i would like to host and make my own form i know i knwo freedback
they radomly banned me i have the same coding as when i got it and didnt change...
how would i go about doing this i laready made my contact us form but this may be a bit harder i need to do like
(short)Habbo Name:
(short)Email:
(short)Program Used
(drop Down)Applying For:
(long)Qualifications:
(long)Why Should We Hire You?
and then i'm used to feedback could i have ip details sent in with apps?

You do a hidden form for the IP

<input type="hidden" id="" name="" value="<?php echo $_SERVER["REMOTE_ADDR"]; ?>" />

<input type="hidden" id="" name="" value="<?php echo $_SERVER["REMOTE_ADDR"]; ?>" />

Never, ever, ever...ever do that.

:o why? :S

In the case of hiding an IP input, don't, because simply, there is no point. You can just call for $_SERVER['REMOTE_ADDR'] when you process the script, it's not going to change.

Hidden inputs are fine for passing things such as IDs to other pages though.

Never, ever, ever...ever do that.

wouldnt it be better to do it in the sql query?

wouldnt it be better to do it in the sql query?

That's what I trying to get across above :) ^^

Before someone bites my head off for saying it's fine, obviously if you don't check it's a valid ID, or whether a certain user has permission to do stuff with the ID, you're in trouble. Bottom rule, even if it's defined by you (dropdowns, hidden form inputs etc), sanitize it!

If the IP used was read from the form then it is bad. That's because you can use memory editors/livebug/etc to alter input forms to any value you like.

If the IP used was read from the form then it is bad. That's because you can use memory editors/livebug/etc to alter input forms to any value you like.

could of swore the was a way of doing that through url i may be wrong :S

could of swore the was a way of doing that through url i may be wrong :S

If the form is using GET instead of POST, you can change the values of the form fields. However, if you're not sanitizing your GET inputs, you're asking for trouble.