Could be flatfile, if so, most of the cleaning function is unneeded
Results 31 to 40 of 41
Thread: My newbish PHP help
-
-
I am pretty sure he wouldn't make a usersystem using flatfile, very unsafe.
-
Yes, it's going to have a database. Does anybody know the problem?
-
PHP Code:
<?php
//Clean function, comment out if not wanted.
function clean($string)
{
$string = htmlspecialchars($string, ENT_QUOTES);
if (get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
$string = str_replace("\"", "", $string);
$string = htmlentities($string);
/**
* If you want SQL injection protection uncomment the next line
*/
// $string = mysql_real_escape_string($string);
return $string;
}
if ($_GET["action"] == "submit")
{
//The form was sent, let's do some stuff!
$name = clean($_POST["name"]);
$password = clean($_POST["password"]);
$email = clean($_POST["email"]);
$age = clean($_POST["age"]);
if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}
if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}
if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}
if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}
echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.
";
exit;
}
//The form hasn't yet been sent! Display it.
echo ("<form action=\"?action=submit\" method=\"post\">
Username: <input type=\"text\" name=\"name\"><br>
Password: <input type=\"text\" name=\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");
?>
-
-
Just a quick suggestion but instead of using if submit statements I usually put a hidden text field with a set value that way I know if the form has actually been submitted.
Form:
Process:<form>
<input type="hidden" name="submitted" valued="yup">
</form>
Hope that helpsPHP Code:<?php
if($_POST['submitted'] == "yup"){
//Put your form processing code here....
}
?>
-
Okay, i'll try that after I finish the next code. I'm starting an install script, and I get the following error:
Parse error: syntax error, unexpected $end in /home/anthony/public_html/dev/install.php on line 100Anybody know the problem?PHP Code:<?php
//Clean function, comment out if not wanted.
function clean($string)
{
$string = htmlspecialchars($string, ENT_QUOTES);
if (get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
$string = str_replace("\"", "", $string);
$string = htmlentities($string);
/**
* If you want SQL injection protection uncomment the next line
*/
// $string = mysql_real_escape_string($string);
return $string;
}
if ($_GET["action"] == "install")
echo "Heya";
{
if ($_GET["action"] == "submit")
{
//The form was sent, let's do some stuff!
$name = clean($_POST["name"]);
$password = clean($_POST["password"]);
$email = clean($_POST["email"]);
$age = clean($_POST["age"]);
if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}
if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}
if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}
if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}
echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.<br>
<input type=\"submit\" name=\"install\" value=\"Installer\">";
exit;
}
//The form hasn't yet been sent! Display it.
echo ("<form action=\"?action=submit\" method=\"post\">
Username: <input type=\"text\" name=\"name\"><br>
Password: <input type=\"text\" name=\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");
?>
-
PHP Code:
<?php
//Clean function, comment out if not wanted.
function clean($string)
{
$string = htmlspecialchars($string, ENT_QUOTES);
if (get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
$string = str_replace("\"", "", $string);
$string = htmlentities($string);
/**
* If you want SQL injection protection uncomment the next line
*/
// $string = mysql_real_escape_string($string);
return $string;
}
if ($_GET["action"] == "install")
echo "Heya";
}
if ($_GET["action"] == "submit")
{
//The form was sent, let's do some stuff!
$name = clean($_POST["name"]);
$password = clean($_POST["password"]);
$email = clean($_POST["email"]);
$age = clean($_POST["age"]);
if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}
if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}
if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}
if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}
echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.<br>
<input type=\"submit\" name=\"install\" value=\"Installer\">";
exit;
}
//The form hasn't yet been sent! Display it.
echo ("<form action=\"?action=submit\" method=\"post\">
Username: <input type=\"text\" name=\"name\"><br>
Password: <input type=\"text\" name=\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");
?>
-
Yeah, why do you have?
You need the bracket before the echo that opens itPHP Code:if ($_GET["action"] == "install")
echo "Heya";
}
Simon, that still produces an error:PHP Code:if($variable == "statement/string") { // Curly bracket
// information here
} // end bracket
Last edited by Dentafrice,; 22-11-2007 at 01:53 PM.
-
I never saw that :p
</span>PHP Code:<?php
//Clean function, comment out if not wanted.
function clean($string)
{
$string = htmlspecialchars($string, ENT_QUOTES);
if (get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
$string = str_replace("\"", "", $string);
$string = htmlentities($string);
/**
* If you want SQL injection protection uncomment the next line
*/
// $string = mysql_real_escape_string($string);
return $string;
}
if ($_GET["action"] == "install")
{
echo "Heya";
}
if ($_GET["action"] == "submit")
{
//The form was sent, let's do some stuff!
$name = clean($_POST["name"]);
$password = clean($_POST["password"]);
$email = clean($_POST["email"]);
$age = clean($_POST["age"]);
if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}
if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}
if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}
if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}
echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.<br>
<input type=\"submit\" name=\"install\" value=\"Installer\">";
exit;
}
//The form hasn't yet been sent! Display it.
echo ("<form action=\"?action=submit\" method=\"post\">
Username: <input type=\"text\" name=\"name\"><br>
Password: <input type=\"text\" name=\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");
?>
Reply With Quote
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts