Search Results

Search found 14 results on 1 pages for 'jpjp'.

Page 1/1 | 1 

  • Are these two functions overkill for sanitization?

    - by jpjp
    function sanitizeString($var) { $var = stripslashes($var); $var = htmlentities($var); $var = strip_tags($var); return $var; } function sanitizeMySQL($var) { $var = mysql_real_escape_string($var); $var = sanitizeString($var); return $var; } I got these two functions from a book and the author says that by using these two, I can be extra safe against XSS(the first function) and sql injections(2nd func). Are all those necessary? Also for sanitizing, I use prepared statements to prevent sql injections. I would use it like this: $variable = sanitizeString($_POST['user_input']); $variable = sanitizeMySQL($_POST['user_input']);

    Read the article

  • how do I insert an hidden token in my form to prevent double posts? (PHP)

    - by jpjp
    I want to prevent users from accidentally posting a comment twice. I use the PRG (post redirect get) method, so that I insert the data on another page then redirect the user back to the page which shows the comment. This allows users to refresh as many times as they want. However this doesn't work when the user goes back and clicks submit again or when they click submit 100 times really fast. I don't want 100 of the same comments. I looked at related questions on SO and found that a token is best. But I am having trouble using it. //makerandomtoken(20) returns a random 20 length char. <form method="post" ... > <input type="text" id="comments" name="comments" class="commentbox" /><br/> <input type="hidden" name="_token" value="<?php echo $token=makerandomtoken(20); ?>" /> <input type="submit" value="submit" name="submit" /> </form> if (isset($_POST['submit']) && !empty($comments)) { $comments= mysqli_real_escape_string($dbc,trim($_POST['comments'])); //how do I make the if-statment to check if the token has been already set once? if ( ____________){ //don't insert comment because already clicked submit } else{ //insert the comment into the database } } So I have the token as a hidden value, but how do I use that to prevent multiple clicking of submit.

    Read the article

  • What are some methods to prevent double posting in a form? (PHP)

    - by jpjp
    I want to prevent users from accidentally posting a comment twice. I use the PRG (post redirect get) method, so that I insert the data on another page then redirect the user back to the page which shows the comment. This allows users to refresh as many times as they want. However this doesn't work when the user goes back and clicks submit again or when they click submit 100 times really fast. I don't want 100 of the same comments. I looked at related questions on SO and found that a token is best. But I am having trouble using it. //makerandomtoken(20) returns a random 20 length char. <form method="post" ... > <input type="text" id="comments" name="comments" class="commentbox" /><br/> <input type="hidden" name="_token" value="<?php echo $token=makerandomtoken(20); ?>" /> <input type="submit" value="submit" name="submit" /> </form> if (isset($_POST['submit']) && !empty($comments)) { $comments= mysqli_real_escape_string($dbc,trim($_POST['comments'])); //how do I make the if-statment to check if the token has been already set once? if ( ____________){ //don't insert comment because already clicked submit } else{ //insert the comment into the database } } So I have the token as a hidden value, but how do I use that to prevent multiple clicking of submit. METHODS: someone suggested using sessions. I would set the random token to $_SESSION['_token'] and check if that session token is equal to the $_POST['_token'], but how do I do that? When I tried, it still doesn't check

    Read the article

  • How can I use MVC ideas without using classes?

    - by jpjp
    As of right now, I am still shaky on classes, so I don't want to use any classes for my site. I'm still practicing with classes. But how can I implement the MVC idea without classes? Would this work for a MVC? index.php (the view) index_controller.php index_model.php Is this right for what a MVC should be? View: show html, css, forms Controller: get $_POST from forms and any data from the user, get info from db Model: do all the functions, insert/delete in db, etc Basically separate the HTML/css for the view, all the data collecting for the controller, and the logic for the model. And just connect them all using require_once.

    Read the article

  • How do I make replies to comments? (PHP)

    - by jpjp
    I want to create something like reddit where they have comments, then replies to the comment, then reply to the reply. What type of database structure do they use so: 1. they keep track of all the comments to a posting 2. a reply to a comment 3. a reply to a reply All I have right are is just a posting and a bunch of comments relating to it like.. POSTING TABLE posting_id | title | author COMMENTS TABLE comment_id | posting_id | comment REPLIES TABLE ???? How do I relate the comments to the replies? What type of css do they use to give replies that indented space?

    Read the article

  • How do I make a expanding textbox?

    - by jpjp
    I want to make a textbook where it starts out as a given width/height. Then if users type more then the given amount of space, the textbox expands downward. How do I go about doing this? Do I use css? The basic textbox just displays a scroll bar when users pass the number of rows allow. How do I make it so the textbox expands the rows by say 5 more? <form method="post" action=""> <textarea name="comments" cols="50" rows="5"></textarea><br> <input type="submit" value="Submit" /> </form> How do i use the example that Robert Harvey mentioned? I never used javascript before..

    Read the article

  • Are cookies enough for storing login data?

    - by jpjp
    I am reading the Head First PHP/Mysql book and they say to store both the user's username, email into cookies and sessions. Is it safe to assume that everyone nowadays accepts cookies? Or should I store both in sessions and cookies? I am not storing any sensitive data in cookies such as password, etc.

    Read the article

  • Are cookies enough for storing login data? (PHP)

    - by jpjp
    I am reading the Head First PHP/Mysql book and they say to store both the user's username, email into cookies and sessions. Is it safe to assume that everyone know a day has cookies? Or should I store both in sessions and cookies? I am not storing any sensitive data in cookies such as password, etc.

    Read the article

  • How do I make a URL text a link?

    - by jpjp
    Say on Facebook or Twitter, when I type "www.google.com" and submit it, it becomes a link. How do I code this in PHP? Do I use regular expressions to get where the www starts and the .com ends? Is this how they do it? <?PHP //some regular expression to get www and .com part $link="<a href='$url'>$url</a>"; echo $link; ?> How do I write a regular expression to get the "www" and ".com" part? And for twitter's @obama, obama would become a link to obama's site. What regular expression do they use to get the text after the @ and before the space?

    Read the article

  • What should I put into classes and what stuff I shouldnt?

    - by jpjp
    I am learning about classes right now in PHP and their examples are like.. class table { //makes a table private $tag ; function Begin($border=0, $align="center", $width='100%', $cellpadding=2, $cellspacing=2, $class='', $id='', $bgcolor='', $style='') { $this->tag = '<table ' ; if ($align) $this->tag .= 'align="' . $align . '" ' ; if ($width) $this->tag .= 'width="' . $width . '" ' ; if ($border > 0) $this->tag .= 'border="' . $border . '" ' ; if ($cellpadding > 0) $this->tag .= 'cellpadding="' . $cellpadding . '" ' ; if ($cellspacing > 0) $this->tag .= 'cellspacing="' . $cellspacing . '" ' ; if ($class) $this->tag .= 'class="' . $class . '" ' ; if ($id) $this->tag .= 'id="' . $id . '" ' ; if ($bgcolor) $this->tag .= 'bgcolor="' . $bgcolor . '" ' ; if ($style) $this->tag .= 'style="' . $style . '" ' ; $this->tag .= ">" ; return $this->tag ; } Then you just instantiate it and make a table by $table =new table; $table->$table($border=2, $align='center', etc); Should I be coding like this where html, css are in classes? i feel making tables and forms this way is more confusing then actually just typing . Should I only put like validation, getting data from db, and the logic stuff in classes? What should I use classes for and not?

    Read the article

  • How do I create this array? (PHP)

    - by jpjp
    I am a little stuck on how to create this array. My data: category_id | category_name 1 bikes 2 cars 3 books 4 computers Array: $category=array(); $query = "SELECT * FROM categories ORDER BY name ASC"; $result = $db->query($query); $category=array('category_id'=>$category_id, 'category_name'=>$category_name); while ($row = $result->fetch_array()){ $category_id=$row['category_id']; $category_name=$row['name']; } I want to create an array so that I can echo the data in a radio list like... <input type='radio' value='<?PHP echo $category['category_id']; ?>' name='category[]'><?PHP echo $category['category_name']; ?> o bikes o cars o books o computers The problem is that the array only consists of one pair (1, bikes) and not all the data. How can I make an array with all the data? Thanks!

    Read the article

1