Working on a send link to a friend form.
Seeking to provide for defeat spambots by presenting form filler with a code (visitorcode) to imput into a box.
if (trim($_POST ["md5($visitorcode)"] == $_SESSION['image_random_value']))
$errors[] = "<b>Validate Code:</b> ".$form_items["visitorcode"]["error"];
When correct Validate code is installed I want error to clear so that the thanku.html can be presented.I am doing something wrong as it will not work. Can anybody shine a light or give direction?
Full code and problem available at www.shopdemo.webitry.net
I think you want
md5(trim($_POST[$visitorcode]));
I think you meant to type:
if (trim($_POST[md5($visitorcode)]) == $_SESSION['image_random_value'])
or, as PMV mentions:
if (md5(trim($_POST[$visitorcode])) == $_SESSION['image_random_value'])
But either way you misplaced some parentheses and double-quotes in the original code.
EDIT:
It looks maybe like you are dealing with errors in the body of the if clause. That being the case, shouldn't the if statement use != instead of ==? I.e., if they don't match, deal with errors.
Related
So I am having problems with the symbol µg in PHP. The symbol is inside an array of data but I can't seem to match it with the following:
if($value == 'µg') {
echo 'blah';
}
Does anyone happen to have a work around for this? I'm assuming PHP saves it as a different type then what I am comparing it to because it never echo's the 'blah' above. I have searched around for a while now and cannot find anything to help me. Thanks!
Okay so even with the help of some people I haven't found the answer.
The best I came up with that actually works is:
substr('µg', 1,7) == 'micro;g'
That's the only way I found out how to parse the data. If you put the & in front of the micro; you get the µ. A dirty fix but if anyone has a way around please let me know. Thanks!
I'm making a website where im alowing my users (after that they are loged in) to Add a (car) advertisement!
I have a form where the user can submit his car information.(add-vehicle.php)
Now I want to display each new advertisement in my list-view. (car-list.php)
How can I do this?
Use urlencode /urldecode to pass variables in url's urlencode
I recommand to use urlencode('string')
and then later when get your variable with urldecode('string')
Response to your comment:
if (isset($_GET['merk'],$_GET['car_id'],$_GET['titel']) === true )
{
$merk = urldecode(trim ($_GET['merk']));
$car_id = urldecode(trim($_GET['car_id']));
$titel = urldecode(trim($_GET['titel']));
}
You're changing a space into a hyphen. If it is stored in the database as a space, it will never find it because "This Entry" is different from "This-Entry". As others said, urlencode will work better, but if you still want to replace the space with a hyphen, just make sure that it is done the same in the database as well.
First, nobody in this world will know what you have in your database to tell what's the problem! At least post an example data.
Second, you must be sure of what you have and what you are comparing to.
You are basically asking if a is equal to b and to be fair that's something that you should be able to tell if you're programming!
Third, you should implement a methodology that allows you to quickly test your code, and that's from printing your data to the browser to a fully automated test.
I am trying to create a dynamic FAQ page. I have the following phtml sample :
<div id="faq">
<!-- Start FAQ "Navigation" -->
<div class="faqBox">
<? foreach($this->aFAQ as $k => $val) : ?>
<?= ($val['mQuestion']); ?>
<?= ($val['mAnswer']); ?>
<? endforeach; ?>
</div>
</div>
Which outputs as follows:
For additional payment options - check or money order, please contact us at iBrandingLevel == 2 ? $this->oStore->getSuppPhone()." Monday to Friday ".$this->oStore->getSuppHoursOpen()." - ".$this->oStore->getSuppHoursClose()." ".$this->oStore->getSuppTimeZone() : "(888) 455-3237 x2 from Monday to Friday 8:00am - 4:30pm MST/Arizona."; ?>
The above text is just the first $val['mAnswer'] (I didnt include the question as that is working properly).
The html is being rendered however obvoiusly the php isn't. the <? and ?> are being removed and just code is displaying. Is there a fix for this? or is my approach fundamentally wrong.
thanks
Your approach is fundamentally wrong, you are outputting PHP code as if it was HTML text and try to execute it.
It is possible to execute code from a string, you can look at the Eval method (http://php.net/manual/fr/function.eval.php) in PHP, but it is not recommended to do this. There are better ways to resolve your specific issues than to output PHP code directly.
What you could do is send a few variables to the view, and use if conditions there.
You could also prepare the full string you need before the view and then all that would be needed is to display it.
To elaborate a little about Eval :
1- If the code you execute within the Eval comes from a user, it is extremely dangerous.
2- If not, there is very often a better solution to the problem, using Eval makes it harder to debug.
Actually, I'm not sure I should answer this.
First, the answer to your request is the mixed eval ( string $code ) php function.
Second, FORGET IT. IMHO, this could be one of the most dangerous things you could think in.
Thanks everybody for the input and resulting discourse. The php code that was being stored in the database was not being input by users, it was all completely internal, however it still shouldn't be there.
I ultimately went through the database and set a %%variablename%% in place of the php code and then upon retrieval I wrote a script that would:
preg_replace("/\%\%variablename\%\%/", $desiredPhpcode, dbRetrievedString).
all instances of %%variablename%%.
It seemed the safer and more sound approach. I don't know if this is an IDEAL approach that anybody else could benefit from if caught in this circumstance or if it 'just works', but I thought I would share.
Thanks Again for the input it helped enormously
PHP is server-side language. Outputting it to client does not make any sense, as there is no one to interpret it.
I am trying to validate an email field. I took this regex from somewhere on here for and I used it on another form I made and it works fine. Yet when I use it now its not matching.
All I am trying to do is to check the email and if it is good then log it in the proper field in the db.
For the sake of not pasting a bunch of stuff... I have stripped out the problem lines and going to pseudo code next few lines.
Essentially, vars are these:
$theEmail = $_post email from first page here
$regEx ='#^[a-z0-9.!\#$%&\'*+-/=?^_`{|}~]+#([0-9.]+|([^\s]+\.+[a-z]{2,6}))$#si';
and my php is this
//essentially other field validation will go here...for now testing only empty.
if(!empty($theEmail)){
if (preg_match($regEx, $formEmail)) {
//send it through to db.
} else { //error stuff here }
}
essentially, this never comes true. The email never validates no matter what I do and as I said I wrote another more complicated form that validates data just fine
Not sure what is going on.
I would suggest you to use filter_var instead.
if (filter_var($theEmail, FILTER_VALIDATE_EMAIL)) {
//send it through to db.
} else {
//error stuff here
}
/^[a-z0-9.!\#$%&\'*+-=?^_{|}~]+#([0-9.]+|([^\s]+\.+[a-z]{2,6}))$/
I removed the first # and ending #si, and took out the / from the = since it was giving me problems. This generates a match on my e-mail address here:
<?
$theEmail = 'me#davebel.com';
$regEx ='/^[a-z0-9.!\#$%&\'*+-=?^_`{|}~]+#([0-9.]+|([^\s]+\.+[a-z]{2,6}))$/';
print_r(preg_match($regEx, $theEmail));
?>
Though this regex is very complex for something like e-mail validation- I would recommend trying to refine it and fine-tune it before putting it into production.
With email validation there are simple solutions that catch 99 % of all mistakes and complex solutions that might catch a tenth of a percent more, yet be unreadable.
Go the easy route and just check for something like
.+#.+\..+
Yes, it will allow an email address like a#b.c but that's probably a smaller price to pay than a user who cannot register because your 500-character regex has a mistake in it somewhere, rejecting a valid address.
give this a try! hopefully it will resolve your query, although there are infinte regulare expressions for email
^[a-z0-9,!#\$%&'\*\+/=\?\^_`\{\|}~-]+(\.[a-z0-9,!#\$%&'\*\+/=\?\^_`\{\|}~-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*\.([a-z]{2,})$
For testing visit
Regular Expression Tester
Well, I've gone over this atleast 30 times, tried as many possible combinations that I could think of, can you spot the syntax error? (I can't, obviously). It doesn't display what it should be, instead it displays the actual html of the page!
The Code:
$ct->data[$key][1] =
'<input id="quantity" name='."items[<?=$product_id;?>]".
'type="text" value="'.$ct->data[$key][1].'"
style="background:#FFFFFF url(qty.png) no-repeat 4px 4px;
Can someone please tell me what I've done wrong? Any help/advice at all is appreciated.
Thanks!
What is this?
name='."items[<?=$product_id;?>]".' type=
I think you meant
name="items[' . $product_id . ']" type=
Using short tags is a very bad practice. It makes code harder to read and it isn't enabled by default on most environments. Which can lead to mistakes like this one.
Always use the full <?php (and not <?) and <?php echo "string" instead of <?="string">. This will prevent many mistakes.
Then, it looks like you're trying to evaluate PHP in strings. echo "echo 'test'"; will never print test, it will always print echo 'test'. It's the same thing for items[<?=$product_id;?>]. First of all, it isn't even a valid PHP syntax and second of all, even if it was really, you can use $product_id without any other modification : items[$product_id]. (edit: actually, I'm not even sure what you're trying to do here).
I'm not going to go over all your code, but it seems like you lack the basics of the language. It may be good to review them!