|
PHP - Too Many Form Inputs?
I'm working on an online php program that can have a few hundred form inputs. Mainly just numbers from 1 to 50,000 depending on the field. I wanted to use cookies so the user can keep the data entered on their browser but i found out the hard way that the browsers have a limitation that I've exceeded. Does anyone have any ideas? Similar TutorialsHow is it possible, in PHP, to display an error message next to a form input text field if a user is attempting to submit a form with empty fields? Moreover, how is it possible to remove the same error message when the user fills in the input field with the required data and/or refreshes the page? I have 2 files that I am working with: application.php and process.php.
application.php mainly has the HTML of the form. I am very new to learning PHP (I started learning it last week) and I have been searching for hours for a clear answer. I have already tried different methods for generating the error message including: using empty(), !isset, $_POST["name"] = "", etc, and have tried using session_start();, $row, echo, print, and other variables to try and display error message on the page, and I have tried using unset();, and = null, to try and remove the error message once the input field has been filled but all to no avail. Either the method I try only half works, or nothing works, and I cannot pinpoint which is the part that is not working. I only have 2 files to work with, and as an example of what I want to do is:
1. If the first name field is empty when the user clicks submit, an error message should appear next to the input. Is this possible with PHP? What is the best way to force a user to input numeric value into a form, with the following condition: Either the number is an integer (positive or negative or zero), or non integer but limited to the one digit behind the dot (e.g. 1.2 is valid, but 1.21 is not)? I know I can test it in the server side, but I prefer it to be on the form side. Can it be in the HTML level? I generated a table from the database, and at the end of each row there are two submits, one for save and another for delete. The values are generated as either text and select box input. Right now, I have all the submits named differently (ends a number), so I can loop through all available submits based on the number to check which row needs to be updated, and to retrieve the values during form processing, then only perform the query. I have also hidden input in each row to send the "primary key" that is used during query. Is there a better approach than to have so many different names for the buttons, not having to loop through all of them each time, and still keep a similar layout? I'm trying to avoid anything else than PHP. The table looks something like: col1____| col2_______| col3____|__________________ txt input | select input | txt input |save bttn | delete bttn txt input | select input | txt input |save bttn | delete bttn I don't have any PHP skills at all. In fact I'm probably looking for a script that can help accomplish what I'm asking about. Regardless, I'm having a hard time getting any answers or solutions to this. I would like to make a web form that collects cc#'s from my customers that is PCI Compliant in as simple a manner as possible. 99% of the time my clients are not being charged at all, and the cc is used simply to ensure a service is confirmed. If they were to be charged, I would have to do that manually as no payment gateways currently deposit into banks in the country I am in. One thought I had would be if I could have the cc# either split, or broken up into separate fields and emailed separately. I am told this is PCI Compliant. I would also be fine with the cc# being split between database and email. I know this is possible w/ zen cart, but I have been unable to find any scripts that do this and don't have a need for a shopping cart addition to my site. But, I am aware that zen cart and other shopping cart add ons have options for X's to cover a bunch of numbers in the middle of the string and write that directly to the database. One thing that is a necessity is that the majority of the data input to the form be emailed. So, I'm basically hoping to protect the cc data in the simplest way possible, which I thought would be to break it up. I'll be trashing the cc #'s once I get them. I have no need to file them. I do have a SSL on my server. I am completely open to other suggestions. Is something like this, or another option a possibility? My skills are rudimentary. I taught myself to write some html and also use Dreamweaver to subsidize for what I can't code myself. I apologize if this should be in one of the other forums. Hi, I'm putting together a database that once logged in, a user is able to insert, update and delete records via html forms. The login is secured using mysql_real_escape_string, but I'm wondering should I do the same for all form elements that pass data to the db? There are a wide range of inputs, from numeric, alphanumeric, dates and more. I'd appreciate your feedback. Regards, James Hello, I am very very new to PHP and have created a form that changes depending on a selection option. The website is here http://www.rmdesignstudio.com.au/wraptinprint/quotes.php and the PHP is all on the quotes.php page. The form sends to the email but when you fill in one form (example: Business Cards) the form sends, but along with all the entered fields the email also includes all the fields in all the hidden forms that werent filled in. I believe it is because they are drop down boxes and it is sending the first option in the list which happens to be "-----Please Select-----" Is there something I should be doing to my selection input field for this not to show up? Otherwise is there something I need to add to my PHP so it checks for the fields being filled in? I dont know how to add my code to this post, so if you could either show me or view my code via view source that would be awesome. Hello,
I'm developing one website for a real-estate agency. I have a html form that is used to submit property details, There is multiple form inputs and also I need to upload multiple property images using Dropzone JS multiple image upload. Here I'm validating form inputs using jQuery Validation library. Validation works perfect and data Is being to posted to php file called submit_property_data.php. But when I implement the Dropzone JS image upload its not working.
JS File (property-submit.js)
$('document').ready(function() {
$("#notification-property").hide();
/* handling form validation */
$("#property-form").validate({
rules: {
prop_title: "required",
prop_price: {
required: true,
digits: true
},
prop_area: {
required: true,
digits: true
},
prop_address: "required",
prop_message: {
required: true,
minlength: 10,
maxlength: 2000
},
prop_owner_name: "required",
prop_owner_email: {
required: true,
email: true
},
prop_owner_phone: {
required: true,
digits: true
},
},
messages: {
'prop_title': {
required: "Please enter title for your property"
},
prop_price: {
required: "Please enter price of your property",
digits: "Please enter price in digits (AED)"
},
prop_area: "Please enter Sqft of your property",
prop_address: "Please enter address of your property",
prop_message: {
required: "Please enter detailed Information",
minlength: "Please enter something about your property in 50 - 20000 characters",
maxlength: "Please enter something about your property in 50 - 20000 characters"
},
prop_owner_name: "Please enter your name",
prop_owner_email: {
required: "Please enter your email address",
email: "Please enter valid email address"
},
prop_owner_phone: {
required: "Please enter your phone number",
digits: "Please enter valid phone number"
},
},
submitHandler: submitPropertyForm
});
/* Handling login functionality */
function submitPropertyForm() {
var data = $("#property-form").serialize();
$.ajax({
type: 'POST',
url: 'submit_property_data.php',
data: data,
beforeSend: function() {
$("#submit-button").html('<span class="glyphicon glyphicon-transfer"></span> Submiting ...');
},
success: function(response) {
if (response == "ok") {
console.log(1);
document.getElementById("property-form").reset();
$("#notification-property").html('<b> ' + response + ' !</b>').show();
//setTimeout(' window.location.href = "dashboard.php"; ',4000);
} else {
$("#notification-property").fadeIn(1000, function() {
$("#notification-property").html('<b>' + response + ' !</b>').fadeOut();
$("#submit-button").html(' Send');
});
}
},
complete:function(){
$('body, html').animate({scrollTop:$('form').offset().top}, 'slow');
}
});
return false;
}
$("#submit-button").bind('click', function() {
if ( $("#property-form").valid() ) {
submitPropertyForm();
} else {
console.log('form invalid');
}
})
Dropzone.autoDiscover = false;
$(function () {
$("div#myDropzone").dropzone({
url: 'submit_property_data.php',
addRemoveLinks: true,
maxFiles:11,
uploadMultiple: true,
autoProcessQueue: false,
parallelUploads: 10,
init: function () {
var myDropzone = this;
// Update selector to match your button
$("#submit-button").click(function (e) {
e.preventDefault();
myDropzone.processQueue();
});
this.on('sending', function(file, xhr, formData) {
// Append all form inputs to the formData Dropzone will POST
var data = $('#property-form').serializeArray();
$.each(data, function(key, el) {
formData.append(el.name, el.value);
});
});
this.on("success", function(file, responseText) {
alert(responseText);
});
},
});
});
});
HTML File (submit-property.php)
<html>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
<script src="https://ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js"></script>
!-- Submit Property start -->
<div class="content-area-7 submit-property">
<div class="container">
<div class="row">
<div class="col-md-12">
<!-- <div id="error_message" class="notification-box"></div> -->
</div>
<div id="notification-property" class="notification-box">sd</div>
<div class="col-md-12">
<div class="submit-address">
<form name = "property-form" method="post" id="property-form">
<div class="main-title-2">
<h1><span>Tell Me</span> Something About Your Property</h1>
</div>
<div class="search-contents-sidebar mb-30">
<div class="form-group">
<label>Property Title</label>
<input class="input-text" name="prop_title" id="prop_title" placeholder="Property Title">
</div>
<div class="row">
<div class="col-md-6 col-sm-6">
<div class="form-group">
<label>Status</label>
<select class="selectpicker search-fields" id="prop_status" name="prop_status">
<option value="Sale">For Sale</option>
<option value="Rent">For Rent</option>
</select>
</div>
</div>
<div class="col-md-6 col-sm-6">
<div class="form-group">
<label>Type</label>
<select class="selectpicker search-fields" id="prop_title" name="prop_type">
<option value="Modern">Modern</option>
<option value="Traditional">Traditional</option>
<option value="Arabic">Arabic</option>
</select>
</div>
</div>
</div>
<div class="row">
<div class="col-md-3 col-sm-6">
<div class="form-group">
<label>Price (Dirham)</label>
<input class="input-text" name="prop_price" id="prop_price" placeholder="AED">
</div>
</div>
<div class="col-md-3 col-sm-6">
<div class="form-group">
<label>Sqft</label>
<input class="input-text" name="prop_area" id="prop_area" placeholder="SqFt">
</div>
</div>
<div class="col-md-3 col-sm-6">
<div class="form-group">
<label>Bed Rooms</label>
<select class="selectpicker search-fields" name="prop_rooms" id="prop_rooms">
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
</select>
</div>
</div>
<!-- <div class="col-md-3 col-sm-6">
<div class="form-group">
<label>Bathroom</label>
<select class="selectpicker search-fields" name="1">
<option>1</option>
<option>2</option>
<option>3</option>
<option>4</option>
<option>5</option>
<option>6</option>
</select>
</div>
</div> -->
</div>
</div>
<div class="main-title-2">
<h1><span>Location</span></h1>
</div>
<div class="row mb-30 ">
<div class="col-md-6 col-sm-6">
<div class="form-group">
<label>Address</label>
<input class="input-text" id="prop_address" name="prop_address" placeholder="Address">
</div>
</div>
</div>
<div class="main-title-2">
<h1><span>Upload</span> Photos Of Villa </h1>
</div>
<div id="myDropzone" class="dropzone dropzone-design mb-10">
<div class="dz-default dz-message" data=""><span>Drop files here to upload</span></div>
</div>
<div class="main-title-2">
<h1><span>Detailed</span> Information</h1>
</div>
<div class="row mb-30">
<div class="col-md-12">
<div class="form-group">
<textarea class="input-text" id="prop_message" name="prop_message" placeholder="Detailed Information"></textarea>
</div>
</div>
</div>
<!--<div class="row mb-30">
<div class="col-md-4 col-sm-4">
<div class="form-group">
<label>Building Age <span>(optional)</span></label>
<select class="selectpicker search-fields" name="years">
<option>0-1 Years</option>
<option>0-5 Years</option>
<option>0-10 Years</option>
<option>0-20 Years</option>
<option>0-40 Years</option>
<option>40+Years</option>
</select>
</div>
</div>
<div class="col-md-4 col-sm-4">
<div class="form-group">
<label>Bedrooms (optional)</label>
<select class="selectpicker search-fields" name="1">
<option>1</option>
<option>2</option>
<option>3</option>
<option>4</option>
<option>5</option>
<option>6</option>
</select>
</div>
</div>
<div class="col-md-4 col-sm-4">
<div class="form-group">
<label>Bathrooms (optional)</label>
<select class="selectpicker search-fields" name="1">
<option>1</option>
<option>2</option>
<option>3</option>
<option>4</option>
<option>5</option>
<option>6</option>
</select>
</div>
</div>
<div class="col-lg-12">
<label class="margin-t-10">Features (optional)</label>
<div class="row">
<div class="col-lg-4 col-sm-4 col-xs-12">
<div class="checkbox checkbox-theme checkbox-circle">
<input id="opt_parking" name="opt_parking" value="1" type="checkbox">
<label for="checkbox1">
Free Parking
</label>
</div>
<div class="checkbox checkbox-theme checkbox-circle">
<input id="opt_air_condition" name="opt_air_condition" value="1" type="checkbox">
<label for="checkbox2">
Air Condition
</label>
</div>
<div class="checkbox checkbox-theme checkbox-circle">
<input id="opt_seat" name="opt_seat" value="1" type="checkbox">
<label for="checkbox3">
Places to seat
</label>
</div>
</div>
<div class="col-lg-4 col-sm-4 col-xs-12">
<div class="checkbox checkbox-theme checkbox-circle">
<input id="opt_swimming" name="opt_swimming" value="1" type="checkbox">
<label for="checkbox4">
Swimming Pool
</label>
</div>
<div class="checkbox checkbox-theme checkbox-circle">
<input id="opt_laundary" name="opt_laundary" value="1" type="checkbox">
<label for="checkbox5">
Laundry Room
</label>
</div>
<div class="checkbox checkbox-theme checkbox-circle">
<input id="opt_window_covering" name="opt_window_covering" value="1" type="checkbox">
<label for="checkbox6">
Window Covering
</label>
</div>
</div>
<div class="col-lg-4 col-sm-4 col-xs-12">
<div class="checkbox checkbox-theme checkbox-circle">
<input id="opt_parking" name="opt_parking" value="1" type="checkbox">
<label for="checkbox7">
Central Heating
</label>
</div>
<div class="checkbox checkbox-theme checkbox-circle">
<input id="checkbox8" type="checkbox">
<label for="checkbox8">
Alarm
</label>
</div>
</div>
</div>
</div>
</div>-->
<div class="main-title-2">
<h1><span>Contact</span> Details</h1>
</div>
<div class="row">
<div class="col-md-4 col-sm-4">
<div class="form-group">
<label>Name</label>
<input class="input-text" name="prop_owner_name" id="prop_owner_name" placeholder="Name">
</div>
</div>
<div class="col-md-4 col-sm-4">
<div class="form-group">
<label>Email</label>
<input class="input-text" name="prop_owner_email" id="prop_owner_email" placeholder="Email">
</div>
</div>
<div class="col-md-4 col-sm-4">
<div class="form-group">
<label>Contact No</label>
<input class="input-text" name="prop_owner_phone" id="prop_owner_phone" placeholder="Phone">
</div>
</div>
</div>
<div class="col-md-12">
<button type="button" name="submit-button" id="submit-button">Submit</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
<script src="property-submit.js"></script>
<script src="js/dropzone.js"></script>
</html>
PHP File (submit_property_data.php)
<?php
echo "ok";
require_once("functions.php");
$ds = DIRECTORY_SEPARATOR; //1
$storeFolder = 'villas-images';
$encpt_data = rand(1000,5000);
if (!empty($_FILES)) {
$tempFile = $_FILES['file']['tmp_name']; //3
$targetPath = dirname( __FILE__ ) . $ds. $storeFolder . $ds; //4
$targetFile = $targetPath.$_FILES['file']['name']; //5
if(move_uploaded_file($tempFile,$targetFile))
{
echo '<b>Success</b>';
}
}
?>
What I actually need ?
I need to validate the form inputs first & upload the images once the form is valid also I need to post all the inputs to my php file called submit_property_data.php Also I need the image inputs to store into my database.
Hello, I am doing a php registration form, file name is register.php Code: [Select] <?php include("config.php"); $submit = strip_tags($_POST['submit']); $username = strip_tags($_POST['user_box']); $password = md5(strip_tags($_POST['pass_box'])); $cpassword = md5(strip_tags($_POST['c_pass_box'])); $email = strip_tags($_POST['email_box']); $mobile = $_POST['mobile_box']; $ip = $_SERVER['REMOTE_ADDR']; $date = date('Y-m-d'); $time = date('h-i-s'); $i = 0; $checkusername = mysql_num_rows(mysql_query("SELECT * FROM members WHERE username='$username'")); $checkemail = mysql_num_rows(mysql_query("SELECT * FROM members WHERE email='$email'")); /* Validating username field */ if($username != NULL) { if (strlen($username) > 15 || strlen($username) < 6) { echo "<p>Username must be in range of 6 to 15 Characters.</p>"; } else { //check in DB if ($checkusername == 1) { echo "<p>Username already exist in database.</p>"; } else { $i++; } } } else { echo "<p>Username cannot be Blank</p>"; } /* ----------validating password field---------- */ if ($password != "d41d8cd98f00b204e9800998ecf8427e" || $cpassword != "d41d8cd98f00b204e9800998ecf8427e") { if ($password == $cpassword) { if (strlen($password) > 16 && strlen($password) < 4) { echo "<p>password must be in range of 4 to 16 Characters.</p>"; } else { $i++; } } else { echo "<p>Passwords do not match.</p>"; } } else { echo "<p>Password cannot be empty</p>"; } /* ----------Validating Passwords End---------- */ /* ----------Validating Email field Starts---------- */ if($email != NULL) { if($checkemail == 1) { echo "<p>Email already exist.</p>"; } else { $i++; } } else { echo "<p>Email field cannot be empty.</p>"; } /* ----------Validating Email fiend ends---------- */ /* ----------Validating Email field Starts---------- */ if($mobile != NULL) { if(strlen($mobile) >10) { echo "<p>Mobile cannot be more than 10 digits long</p>"; } else { $i++; } } else { echo "<p>Mobile field cannot be empty.</p>"; } /* ----------Validating Email fiend ends---------- */ if ($i == 4) { mysql_query("INSERT INTO members (username, password, email, mobile, ip, date, time) VALUES ('$username', '$cpassword', '$email', '$mobile', '$ip', '$date', '$time')"); echo "<p>Successful Registration Done !</p>"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <form id="form1" name="form1" method="post" action=""> <table width="576" height="229" border="0"> <tr> <td width="139">Username :</td> <td colspan="2"><label for="user_box"></label> <input type="text" name="user_box" id="user_box" size="30" height="30" /> (Between 6 to 15 Characters)</td> </tr> <tr> <td>Password :</td> <td colspan="2"><label for="pass_box"></label> <input type="password" name="pass_box" id="pass_box" size="30" height="30" /> (Between 4 to 16 Characters)</td> </tr> <tr> <td>Confirm Password :</td> <td colspan="2"><label for="c_pass_box"></label> <input type="password" name="c_pass_box" id="c_pass_box" size="30" height="30" /></td> </tr> <tr> <td>Email Address :</td> <td colspan="2"><label for="email_box"></label> <input type="text" name="email_box" id="email_box" size="30" height="30" /></td> </tr> <tr> <td>Mobile No. :</td> <td colspan="2"><label for="mobile_box"></label> <input type="text" name="mobile_box" id="mobile_box" size="30" height="30" /> (10 Characters)</td> </tr> <tr> <td> </td> <td width="171"><input type="submit" name="submit" id="submit" value="Submit" /></td> <td width="252"><input type="reset" name="button2" id="button2" value="Reset" /></td> </tr> </table> </form> </body> </html> When I load page, it shows following errors before Username cannot be Blank Password cannot be empty Email field cannot be empty. Mobile field cannot be empty. What I want is on loading page i.e. before giving any inputs, it should not show any errors. Need help I read ages ago (and checked to see if it's true, it was and given how it works, it must still be) the end user can alter the value of any form field, using Firebug or similar, before submitting it. Two things I've figured out today: 1) a form input doesn't need a value - doesn't even need the attribute - if you're only checking whether the POST var isset and the actual value isn't important 2) Although it appears not to matter in the example I'm working on now, if the script doesn't check what the value is, and potentially sanitise it, the user could submit the form with any value, true, false, malicious, idk... So my question is: is this one of the ways malicious bad things can happen and do I *have to* specify a value, not because the script won't work without it, it does, but because in the real world it opens a security door if I don't check for malicious script by saying "if value not as expected, script has to die". Having formulated the question properly and thought about it I can't imagine simply making a form, without obvious connections to anything important, could be a problem in the way I'm asking about but I asked it now so Edited by appobs, 03 July 2014 - 12:08 PM. I have tried a large number of "solutions" to this but everytime I use them I see 0000-00-00 in my date field instead of the date even though I echoed and can see that the date looks correct. Here's where I'm at: I have a drop down for the month (1-12) and date fields (1-31) as well as a text input field for the year. Using the POST array, I have combined them into the xxxx-xx-xx format that I am using in my field as a date field in mysql. <code> $date_value =$_POST['year'].'-'.$_POST['month'].'-'.$_POST['day']; echo $date_value; </code> This outputs 2012-5-7 in my test echo but 0000-00-00 in the database. I have tried unsuccessfully to use in a numberof suggested versions of: strtotime() mktime Any help would be extremely appreciated. I am aware that I need to validate this data and insure that it is a valid date. That I'm okay with. I would like some help on getting it into the database. Does anyone have any idea why my inputs shrink (to default height and weight) after i press submit button? I use css width and height for inputs. All other settings (border, background color etc.) remain like they should. For form submit i use PHP self function where i check if submit button has been pressed and then perform the form action. Thank you Hey guys I have a lot of inputs from my form. Is there a way I can do like a for each or something instead of of having to write $myusername = stripslashes($_POST['name'); $mypassword = stripslashes($_POST['pass']); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); .... for all 16 fields? thanks II have been told that I should sanitize my inputs, what does that mean? Isn't that what trim does? Hello All, I'm working on this project, and everything was great but the last part is screwed. The procedure is supposed to be, you choose a hotel ---> book a room ---> confirm the booking and enter your details --> get redirected to paypal Everything is fine except for the confirmation part, where you're supposed to confirm the room you booked, number of nights and so on, all the info is right, except for the booked room, where it should show you the price for the room multiplied by the number of night... instead it gives "Total Price = 0" So anyone can give me an example on how can I make it show the result of multiplying 2 inputs by a user? Variables are $nrooms $newdate Here is the code I wrote Code: [Select] <?php $dbo = new DB(); $hotelObj = new hotelManager(); $hotelID = $_POST['hotelid']; $datein = $_POST['datein']; $dateout = $_POST['dateout']; $roomid = $_POST['roomid']; $roonsNo = $_POST['roomsNo']; $pr = $_POST['pr']; $_SESSION['hotelID'] = isset($_POST['hotelid']) ? $_POST['hotelid'] : $_SESSION['hotelID']; $_SESSION['datein'] = isset($_POST['datein']) ? $_POST['datein'] : $_SESSION['datein']; $_SESSION['dateout'] = isset($_POST['dateout']) ? $_POST['dateout'] : $_SESSION['dateout']; $_SESSION['roomid'] = isset($_POST['roomid']) ? $_POST['roomid'] : $_SESSION['roomid']; $_SESSION['nrooms'] = $_POST['nrooms']; $roomsarray = explode(",",$_POST['roomid']); $_SESSION['roomsarray'] = isset($_POST['roomid']) ? explode(",",$_POST['roomid']) : $_SESSION['roomsarray']; $roonsNo = $_POST['nrooms']; $_SESSION['nrooms'] = isset($_POST['roomnum']) ? explode(",",$_POST['roomnum']) : $_SESSION['nrooms']; /********************** hotels ************************/ /******************************************************/ echo "<table width=95% border=0 align=\"center\" cellpadding=\"0\" cellspacing=\"0\"> <tr><td valign=\"top\">"; echo "<table>"; echo "<tr>"; echo "<td valign=top>"; $imageqry=mysql_query("SELECT * FROM `hotelphotos` where hotel_id='".$_SESSION['hotelID']."' LIMIT 1"); $image=mysql_fetch_array($imageqry); $imagename=$image['attachmentName']; echo "<img src=\"foxmaincms/webroot/files/small/$imagename\"/>"; echo "</td>"; echo "<td>"; $result=$hotelObj->getHotelbyID($_SESSION['hotelID']); $row = mysql_fetch_array($result); echo "<table>"; echo "<tr><td valign=top><strong class=subtitle3>".$row['name']."</strong></td></tr>"; echo "<tr><td class=text valign=top>".$row['location']."</td></tr>"; echo "<tr><td class=text valign=top>check-in Date: ".$_SESSION['datein']."</td></tr>"; echo "<tr><td class=text valign=top>check-out Date: ".$_SESSION['dateout']."</td></tr>"; echo "<tr><td class=text valign=top>"; $newdate = $_SESSION['dateout'] - $_SESSION['datein']; $totalprice = $nrooms * $newdate; echo "</td></tr>"; echo "<tr><td class=text valign=top>Total Price: ".$totalprice."</td></tr>"; echo "</table>"; ?> Hi! I wanna know what is the best way to secure my inputs? Now I'm using something like this function:
public function z($var) {
$result1 = htmlspecialchars($var);
$result = mysqli_real_escape_string($this->conn, $result1);
return $result;
}
but I don't know how secure it is from all inputs... It couldn't be that with that my site is completely secure... So I wanna know what else I should use... I found something about PHP sanitize filters and similar... Same for mail, should I use that for e-mail, what should I use for e-mails as I think this 2 codes will brake character @ necessary for emails. Any suggestion is welcome Thanks I have a field like this <p>Price:</p> $<input type="text" name="price" size="5" disabled="disabled" value="<?= $price;?>"> Im using POST but if I try to echo $_POST['price'] nothing shows up... is it because its disabled? how can I do this if so? I have a form with several text fields. For example (sorry, no code insert option on my phone) Quote<form method="post"> Enter value1 :<input type="text" name="str1"><br/> Enter value2 :<input type="text" name="str2"><br/> <input type="submit" > I would like to scan the INPUTS to determine which fields were left empty. Using !isset (to the best of my knowledge) would require that I list each input individually. Is there a PHP alternative that, similar to JavaScript, would allow me to evaluate every INPUT or TEXT field to then list those left empty? I recently read another post which stated:
Unfortunately, you should verify every received string as being valid UTF-8 before you try to store it or use it anywhere. PHP's mb_check_encoding() does the trick, but you have to use it religiously. There's really no way around this, as malicious clients can submit data in whatever encoding they want, and I haven't found a trick to get PHP to do this for you reliably.
Seems like a lot of work. How important is really doing so? Can the DB be configured in some kind of strict mode which will error upon anything which isn't, and I can deal with it as an exception?
I was wondering if anyone knows a way where you can submit a form but content of the input fields will not be cleared? The reason why I want to achieve this effect is because I have a form and I want to user to be able to preview the results before properly submitting the form. Therefore I will have two submit buttons, one to preview and one to submit. Thanks for any help. Hello I am trying to create a form with six text inputs. I may use them all and maybe not. is it possible to do that then after submitting the form i read all inputs? please help thank you |
|||||||