|
PHP - [php] Need Help With Form Editing Over Inspect Element Tool
Hi, i have problem with editing register form over Inspect element or when u press F12 in mozilla or chrome. When u select country u can edit form on F12 and change country value so form save it like that in database. Problem is because its in foreach loop and i cant get a check if country in post variable is valid, and compare it with that in database. In my $_POST variable country is stored like ' Croatia, hr ' and in database its like 'id, name, alpha_2, alpha_3'.
So can i find value i need for example Albania and al wihout any loop ?
// if user is logged in redirect him to index page
if ($general->is_logged() === true) {
header('Location: index.php');
exit();
}
// get list of countries
$country = $teams->get_country();
require_once 'core/classes/recaptchalib.php';
$publickey = "***********************";
$privatekey = "***********************";
// process form
if (isset($_POST['register']))
{
if (isset($_POST['username']) &&
isset($_POST['nickname']) &&
isset($_POST['password']) &&
isset($_POST['repeat_password']) &&
isset($_POST['email']) &&
isset($_POST['repeat_email']) &&
isset($_POST['gender']) &&
isset($_POST['country']) &&
isset($_POST['recaptcha_challenge_field']) &&
isset($_POST['recaptcha_challenge_field']))
{
$username = trim($general->safe_input($_POST['username']));
$nickname = trim($general->safe_input($_POST['nickname']));
$password = trim($general->safe_input($_POST['password']));
$rpassword = trim($general->safe_input($_POST['repeat_password']));
$email = trim($general->safe_input($_POST['email']));
$remail = trim($general->safe_input($_POST['repeat_email']));
$gender = trim($general->safe_input($_POST['gender']));
$cntry = $general->safe_input($_POST['country']);
$date_registered = time();
$password_hash = $general->safepass($password);
// captcha
$resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
// if username is empty
if (empty($username)) {
$error[] = 'Username is empty.';
// if username already exists
} elseif ($users->user_exists($username) === true) {
$error[] = 'Username in use, please choose another.';
// username must be between 3 and 20 characters long
} elseif (strlen($username) < 3 || strlen($username) > 20) {
$error[] = 'Username must be between 3 and 20 charaters long.';
}
// if nickname is empty
if (empty($nickname)) {
$error[] = 'Nickname is empty.';
// if nickname in use
} elseif ($users->nick_exists($nickname) === true) {
$error[] = 'Nickname in use, please choose another.';
// nickname must be between 3 and 20 characters long
} elseif (strlen($nickname) < 3 || strlen($nickname) > 20) {
$error[] = 'Nickname must be between 3 and 20 characters long.';
}
// if passowrd field is empty
if (empty($password)) {
$error[] = 'Password filed is empty.';
}
// if password repeat field is empty
if (empty($rpassword)) {
$error[] = 'Repeat password filed is empty';
}
// if password and repeat password is not empty
if (!empty($password) && !empty($rpassword)) {
// passwords match ? if not throw error message
if ($password != $rpassword) {
$error[] = 'Passwords don\'t match.';
// password must be between 6 and 30 characters long
} elseif (strlen($password) < 6 || strlen($password) > 30) {
$error[] = 'Password must be between 6 and 30 characters long.';
}
}
// is email empty
if (empty($email)) {
$error[] = 'Email filed is empty.';
}
// is repeat email is empty
if (empty($remail)) {
$error[] = 'Repeat email filed is empty.';
}
// if email and repeat email is not empty
if (!empty($email) && !empty($remail)) {
// if emails are not same
if ($email != $remail) {
$error[] = 'Emails don\'t match.';
// if email and repeat email is same
} elseif ($email == $remail) {
// is email valid
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error[] = 'Invalid email format.';
// is email in use
} elseif ($users->email_exists($email) === true) {
$error[] = 'Email in use, please choose another.';
// email must be between 10 and 30 characters long
} elseif (strlen($email) < 10 || strlen($email) > 30) {
$error[] = 'Email must be between 10 and 30 characters long.';
}
}
}
// if gender is empty
if (empty($gender)) {
$error[] = 'Please select gender.';
}
// if gender is not empty
if (!empty($gender)) {
// if gender is Male or Female
if ($gender == 'Male') {
$gender = 'Male';
} elseif ($gender == 'Female') {
$gender = 'Female';
} else {
$error[] = 'Invalid gender.';
}
}
// if country is empty
if (empty($cntry)) {
$error[] = 'Please select country.';
}
// check if country is valid
if (!empty($cntry)) {
// $newCountry['0'] is name key
// $newCountry['1'] is alpha_2 key
$newCountry = explode(',', $cntry);
if (in_array($newCountry['0'], $country['name'])) {
$error[] = 'VALID.';
} else {
$error[] = 'Invalid country.';
}
}
// check if capthha is valid
if (!$resp->is_valid) {
$error[] = 'Invalid captcha code.';
}
// if no errors register user
if (empty($error) === true) {
//$add_user = $users->register_user($username, $password_hash, $email, $gender, $date_registered, $cntry, $nickname);
unset($_POST); // clean $_post variable
echo 'REGISTER USER !';
}
/* if ($DBH->lastInsertId())
{
header('Location: index.php?page=register_success');
exit();
}
else
{
$error = '<p class="error-msg">There was a problem, please try again.</p>';
}*/
}
}
?>
<script type="text/javascript">
var RecaptchaOptions = {
theme : 'clean'
};
</script>
<h3>Register</h3>
<?php
if (!empty($error)) {
echo '<div style="padding:10px;margin:0 10px;border:1px solid #f3f3f3;background:#E35454;color:#fff;"><ul style="margin:0 0 0 20px;">';
foreach ($error as $error) {
echo '<li>'.$error. '</li>';
}
echo '</ul></div>';
}
?>
<form action="" method="POST" class="register-form">
<input type="text" name="username" size="40" maxlength="20" placeholder="Username" value="<?php if (isset($_POST['username'])) { echo htmlentities($_POST['username'], ENT_QUOTES, "UTF-8"); } ?>" required>
<input type="text" name="nickname" size="40" maxlength="20" placeholder="Nickname" value="<?php if (isset($_POST['nickname'])) { echo htmlentities($_POST['nickname'], ENT_QUOTES, "UTF-8"); } ?>" required><br /><br />
<input type="password" name="password" size="40" maxlength="30" placeholder="Password" required>
<input type="password" name="repeat_password" size="40" maxlength="30" placeholder="Repeat password" required><br /><br />
<input type="text" name="email" size="40" maxlength="30" placeholder="Email" value="<?php if (isset($_POST['email'])) { echo htmlentities($_POST['email'], ENT_QUOTES, "UTF-8"); } ?>" required>
<input type="text" name="repeat_email" size="40" maxlength="30" placeholder="Repeat email" value="<?php if (isset($_POST['repeat_email'])) { echo htmlentities($_POST['repeat_email'], ENT_QUOTES, "UTF-8"); } ?>" required><br /><br />
<select name="gender" required>
<option value="">Select gender</option>
<option value="Male">Male</option>
<option value="Female">Female</option>
</select>
<select name="country" style="width: 215px;" required>
<option value="">Select country</option>
<?php
foreach ($country as $key)
{
echo '<option value="'.$key['name'].','.$key['alpha_2'].'">'.$key['name'].'</option>';
}
?>
</select>
<br><br>
<center><?php echo recaptcha_get_html($publickey); ?></center>
<br>
<center><input type="submit" name="register" value="Register" class="small-button"></center>
</form>
Similar TutorialsOne more question for the day. I'm trying to figure out the best way to run about this. Right now I have it set up so that two or more content pages CAN NOT have the same name or shortname as it performs checks to verify that there aren't both on my add new and edit pages. Now problem here is that say I'm on the edit form and I'm editing a content page with its dropdowns and what not in the form. Now I'm thinking what would be the next course of option because what if I only want to change one dropdown but still keep the same name and shortname. When I submit it, its going to kickback my response that it can't be saved because there's already a page in there with that name and shortname even though I didn't change it. Any suggestions? Hi. When i fill in my contact form, it shows a "Message sent successfully" message. Then nothing happens. I think there is something wrong with my hosting but the service provider just can't help with that.
How can i edit these codes to send a mail through smtp?
<?php
I have an email form that can have comma separated email addresses. I need to modify my code such that initially if the form does not contain any value, it should let me add email addresses to it. When I enter the web page next time it should display and let me edit the existing email addresses. Here is my code below. Right now it does not insert anything the first time. Code: [Select] <? error_reporting(E_ALL & ~E_NOTICE); $conn = mysql_connect('localhost','test','*****') or trigger_error("SQL", E_USER_ERROR); $db = mysql_select_db('test',$conn) or trigger_error("SQL", E_USER_ERROR); //$sql=mysql_query("SELECT * from new_database") or die(mysql_error()); $getemail=mysql_query("SELECT * from email") or die(mysql_error()); if(mysql_num_rows($getemail) > 0) { while($getemail_results=mysql_fetch_assoc($getemail)) { $getemailadd=$getemail_results['email']; } } else { $getemailadd=''; } if (!isset($_POST['submit'])) { ?> <b>ADDING A Email</b><br> <form action="<?php echo $PHP_SELF;?>" method="post"> Email:<br> <input type="text" size ="80" name="email" value="<?PHP if(isset($getemailadd)){ echo $getemailadd; } ?>" /><br> <input type="submit" name="submit" value="submit" /> </form> <? } else { // Get values from form $email=$_POST['email']; //$sql=mysql_query("INSERT into email(email)VALUES('$email')") or die (mysql_error()); $sql=mysql_query("UPDATE email SET email='$email'") or die (mysql_error()); header('Location: index.php'); } ?> I want to make a file that I can edit from a form. I don't know what type of file I should use, and how I would edit that file. When someone goes to the file I don't want them to be able to see the contents (like a php file holding variables). I also don't want to use .htaccess for this. This file will have things in such as the database connection variables. When someone edits the form, and save it, it will edit the database connection variables to the proper values. Here is the file I have now: Code: [Select] <?php $settings = array(); $settings['db']['host'] = 'xxxx'; $settings['db']['username'] = 'xxxx'; $settings['db']['password'] = 'xxxx'; $settings['db']['database'] = 'xxxx'; ?> Here is an example input field: Code: [Select] <input type="text" name="host" value="<?php echo $settings['db']['host']; ?>" /> What would be the best way to do this? Hello Im quite confused at what filtering I should use on my data when pulling it from a MySQL database. I don't sanitize my data on input because I am using prepared statements with PHP's PDO Driver which means I don't need to use mysql_real_escape_string() at all. When I pull the data to be displayed i.e. in a HTML Table I use the below function to make it safe for HTML output. public static function htmlSafe($data) { return nl2br(htmlentities($data, ENT_QUOTES)); } However the rules change when Im using a HTML Form to edit the data, and I am unsure what I need to strip out. I.e. What would I need to do to make all data safe to insert into the following form input. <input id = "someInput" type = "text" value = "<?php echo $someVarThatNeedsFiltering ?>" /> Also, one more question, in my html attributes (Valid ones like class, name, id, style, _target) I use a mixture of double quotes(") and single quotes ('), for quoting my values. Which one should I use or which one is more valid, doubles, or singles? So i have this CMS that is used by lots of users and generally they do have rights to edit each others article. So now i'm thinking how can i at least warn them that somebody else is already editing it. Just that. maybe with sessions? but what happens when a user just closes the windows, will it destroy it. i taught about storing the value to mySQL but again what if the user closes the windows and so on. i never did this and i could use a boost. thanks guys Hi i have this edit form that allows user to mofy data but the problems on the text box is that it deletes the rest of the data after the space from the first word i tried to increase the size of the varChars on mysql but did no work why it happens how can i stop from happening?? this the form input <input type="text" name="name" id="name" class='text_box' value="<?php echo $_GET['name'];?>"/> Hello Everyone, I am new to forum and could use some help with some php code that isn't working. I am very new to php/html/javascript and all of what I have learned, I learned from forums like this one so first....thank you! I am trying to assign a value from a php variable to the value of my form element. I'm sure there must be a way to do this but I can't seem to get the syntax right. here is my code... first I set the value of $loginname elsewhere in the script like so... <?php $loginname =strtolower(htmlspecialchars(strip_tags($_GET["loginname"]))); ?> This part works fine.. Then I try to set the value of my hidden text field inside the form to the value of $loginname to be passed to a javascript program. Everything works except that the value passed ends up being <?echo and not the expected user name inside of $loginname. <?php echo '<form name ="currentactivity" Id="currentactivity" action="<?php'.htmlspecialchars($_SERVER['PHP_SELF']).'?>" method="post">'; echo '<fieldset><legend><b>Your Current Activity Information</b></legend>'; echo '<input type="text" name="loginnm" style="visibility: hidden" value="<?php echo $loginname;?>">'; echo "<label for='myactivities'>Activity Name:</label>"; echo "<select name='myactivities' Id='myactivities' onchange=\"showdetails(this.form)\" value=''>"; echo "<option value = 'Select an activity'>Select an activity</option>"; for ($i = 1; $i <=$rowcount; $i++) { echo"<option value=$row[activity_name]>$row[activity_name] </option>"; $row = mysql_fetch_array($result); } echo "</select>"; echo '</fieldset>'; echo '</form>'; ?> Please note..the rest of the code is working perfectly, it is just this one value I can't seem to get. Any help you can give will be greatly appreciated. Dear All I have a form say i have selected Volva from drop down box . So without clicking on submit button when i move to next field that is `<input>` the value that is volva should get store in php variable <html> <body> <form action=""> <select name="cars"> <option value="volvo">Volvo</option> <option value="saab">Saab</option> <option value="fiat">Fiat</option> <option value="audi">Audi</option> </select> <input type="text" name="abc" /> </form> </body> </html> Ideally just one word authentication and pretty simple, but effective. Preferebly one that does not use Sessions because then the user is unable to press the back button to go back to the original page after submitting the form... I know I could just put a text link there but not all users would click that link... So I am trying to make my life easier at work. I have this idea that I can automate the sales quote via a simple website. I have the entire product list in MySQL and I can query for the individual catagories etc etc and get them to display. The display shows the SKU, Description, Price, and a third field to select quantity. The issue is that once they select a quantity of a paticular line item I need that line item (sku, description, and price fields) to be carried over to the final quote page where the math is done. Not sure how to key the paticular line item fields off the quantity field. Any ideas greatly appreciated... Code: [Select] <?php $query = "SELECT * FROM tbl_prods WHERE cat = 'fruit'"; $target = mysql_query($query); confirm_query($target); while($row = mysql_fetch_assoc($target)) { ?> <form action="quoter.php" method="POST"> <tr> <td><input name="sku" type="text" value="<?php echo $row[sku]; ?>" size="20" /></td> <td><textarea name="desc" cols="150" rows="2"><?php echo $row[desc]; ?></textarea></td> <td><input name="price" type="text" value="<?php echo $row[price]; ?>" size="20" /></td> <td><input name="quantity" type="text" value="0" size="3" maxlength="2" /></td> </tr> <?php } ?> </table> <input type="hidden" name="cust" value="<?php echo $cust; ?>"></p> <input type="hidden" name="reg" value="<?php echo $region; ?>"></p> <input type="submit" name="submit" value="Submit"></p> </form> How would I go about making a small feature for my moderators that allows them to select multiple threads while viewing a forum then take action? All I need is an idea of how I would do this. Wouldn't I use the explode() function? Example: http://i490.photobucket.com/albums/rr267/brannenclass/ex.png So I built a tool for my cms a while back and have decided to share it. The only 2 things that I know of that are similar in nature is phpmyadmin or sql buddy. Now my tool is not nearly as in depth as either of those but what it lets you do is run any query string right from the webpage. But the cool thing that it has over phpmyadmin and sql buddy is that it has buttons for many of the common commands and a ajax select to get the available column names for the selected table. So now you don't have to try and remember what table had what column and "how did I spell that column again".
I use this to test sql strings for syntax and to quickly see if it returns the results I expect without having to edit the code and then save, upload or hit refresh or whatever. Since all the the stuff is done via ajax, it's all quickly displayed and you can change the query immediately and hit the Run Query button again.
I just thought that this could be helpful and useful for others. You can download it here http://amecms.com/ar...ckly-and-Easily
Hey guys, I'm working on a tool to add to a site that will search by title, author, keyword (3 radio buttons), category(drop-down list),as in a library. I'm working with dreamweaver CS5 with php. I was trying to create recordset with viarables (that display ex. $_POST['category']) and use an if function (if (radioButton1 == checked) { return something } and connect this all to dynamic table. Getting so many errors, I'm asking you for advice how I can do this ? Could you please explain it to me as simple as possible, as I just started using dreamweaver with php. Thanks ! Hi folks! Upon registering, my register script runs an md5 hash on the password. My problem is when the user wants to change passwords. currently I have a very simple profile, and when they edit it, it doesn't rehash the password- it simply replaces the entire hashed old password with the plain, new password. Any way I could get the script to rehash the password? editprofile.php <?php include('config.php'); include('header.php'); if($_SESSION['id']=="") { header("Location: YouMustLogInNotice.html"); } if(isset($_POST['btnedit'])){ $callname = $_POST['callname']; $email = $_POST['email']; $password = $_POST['password']; $sql = mysql_query( "UPDATE users SET callname='".$callname."', email='".$email."', password='".$password."' WHERE id='".$_SESSION['id']."'" ); if($sql){ echo "<script>alert('profile updated');window.location='myprofile.php?id=$userfinal'</script>"; }else{ echo "<script>alert('updating profile failed!');</script>"; } } $sql = mysql_query( "SELECT * FROM users WHERE id='".$_SESSION['id']."'" ); $row = mysql_fetch_array($sql); $user = $userfinal; echo "<td align=center> <div id=box> <table width='100%'> <tr> <td><h2>Edit profile</h2> <form method='post'> <table><tr><th>ID#:</th><td>".$user."</td></tr> <tr><th>Name:</th><td><input type='text' name='callname' value='".$row['callname']."'/></td></tr> <tr><th>Email:</th><td><input type='text' name='email' value='".$row['email']."'/></td></tr> <tr><th>Password:</th><td><input type='password' name='password' value='".$row['password']."'/></td></tr> <tr><th>Registered:</th><td>".$row['registered']."</td></tr> <tr><th>Last Login:</th><td>".$row['lastlogin']."</td></tr> </table><br /> <input type='submit' name='btnedit' value='update' class=button /> </form></div></td> </tr> </table> </td></tr> </table>"; ?> <?php include('footer.php'); ?> Sorry if this is a silly question lol. I want to know if there is an online tool I can use to check and see what PHP code will ouput server side. For example: <?php $tomorrow = mktime(0, 0, 0, date("m") , date("d")+1, date("Y")); ?> Hi,
Can anyone recommend some Business Intelligence tools that can be integrated into a PHP (wordpress/joomla) based website? I've had a good look around the net but they all seem to be written in Java/J2EE and appear to be software based - not sure if im after the possible or impossible here...
Thanks
This topic has been moved to Other Libraries and Frameworks. http://www.phpfreaks.com/forums/index.php?topic=345560.0 I'm working with a downloaded open-source CMS on localhost, and trying to learn. Is there a tool that will list the files (php and otherwise) that are accessed (in order) as the CMS does various normal operations? I want to see the order and the repetition of files that are opened, even if it is something minor. Thanks. |
|||||||