I need to create a 10 page quiz for a mobile browser. It is only a mobile webpage, so no considerations need to be taken for other browsers.
Here's the problem I'm having: I can't use JavaScript, because not every mobile browser supports it. I'm not very skilled in other languages, but I thought perhaps something could be done in PHP as it is server-side.
If my first URL is domain and I enter the correct quiz answer, the URL to the next page could be domain/?p=1. The URL doesn't need to do anything but hold a count of the number of correct results.
As for the actual code, I was thinking it could be included in the HTML itself, as I'm not very concerned about people viewing the source on their mobile phones.
Is it possible to write a line of code that increments the 'p=' attribute in the URL by one when clicked and only attach it to the correct answers?
Here's an image of what I mean: http://i.imgur.com/HbJ5U.jpg
And, what's to stop me from manually incrementing the "correct answer" counter in my address bar?
Do you not want to use a database because you don't have one available to you in your hosting, or because you don't know how?
I'm not a fan of the idea, but you can get the number of "correct answers" with the following code.
<?php
/* Gets current correct answer Count */
$answer_count = $_GET["p"];
/* checks to see if the submitted answer is the same as the correct answer */
if ($_POST["submitted-answer"] == "correct-answer") {
$answer_count++;
}
?>
Now, you just add the modified answer count to the link to the next question.
Next Question
If this is "just for fun" I don't see why you couldn't do it like this. It's definitely a simple way to solve the problem.
The standard way to do this is to store things in hidden form variables. Of course, if there is anything riding on this, that's a terrible way to do it, because it's really easy for the end user to put his own values in those hidden form values.
Aren't file-based sessions the obvious answer here?
Related
I use php to manage html and now I have problem with input date in mysql.
All with my input in MySQL or update or delete in MySQL is ok but how I can make security for input data in mysql because if some one open to see my html source code with browser he can see my predefined inputs and he can change thats in html and after that enter wronk inputs in mysql.
This is my code:
Options Value: <select name="extend">
<option value="<?php $_end1;$newDate = date('Y-m-d', strtotime($_end. " + 1 month"));echo $newDate;?>">1 Month</option>
Now when if someone open browser and see my code he can replease 1 month with several month and that in MySQL.
How can I this secure and or hide that in HTML.
Thx
If you're wanting to have fields or input that can't be edited by the user, such as the current date that the form was submitted on or something along the lines of that, you need to do do all of that on the server side (not the client side). Any data that is submitted from the client side can (and you should treat it like it will) be changed.
Instead of having form fields with preset values, fields that are hidden, fields that are disabled, data that is rendered with JavaScript, or any other way you could think of storing data on the client side, do those things on the server side. You can use a PHP script to do this, seeing as you're already making use of PHP. When you submit the form it has to go to some sort of a server side script, do that logic there and submit that logic to a database.
filter all your received user input. This might be clear for free text inputs, but should be done as well for predefined values.
Easiest for extending might be to only accept a certain number. For example 1, 2 or 3.
$extend = filter_input(INPUT_POST, 'extend', FILTER_VALIDATE_INT); is the first step, but you should also check if $extend is not equal to an illegal number.
if(in_array($extend, range(1,3)){ }
input like numbers is a lot more simple to check than a range of dates.
But even when that would be needed: it is possible to make your own validation function.
It is not possible to limit the browser or the user to only send certain data in a form. Either they could use a tool in the browser to change the habits of a form element, or they could rebuild the form completely in their own htmlpage or other tool
There is very simple answer to your question - you can NOT secure html and you should not even try. Every browser is equipped with developer tools and even without browser anyone can send to your server whatever they want. This is how Internet works.
What you SHOULD do is to verify your input data on server side where user has no access. In your case you should have array of allowed inputs or function assessing if input from user is valid.
More, if you know what will be the algorithm eg. ($_end + 1month) than you do not need to get from user result but only value of $_end. You can calculate $newDate just before inserting data to database - this way user will have no way of changing it.
First of all, please be carefull with your writing, it is pretty hard to understand your problem.
Secondly, if you want to "hide" PHP code to the user, you could write your code in a different way :
You create a form in which users will be able to fill some informations, and for example a date, like in your example. If this date is an option, it can have some value, as the one you show.
Then when the user submit the file, you make a checking on the variables. If you want this form to show a price, to add some data to a database, or whatever, you do some checking to be sure that the values are correct. For example, if you want to calculate a price, you will check the date the user selected, and calculate the price from this date. With this method, even if user changed the code, they will not be able to change the checking (at least not easily).
And to conclude you show a page asking the user for confirmation. This way, he will check if the informations are correct, and you can ask to re-fill some fields if you detected some invalids values
That's hard to show some concrete code, since I don't really know what you want to do, but I hope this explanation was clear. Don't hesitate to ask some questions, I'll try to answer.
darling brother:
you have 3 method:
1: define a variables instead of 1 month
2: use encryption method for php enciding that provide encryption php cides to unformatted charachters (ionCube )
3: usin my sql encryption : MD5
I am trying to create a forum on my page. I need some advice. I have MySQL database and I am able to to work with it. Yet as far as I can make is playing with POST. I mean on click submit a $_POST['submit']) becomes set and so on. Then connect to database, get info and display.This way of making a forum is bad, because it all happens on a single page. As far as I seen any other forum when entering one and so on has it's unique Uri (what comes after domain.com/) so you can simply send someone full url and they are in that thread (unlike if you play with $_POST['submit']).
Sorry if my question is not accurate and I am not asking to write me code. I just need someone to direct me to the right place and any advice would be helpful. Thanks !
Your question is difficult to understand, but I think you are confused about how data and pages are dynamic using GET/POST.
The URLS with different IDs are like an illusion. Really, its the same page, however the page is dynamically taking that ID from the URL, and using it to output certain data.
For example, say we habe the URL: www.example.com/show_thread.php?thread=3
The php would look like
if(isset($_GET['thread'])){
$data = $db>query("SELECT thread_title,thread_text FROM threads WHERE thread_id = $_GET['thread']");
print($data);
}
*Warning: do not use this exact code, it is an example, not secure, etc
Then the database would look like
thread_id thread_title thread_text
1 kngwihywoihwy kngwihywoihwykngwihywoihwy
2 vyfngoieyoiehyon ieonuwrtoi hunwrmt jirwyji
3 nuoaiefguneoihn eoithneiotheo
and the page would show
nuoaiefguneoihn eoithneiotheo
POSTing data is for sending it to the server, and doing something with it. Just like GET. However, GET is helpful for passing things around as they are accessible in links. Like this example.
Okay. So I don't have any example code to show, but after doing a bit of research and learning the basics of PHP, I think the answer to my question should be pretty simple.
Here is the scenario, as I would like it to be:
On the homepage there will be several team names, with scores next to them. Like "house-points" in Harry Potter.
Below the score is a small text-field. Below that is a submit button.
The user will put a number in the text-field, press submit, and that number will be added to the team's total score.
NOW. I know how to achieve all of that with JavaScript. Easy. What I want to know IS:
How do I make that new number (the new score total) STAY there. I need to permanently alter the HTML when that submit button is pressed.
All I know is that I need to use PHP. I know the basics of PHP, so whatever the answer is, just throw it at me and I'll figure it out.
Sounds like what you want to do is submitting forms. First drop the JavaScript, you won't need it. What you need is to put your text fields in a form and when you submit you can fetch your values with $_<GET|POST|REQUEST>['<name_of_field>'].
Then you will need to store it somehow. The best way to do it is to use a database like MySQL or MongoDB to store it, but it could be a bit tricky if you are just learning this, so maybe you would like to stick to files. You could do this with INI files and PHP's INI functions.
Lastly you will need to print out the correct values to the website. Now this is easy: Just edit your HTML file to do something like
<?php echo $score['team1']; ?>
for each team after retrieving the correct values at the top or something. (Don't forget to rename the HTML file to .php as well).
Now you should be all set to save your scores. =)
If you mean really permanent you'll have to send it to a database via Ajax (combination of PHP and Javascript). OR write it to a text-document, which is less good.
This question may have been asked already - but unfortunately, I could not find any satisfactory answers. I will just ask it for my concrete case and ask the admins not to delete the question for at least a few days so I can try it out...
I have a page. It uses a captcha. Like so:
<?php
session_start(); // the captcha saves the md5 into the session
?>
<img src="captcha.php" onclick="this.src = this.src" />
That was my first code. It did not work, because the browser condsidered it useless to reload an image if the source is the same. My current solution is to pass a get parameter:
onclick="this.src = 'captcha.php?randomNumber='+ranNum"
The JavaScript variable var ranNum is generated randomly every time the onclick event fires. It works fine, still, I don't like the possibility, if the - though improbable - case of two numbers being the same twice in a row. Although the random number varies between -50,000 and 50,000 - I still do not like it. And I don't think the method is right. I would like to know the 'righter' method, by means of AJAX. I know it's possible. I hope you know how it's possible ^^ In that case, please show me.
Thanks in advance!
By the way - if I spell cap(t)cha differently, never mind, the reference to the PHP file is right in my code: I use randomImage.php
EDIT: The random number in JavaScript is only generated so the image reloads. Captcha.php does not care for the $_GET parameter. The string really is random.
EDIT: Thus, what I would like to know is how to make the browser relaod the image without passing different get parameters every time the event fires.
Unfortunately, AJAX doesn't provide a good way to dynamically load images. Even using the javascript "preload" trick just gets the browser to load each image once per URL. The only good way to get the browser to load another image from the same source is to use a different parameter just like you are doing now. And, like other answers have stated, timestamp should be sufficient for that.
Have you considered using a timestamp instead?
onclick="this.src='captcha.php?ts='+Math.round(new Date().getTime()/1000)"
Just use:
<img src="captcha.php" onclick='this.src = "captcha.php&time=" + new Date().getTime();' />
You can discard the time parameter and generate the random number in PHP. :)
You could also get the image from an Ajax request base64 encoded and put it into the img tag too.
Of course I think it is overkill and a base64 encoded file is about 4/3 of the original's size. (A 3 kb image would be about 4kb on base64).
Edit:
to have the img src attribute like
data:image/png;base64,base64encodedimage
I'm trying to think of a way to create a list of items that I can display on a webpage that my visitors can tick off, without ever having to log in.
The list may be like so:
[ ] Buy potatoes
[ ] Pickup kids
[x] Drink more water
[ ] Go for a Run
If User A visits the site, and clicks "Drink More Water" I want that to save in a database so that when User B visits, "Drink More Water" is already ticked.
Is there any simple ways to do that:
in PHP?
with Javascript?
or even as a WordPress plugin?
Do you know if there's any existing code around that does this?
TaDa List by 37Signals comes very close, but only allows specific people to tick things off.
Any suggestions would be greatly appreciated.
Thanks
Turgs
If you want to create this yourself you should learn PHP and MySQL (and possibly Javascript (for AJAX)), and HTML and CSS (maybe you already know some of these). After you know these it will become clear how to create this.
You should first learn HTML
then PHP
then MySQL (or any SQL that works with PHP)
then CSS
Then Javascript
We can't really answer your question like this, because it involves big amounts of code. Adn won't really help you if you don't know these languages.
I'll tell you what you need to do, but you're going to have to research most of the things.
You need html to create the list.
You need php to query sql and check if one of them should be checked or not.
Load the page with the data you got from your database server (set the checked ones as checked).
When the user checks one of them you need to store it in the database, so that when another user loads the page he can then get the changes from the database.
Hope this is clear enough.
Just store that information in cookies.
$_COOKIE['ticket'] = 3;
when he visit the page next time just check if $_COOKIE['ticket'] is not empty.
You could do this kind of thing with a file instead of a database. So when the user checks off a box, it loads a PHP file that reads an XML file with the tasks and check-status, then re-writes that file with the modified value.
It's quick, dirty, and doesn't need a database.
You could use a REST like url that defines a list. i.e.: http://ticklist.com/list/145
People can share this common list.
Something like the logic of http://friendpaste.comTo let people share and edit source codes.