PHP - Bots And Forms

Hello

We have a series of sites that use Google API to serve locations stored in local DB, that show google maps from within given PHP pages within our sites (these pages also have other db driven content we wish to keep....

Each 'member' in our sites,  they each have a google map shown on each page present for their 'location' menu tab...

These calls to the google map API,  often goes over our daily allotment of freebie map presentations from the google API

It is SE and other Bots that run these view numbers off the charts and prevent the google maps from loading the actual maps - we get a google map err message - advising that maximum views have been reached... (we see this in our server error logs)

Thoughts on how i can serve this map code to only legit http requests (human eyes)  or at least reduce the burden of bot crawl requests to the google API?

here is the code we use to call the maps

 - We need to encapsulate Google Map Display in a snippet that will block it from getting hit by bots....

Huge Thanks!

Code: [Select]
<form target="_blank" method="GET" action="http://maps.google.com/maps">
<input type="hidden" name="daddr" value="<? echo "$address, $city, $state $zip $country" ?>">
<?php display_tooltip("Please enter your starting point in the form address, city, state zip country or simply enter your city", "mapdir");?>
<input type="text" name="saddr" value="your starting point" onfocus=this.select()>
<input class="clickableL" type="submit" value="Map and Directions">
</form>

ok i have a questions i making a form so when users sign up to my website they we have an account page and in the account page the will have some more fields they need to filll in which i would use INSERT to put the things inside my db but what if they want to update there account should i use  UPDATE

Hello,

I just assembly a form and for styling it I am using CSS in an external file. Problem is that IE8 and I don't know about 7  (in IE9 is ok) it doesn't show the styling inside the form... My structure is something like this:
(in any other situation my css styling is displayed normally)
Code: [Select]
<form>
<span class="myclass">

</span>
</form>Is there any fix for it?

Thank you

I need someone that is really good with php forms, looking for major help.

I am attempting to create a login page, but my script is giving errors in relation to the forms.

Involved PHP:
Code: [Select]
$username = mysql_real_escape_string($_POST['username']);

if ($_POST['submit']=='Login')
{
$md5pass = md5($_POST['password']);
$sql = "SELECT id,username FROM members WHERE
            username = '$username' AND
            password = '$md5pass'";

//etc etc...

Involved HTML:
Code: [Select]
<form id="f6" action="" method="post" onsubmit="return weCheckForm(this)">
<fieldset id="e6" class="cc32">
<label id="e5" class="cc33" for="e4">
Username
</label>
<input id="e4" class="cc34" type="text" name="username" title="username" size="23"><br>
<label id="e3" class="cc33" for="e2">
Password
</label>
<input id="e2" class="cc34" type="password" name="password" title="password" size="23"><br>
<input id="e1" class="cc35" type="submit" title="submit" value="Login">
</fieldset>
</form>

Errors received:
Notice: Undefined index: username in C:\(etc etc...) on line 4
Notice: Undefined index: submit in C:\(etc etc...) on line 6

Now I know that the problem is username and submit are undefined. However, I do not know how to define them in relation to the forms.

We have this form that customers can make their own contact forms, and then it gets inserted to the database.
We can show the forms with no problems, the problem lies when someone hits submit, how do I echo out the values of the form when I'm not sure what the input name or id is going to be?

This sample form generated this code
Code: [Select]
<div class="element">
<label id="label-element-3" class="label" style="color:#4DBCE9;font-family:Trebuchet MS;font-size:1.2em;font-weight:normal;">
<span class="labelelementvalue">Email</span>
<span class="required">*</span></label>
<div class="errormessage" id="errormessage-element-3"></div>
<div class="option-container">
<input class="af-inputtext af-email af-formvalue  " type="text" name="element-3" id="element-3" value="" style="color:#000000;font-family:Verdana;font-size:0.8em;font-weight:normal;width:260px;border-style:solid; border-color:#dcdcdc;-moz-border-radius:5px;-khtml-border-radius:5px;-webkit-border-radius:5px;border-radius:5px;border-width:1px;padding:5px;"></div>
</div>
<div class="element">
<label id="label-element-4" class="label" style="color:#4DBCE9;font-family:Trebuchet MS;font-size:1.2em;font-weight:normal;">
<span class="labelelementvalue">Textarea</span></label>
<div class="errormessage" id="errormessage-element-4"></div>
<div class="option-container">
<textarea class="af-textarea af-formvalue  " name="element-4" id="element-4" style="color:#000000;font-family:Verdana;font-size:0.8em;font-weight:normal;width:300px;border-style:solid; border-color:#dcdcdc;-moz-border-radius:5px;-khtml-border-radius:5px;-webkit-border-radius:5px;border-radius:5px;border-width:1px;padding:5px;" rows="6"></textarea></div>
</div>
<div class="element">
</div>

If you notice, each input type is named "element-" with a number afterwards.

So each input could be like "element-4", "element-21", and so forth.

How would I post those values of the input fields when they are automatically named?

Thanks in advance

Hi there,

I'm new to php/MySQL.

Just wondering how to create a multipage form with a back, save and submit button. Also, how do you stored the form data into the datebase and how do you display a list of submitted forms by the user to the user.

I am starting to build out a class to handle forms. I want to be able to add and edit data in some cases and just add data in other cases. Also want to do some ajax stuff to prevent from having to reload the pages in certain cases. I would like to view how some other form classes work so I can model mine to what I like about others but suit my needs. I was wondering if anyone has worked with any preexisting form classes that they could recommend. I know libraries like zend and so on have these built in and wasnt sure if anyone liked any one specifically and why.

i need a form that is hidden until the user clicks a button on a calendar only Then the form will be visible and have a field for the day that way pressed on submit the form would go back to being invisible. not sure how to implement this can anyone help

Is it worthwhile to create an object to generate my HTML forms? 

Starting out it would appear to be worthwhile but I'm not sure how things might change later down the line when I'm doing more with my forms and introducing javascript to it.  It's a bunch of coding to change all my forms now so I wanted to hear some input before I started.  Would this be just a complete waste of server side processing?

TIA! 

print("<form name='form1' method='post' action='create-b.php' enctype='application/x-www-form-urlencoded' style='margin:0px'>
<input type='hidden' name='time' value='werwRG/443gooa22a04c0c2d46c802cc7e3b262398852$glg/WE?F'>
<input name='name' value='Anonymous' type='text' MAXLENGTH='15' style='position:absolute;width:650px;left:67px;top:142px;z-index:11'>
<input name='subject' value='(No subject)' MAXLENGTH='15' type='text' style='position:absolute;width:650px;left:67px;top:166px;z-index:11'>
<textarea name='body' MAXLENGTH='255' type='text' style='position:absolute;left:67px;top:191px;width:650px;height:98px;z-index:11'></textarea>
<input name='submit' type='submit' value='Create thread' style='position:absolute;left:614px;top:291px;z-index:11'>
<div id='captcha' style='position:absolute; overflow:hidden; left:10px; top:296px; z-index:10'>
  require_once('captc/recaptchalib.php');
  $publickey = '*******************************************';
  echo recaptcha_get_html($publickey);
</form>
</div>");
How can I make the highlighted text be read as PHP and not just text? It has to be in the form tags... 

before you reply saying you forgot the php tags, no i didn't. I can't use php tags inside php tags...

I am quite new to this and am working on a site of my own. I am wanting to input data into a database based on the values of two textboxes. I have the general engine set up but there are some problems.

For example when I do the INSERT with values such as:

mysql_query("INSERT INTO PageTable (uniqueid, ImageLink, ImageLink2, IP)
VALUES ('3434343',
'http://www.example.com/1.jpg',
'http://www.example.com/1.jpg',
'94.123.123.9')");

This will go into the database perfectly. However if I do this:

mysql_query("INSERT INTO PageTable (uniqueid, ImageLink, ImageLink2, IP)
VALUES ($random2,
$img1,
$img2,
$ip)");

Where random2 is rand() and img1 and img2 are the values of the text boes and ip is the ip of the user.

When I do this there is no insert into the database.

Another thing I noticed was that if I put in '111111111111111111' into the textbox the value in the database is something like 111111111111111.0904039 or something like that, however if I put '111111111111111111' into the INSERT statement it goes into the database perfectly. Also if I put '1' into the textbox it goes in fine but putting 'a' into the textbox and it doesn't! I am sure I am missing something very very basic but I just can't get my head round this! Any help would be much appreciated.

Hi,

I have found myself in a bit of a cul-de-sac. Hope you can help as it is driving me crazy.

The scenario:

I have an html form (_post) which I would like to write the contents of to a one XML file using php.

The problem is:

The html page has three/four forms in it.

Form a = (submit a writes/updates only to section a)
Form b = (submit b writes/updates only to section b)
Form c = (submit c writes/updates only to section c)

Form d= (submit a, b, c writes/updates all sections)

The XML page has three sections a, b & c

To conclude, I want to be able to update the XML file in sections or update them all as a whole.

How can I go about achieving this?

Thanks

hi, I have a form in which some information is required but the username is optional however if it is left blank it says that username is taken please choose another one. how can I make it accept it if a username isn't entered? 
Code: [Select]
<?php
 
if (!isset($_SESSION)){
session_start();
}

$fname="";
$lname="";
$username="";
$password="";
$reenterPassword="";
$address="";
$state="";
$city="";
$zip="";
$phone="";
$fax="";
$email ="";
$re_enter_email ="";
$payment = ""; 
$paypal_username="";
$ship_first_name="";
$ship_last_name="";
$ship_address="";
$ship_city="";
$ship_state="";
$ship_zip="";
$ship_email="";
$ship_re_email="";
$pet_name="";
$age=1;
$breed="";
    $pet_name2="";
$age2=1;
$breed2="";

// Logout

if(isset($_POST['logout'])){
unset($_SESSION['user']);
}

// Loading captcha file

require_once('recaptchalib.php');
$privatekey = "6LdxwsoSAAAAAO4CWYDjkrGQsf5GXuIopJcC6SkE";
$publickey = "6LdxwsoSAAAAAFrZTLjBoDvLLjk9_NR_ubncL-24";

require_once("functions.php");

DatabaseConnection();  

$state = $_POST['state'];
$payment = $_POST['payment_Method']; 
$breed = $_POST['breed'];
$ship_state=$_POST['Shipstate']; 


if((isset($_REQUEST["submit"]) && $_REQUEST["submit"]=="Log in") || $_SESSION['user']){

if(!$_SESSION['user']){
$login_username = isset($_REQUEST["username"])?$_REQUEST["username"]:"";
$login_password = isset($_REQUEST["password"])?$_REQUEST["password"]:"";

$msg = array();
if ($login_username == "")
$login_msg['username_empty'] = "Please enter your name";
if ($login_password == "")
$login_msg['password_empty'] = "Please enter your password";

$query = "SELECT * FROM customers WHERE username = '$login_username' AND password = '".$login_password."'";
}else{
$customer_id = $_SESSION['user'];
$query = "SELECT * FROM customers WHERE customer_id='$customer_id'";
}

if (!$login_msg){

$login_process = true;

$result = mysql_query($query) or die("Database error: " . mysql_error());

if (mysql_num_rows($result) > 0){
$row = mysql_fetch_object($result);
$customer_id = $row->customer_id;
$_SESSION['user'] = $customer_id; 
$fname = $row->fname;
$lname = $row->lname;
$username=$row->username;
$address=$row->address;
$state=$row->state;
$city=$row->city;
$zip=$row->zip;
$phone=$row->phone;
$fax=$row->fax;
$email =$row->email;
$payment = $row->payment_method;
$paypal_username=$row->paypal_username;
$ship_first_name=$row->ship_first_name;
$ship_last_name=$row->ship_last_name;
$ship_address=$row->ship_address;
$ship_city=$row->ship_city;
$ship_state=$row->ship_state;
$ship_zip=$row->ship_zip;
$ship_email=$row->ship_email;
$pet_name=$row->pet_name;
$age=$row->age;
$age_month=$row->age_month;
$breed=$row->breed;
            $pet_name2=$row->pet_name2;
$age2=$row->age2;
$age_month2=$row->age_month2;
$breed2=$row->breed2;

}else{
$login_msg['login_fail'] = "Username, password combination is not valid.";
}
}
}
if(isset($_REQUEST["submit"]) && $_REQUEST["submit"]=="submit"){
$msg=array();
$fname=isset($_REQUEST["fname"])?$_REQUEST["fname"]:"";
$lname=isset($_REQUEST["lname"])?$_REQUEST["lname"]:"";
$username=isset($_REQUEST["lname"])?$_REQUEST["username"]:""; 
$password=isset($_REQUEST["lname"])?$_REQUEST["password"]:"";
$reenterPassword=isset($_REQUEST["lname"])?$_REQUEST["reenterPassword"]:"";
$address=isset($_REQUEST["address"])?$_REQUEST["address"]:"";
$state=isset($_REQUEST["state"])?$_REQUEST["state"]:"";
$city=isset($_REQUEST["city"])?$_REQUEST["city"]:"";
$zip=isset($_REQUEST["zipcode"])?$_REQUEST["zipcode"]:"";
$phone=isset($_REQUEST["phone"])?$_REQUEST["phone"]:"";
$fax=isset($_REQUEST["fax"])?$_REQUEST["fax"]:"";
$email =isset($_REQUEST["email"])?$_REQUEST["email"]:"";
$re_enter_email =isset($_REQUEST["re_email"])?$_REQUEST["re_email"]:"";
$re_enter_email= $email; 
$payment = isset($_POST['payment_Method'])?$_POST['payment_Method']:""; 
$paypal_username=isset($_REQUEST["PayPal_username"])?$_REQUEST["PayPal_username"]:"";
$ship_first_name=isset($_REQUEST["Shipfname"])?$_REQUEST["Shipfname"]:"";
$ship_last_name=isset($_REQUEST["Shiplname"])?$_REQUEST["Shiplname"]:"";
$ship_address=isset($_REQUEST["Shipaddress"])?$_REQUEST["Shipaddress"]:"";
$ship_city=isset($_REQUEST["Shipcity"])?$_REQUEST["Shipcity"]:"";
$ship_state=isset($_REQUEST["Shipstate"])?$_REQUEST["Shipstate"]:"";
$ship_zip=isset($_REQUEST["Shipzipcode"])?$_REQUEST["Shipzipcode"]:"";
$ship_email=isset($_REQUEST["Shipemail"])?$_REQUEST["Shipemail"]:"";
$ship_re_email=$ship_email;

    $pet_name=isset($_REQUEST["petName"])?$_REQUEST["petName"]:"";
$age=isset($_REQUEST["age"])?$_REQUEST["age"]:'';
$age=isset($_REQUEST["age_month"])?$_REQUEST["age_month"]:1;
$breed=isset($_REQUEST["breed"])?$_REQUEST["breed"]:"";
$nutritional_needs=isset($_REQUEST["nutritionalNeeds"])?$_REQUEST["nutritionalNeeds"]:"";
    $special_instructions=isset($_REQUEST["specialInstructions"])?$_REQUEST["specialInstructions"]:"";

    $pet_name2=isset($_REQUEST["petName2"])?$_REQUEST["petName2"]:"";
$age2=isset($_REQUEST["age2"])?$_REQUEST["age2"]:"";
$age2=isset($_REQUEST["age_month2"])?$_REQUEST["age_month2"]:1;
$breed2=isset($_REQUEST["breed2"])?$_REQUEST["breed2"]:"";
$nutritional_needs2=isset($_REQUEST["nutritionalNeeds2"])?$_REQUEST["nutritionalNeeds2"]:"";
$special_instructions2=isset($_REQUEST["specialInstructions2"])?$_REQUEST["specialInstructions2"]:"";

// Products information

$product_name=isset($_REQUEST["productname"])?$_REQUEST["productname"]:"";
$quantity=isset($_REQUEST["quantity"])?$_REQUEST["quantity"]:0;
$price=isset($_REQUEST["price"])?$_REQUEST["price"]:0;
$quantity_diff=isset($_REQUEST["quantity_diff"])?$_REQUEST["quantity_diff"]:0;
$price_diff=isset($_REQUEST["price_diff"])?$_REQUEST["price_diff"]:0;
$sales_tax=isset($_REQUEST["salestax"])?$_REQUEST["salestax"]:0; 
$subtotal=isset($_REQUEST["subtotal"])?$_REQUEST["subtotal"]:0;
$shipping_cost=isset($_REQUEST["shippingcost"])?$_REQUEST["shippingcost"]:0;
$total=isset($_REQUEST["total"])?$_REQUEST["total"]:0;


// check for login

if(isset($_POST['customer_id'])){
$customer_id = $_POST['customer_id'];
$query = "SELECT * FROM customers WHERE customer_id='$customer_id'";
$result = mysql_query($query) or die("Database error: " . mysql_error());
if (mysql_num_rows($result) > 0){
$login_process = true;
$_SESSION['user'] = $customer_id;
$row = mysql_fetch_object($result);
$fname = $row->fname;
$lname = $row->lname;
$username=$row->username;
}
}

// Is username taken ?

if(!$login_process){

$query = "SELECT * FROM customers WHERE username = '$username'";
$result = mysql_query($query) or die("Database error: " . mysql_error());
if (mysql_num_rows($result) > 0){
array_push($msg,"This username is already taken, please choose another one.");
}
}
if($fname==""){
array_push($msg,"Please Enter First Name.");
}
if($lname==""){
array_push($msg,"Please Enter Last Name.");
}
/* if($username==""){
   array_push($msg,"Please Enter User Name.");
}
if(!$login_process){
if($password==""){
array_push($msg,"Please Enter Password.");
}
if($reenterPassword==""){
array_push($msg,"Please Enter Re-Enter Password.");
}
if($reenterPassword!=$password){
array_push($msg,"Both passwords does not match.");
}
}*/
if($address==""){
array_push($msg,"Please Enter Address.");

}
if($city==""){
array_push($msg,"Please Enter City.");
}
if($state=="Please choose a state"){
array_push($msg,"Please Select State.");
}
if($zip==""){
array_push($msg,"Please Enter Zip.");
} else {
if(!is_numeric($zip)){
array_push($msg,"Please Enter Digits In Zip.");
}
}
if($phone==""){
array_push($msg,"Please Enter Phone.");
} else {
if(!is_numeric($phone)){
array_push($msg,"Please Enter Digits In Phone.");
}
}
if($email==""){
array_push($msg,"Please Enter Email.");
}
if($payment==""){
//array_push($msg,"Please Select Payment Method.");
}
if($paypal_username==""){
// array_push($msg,"Please Enter Paypal User Name.");
}
if($ship_first_name==""){
array_push($msg,"Please Enter Shipping First Name.");
}
if($ship_last_name==""){
array_push($msg,"Please Enter Shipping Last Name.");
}
if($ship_address==""){
array_push($msg,"Please Enter Shipping Address.");
}
if($ship_city==""){
array_push($msg,"Please Enter Shipping City.");
}
if($ship_state==""){
array_push($msg,"Please Select Shipping State.");
}
if($ship_zip==""){
array_push($msg,"Please Enter Shipping Zip.");
} else {
if(!is_numeric($ship_zip)){
array_push($msg,"Please Enter Digits In Shipping Zip.");
}
}
if($ship_email==""){
// array_push($msg,"Please Enter Shipping Email.");
}

// Check Captcha

$resp = recaptcha_check_answer ($privatekey,$_SERVER["REMOTE_ADDR"],$_POST["recaptcha_challenge_field"],$_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
array_push($msg,"Wrong Captcha, please try again.");
}

// Insert customer

if($login_process){

$sql0 = "UPDATE customers SET address='$address',city='$city', state='$state', zip='$zip', phone='$phone', fax='$fax', email='$email', re_enter_email='$re_enter_email',  ship_first_name='$ship_first_name', ship_last_name='$ship_last_name',  ship_address='$ship_address', ship_city='$ship_city', ship_state='$ship_state', ship_zip='$ship_zip', ship_email='$ship_email', ship_re_enter_email='$ship_re_email', pet_name='$pet_name', age='$age', breed='$breed', pet_name2='$pet_name2', age2='$age2', breed2='$breed2', age_month='$age_month', age_month2='$age_month2' WHERE customer_id='$customer_id'";

if(count($msg) == 0){
$r= mysql_query($sql0) or die("Query Error : " . mysql_error());
$customer = $customer_id;
}
}else{

$sql0="INSERT INTO customers (fname, lname,username,password, address, city, state, zip, phone, fax, email, re_enter_email,  ship_first_name, ship_last_name, ship_address, ship_city, ship_state, ship_zip, ship_email, ship_re_enter_email , pet_name, age, breed, pet_name2, age2, breed2, age_month, age_month2) VALUES ('$fname', '$lname','$username','$password', '$address', '$city', '$state', '$zip', '$phone', '$fax', '$email', '$re_enter_email', '$ship_first_name', '$ship_last_name', '$ship_address', '$ship_city', '$ship_state', '$ship_zip', '$ship_email', '$ship_re_email', '$pet_name', '$age', '$breed', '$pet_name2', '$age2', '$breed2', '$age_month', '$age_month2')";

if(count($msg) == 0){
$r= mysql_query($sql0) or die("Query Error : " . mysql_error());
$customer = mysql_insert_id();
}
}
// Insert Order

$sql1="INSERT INTO orders (product_name, customer, quantity, price, sales_tax, subtotal, shipping_cost, total, nutritional_needs, special_instructions, nutritional_needs2, special_instructions2)

VALUES ('$product_name', '$customer', '$quantity_diff', '$price_diff', '$sales_tax', '$subtotal', '$shipping_cost', '$total', '$nutritional_needs', '$special_instructions', '$nutritional_needs2', '$special_instructions2')";

if(count($msg) == 0){
$m= mysql_query($sql1) or die("Query Error : " . mysql_error());
}


}

?>

Hi everyone,

I need a little help on making forms that automatically update as you select stuff, For example if you was to select something from a drop down menu, The page will update, And show a new drop down box that will list products compatible with the fiirst product, I could easily add these to arrays, Then the script could just pull from each array.

Also I don't know if this will need any javascript... I am no good at that so please warn me if it does!

Any kind of help would be highly appreciated,
Thanks,
Gergy.