PHP - Clean Url Not Processing Get Values

Hey guys

 I have a lot of inputs from my form. Is there a way I can do like a for each or something instead of of having to write

$myusername = stripslashes($_POST['name');
$mypassword = stripslashes($_POST['pass']);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

.... for all 16 fields?

thanks

Hey all,

I would like to some how clean up an if statement to be a little cleaner.

Code: [Select]
if(condition && condition && (condition && condition) || (condition && condition) || (condition && condition))

How can I do that?

Hi,

I am creating a website but am having trouble with the following:

I have an include file(db.inc) which contains the following:

function clean($input, $maxlength)
{
$input = substr($input, 0, $maxlength);
$input = EscapeShellCmd($input);
return ($input);
}

The file I am having the problem with is my view.php file. I get the following error:

Notice: Undefined variable: file in C:\wamp\www\fermpix\view.php on line 4

Line 4 contains the following:

$file = clean($file, 4);

My view.php does have the line:

include 'db.inc';


Does anybody have any idea what the issue might be?

Cheers
Paul

Hi

Im trying to write a script to clean up my image directory which has quite a lot of unused images that have built up over time.
In order to do this I am doing the following.

First Create a database table called 'image_clean' Then I'm searching through 3 tables and collecting all the image file names and dumping the names in the table 'image_clean'

Can do that no problem. So now I have all the images I need in this one table 'image_clean' I now want to go through my directory 'image_uploads' and delete anything thats not in the 'image_clean' table.

I know how to delete the files using unlink Im just unsure how to search through the directory file by file and check the file against the database. Im asumming I need to put them in an array. Could anyone give be a clue or two to get me started.

I have no problem checking a database against a directory but when its the other way round 'checking a directory against a database I'm lost. What I might do is pop the files to delete in a new database called 'image_delete' so that I can then check the images to delete before I write the unlink script. But I'm just not sure how to pick up each file and compare it to the table.

Thanks in advance.

I currently use the following function to clean form inputs to prevent MySql injection,

Does this function do enough to prevent MySql injection? is there anything i have missed?

 
<?php

//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}

?>

I created a new homepage for my network of sites I run. I tried to go for a simple and clean look. The pages themselves function how I'd like, but I'm unsure if the menu system is easy to understand or not.   I even added a time limited message on the front page of the site indicating that the logo was clickable, but purposely left it off of other sub-pages to try and keep the design as clean as possible.   Check it out, let me know what you think.   http://ctenetwork.com

I'm new to OOP and trying to write tiny classes to get practice.

The next class I want to create will be used to clean HTTP data from when a form gets submitted.

I'm embarrassed to say, but I'm scratching my head trying to figure out what types of things I should do as far as "sterilizing" POST and GET data?!   

Can someone get me started here?

Thanks,


TomTees

if any body copy and paste anything from word to editor some unwanted css also coming with that pasting. when we request the data same css also coming with that. so how to clean data  when we request
$desc =$_request['contents'];


how to solve this issue. please help me.

i have my form with 5 fields that are not required to be filled out.
Code: [Select]
<input class="inputbg" type="text" name="MAC[]"  />
<input class="inputbg" type="text" name="MAC[]"  />
<input class="inputbg" type="text" name="MAC[]"  />
<input class="inputbg" type="text" name="MAC[]"  />
<input class="inputbg" type="text" name="MAC[]"  />

On my process page I want to remove all of the empty index's that did not have data entered. I am new to sending array data via POST do I need to do anything else other then what is below?

Code: [Select]
           

    foreach($MAC as $key => $value) {
                  if($value == "") {
                     unset($MAC[$key]);
                   }
            }

            $mac_addresses = array_values($MAC);

  if(empty($mac_addresses)){
      $error = "You did not enter any MAC adresses.";
     $valid = "false";
    }

I am currently using my own error handler so i can log all mysql errors into a mysql table:
mysql_query('select data from table')or trigger_error(mysql_error(),256);

If there's an error i need to know the line number where the mysql_query function was called.

Is it possible to instead use this code:
mysql_query('select data from table');

but somehow transparently log a mysql error and the line number if there is an error in the query?

thanks

I've been using clean URLs and it's been giving my PHP sessions for my user system some trouble. I display the logged in users username on every page via a header.php file that I require on every page. Sometimes when I click a link to navigate to a page with a clean URL, the session information "disappears" and asks the user to login but if I navigate to another page from the clean url that the session "disappeared" on, the logged in users username is displayed at the top of the page like normal. Any idea certain pages cause the session to "disappear"

 

Header.php where the user info is displayed. $_SESSION['username'] is set on the login page

<?
session_start();

if (isset($_SESSION['username'])) {

	echo "Welcome back, " . $_SESSION['username'];
}
?>

 

Edited June 13, 2020 by Nematode128

Hello everybody,   I am honestly quite a newb when it comes to mod_rewrite.   We run a small social media page with different areas and I would like to change the URLs to something more clean and professional.   User profiles look like this:

http://www.sky-mp3.com/index.php?action=cm&siteid=59&wahl=artists&tat=details&keyid=477

siteid 59 is the artists list and the keyid at the end is the ID of the artist but should be like:

http://www.sky-mp3.com/mischura 

or in worse case like:

http://www.sky-mp3.com/user/mischura 

CMS pages look like this:

http://www.sky-mp3.com/index.php?siteid=106

but should be like:

http://www.sky-mp3.com/charts

(page name instead of siteid)   What I know so far: - I have to add something to the .htaccess file - I need to change something in the code (but I don`t know where)   Im good he?   What would be the first step on the path to clean URLs for me? I found alot of infos here and there but found nothing yet for this specific case.   Kind regards from and thx in advance from Cologne            

Can you take a look at this page?  It uses php code that I have been creating.  I need it to accept the form even if checkboxes are left empty.  Currently it comes up with an error.

http://www.pilotrock.com/color_contact/

Here is the PHP code:

<?php

if(isset($_POST['Email_Address'])) {
   
   include 'lite_settings.php';
   
   function died($error) {
      echo "Sorry, but there were error(s) found with the form you submitted. ";
      echo "These errors appear below.<br /><br />";
      echo $error."<br /><br />";
      echo "Please go back and fix these errors.<br /><br />";
      die();
   }
   
   if(!isset($_POST['organization']) ||
       !isset($_POST['Full_Name']) ||
      !isset($_POST['title']) ||
      !isset($_POST['company']) ||
      !isset($_POST['address']) ||
      !isset($_POST['city_state']) ||
      !isset($_POST['zip']) ||
      !isset($_POST['Telephone_Number']) ||
      !isset($_POST['cell_phone']) ||
      !isset($_POST['fax']) ||
      !isset($_POST['Email_Address']) ||
      !isset($_POST['confirm_email']) ||
      !isset($_POST['powder_coated_steel_blue']) ||
      !isset($_POST['powder_coated_steel_black']) ||
      !isset($_POST['powder_coated_steel_green']) ||
      !isset($_POST['powder_coated_steel_brown']) ||
      !isset($_POST['powder_coated_steel_yellow']) ||
      !isset($_POST['powder_coated_steel_red']) ||
      !isset($_POST['powder_coated_steel_gray']) ||
      !isset($_POST['powder_coated_steel_burgendy']) ||
      !isset($_POST['thermo_plastic_coated_type_expanded']) ||
      !isset($_POST['thermo_plastic_coated_type_perforated']) ||
      !isset($_POST['thermo_plastic_coated_black']) ||
      !isset($_POST['thermo_plastic_coated_blue']) ||
      !isset($_POST['thermo_plastic_coated_brown']) ||
      !isset($_POST['thermo_plastic_coated_gray']) ||
      !isset($_POST['thermo_plastic_coated_red']) ||
      !isset($_POST['thermo_plastic_coated_green']) ||
      !isset($_POST['recycle_plastic_red']) ||
      !isset($_POST['recycle_plastic_yellow']) ||
      !isset($_POST['recycle_plastic_black']) ||
      !isset($_POST['recycle_plastic_blue']) ||
      !isset($_POST['recycle_plastic_gold']) ||
      !isset($_POST['recycle_plastic_redwood']) ||
      !isset($_POST['recycle_plastic_cedar']) ||
      !isset($_POST['recycle_plastic_green']) ||
      !isset($_POST['recycle_plastic_gray']) ||
      !isset($_POST['recycle_plastic_brown'])) {
      died('We are sorry, but there appears to be a problem with the form you submitted.');     
   }
   
   $organization = $_POST['organization']; // required
   $full_name = $_POST['Full_Name']; // required
   $title = $_POST['title']; // not required
   $company = $_POST['company']; // not required
   $address = $_POST['address']; // required
   $city_state = $_POST['city_state']; // required
   $zip = $_POST['zip']; // required
   $telephone = $_POST['Telephone_Number']; // required
   $cell_phone = $_POST['cell_phone']; // not required
   $fax = $_POST['fax']; // not required
   $email_from = $_POST['Email_Address']; // required
   $confirm_email = $_POST['confirm_email']; // required
   $powder_coated_steel_blue = $_POST['powder_coated_steel_blue']; // required
   $powder_coated_steel_black = $_POST['powder_coated_steel_black']; // required
   $powder_coated_steel_green = $_POST['powder_coated_steel_green']; // required
   $powder_coated_steel_brown = $_POST['powder_coated_steel_brown']; // required
   $powder_coated_steel_yellow = $_POST['powder_coated_steel_yellow']; // required
   $powder_coated_steel_red = $_POST['powder_coated_steel_red']; // required
   $powder_coated_steel_gray = $_POST['powder_coated_steel_gray']; // required
   $powder_coated_steel_burgendy = $_POST['powder_coated_steel_burgendy']; // required
   $thermo_plastic_coated_type_expanded = $_POST['thermo_plastic_coated_type_expanded']; // required
   $thermo_plastic_coated_type_perforated = $_POST['thermo_plastic_coated_type_perforated']; // required
   $thermo_plastic_coated_black = $_POST['thermo_plastic_coated_black']; // required
   $thermo_plastic_coated_blue = $_POST['thermo_plastic_coated_blue']; // required
   $thermo_plastic_coated_brown = $_POST['thermo_plastic_coated_brown']; // required
   $thermo_plastic_coated_gray = $_POST['thermo_plastic_coated_gray']; // required
   $thermo_plastic_coated_red = $_POST['thermo_plastic_coated_red']; // required
   $thermo_plastic_coated_green = $_POST['thermo_plastic_coated_green']; // required
   $recycle_plastic_red = $_POST['recycle_plastic_red']; // required
   $recycle_plastic_yellow = $_POST['recycle_plastic_yellow']; // required
   $recycle_plastic_black = $_POST['recycle_plastic_black']; // required
   $recycle_plastic_blue = $_POST['recycle_plastic_blue']; // required
   $recycle_plastic_gold = $_POST['recycle_plastic_gold']; // required
   $recycle_plastic_redwood = $_POST['recycle_plastic_redwood']; // required
   $recycle_plastic_cedar = $_POST['recycle_plastic_cedar']; // required
   $recycle_plastic_green = $_POST['recycle_plastic_green']; // required
   $recycle_plastic_gray = $_POST['recycle_plastic_gray']; // required
   $recycle_plastic_brown = $_POST['recycle_plastic_brown']; // required
   
   $error_message = "";
   $email_exp = "^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$";
  if(!eregi($email_exp,$email_from)) {
     $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
  }
  if(strlen($full_name) < 2) {
     $error_message .= 'Your Name does not appear to be valid.<br />';
  }
  if(strlen($address) < 2) {
     $error_message .= 'Your Address does not appear to be valid.<br />';
  }
   if(strlen($city_state) < 2) {
     $error_message .= 'Your City/State does not appear to be valid.<br />';
  }
  if(strlen($zip) < 2) {
     $error_message .= 'Your Zip/Postal Code does not appear to be valid.<br />';
  }
  if(strlen($telephone) < 2) {
     $error_message .= 'Your Telephone Number does not appear to be valid.<br />';
  }
 
  if(strlen($error_message) > 0) {
     died($error_message);
  }
   $email_message = "Form details below.\r\n";
   
   function clean_string($string) {
     $bad = array("content-type","bcc:","to:","cc:","href");
     return str_replace($bad,"",$string);
   }
   
    $email_message .= "Organization: ".clean_string($organization)."\r\n";
   $email_message .= "Full Name: ".clean_string($full_name)."\r\n";
   $email_message .= "Title: ".clean_string($title)."\r\n";
   $email_message .= "Company Name: ".clean_string($company)."\r\n";
   $email_message .= "Street Address: ".clean_string($address)."\r\n";
   $email_message .= "City/State: ".clean_string($city_state)."\r\n";
   $email_message .= "ZIP/Postal Code: ".clean_string($zip)."\r\n";
   $email_message .= "Telephone: ".clean_string($telephone)."\r\n";
   $email_message .= "Cell Phone: ".clean_string($cell_phone)."\r\n";
   $email_message .= "Fax: ".clean_string($fax)."\r\n";
   $email_message .= "Email: ".clean_string($email_from)."\r\n";
   $email_message .= "Confirm Email: ".clean_string($confirm_email)."\r\n";
   $email_message .= "Powder Coated Steel Blue: ".clean_string($powder_coated_steel_blue)."\r\n";
   $email_message .= "Powder Coated Steel Black: ".clean_string($powder_coated_steel_black)."\r\n";
   $email_message .= "Powder Coated Steel Green: ".clean_string($powder_coated_steel_green)."\r\n";
   $email_message .= "Powder Coated Steel Brown: ".clean_string($powder_coated_steel_brown)."\r\n";
   $email_message .= "Powder Coated Steel Yellow: ".clean_string($powder_coated_steel_yellow)."\r\n";
   $email_message .= "Powder Coated Steel Red: ".clean_string($powder_coated_steel_red)."\r\n";
   $email_message .= "Powder Coated Steel Gray: ".clean_string($powder_coated_steel_gray)."\r\n";
   $email_message .= "Powder Coated Steel Burgendy: ".clean_string($powder_coated_steel_burgendy)."\r\n";
   $email_message .= "Thermo Plastic Coated Type Expanded: ".clean_string($thermo_plastic_coated_type_expanded)."\r\n";
   $email_message .= "Thermo Plastic Coated Type Perforated: ".clean_string($thermo_plastic_coated_type_perforated)."\r\n";
   $email_message .= "Thermo Plastic Coated Black: ".clean_string($thermo_plastic_coated_black)."\r\n";
   $email_message .= "Thermo Plastic Coated Blue: ".clean_string($thermo_plastic_coated_blue)."\r\n";
   $email_message .= "Thermo Plastic Coated Brown: ".clean_string($thermo_plastic_coated_brown)."\r\n";
   $email_message .= "Thermo Plastic Coated Gray: ".clean_string($thermo_plastic_coated_gray)."\r\n";
   $email_message .= "Thermo Plastic Coated Red: ".clean_string($thermo_plastic_coated_red)."\r\n";
   $email_message .= "Thermo Plastic Coated Green: ".clean_string($thermo_plastic_coated_green)."\r\n";
   $email_message .= "Recycle Plastic Red: ".clean_string($recycle_plastic_red)."\r\n";
   $email_message .= "Recycle Plastic Yellow: ".clean_string($recycle_plastic_yellow)."\r\n";
   $email_message .= "Recycle Plastic Black: ".clean_string($recycle_plastic_black)."\r\n";
   $email_message .= "Recycle Plastic Blue: ".clean_string($recycle_plastic_blue)."\r\n";
   $email_message .= "Recycle Plastic Gold: ".clean_string($recycle_plastic_gold)."\r\n";
   $email_message .= "Recycle Plastic Redwood: ".clean_string($recycle_plastic_redwood)."\r\n";
   $email_message .= "Recycle Plastic Cedar: ".clean_string($recycle_plastic_cedar)."\r\n";
   $email_message .= "Recycle Plastic Green: ".clean_string($recycle_plastic_green)."\r\n";
   $email_message .= "Recycle Plastic Gray: ".clean_string($recycle_plastic_gray)."\r\n";
   $email_message .= "Recycle Plastic Brown: ".clean_string($recycle_plastic_brown)."\r\n";
   
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
header("Location: $thankyou");
?>
<script>location.replace('<?php echo $thankyou;?>')</script>
<?
}
?>

I have an SQL table such as this:
Pairing1 Pairing2 Week 6 1 1 5 2 1 4 3 1 1 3 2 5 4 2 3 6 2 and another with teams such as:
teamid teamname 1 Teamname 1 2 Teamname 2 3 Teamname 3 The numbers in the pairing are numbers of teams, which is in another SQL table. What would be the most efficient way... of displaying the information in the form of pairngs such as
Week 1:
Team 6 vs Team 1
Team 5 vs Team 2
etc ....
What is the best way for me to sort my results?