql) or die(mysqli_error($cxn)); print_r($sql); while ($row = mysqli_fetch_assoc($result)) { $baseimage = $row['image']; $baseskin = $row['skin']; echo "<img src=\"http://www.elvonica.com/".$baseimage."\" value=\"".$baseskin."\">"; } ?> And this is what I'm getting for the print_r: Quote SELECT * FROM habases WHERE gender='' Here's the result of my problem: Array ( [nav_create_title] => hel [nav_visible] => 1 [category_position] => 4 ) ( ! ) Notice: Undefined index: category_postion in C:\wamp\www\tryitandbuyit\includes\category_create_process.php on line 7 Call Stack # Time Memory Function Location 1 0.0010 370336 {main}( ) ..\category_create_process.php:0 Here's how I'm trying to assign and echo $_post. print_r($_POST); $category_pos = $_POST["category_postion"]; $nav_title=$_POST["nav_create_title"]; $nav_visible=$_POST["nav_visible"]; echo $nav_title; echo $category_pos; echo $nav_visible; As you can see, it prints the correct value and name from the array... why the heck can't I assign or echo it? Here is how I am sending it from the other page in a form (it used to be simple, but I've been trying every work around i can think of: <?php $result=mysql_query("SELECT * FROM category WHERE visible='1' ORDER BY position ASC"); $row=mysql_fetch_array($result); $positionID=$row['position']; $position=$row['position']; $selectname= "Select A Position:<br />"; $selectname .= "<select name="; $selectname .= "'category_position'"; $selectname .= ">"; echo $selectname; $rownumber=mysql_num_rows($result); $rownumber_temp=$rownumber+1; For($i=1; $i<=$rownumber_temp; $i++) { echo "<option value= $i>" . $i . "</option></br>"; } $selectname2 = "echo \"<br />\""; $selectname2 .= "echo \"<br />\""; $selectname2 .= "echo \"</select>"; echo $selectname2; Well, i have got this code: Code: [Select] <?php header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); ?> <form action="signature.php?user=" .$user. "&img=". $img" method="post"> <input name="user" type="text" /> <select name="img"> <option value="blue">Blue</option> <option value="red">Red</option> <option value="purple">Purple</option> <option value="pink">Pink</option> </select> <?php $user = $_POST['user']; $img = $_POST['img']; ?> <input type="submit" value="Submit" /> <?php //Skill Grabs $order = array("Overall", "Attack", "Defence", "Strength", "Hitpoints", "Ranged", "Prayer", "Magic", "Cooking", "Woodcutting", "Fletching", "Fishing", "Firemaking", "Crafting", "Smithing", "Mining", "Herblore", "Agility", "Thieving", "Slayer", "Farming", "Runecraft", "Hunter", "Construction", "Summoning", "Dungeoneering"); $user = $_GET['user']; //Change this to the variable (Or a string literal) that contains the username $get = file_get_contents("http://hiscore.runescape.com/index_lite.ws?player=$user"); $get = explode("\n", $get); $i = 0; foreach ($order as $key => $value) { $value = strtolower($value); $temp = explode(",", $get[$i]); $temp = array("rank" => $temp[0], "level" => $temp[1], "exp" => $temp[2]); $stats[$value] = $temp; $eval = "\$$value = array(\$temp[\"rank\"], \$temp[\"level\"], \$temp[\"exp\"]);"; eval($eval); $i++; } //End Skill Grabs // specify the file name - you can use a full path, or "../../" type stuff here // if the image is not in the same directory as this code file $image = imagecreatefrompng("http://slay2day.x10.mx/highscores/signatures/".$_GET['img'].".png"); // specify the font size // in this case, the color is white, but you can replace the numbers with the RGB values // of any color you want $color = imagecolorallocate($image, 255,255,255); // and now we do the overlay - the layers of text start top to bottom, so // the drop shadow comes first // $image - the base image file we specified above // $font_size - Well duh. Its the size of the font // 0 - the angle of the text - we don't want an angle, so we leave it at 0 // 55 - pixels to the right from the leftmost part of the image // 35 - pixels down from the top of the image // $black - the color we defined above // "../fonts/ARIALBD.TTF" - the location on the server that the font can be found // "Test Text" - the text we're overlaying - you can also use a variable here ImageTTFText ($image, "7", 0, 280, 10, $color, "arial.ttf","Slay2day"); ImageTTFText ($image, "12", 0, 240, 55, $color, "biblio.ttf",$user); if($overall[0]==-1){ImageTTFText($image, "11", 0, 230, 105, $color, "biblio.ttf","NOT RANKED");}else{ImageTTFText($image, "11", 0, 240, 105, $color, "biblio.ttf",$overall[0]);} ImageTTFText ($image, "10", 0, 27, 20, $color, "arial.ttf",$attack[1]); ImageTTFText ($image, "10", 0, 27, 42, $color, "arial.ttf",$strength[1]); ImageTTFText ($image, "10", 0, 27, 64, $color, "arial.ttf",$defence[1]); ImageTTFText ($image, "10", 0, 27, 88, $color, "arial.ttf",$hitpoints[1]); ImageTTFText ($image, "10", 0, 27, 114, $color, "arial.ttf",$ranged[1]); ImageTTFText ($image, "10", 0, 70, 20, $color, "arial.ttf",$prayer[1]); ImageTTFText ($image, "10", 0, 70, 42, $color, "arial.ttf",$magic[1]); ImageTTFText ($image, "10", 0, 70, 64, $color, "arial.ttf",$cooking[1]); ImageTTFText ($image, "10", 0, 70, 88, $color, "arial.ttf",$woodcutting[1]); ImageTTFText ($image, "10", 0, 70, 114, $color, "arial.ttf",$fletching[1]); ImageTTFText ($image, "10", 0, 117, 20, $color, "arial.ttf",$fishing[1]); ImageTTFText ($image, "10", 0, 117, 42, $color, "arial.ttf",$firemaking[1]); ImageTTFText ($image, "10", 0, 117, 64, $color, "arial.ttf",$crafting[1]); ImageTTFText ($image, "10", 0, 117, 88, $color, "arial.ttf",$smithing[1]); ImageTTFText ($image, "10", 0, 117, 114, $color, "arial.ttf",$mining[1]); ImageTTFText ($image, "10", 0, 162, 20, $color, "arial.ttf",$herblore[1]); ImageTTFText ($image, "10", 0, 162, 42, $color, "arial.ttf",$agility[1]); ImageTTFText ($image, "10", 0, 162, 64, $color, "arial.ttf",$thieving[1]); ImageTTFText ($image, "10", 0, 162, 88, $color, "arial.ttf",$slayer[1]); ImageTTFText ($image, "10", 0, 162, 114, $color, "arial.ttf",$farming[1]); ImageTTFText ($image, "10", 0, 212, 20, $color, "arial.ttf",$runecraft[1]); ImageTTFText ($image, "10", 0, 212, 42, $color, "arial.ttf",$construction[1]); ImageTTFText ($image, "10", 0, 212, 64, $color, "arial.ttf",$hunter[1]); ImageTTFText ($image, "10", 0, 212, 88, $color, "arial.ttf",$summoning[1]); ImageTTFText ($image, "10", 0, 212, 114, $color, "arial.ttf",$dungeoneering[1]); // Now add the actual white text "on top" header("Content-type: image/png"); imagepng($image); imagedestroy($image); ?> It generates a image and gets data from the name thats in the url. I am wanting to make a form where they fill out their name and what color they use. What is wrong? Is it possible to redefine a $_POST after PHP has received the value of it via a HTML form? Something like this: if ($_POST['category'] == "Belts") { $_POST['category'] = "belts"; } Hello,
I am quite new to the php and website scene and i am trying to find the best way to validate and sterilize my $_post the way i have come up with is
$id = filter_var(mysql_real_escape_string($_POST['id']),FILTER_SANITIZE_NUMBER_INT);or $id = mysql_real_escape_string($_POST['id']); $id1 = filter_var($id,FILTER_SANITIZE_NUMBER_INT);which will be the best way to do it or is there a better way. Thanks Edited by AdamHull12, 04 October 2014 - 11:15 AM. hi good day, im a little bit confuse. what i want to do is instead of $username = $_POST['username']; is to transform it into OOP? please help me. thanks. I have a button that uses $_POST to send information to another page. The data is in a hidden input so it's not possible for users to change information. I have nothing to check if the data is correct on the other page. Is it still possible for people to change the $_POST data though? Or somehow send false $_POST data to the other page? This is what I have for code: Code: [Select] <?php $title="Login"; $metakeywords="login, email"; $metadescription="Login to Dating Snap!"; include('header.php'); $user = clean_up($_POST['email']); $pass = clean_up($_POST['password']); if($user && $pass) { $pass = md5($pass); //compare the encrypted password $sql="SELECT id,email,type,password,activation_key FROM `users` WHERE `email`='$user' AND `password`='$pass'"; $query=mysql_query($sql) or die(mysql_error()); if(mysql_num_rows($query) > 0) { $lllrow = mysql_fetch_assoc($query); if($lllrow['activation_key'] == 0){ $_SESSION['id'] = $lllrow['id']; $_SESSION['type'] = $lllrow['type']; $_SESSION['email'] = $lllrow['email']; $_SESSION['password'] = $lllrow['password']; $date=date("M d Y"); $time=date("g:i A"); $sql3 ="UPDATE `users` SET `last_ip`='{$_SERVER['REMOTE_ADDR']}', `last_login`='$date $time' WHERE `id`='".$_SESSION['id']."'"; $res3 = mysql_query($sql3) or die(mysql_error()); }else{ echo "<div class='error'>You need to activate your account first!</div>"; } echo '<meta http-equiv="REFRESH" content="0;url=index.php">'; } else { echo "<div class='error'>Email and password combination is incorrect!</div>"; } }else{ if(!$_GET['step'] && $_POST['newpassword']){ $email = clean_up($_POST['email']); $password = clean_up($_POST['newpassword']); $sql = "SELECT * FROM `users` WHERE `email`='$email'"; $query = mysql_query($sql) or die(mysql_error()); if(mysql_num_rows($query) > 0) { echo "That email is already being used, please try another."; }else{ $activation_number = rand( ); $subject = 'Activate your account on datingsnap.com'; $message = 'Dear '.$first.' '.$last.',<br>Thank you for registering for an account on Dating Snap. Please <a href="http://datingsnap.com/index.php?action=activate&id='.$activation_number.'">Click Here</a> to activate your new account.<br>All the best,<br> DatingSnap.com'; $headers = 'From: bobthewebbuilder@gmail.com' . "\r\n" . 'Content-Type: text/html; charset=\"iso-8859-1\"' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); $sql = "INSERT into `users`(`activation_key`,`password`,`email`) VALUES ('$activation_number','".md5($password)."','$email');"; $query = mysql_query($sql) or die(mysql_error()); echo '<form method="post" action="index.php?action=login&step=1"><table width="100%"> <input id="email" type="hidden" name="email" value="$email"> <table width="100%"> <tr> <td class="content">*<b>First Name:</b></td> <td class="content"><input class="tarea" id="first" size="30" type="text" name="first"></td> </tr> <tr> <td class="content">*<b>Last Name:</b></td> <td class="content"><input class="tarea" id="last" size="30" type="text" name="last"></td> </tr> <tr><td width="150" class="content"></td><td class="content"><input type="submit" name="submit" value="Next step"></td></tr></form></table>'; } if($_GET['step'] == "1" && $_POST['email']){ $email = clean_up($_POST['email']); $first = clean_up($_POST['first']); $last = clean_up($_POST['last']); $sql = "UPDATE `users` SET `first`='$first',`last`='$last' WHERE `email`='$email'"; $query = mysql_query($sql) or die(mysql_error()); echo '<table width="100%"><form method="post" action="index.php?action=login&step=2"> <input id="email" type="hidden" name="email" value="$email"> <tr> <td class="content">*<b>Date of birth:</b><br><small>This will be used to calculate your age so be sure to use your correct birth date</small></td><td class="content"> <select name="month" id="month"> <option value="1">January</option> <option value="2">February</option> <option value="3">March</option> <option value="4">April</option> <option value="5">May</option> <option value="6">June</option> <option value="7">July</option> <option value="8">August</option> <option value="9">September</option> <option value="10">October</option> <option value="11">November</option> <option value="12">December</option> </select> <select name="day" id="day"> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5</option> <option value="6">6</option> <option value="7">7</option> <option value="8">8</option> <option value="9">9</option> <option value="10">10</option> <option value="11">11</option> <option value="12">12</option> <option value="13">13</option> <option value="14">14</option> <option value="15">15</option> <option value="16">16</option> <option value="17">17</option> <option value="18">18</option> <option value="19">19</option> <option value="20">20</option> <option value="21">21</option> <option value="22">22</option> <option value="23">23</option> <option value="24">24</option> <option value="25">25</option> <option value="26">26</option> <option value="27">27</option> <option value="28">28</option> <option value="29">29</option> <option value="30">30</option> <option value="31">31</option> </select> <select name="year" id="year">'; $start_year = ($start_year) ? $start_year - 1 : date('Y') - 110; $end_year = ($end_year) ? $end_year : date('Y'); for ($i = $end_year; $i > $start_year; $i -= 1) { echo '<option value="'.$i.'">'.$i.'</option>'; } echo '</select> </td> </tr><tr><td width="150" class="content"></td><td class="content"><input type="submit" name="submit" value="Next step"></td></tr></form></table>'; } if($_GET['step'] == "2" && $_POST['email']){ $email = clean_up($_POST['email']); $month=clean_up($_POST['month']); $day=clean_up($_POST['day']); $year=clean_up($_POST['year']); $sql = "UPDATE `users` SET `bdate`='$year-$month-$day' WHERE `email`='$email'"; $query = mysql_query($sql) or die(mysql_error()); echo "Done step two!"; } } //end if email } include('footer.php'); ?> How come $_POST['email'] isn't getting passed down the steps? I have a hidden field that holds it in each step... what am I overlooking? |
|||||||