Search Results

Search found 20513 results on 821 pages for 'form submit'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 223/821 | < Previous Page | 219 220 221 222 223 224 225 226 227 228 229 230  | Next Page >

  • how to send value to the from action page from database

    - by Mayank swami
    I am creating a faq panel for there can be multiple answers for question and i want to take the answer id .because i am storing comment by answer id the problem is that how to sent the $answer_id to the comment_submit_process.php and how to recognize the answer ? $selected_ques= mysql_prep($_GET['ques']); $query = "SELECT * FROM formanswer where question_id = {$selected_ques}"; $ans= mysql_query($query); if($ans){ while($answer = mysql_fetch_array($ans)) //here is the form <form id="add-comment" action="comment_submit_process.php" > <textarea class="comment-submit-textarea" cols="78" name="comment" style="height: 64px;"></textarea> <input type="submit" name="submitbutton" value="Add Comment" class="comment-submit-button" > <br> <?php $ans_id= $answer['id']; echo $ans_id; ?> <input type="hidden" name="ques" value="<?php echo $_GET['$ans_id'] ?>" /> <span class="counter ">enter at least 15 characters</span> <span class="form-error"></span> </form> <?php }} ?>

    Read the article

  • Codeigniter: Library function--I'm stuck

    - by Kevin Brown
    I have a library function that sets up my forms, and submits data. They're long, and they work, so I'll spare you reading my code. :) I simply need a way for my functions to determine how to handle the data. Until now, the function did one thing: Submit a report for the current user. NOW, the client has requested that an administrator also be able to complete a form--this means that the form would be filled out, and it would CREATE a user at the same time, whereas the current function EDITS and is accessed by an EXISTING user. Do I need a separate function to do essentially the same thing? How do I make one function perform two tasks? One to update a user, and if there is no user, create one. Current controller: function survey() { $id = $this->session->userdata('id'); $data['member'] = $this->home_model->getUser($id); //Convert the db Object to a row array $data['manager'] = $data['member']->row(); $manager_id = $data['manager']->manager_id; $data['manager'] = $this->home_model->getUser($manager_id); $data['manager'] = $data['manager']->row(); $data['header'] = "Home"; $this->survey_form_processing->survey_form($this->_container,$data, $method); } Current Library: function survey_form($container) { //Lots of validation stuff $this->CI->validation->set_rules($rules); if ( $this->CI->validation->run() === FALSE ) { // Output any errors $this->CI->validation->output_errors(); } else { // Submit form $this->_submit(); } $this->CI->load->view($container,$data); The submit function is huge too. Basically says, "Update table with data where user_id=current user" I hope this wasn't too confusing. I'll create two functions if need be, but I'd like to keep redundancy down! }

    Read the article

  • hy i dont get the check value in check box?

    - by udaya
    Hi I have a check box when check that check box the id corresponding to the check box is placed on a text box ... but when there is only single value in the database i cant get the check value why? here is my code <? if(isset($AcceptFriend)) {?> <form action="<?=site_url()?>friends/Accept_Friend" name="orderform" id="orderform" method="post" style="background:#CCCC99"> <input type="text" name="chId" id="chId" > <table border="0" height="50%" id="chkbox" width="50%" > <tr> <? foreach($AcceptFriend as $row) {?> <tr> <td>Name</td><td><?=$row['dFrindName'].'</br>';?></td> <td> <input type="checkbox" name="checkId" id="checkId" value="<? echo $row['dMemberId']; ?>" onClick="get_check_value()" ></td> </tr> <? }}?> </tr> <tr> <td width="10px"><input type="submit" name="submit" id="submit" class="buttn" value="AcceptFriend"></td></tr> </table> </form> This is the script i am using function get_check_value() { var c_value = ""; for (var i=0; i < document.orderform.checkId.length; i++) { if (document.orderform.checkId[i].checked) { c_value = c_value + document.orderform.checkId[i].value + "\n"; } } alert(c_value); document.getElementById('chId').value= c_value; }

    Read the article

  • Access values of a group of select boxes in php from post

    - by 2Real
    Hi, I'm new to PHP, and I can't figure this out. I'm trying to figure out how to access the data of a group of select boxes I have defined in my HTML code. I tried grouping them as a class, but that doesn't seem to work... maybe I was doing it wrong. This is the following HTML code. <form action="" method="post"> <select class="foo"> <option> 1.....100</option> </select> <select class="foo"> <option> 1.... 500></option> </select> <input type="submit" value="Submit" name="submit"/> </form> I essentially want to group all my select boxes and access all the values in my PHP code. Thanks

    Read the article

  • Location of Embedly (JQuery-Preview) Results

    - by user749798
    Embedly/Jquery-Preview has been fantastic. However, I'm trying to change the location of the preview result, and having trouble. Right now, the result appears right below the input field...but I'd rather have it in a separate part of the page. Is there a way to do this? I've tried changing the location of the selector and loading divs, but that hasn't helped. It seems to ignore those divs and put it right below the submit button. Below is my code: <form accept-charset="UTF-8" action="private" class="new_comment" data-remote="true" id="new_comment" method="post"> <input class="photo_comm" id="comment_comment" name="comment[comment]" placeholder="add a comment or link..." size="30" type="text" /><span type="text" id="counter">1000</span> <input class="btn btn-primary btn-mini" data-disable-with="Submitting..." name="commit" type="submit" value="Post" /> </form> <!-- Placeholder that tells Preview where to put the loading icon--> <div class="loading"> <img src='http://embedly.github.com/jquery-preview/images/loading-rectangle.gif'> </div> <!-- Placeholder that tells Preview where to put the selector--> <div class="selector"></div> $('#comment_comment').preview({ key:'60f1dcdf3258476794784148a6eb65e7', // Sign up for a key: http://embed.ly/pricing selector : {type:'rich'}, preview : { submit : function(e, data){ e.preventDefault(); $.ajax({ dataType: 'script', url: this.form.attr('action'), type: 'POST', data: data }); }, }, autoplay : 0, maxwidth : 400, display : {display : 'rich'} });

    Read the article

  • Input questions mysql php html

    - by Marcelo
    (Q1)Hi I'm using textbox in my project and I can't receive the values that are typed <textarea rows="5" cols="60"> Type your suggestion </textarea> <br> <input type="submit" name="sugestao" value="Submit" /> Sorry I don't know how to 'kill' html code, that's why < is missing. All I'm getting in the column of the database from this text box is "Submit", I'd like to receive whatever is written in the text area. How can I make the value equal whaterever is typed? (Q2) How can I make sure that I'll only store the same type(int,varchar,text) that I setted,declared in the database. For example: age(int), but if someone types "abc" in the input it will be stored in my database as the value 0 . How can I forbid this, and only save the age when it's just int and all the other fields(like name, email) are filled ?. And if is still possible warn the user that he is typing something wrong, don't need to say where. Sorry for any mistake in English and Thanks for the attention.

    Read the article

  • Please help with IFrame callback

    - by Code Sherpa
    Hi - thanks for clicking. I am trying to get status feedback using an IFrame for file uploads. I am not trying to get progress or percentages - just when a file is done uploading and if it was a success or failure. THE PROBLEM is that I can't seem to get the server response to appear on the client. I have to following design: I have an iframe on my page: <iframe id="target_frame" src="" style="border:0px; width:0px; height:0px"></iframe> The form tag points to it: <form enctype="multipart/form-data" id="fileUploadForm" name="fileUploadForm" action="picupload.aspx" method="post" target="target_frame"> And the submit button starts a file upload via the iframe: <input id="submit" type="submit" value="upload" /> In the picupload.aspx.cs file, I have a method that returns dynamic data. I then send it to the client: message = data; Response.Write(String.Format("<script language='javascript' type='text/javascript'>window.parent.handleResponse('{0}');</script>", message)); On the client, I have a response handler: function handleResponse(msg) { document.getElementById('statusDiv').innerHTML = msg; } My intent is to see the msg value change for each uploaded file but I never see anything appear in statusDiv, let alone dynamically changing messages. Can somebody please help??

    Read the article

  • S.redirectTo leads always to a blank screen

    - by Jaime Ocampo
    I am now playing a little bit with lift (2.8.0), and all the features in LiftRules work as intended. But I haven't been able to use S.redirectTo at all. I always ends with a blank screen, no matter what. No error messages at all! As an example, I have the following form: ... <lift:logIn.logInForm form="post"> <p><login:name /></p> <p><login:password /></p> <p><login:submit /></p> </lift:logIn.logInForm> ... And the code is: object LogIn extends helper.LogHelper { ... def logInForm(in: NodeSeq): NodeSeq = { var name = "" var password = "" def login() = { logger.info("name: " + name) logger.info("password: " + password) if (name == "test1") S.redirectTo("/example") if (name == "test2") S.redirectTo("/example.html") if (name == "test3") S.redirectTo("example.html") S.redirectTo("/") } bind("login", in, "name" -> SHtml.text(name, name = _), "password" -> SHtml.password(password, password = _), "submit" -> SHtml.submit("Login", login)) } } The method 'login' is invoked, I can check that in the log information. But as I said, no matter which name I enter, I always end with a blank screen, although 'examples.html' is available when being accessed directly in the browser. How should I invoke S.redirectoTo in order to navigate to 'examples.html'? Also, why don't I receive an error message (I am logging at a debug level)? I think all the configuration in Boot is correct, since all LitRules examples (statelessRewrite, dispatch, viewDispatch, snippets) work fine.

    Read the article

  • Why is my code stopping and not returning an exception?

    - by BeckyLou
    I have some code that starts a couple of threads to let them execute, then uses a while loop to check for the current time passing a set timeout period, or for the correct number of results to have been processed (by checking an int on the class object) (with a Thread.Sleep() to wait between loops) Once the while loop is set to exit, it calls Abort() on the threads and should return data to the function that calls the method. When debugging and stepping through the code, I find there can be exceptions in the code running on the separate threads, and in some cases I handle these appropriately, and at other times I don't want to do anything specific. What I have been seeing is that my code goes into the while loop and the thread sleeps, then nothing is returned from my function, either data or an exception. Code execution just stops completely. Any ideas what could be happening? Code sample: System.Threading.Thread sendThread = new System.Threading.Thread(new System.Threading.ThreadStart(Send)); sendThread.Start(); System.Threading.Thread receiveThread = new System.Threading.Thread(new System.Threading.ThreadStart(Receive)); receiveThread.Start(); // timeout Int32 maxSecondsToProcess = this.searchTotalCount * timeout; DateTime timeoutTime = DateTime.Now.AddSeconds(maxSecondsToProcess); Log("Submit() Timeout time: " + timeoutTime.ToString("yyyyMMdd HHmmss")); // while we're still waiting to receive results & haven't hit the timeout, // keep the threads going while (resultInfos.Count < this.searchTotalCount && DateTime.Now < timeoutTime) { Log("Submit() Waiting..."); System.Threading.Thread.Sleep(10 * 1000); // 1 minute } Log("Submit() Aborting threads"); // <== this log doesn't show up sendThread.Abort(); receiveThread.Abort(); return new List<ResultInfo>(this.resultInfos.Values);

    Read the article

  • validation controls are not validating on enabling on client side using java script, plz guide

    - by haansi
    Hi, As per requirement I disabled all validation controls in page on PageLoad event in server side. On clicking submit button I want to activate them and validate the page and if the page is ok submit other wise not. I am able to enable all validaters but one thing that I am unable to understand is that they do not validate the page. I set alerts and check they are being enabled but they do not validate the page and let the page submit. I am sorry I couldn't get where I am wrong, may be there need to call some validation method as well or I should prevent default behavior of button. please guide me. Below is my script: <script type="text/javascript"> function NextClicked() { var _ddlStatus = document.getElementById("<%=ddlEmpStatus.ClientID%>"); var _selectedIndex = _ddlStatus.selectedIndex; if (_selectedIndex == 0) { alert("Nothing selected"); }<br/> else<br/> if (_selectedIndex == 1) { for (i = 0; i < Page_Validators.length; i++) { Page_Validators[i].Enabled = true; } } } </script> thanks in anticipation.

    Read the article

  • [IE6] Cannot upload non-existent file

    - by geff_chang
    I am asking the same question as this: http://stackoverflow.com/questions/691323/trying-to-upload-a-non-existent-file-in-internet-explorer-form-is-not-submitted I'm not sure if the topic starter found a solution, since he did not post the answer. So, I'd like to ask you guys this question again. I have type=input in my form, and a submit button. If I type garbage input into the textbox (like the text "abc") in the file control's textbox, and click the submit button, the form is not submitted to the server. AND, no feedback is given to the user. Instead of this "Is-the-submit-button-broken?" behavior, is there a way I could notify the user that the file does not exist? (I am aware this is not possible, except with ActiveX, but I don't want to go into that) My client wants to hide the textbox of the file control, but I'm not sure if this is a good design. What do you guys suggest? (If it makes any difference, I am also using this jquery plugin: http://www.fyneworks.com/jquery/multiple-file-upload/)

    Read the article

  • asp.net mvc getting id of button clicked

    - by mazhar kaunain baig
    <div id="4591" > <input type="text" id="Title1" name="Title1" value="a" /> <input type="submit" name="button" value="Save" /> </div> <div id="4592" > <input type="text" id="Title2" name="Title2" value="a" /> <input type="submit" name="button" value="Save" /> </div> <div id="4593" > <input type="text" id="Title3" name="Title3" value="a" /> <input type="submit" name="button" value="Save" /> </div> This is the copy paste version of the html source generated by the browser which is making it clear that i am generating the dynamic fields on the page. name in the textbox is the field in the database. After pressing the one of the save buttons how would i send the particular textbox name and value to the controller action to be updated.

    Read the article

  • .NET - Unable to get values from Value property of HtmlInputHidden

    - by user245123
    I have a custom control that inherits from .NET's CompositeControl class. This control overrides the CreateChildControls in order to build its child controls dynamically. I need the page to post back after a couple different javascript events occur on the client side. In order to accomplish this, I create two hidden controls on the page so I can set their values with javascript, submit the page, and read the values out on server side. Here's is the code I use to create these two hiddens: Protected Overrides Sub CreateChildControls() hdEventName = New HiddenField() Controls.Add(hdEventName) hdEventName.ID = "hdEventName" hdEventArgs = New HiddenField() Controls.Add(hdEventArgs) hdEventArgs.ID = "hdEventValue" ' other controls ' ... End Sub When a javascript event occurs I set the value attribute of the two hiddens and submit the page, like so: hdEventName.value = 'EventName'; hdEventArgs.value = 'arg1,arg2'; document.forms[0].submit(); In the OnLoad method of my control, I attempt to check the Value property of the hdEventName and hdEventArgs controls, but it is always empty. However, Page.Request.Form(hdEventName.UniqueID) and Page.Request.Form(hdEventArgs.UniqueID) return correct values. The actual HTML in the markup also shows correct values after the page posts back. Why is the Value property of the HtmlInputHiddens disconnected from the actual value that appears on the client?

    Read the article

  • Tab Index on div

    - by Mithun P
    Please see the form HTML code below <form method="post" action="register"> <div class="email"> Email <input type="text" tabindex="1" id="email" value="" name="email"> </div> </div> <div class="agreement"> <div tabindex="2" class="terms_radio"> <div onclick="changeTerm(this);" class="radio" id="terms_radio_wrapper" style="background-position: left 0pt;"> <input type="radio" id="terms" value="1" name="terms"><label for="terms">I have read and understood the ZapAV</label> </div> </div> </div> <div class="form_submit"> <input type="button" tabindex="3" value="Cancel" name="cancel"> <input type="submit" tabindex="4" value="Submit" name="submit"> </div> </form> Here I syled teh agreement check box insuch a way that radio input is completly hidden and background image is applied to the wrapper div, and onclick of the wrapper div will toggle the backgroud image as well as the checked status of teh radio input. I need to set the tabindex index on the 'terms_radio' DIV, simply tabindex="2" attribute on div is not working, Is it possible to bring the dotted border on the label for the radio input up on pressing the TAB when the cursor is at email input field?

    Read the article

  • why does my <br> not work ?

    - by Vince
    I am returning a PHP array back to a JQuery call for appending into a div called "name-data". I want my array to be listed vertically, so I concatenate a br tag in the PHP however, when it gets to the HTML page the br is not being rendered, it just comes out as text. I have tried the various forms of br all without luck. I am new to JQuery - What am I doing wrong ? Many Thanks ! PHP: $result = mysqli_query($con,"SELECT FirstName FROM customer limit 5"); while($row = mysqli_fetch_array($result)) { echo $row['FirstName']."<br />"; } JQuery: $('input#name-submit').on('click',function(){ var name = $('input#name').val(); if($.trim(name) !=''){ $.post('search.php',{name:name}, function(data){ $('div#name-data').text(data); }); } }); HTML Name:<input type="text" id="name"> <input type="submit" id="name-submit" value="grab"> <div id="name-data"> </div>

    Read the article

  • Will these security functions be enough? (PHP)

    - by ggfan
    I am trying to secure my site so I don't have sql injections and xss scripting. Here's my code. //here's the from, for brevity, i just show a field for users to put firstname <form> <label for="first_name" class="styled">First Name:</label> <input type="text" id="first_name" name="first_name" value="<?php if (!empty($first_name)) echo $first_name; ?>" /><br /> //submit button etc </form> if (isset($_POST['submit'])) { //gets rid of extra whitesapce and escapes $first_name = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); //check if $first_name is a string if(!is_string($first_name) { echo "not string"; } //then insert into the database. ....... } mysqli_real_espace_string: I know that this func escapes certain letters like \n \r, so when the data gets inputted into the dbc, it would have '\' next to all the escaped letters? --Will this script be enough to prevent most sql injections? just escaping and checking if the data is a string. For integers values(like users putting in prices), i just: is_numeric(). --How should I use htmlspecialchars? Should I use it only when echoing and displaying user data? Or should I also use this too when inputting data to a dbc? --When should I use strip_tags() or htmlspecialchars? SOO with all these function... if (isset($_POST['submit'])) { //gets rid of extra whitesapce and escapes $first_name = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); //check if $first_name is a string if(!is_string($first_name) { echo "not string"; } //gets rid of any <,>,& htmlspecialchars($first_name); //strips any tags with the first name strip_tags($first_name) //then insert into the database. ....... } Which funcs should I use for sql injections and which ones should I use for xss?

    Read the article

  • how to add jquery live to lightbox v2?

    - by Mahmoud
    Hey all I am trying to create a page that well display a gallery image, when the user clicks on any images it inlarges using lightbox v2 now after that i adding on each image a button that well submit to jcart script which well add to cart, but when the user click on the button it refreshes. so i wanted to use jquery live to submit to jcart without closing the lightbox v2 but i still dont know how to do? code used inside lightbox title is <form class="jcart" method="post" action="" name = "add" > <input type="hidden" name="id" value="".$row['pro_num']."" /> <input type="hidden" name="name" value="".$row['pro_name']."" /> <input type="hidden" name="price" value="".$row['pro_price']."" /> <input type="hidden"name="qty" size = "1" value="1" /> <br /> <input type="image" value="Submit" name="addto" src = "images/add.png" /> </form>

    Read the article

  • header location won't work in php

    - by Jayden Kelly
    I am making a login page for my website but the header location won't work. here is the code of login.php: <?php include ( './includes/header.php' ); if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; $check_username = mysql_query("SELECT username FROM users WHERE username='$username'"); $numrows = mysql_num_rows($check_username); if ($numrows != 1) { echo 'That User doesn\'t exist.'; } else { $check_password = mysql_query("SELECT password FROM users WHERE password='$password' && username='$username'"); while ($row = mysql_fetch_assoc($check_password)) { $password_db = $row['password']; if ($password_db == $password) { $_SESSION['username'] = $username; header("Location: members.php"); } } } } ?> <h2>Login to Your Account</h2> <form action='login.php' method='POST'> <input type='text' name='username' value='Username ...' onclick='value=""'/><p /> <input type='password' name='password' value='Password ...' onclick='value=""'/><p /> <input type='submit' name='submit' value='Login to my Account' /> </form> I would really appreciate it if someone could help me, thanks. P.S. If you need the php part of the header file it is here: <?php session_start(); include ( './includes/functions.php' ); include ( './includes/connect_to_mysql.php' ); ?>

    Read the article

  • PHP & MySQL storing multiple values in a database.

    - by R.I.P.coalMINERS
    I'm basically a front end designer and new to PHP and MySQL but I want a user to be able to store multiple names and there meanings in a MySQL database table named names using PHP I will dynamically create form fields with JQuery every time a user clicks on a link so a user can enter 1 to 1,000,000 different names and there meanings which will be stored in a table called names. All I want to know is how can I store multiple names and there meanings in a database and then display them back to the user for them to edit or delete using PHP MySQL? I created the MySQL table already. CREATE TABLE names ( id INT UNSIGNED NOT NULL AUTO_INCREMENT, userID INT NOT NULL, name VARCHAR(255) NOT NULL, meaning VARCHAR(255) NOT NULL, PRIMARY KEY (id) ); Here is the HTML. <form method="post" action="index.php"> <ul> <li><label for="name">Name: </label><input type="text" name="name" id="name" /></li> <li><label for="meaning">Meaning: </label><input type="text" name="meaning" id="meaning" /></li> <li><input type="submit" name="submit" value="Save" /> <input type="hidden" name="submit" value="true" /></li> </ul> </form>

    Read the article

  • Array length is zero in jQuery.

    - by James123
    I wrote like this. After submit click loop is not excuting. But I saw value are there, But array lenght is showing '0'. (Please see picture). Why it is not going into loop? and $('#myVisibleRows').val(idsString); becoming 'empty'. $(document).ready(function() { $('tr[@class^=RegText]').hide().children('td'); var list_Visible_Ids = []; var idsString, idsArray; alert($('#myVisibleRows').val()); idsString = $('#myVisibleRows').val(); idsArray = idsString.split(','); $.each(idsArray, function() { if (this != "") { $('#' + this).siblings(('.RegText').toggle(true)); window['list_Visible_Ids'][this] = 1; } }); $('tr.subCategory1') .css("cursor", "pointer") .attr("title", "Click to expand/collapse") .click(function() { //this = $(this); $(this).siblings('.RegText').toggle(); list_Visible_Ids[$(this).attr('id')] = $(this).css('display') != 'none' ? 1 : null; alert(list_Visible_Ids[$(this).attr('id')]) }); $('#form1').submit(function() { idsString = ''; $.each(list_Visible_Ids, function(key, val) { alert(val); if (val) { idsString += (idsString != '' ? ',' : '') + key; } }); $('#myVisibleRows').val(idsString); form.submit(); }); });

    Read the article

  • CSS Style Firefox/Safari/Chrome

    - by patrick
    hi, i have a problem with css differences between browsers. i have a simple input textfield an a submit button. the should be arranged. with webkit (safari/webkit) everything looks fine but firefox doesnt do it. does anyone have an idea whats wrong? i have written a little test html page: <html> <head> <style type="text/css"> #input { background: none repeat scroll 0 0 white; border-color: #DCDCDC; border-style: solid; border-width: 1px 0 1px 1px; font: 13px "Lucida Grande",Arial,Sans-serif; margin: 0; padding: 5px 5px 5px 15px; width: 220px; outline-width: 0; height: 30px; } #submit { background: none repeat scroll 0 0 white; border: 1px solid #DCDCDC; font: 13px "Lucida Grande",Arial,Sans-serif; margin: 0; outline-width: 0; height: 30px; padding: 5px 10px; } </style> </head> <body> <input id="input" type="text" value="" /><input id="submit" type="button" value="Add" /> </body> </html>

    Read the article

  • Dissertation about website and database security - in need of some pointers

    - by ClarkeyBoy
    Hi, I am on my dissertation in my final year at university at the moment. One of the areas I need to research is security - for both websites and for databases. I currently have sections on the following: Website Form security - such as data validation. This section is more about preventing errors made by legitimate users as much as possible rather than stopping hackers, for example comparing a field to a regular expression and giving them meaningful feedback on any errors which did occur so as to stop it happening again. Constraints. For example if a value must be true or false then use a checkbox. If it is likely to be one of several values then use a dropdown or a set of radio boxes, and so on. If the value is unpredictable then use regular expressions to limit what characters they are allowed to enter, and to restrict the length of the string, and sometimes to limit the format (such as for dates / times, post codes and so on). Sometimes you can limit permissions to the form. This is on the occasion that you know exactly who (whether it be peoples names or a group of people - such as administrators or employees) is going to need access to the form. Restricting permissions will stop members of the public from being able to access the form. Symbols or strings which could be used maliciously or cause the website to act incorrectly (such as the script tag) should be filtered out or html encoded. Captcha images can be used to prevent automated systems from filling in and submitting the form. There are some hacks for file uploads - such as using double extensions - which can allow hackers to upload malicious files. Databases (this is nowhere near done yet but the sections I have planned are listed below) SQL statements vs stored procedures Throwing an error when one of the variables contains particular characters or groups of characters (I cant remember what characters they are, but I have seen a message thrown back at me before where I have tried to enter html or something into a text area). SQL Injection - and ways around it, with some examples. Does anyone have any hints and tips on where I could go for some decent, reliable information either about these areas or about other areas of security that I could cover? Thanks in advance. Regards, Richard PS I am a complete newbie when it comes to security, so please be patient with me. If any of the information I have put down is wrong or could be sub-sectioned then please feel free to say so.

    Read the article

  • after return PartialView() Url.Actionlink("Action", "Controller"), the Controller is lost

    - by Johannes
    Well the Question is related to a problem I posted before (http://stackoverflow.com/questions/2403899/asp-net-mvc-partial-view-does-not-call-my-action). In practice I've a partial view which contains a Form, after submitting the Form the Controller returns the Partial View. Well the Problem is if I reload the page which contains the partial view the function <%= Url.Action("ChangePassword", "Account") %> returns "Account/ChangePassword", if I submit the form and the partial is returned by the controller. Using return PartialView() the function <%= Url.Action("ChangePassword", "Account") %> returns only "ChangePassword". Any Idea because? The View looks like: <form action="<%= Url.Action("ChangePassword", "Account") %>" method="post" id="jform"> <div> <fieldset> <legend>Account Information</legend> <p> <label for="currentPassword">Current password:</label> <%= Html.Password("currentPassword") %> <%= Html.ValidationMessage("currentPassword") %> </p> <p> <label for="newPassword">New password:</label> <%= Html.Password("newPassword") %> <%= Html.ValidationMessage("newPassword") %> </p> <p> <label for="confirmPassword">Confirm new password:</label> <%= Html.Password("confirmPassword") %> <%= Html.ValidationMessage("confirmPassword") %> </p> <p> <input type="submit" value="Change Password" /> </p> </fieldset> </div> </form> </div> <script> $(function() { $('#jform').submit(function() { $('#jform').ajaxSubmit({ target: '#FmChangePassword' }); return false; }); }); </script> Part of the Controller: if (!ValidateChangePassword(currentPassword, newPassword, confirmPassword)) { return PartialView(ViewData); }

    Read the article

  • Facebook connect displaying invite friends dialog and closing on completion

    - by Dougnukem
    I'm trying to create a Facebook Connect application that displays a friend invite dialog within the page using Facebook's Javascript API (through a FBMLPopupDialog). The trouble is to display a friend invite dialog you use a multi-friend form which requires an action="url" attribute that represents the URL to redirect your page to when the user completes or skips the form. The problem is that I want to just close the FBMLPopupDialog (the same behavior as if the user just hit the 'X' button on the popup dialog). The best I can do is redirect the user back to the page they were on basically a reload but they lose all AJAX/Flash application state. I'm wondering if any Facebook Connect developers have run into this issue and have a good way to simply display a friend invite "lightbox" dialog within their website where they don't want to "refresh" or "redirect" when the user finishes. The facebook connect JS API provides a FB.Connect.inviteConnectUsers, which provides a nice dialog but only connects existing users of your application who also have a Facebook account and haven't connected. http://bugs.developers.facebook.com/show%5Fbug.cgi?id=4916 function fb_inviteFriends() { //Invite users log("Inviting users..."); FB.Connect.requireSession( function() { //Connect succes var uid = FB.Facebook.apiClient.get_session().uid; log('FB CONNECT SUCCESS: ' + uid); //Invite users log("Inviting users..."); //Update server with connected account updateAccountFacebookUID(); var fbml = fb_getInviteFBML() ; var dialog = new FB.UI. FBMLPopupDialog("Weblings Invite", fbml) ; //dialog.setFBMLContent(fbml); dialog.setContentWidth(650); dialog.setContentHeight(450); dialog.show(); }, //Connect cancelled function() { //User cancelled the connect log("FB Connect cancelled:"); } ); } function fb_getInviteFBML() { var uid = FB.Facebook.apiClient.get_session().uid; var fbml = ""; fbml = '<fb:fbml>\n' + '<fb:request-form\n'+ //Redirect back to this page ' action="'+ document.location +'"\n'+ ' method="POST"\n'+ ' invite="true"\n'+ ' type="Weblings Invite"\n' + ' content="I need your help to discover all the Weblings and save the Internet! WebWars: Weblings is a cool new game where we can collect fantastic creatures while surfing our favorite websites. Come find the missing Weblings with me!'+ //Callback the server with the appropriate Webwars Account URL ' <fb:req-choice url=\''+ WebwarsFB.WebwarsAccountServer +'/SplashPage.aspx?action=ref&reftype=Facebook' label=\'Check out WebWars: Weblings\' />"\n'+ '>\n'+ ' <fb:multi-friend-selector\n'+ ' rows="2"\n'+ ' cols="4"\n'+ ' bypass="Cancel"\n'+ ' showborder="false"\n'+ ' actiontext="Use this form to invite your friends to connect with WebWars: Weblings."/>\n'+ ' </fb:request-form>'+ ' </fb:fbml>'; return fbml; }

    Read the article

  • How do I correctly Re-render a Recaptcha in ASP.NET MVC 2 after an AJAX POST

    - by Eoin Campbell
    Ok... I've downloaded and implemented this Recaptcha implementation for MVC which uses the ModelState to confirm the validity of the captcha control. It works brilliantly... except when I start to use it in an AJAX Form. In a nutshell, when a div is re-rendered with AJAX, the ReCaptcha that it should contain does not appear, even though the relevant <scripts> are in the source after the partial render. Code Below. using (Ajax.BeginForm("CreateComment", "Blog", new AjaxOptions() { HttpMethod = "POST", UpdateTargetId = "CommentAdd", OnComplete="ReloadRecaptcha", OnSuccess = "ShowComment", OnFailure = "ShowComment", OnBegin = "HideComment" })) {%> <fieldset class="comment"> <legend>Add New Comment</legend> <%= Html.ValidationSummary()%> <table class="postdetails"> <tbody> <tr> <td rowspan="3" id="blahCaptcha"> <%= Html.CreateRecaptcha("recaptcha", "blackglass") %> </td> .... Remainder of Form Omitted for Brevity I've confirmed the Form is perfectly functional when the Recaptcha Control is not present and the Javascript calls in the AjaxOptions are all working fine. The problem is that if the ModelState is Invalid as a result of the Recaptcha or some other validation, then the ActionResult returns the View to reshow the form. [RecaptchaFilter(IgnoreOnMobile = true)] [HttpPost] public ActionResult CreateComment(Comment c) { if (ModelState.IsValid) { try { //Code to insert Comment To DB return Content("Thank You"); } catch { ModelState.AddRuleViolations(c.GetRuleViolations()); } } else { ModelState.AddRuleViolations(c.GetRuleViolations()); } return View("CreateComment", c); } When it's InValid and the form posts back, for some reason the ReCaptcha Control does not re-render. I've checked the source and the <script> & <noscript> blocks are present in the HTML so the HTML Helper function below is obviously working <%= Html.CreateRecaptcha("recaptcha", "blackglass") %> I assume this has something to do with scripts injected into the DOM by AJAX are not re-executed. As you can see from the HTML snippet above, I've tried to add an OnComplete= javascript function to re-create the Captcha on the client side, but although the script executes with no errors, it doesn't work. OnComplete Function is. function ReloadRecaptcha() { Recaptcha.create("my-pub-key", 'blahCaptcha', { //blahCaptcha is the ID of the <td> where the ReCaptcha should go. theme: 'blackglass' }); } Can anyone shed any light on this ? Thanks, Eoin C

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 219 220 221 222 223 224 225 226 227 228 229 230  | Next Page >