Search Results

Search found 765 results on 31 pages for 'submission'.

Page 28/31 | < Previous Page | 24 25 26 27 28 29 30 31  | Next Page >

• Post parameters are becoming null (at random)

  - by Raghuram Duraisamy

  Hi, My web application is developed with Struts2 and it was working fine till recently. All of a sudden one of the modules has started malfunctioning. The malfunctioning module is 'Update Student details' page. This page has a lot of fields like 'schoolName', 'degreeName', etc . School 1: <input name="schoolName"> School 2: <input name="schoolName"> ..... School n: <input name="schoolName"> As mentioned earlier, the page was working perfectly fine till recently. Now, one/many of the values of 'schoolName', 'degreeName', etc are being received as "" (EMPTY STRING) on the server-side. For debugging, I used firebug and remote-debugging in eclipse. I find that the post-parameters are correct on the client-side. For instance, during one of the submissions the post-parameters were as below (i noted them from firebug). Content-Type: multipart/form-data; boundary=---------------------------2921238217421 Content-Length: 48893 <OTHER_PARAMETERS> <!--Truncated for clarity --> -----------------------------2921238217421 Content-Disposition: form-data; name="schoolName" ABC Institute -----------------------------2921238217421 Content-Disposition: form-data; name="schoolName" Test School -----------------------------2921238217421 Content-Disposition: form-data; name="schoolName" XYZ -----------------------------2921238217421 Content-Disposition: form-data; name="schoolName" Texas Institute -----------------------------2921238217421 Content-Disposition: form-data; name="schoolName" XXXX School -----------------------------2921238217421-- But on the server-side, the request params were as below: schoolName=[ABC Institute, Test School, XYZ, , XXXX School], "Texas Institute" was received as "" (EMPTY STRING) in this particular case. This is not happening consistently. The parameters that become NULL (or EMPTY STRING) seem random to me - during one instance, parameter schoolName[3] became null as illustrated above, parameter schoolName[2] became null during yet another submission, etc. At times, none of the parameters are nullified. The following is the list of the interceptors in the action definition. List of interceptors: ---------------------- FileUploadInterceptor org.apache.struts2.interceptor.FileUploadInterceptor ServletConfigInterceptor org.apache.struts2.interceptor.ServletConfigInterceptor StaticParametersInterceptor com.opensymphony.xwork2.interceptor.StaticParametersInterceptor ParametersInterceptor com.opensymphony.xwork2.interceptor.ParametersInterceptor MyCustomInterceptor com.xxxx.yyyy.interceptors.GetLoggedOnUserInterceptor This issue appears rather weird to me and I have not been able to zero-in on the exact cause of the issue. Any help in this regard would be highly appreciated. Thanks in advance. Thanks, Raghuram

  Read the article

• How Do I Prevent Rails From Treating Updated Nested Attributes Differently From New Nested Attribute

  - by James

  I am using rails3 beta3 and couchdb via couchrest. I am not using active record. I want to add multiple "Sections" to a "Guide" and add and remove sections dynamically via a little javascript. I have looked at all the screencasts by Ryan Bates and they have helped immensely. The only difference is that I want to save all the sections as an array of sections instead of individual sections. Basically like this: "sections" => [{"title" => "Foo1", "content" => "Bar1"}, {"title" => "Foo2", "content" => "Bar2"}] So, basically I need the params hash to look like that when the form is submitted. When I create my form I am doing the following: <%= form_for @guide, :url => { :action => "create" } do |f| %> <%= render :partial => 'section', :collection => @guide.sections %> <%= f.submit "Save" %> <% end %> And my section partial looks like this: <%= fields_for "sections[]", section do |guide_section_form| %> <%= guide_section_form.text_field :section_title %> <%= guide_section_form.text_area :content, :rows => 3 %> <% end %> Ok, so when I create the guide with sections, it is working perfectly as I would like. The params hash is giving me a sections array just like I would want. The problem comes when I want edit guide/sections and save them again because rails is inserting the id of the guide in the id and name of each form field, which is screwing up the params hash on form submission. Just to be clear, here is the raw form output for a new resource: <input type="text" size="30" name="sections[][section_title]" id="sections__section_title"> <textarea rows="3" name="sections[][content]" id="sections__content" cols="40"></textarea> And here is what it looks like when editing an existing resource: <input type="text" value="Foo1" size="30" name="sections[cd2f2759895b5ae6cb7946def0b321f1][section_title]" id="sections_cd2f2759895b5ae6cb7946def0b321f1_section_title"> <textarea rows="3" name="sections[cd2f2759895b5ae6cb7946def0b321f1][content]" id="sections_cd2f2759895b5ae6cb7946def0b321f1_content" cols="40">Bar1</textarea> How do I force rails to always use the new resource behavior and not automatically add the id to the name and value. Do I have to create a custom form builder? Is there some other trick I can do to prevent rails from putting the id of the guide in there? I have tried a bunch of stuff and nothing is working. Thanks in advance!

  Read the article

• How would you organize a large complex web application (see basic example)?

  - by Anurag

  How do you usually organize complex web applications that are extremely rich on the client side. I have created a contrived example to indicate the kind of mess it's easy to get into if things are not managed well for big apps. Feel free to modify/extend this example as you wish - http://jsfiddle.net/NHyLC/1/ The example basically mirrors part of the comment posting on SO, and follows the following rules: Must have 15 characters minimum, after multiple spaces are trimmed out to one. If Add Comment is clicked, but the size is less than 15 after removing multiple spaces, then show a popup with the error. Indicate amount of characters remaining and summarize with color coding. Gray indicates a small comment, brown indicates a medium comment, orange a large comment, and red a comment overflow. One comment can only be submitted every 15 seconds. If comment is submitted too soon, show a popup with appropriate error message. A couple of issues I noticed with this example. This should ideally be a widget or some sort of packaged functionality. Things like a comment per 15 seconds, and minimum 15 character comment belong to some application wide policies rather than being embedded inside each widget. Too many hard-coded values. No code organization. Model, Views, Controllers are all bundled together. Not that MVC is the only approach for organizing rich client side web applications, but there is none in this example. How would you go about cleaning this up? Applying a little MVC/MVP along the way? Here's some of the relevant functions, but it will make more sense if you saw the entire code on jsfiddle: /** * Handle comment change. * Update character count. * Indicate progress */ function handleCommentUpdate(comment) { var status = $('.comment-status'); status.text(getStatusText(comment)); status.removeClass('mild spicy hot sizzling'); status.addClass(getStatusClass(comment)); } /** * Is the comment valid for submission */ function commentSubmittable(comment) { var notTooSoon = !isTooSoon(); var notEmpty = !isEmpty(comment); var hasEnoughCharacters = !isTooShort(comment); return notTooSoon && notEmpty && hasEnoughCharacters; } // submit comment $('.add-comment').click(function() { var comment = $('.comment-box').val(); // submit comment, fake ajax call if(commentSubmittable(comment)) { .. } // show a popup if comment is mostly spaces if(isTooShort(comment)) { if(comment.length < 15) { // blink status message } else { popup("Comment must be at least 15 characters in length."); } } // show a popup is comment submitted too soon else if(isTooSoon()) { popup("Only 1 comment allowed per 15 seconds."); } });

  Read the article

• How do I construct a Django reverse/url using query args?

  - by Andrew Dalke

  I have URLs like http://example.com/depict?smiles=CO&width=200&height=200 (and with several other optional arguments) My urls.py contains: urlpatterns = patterns('', (r'^$', 'cansmi.index'), (r'^cansmi$', 'cansmi.cansmi'), url(r'^depict$', cyclops.django.depict, name="cyclops-depict"), I can go to that URL and get the 200x200 PNG that was constructed, so I know that part works. In my template from the "cansmi.cansmi" response I want to construct a URL for the named template "cyclops-depict" given some query parameters. I thought I could do {% url cyclops-depict smiles=input_smiles width=200 height=200 %} where "input_smiles" is an input to the template via a form submission. In this case it's the string "CO" and I thought it would create a URL like the one at top. This template fails with a TemplateSyntaxError: Caught an exception while rendering: Reverse for 'cyclops-depict' with arguments '()' and keyword arguments '{'smiles': u'CO', 'height': 200, 'width': 200}' not found. This is a rather common error message both here on StackOverflow and elsewhere. In every case I found, people were using them with parameters in the URL path regexp, which is not the case I have where the parameters go into the query. That means I'm doing it wrong. How do I do it right? That is, I want to construct the full URL, including path and query parameters, using something in the template. For reference, % python manage.py shell Python 2.6.1 (r261:67515, Feb 11 2010, 00:51:29) [GCC 4.2.1 (Apple Inc. build 5646)] on darwin Type "help", "copyright", "credits" or "license" for more information. (InteractiveConsole) >>> from django.core.urlresolvers import reverse >>> reverse("cyclops-depict", kwargs=dict()) '/depict' >>> reverse("cyclops-depict", kwargs=dict(smiles="CO")) Traceback (most recent call last): File "<console>", line 1, in <module> File "/Library/Python/2.6/site-packages/django/core/urlresolvers.py", line 356, in reverse *args, **kwargs))) File "/Library/Python/2.6/site-packages/django/core/urlresolvers.py", line 302, in reverse "arguments '%s' not found." % (lookup_view_s, args, kwargs)) NoReverseMatch: Reverse for 'cyclops-depict' with arguments '()' and keyword arguments '{'smiles': 'CO'}' not found.

  Read the article

• using checkbox yo update MySql table

  - by Martin

  Hi All I have been searching round the internet for days on this matter but I keep coming up against a brick wall. What I have is a table full of checkboxes inside an admin area acting as a monthly "to-do" list. It's essentially a worksheet of 30 or so things to do each month that must be checked off each month and notes added if applicable. I have managed to get the checkboxes to update via mysql and be shown somewhere as a list of ticks. I simply did this my setting the value to 1 and on submission it updates the sql table. I have to cover my bases here and also offer the option to un-tick items if they have been ticked b y mistake. But I cant figure out how this is done. Below is my checking code... any help on this matter would be great. <?php $currentTask = ''; echo "<tr class='tr'>"; while ($seolistRow = mysql_fetch_array($seolistRes)) { $taskValue = $seolistRow["taskValue"]; $worksheetID = $seolistRow["worksheetID"]; $taskName = $seolistRow["taskName"]; $taskInfo = $seolistRow["taskInfo"]; if ($taskValue == 1) { $taskDone = "<input type='checkbox' value='1' class='checkbox' name='checkbox".$worksheetID."' id=checkbox'".$worksheetID."' checked='checked' /><div class='taskinfo'>".$taskInfo."</div>"; } else { $taskDone = "<input type='checkbox' value='0' class='checkbox' name='checkbox".$worksheetID."' id='checkbox".$worksheetID."' />"; } if ($currentTask != $taskName) { echo "</tr>"; echo "<tr class='tr'>"; echo "<td class='task'>".$taskName."</td>"; } echo "<td class='tick'>".$taskDone."</td>"; $currentTask = $taskName; } echo "</tr>"; ?>

  Read the article

• javascript select box hanging on second select in ie7

  - by bsandrabr

  I have a drop down select box inside a div. When the user clicks on change, a dropdown box appears next to the change/submit button and the user makes a selection which then updates the db and the selection appears instead of the dropdown. All works fine in IE8 and firefox but in IE7 it allows one selection (there are several identical dropdowns) but the second time a selection is made it hangs on please wait. This is the relevant code <td width=200> <input type="button" onclick="startChanging(this)" value="Change" /></td> <script type="text/javascript"> var selectBox, isEditing = false; var recordvalue; if( window.XMLHttpRequest ) { recordvalue = new XMLHttpRequest(); } else if( window.ActiveXObject ) { try { recordvalue = new ActiveXObject('Microsoft.XMLHTTP'); } catch(e) {} } window.onload = function () { selectBox = document.getElementById('changer'); selectBox.id = ''; selectBox.parentNode.removeChild(selectBox); }; function startChanging(whatButton) { if( isEditing && isEditing != whatButton ) { return; } //no editing of other entries if( isEditing == whatButton ) { changeSelect(whatButton); return; } //this time, act as "submit" isEditing = whatButton; whatButton.value = 'Submit'; var theRow = whatButton.parentNode.parentNode; var stateCell = theRow.cells[3]; //the cell that says "present" stateCell.className = 'editing'; //so you can use CSS to remove the background colour stateCell.replaceChild(selectBox,stateCell.firstChild); //PRESENT is replaced with the select input selectBox.selectedIndex = 0; } function changeSelect(whatButton) { isEditing = true; //don't allow it to be clicked until submission is complete whatButton.value = 'Change'; var stateCell = selectBox.parentNode; var theRow = stateCell.parentNode; var editid = theRow.cells[0].firstChild.firstChild.nodeValue; //text inside the first cell var value = selectBox.firstChild.options[selectBox.firstChild.selectedIndex].value; //the option they chose selectBox.parentNode.replaceChild(document.createTextNode('Please wait...'),selectBox); if( !recordvalue ) { //allow fallback to basic HTTP location.href = 'getupdate.php?id='+editid+'&newvalue='+value; } else { recordvalue.onreadystatechange = function () { if( recordvalue.readyState != 4 ) { return; } if( recordvalue.status >= 300 ) { alert('An error occurred when trying to update'); } isEditing = false; newState = recordvalue.responseText.split("|"); stateCell.className = newState[0]; stateCell.firstChild.nodeValue = newState[1] || 'Server response was not correct'; }; recordvalue.open('GET', "getupdate.php?id="+editid+"&newvalue="+value, true); recordvalue.send(null); } } </script> If anyone has any idea why this is happening I'd be very grateful

  Read the article

• Issues with Rails 3.1 API with Query String to Create action on Mac OSX Mountain Lion

  - by hjaved

  Hi I've been stuck on this problem for a while and would appreciate your help. I'm writing an API to allow an external source like a Browser Query String or a smartphone to enter some model User info in a form and hit the User create action to write the data to the db. Please tell me what I'm doing wrong with the code below. I've also observed that if I have code like @user = User.new(params[:user]), that this approach only works when a user enters their data within the form. And that if I have code such as @user = User.new( name: params[:name], location: params[:location], password = params[:password], email: params[:email]), that this code ONLY works for a Query string entry, but NOT both Query string AND regular form submission. Why is that and how can I write the code above in the Users Controller Create action, so that it takes care of both situations? URL used: localhost:3000/users/create?name=John&&[email protected]&&password=secret&&location=SanFrancisco&date=06122012 The date is of type string but it doesn't show up in the database. Why? Everything else does. UsersController.rb def create @user = User.new(params[:user]) if @user.save session[:uid] = @user.id redirect_to thanks_path, notice: "Welcome #{@user.name}!" else redirect_to root_path end end New User Form: <%=u.text_field :name, placeholder: "Name"%><br> <%=u.text_field :email, placeholder: "Email"%><br> <%=u.password_field :password, placeholder: "Password"%><br> <%=u.text_field :location, placeholder: "City"%><br> <%=u.text_field :date, placeholder: "Date"%><br> <%if params[:partner_id]%> <%=u.hidden_field :partner_id, value: params[:partner_id]%> <%end%> <button class="btn btn-large btn-primary">Enter</button> I also tried to create a separate method called remotecreate for User creation for something other than a regular web form. I entered remotecreate in the Query string but it didn't work. def remotecreate @user = User.create(name: params[:name], email: params[:email], password: params[:password], location: params[:location], date: params[:date]) if @user.save session[:uid] = @user.id redirect_to thanks_path, notice: "Welcome #{@user.name}" else redirect_to root_path end end Thanks!

  Read the article

• How would you organize this Javascript?

  - by Anurag

  How do you usually organize complex web applications that are extremely rich on the client side. I have created a contrived example to indicate the kind of mess it's easy to get into if things are not managed well for big apps. Feel free to modify/extend this example as you wish - http://jsfiddle.net/NHyLC/1/ The example basically mirrors part of the comment posting on SO, and follows the following rules: Must have 15 characters minimum, after multiple spaces are trimmed out to one. If Add Comment is clicked, but the size is less than 15 after removing multiple spaces, then show a popup with the error. Indicate amount of characters remaining and summarize with color coding. Gray indicates a small comment, brown indicates a medium comment, orange a large comment, and red a comment overflow. One comment can only be submitted every 15 seconds. If comment is submitted too soon, show a popup with appropriate error message. A couple of issues I noticed with this example. This should ideally be a widget or some sort of packaged functionality. Things like a comment per 15 seconds, and minimum 15 character comment belong to some application wide policies rather than being embedded inside each widget. Too many hard-coded values. No code organization. Model, Views, Controllers are all bundled together. Not that MVC is the only approach for organizing rich client side web applications, but there is none in this example. How would you go about cleaning this up? Applying a little MVC/MVP along the way? Here's some of the relevant functions, but it will make more sense if you saw the entire code on jsfiddle: /** * Handle comment change. * Update character count. * Indicate progress */ function handleCommentUpdate(comment) { var status = $('.comment-status'); status.text(getStatusText(comment)); status.removeClass('mild spicy hot sizzling'); status.addClass(getStatusClass(comment)); } /** * Is the comment valid for submission */ function commentSubmittable(comment) { var notTooSoon = !isTooSoon(); var notEmpty = !isEmpty(comment); var hasEnoughCharacters = !isTooShort(comment); return notTooSoon && notEmpty && hasEnoughCharacters; } // submit comment $('.add-comment').click(function() { var comment = $('.comment-box').val(); // submit comment, fake ajax call if(commentSubmittable(comment)) { .. } // show a popup if comment is mostly spaces if(isTooShort(comment)) { if(comment.length < 15) { // blink status message } else { popup("Comment must be at least 15 characters in length."); } } // show a popup is comment submitted too soon else if(isTooSoon()) { popup("Only 1 comment allowed per 15 seconds."); } });

  Read the article

• enclosing double quotes in array

  - by Jared

  Hi all I might be looking at this the wrong way, but I have a form that does its thing (sends emails etc etc) but I also put in some code to make a simple flatfile csv log with some of the user entered details. If a user accidentally puts in for instance 'himynameis","bob' this would either break the csv row (because the quotes weren't encapsulated) or if I use htmlspecialchars() and stripslashes() on the data, I end up with a ugly data value of 'himynameis&quot;,&quot;bob'. My question is, how can I handle the incoming data to cater for '"' being put in the form without breaking my csv file? this is my code for creating the csv log file. @$name = htmlspecialchars(trim($_POST['name'])); @$emailCheck = htmlspecialchars(trim($_POST['email'])); @$title = htmlspecialchars(trim($_POST['title'])); @$phone = htmlspecialchars(trim($_POST['phone'])); function logFile($logText) { $path = 'D:\logs'; $filename = '\Log-' . date('Ym', time()) . '.csv'; $file = $path . $filename; if(!file_exists($file)) { $logHeader = array('Date', 'IP_Address', 'Title', 'Name', 'Customer_Email', 'Customer_Phone', 'file'); $fp = fopen($file, 'a'); fputcsv($fp, $line); } $fp = fopen($file, 'a'); foreach ($logText as $record) { fputcsv($fp, $record); } } //Log submission to file $date = date("Y/m/d H:i:s"); $clientIp = getIpAddress(); //get clients IP address $nameLog = stripslashes($name); $titleLog = stripslashes($title); if($_FILES['uploadedfile']['error'] == 4) $filename = "No file attached."; //check if file uploaded and return $logText = array(array("$date", "$clientIp", "$titleLog", "$nameLog", "$emailCheck", "$phone", "$filename")); logFile($logText); //write form details to log Here is a sample of the incoming array data: Array ( [0] => Array ( [0] => 2010/05/17 10:22:27 [1] => xxx.xxx.xxx.xxx [2] => title [3] => """"himynameis","bob" [4] => [email protected] [5] => 346346 [6] => No file attached. ) ) TIA Jared

  Read the article

• Why doesn't my form post when I disable the submit button to prevent double clicking?

  - by John MacIntyre

  Like every other web developer on the planet, I have an issue with users double clicking the submit button on my forms. My understanding is that the conventional way to handle this issue, is to disable the button immediately after the first click, however when I do this, it doesn't post. I did do some research on this, god knows there's enough information, but other questions like Disable button on form submission, disabling the button appears to work. The original poster of Disable button after submit appears to have had the same problem as me, but there is no mention on how/if he resolved it. Here's some code on how to repeat it (tested in IE8 Beta2, but had same problem in IE7) My aspx code <%@ Page Language="C#" CodeFile="Default.aspx.cs" Inherits="_Default" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <script language="javascript" type="text/javascript"> function btn_onClick() { var chk = document.getElementById("chk"); if(chk.checked) { var btn = document.getElementById("btn"); btn.disabled = true; } } </script> <body> <form id="form1" runat="server"> <asp:Literal ID="lit" Text="--:--:--" runat="server" /> <br /> <asp:Button ID="btn" Text="Submit" runat="server" /> <br /> <input type="checkbox" id="chk" />Disable button on first click </form> </body> </html> My cs code using System; public partial class _Default : System.Web.UI.Page { protected override void OnInit(EventArgs e) { base.OnInit(e); btn.Click += new EventHandler(btn_Click); btn.OnClientClick = "btn_onClick();"; } void btn_Click(object sender, EventArgs e) { lit.Text = DateTime.Now.ToString("HH:mm:ss"); } } Notice that when you click the button, a postback occurs, and the time is updated. But when you check the check box, the next time you click the button, the button is disabled (as expected), but never does the postback. WHAT THE HECK AM I MISSING HERE??? Thanks in advance.

  Read the article

• How Do I Prevent Rails From Treating Edit Fields_For Differently From New Fields_For

  - by James

  I am using rails3 beta3 and couchdb via couchrest. I am not using active record. I want to add multiple "Sections" to a "Guide" and add and remove sections dynamically via a little javascript. I have looked at all the screencasts by Ryan Bates and they have helped immensely. The only difference is that I want to save all the sections as an array of sections instead of individual sections. Basically like this: "sections" => [{"title" => "Foo1", "content" => "Bar1"}, {"title" => "Foo2", "content" => "Bar2"}] So, basically I need the params hash to look like that when the form is submitted. When I create my form I am doing the following: <%= form_for @guide, :url => { :action => "create" } do |f| %> <%= render :partial => 'section', :collection => @guide.sections %> <%= f.submit "Save" %> <% end %> And my section partial looks like this: <%= fields_for "sections[]", section do |guide_section_form| %> <%= guide_section_form.text_field :section_title %> <%= guide_section_form.text_area :content, :rows => 3 %> <% end %> Ok, so when I create the guide with sections, it is working perfectly as I would like. The params hash is giving me a sections array just like I would want. The problem comes when I want edit guide/sections and save them again because rails is inserting the id of the guide in the id and name of each form field, which is screwing up the params hash on form submission. Just to be clear, here is the raw form output for a new resource: <input type="text" size="30" name="sections[][section_title]" id="sections__section_title"> <textarea rows="3" name="sections[][content]" id="sections__content" cols="40"></textarea> And here is what it looks like when editing an existing resource: <input type="text" value="Foo1" size="30" name="sections[cd2f2759895b5ae6cb7946def0b321f1][section_title]" id="sections_cd2f2759895b5ae6cb7946def0b321f1_section_title"> <textarea rows="3" name="sections[cd2f2759895b5ae6cb7946def0b321f1][content]" id="sections_cd2f2759895b5ae6cb7946def0b321f1_content" cols="40">Bar1</textarea> How do I force rails to always use the new resource behavior and not automatically add the id to the name and value. Do I have to create a custom form builder? Is there some other trick I can do to prevent rails from putting the id of the guide in there? I have tried a bunch of stuff and nothing is working. Thanks in advance!

  Read the article

• New to asp.net. Need help debugging this email form.

  - by Roeland

  Hey guys, First of all, I am a php developer and most of .net is alien to me which is why I am posting here! I just migrated over a site from one set of webhosting to another. The whole site is written in .net. None of the site is database driven so most of it works, except for the contact form. The output on the site simple states there was an error with "There has been an error - please try to submit the contact form again, if you continue to experience problems, please notify our webmaster." This is just a simple message it pops out of it gets to the "catch" part of the email function. I went into web.config and changed the parameters: <emailaddresses> <add name="System" value="[email protected]"/> <add name="Contact" value="[email protected]"/> <add name="Info" value="[email protected]"/> </emailaddresses> <general> <add name="WebSiteDomain" value="hoyespharmacy.com"/> </general> Then the .cs file for contact contains the mail function EmailFormData(): private void EmailFormData() { try { StringBuilder body = new StringBuilder(); body.Append("Name" + ": " + txtName.Text + "\n\r"); body.Append("Phone" + ": " + txtPhone.Text + "\n\r"); body.Append("Email" + ": " + txtEmail.Text + "\n\r"); body.Append("Fax" + ": " + txtEmail.Text + "\n\r"); body.Append("Subject" + ": " + ddlSubject.SelectedValue + "\n\r"); body.Append("Message" + ": " + txtMessage.Text); MailMessage mail = new MailMessage(); mail.IsBodyHtml = false; mail.To.Add(new MailAddress(Settings.GetEmailAddress("System"))); mail.Subject = "Contact Us Form Submission"; mail.From = new MailAddress(Settings.GetEmailAddress("System"), Settings.WebSiteDomain); mail.Body = body.ToString(); SmtpClient smtpcl = new SmtpClient(); smtpcl.Send(mail); } catch { Utilities.RedirectPermanently(Request.Url.AbsolutePath + "?messageSent=false"); } } How do I see what the actual error is. I figure I can do something with the "catch" part of the function.. Any pointers? Thanks!

  Read the article

• IE browser caching and the jQuery Form Plugin

  - by Harfleur

  Like so many lost souls before me, I'm floundering in the snake pit that is Ajax form submission and IE browser caching. I'm trying to write a simple script using the jQuery Form Plugin to Ajaxify Wordpress comments. It's working fine in Firefox, Chrome, Safari, et. al., but in IE, the response text is cached with the result that Ajax is pulling in the wrong comment. jQuery(this).ajaxSubmit({ success: function(data) { var response = $("<ol>"+data+"</ol>"); response.find('.commentlist li:last').hide().appendTo(jQuery('.commentlist')).slideDown('slow'); } }); ajaxSubmit sends the comment to wp-comments-post.php, which inelegantly spits back the entire page as a response. So, despite the fact that it's ugly as toads, I'm sticking the response text in a variable, using :last to isolate the most recent comment, and sliding it down in its place. IE, however, is returning the cached version of the page, which doesn't include the new comment. So ".commentlist li:last" selects the previous comment, a duplicate of which then uselessly slides down beneath the original. I've tried setting "cache: false" in the ajaxSubmit options, but it has no effect. I've tried setting a url option and tacking on a random number or timestamp, but it winds up being attached to the POST that submits the comment to the server rather than the GET that returns the response, and so has no effect. I'm not sure what else to try. Everything works fine in IE if I turn off browser caching, but that's obviously not something I can expect anyone viewing the page to do. Any help will be hugely appreciated. Thanks in advance! EDIT WITH A PROGRESS REPORT: A couple of people have suggested using PHP headers to prevent caching, and this does indeed work. The trouble is that wp-comments-post is spitting back the entire page when a new comment is submitted, and the only way I can see to add headers is to put them in the Wordpress post template, which disables caching on all posts at all times--not quite the behavior I'm looking for. Is there a way to set a php conditional--"if is_ajax" or something like that--that would keep the headers from being applied during regular pageloads, but plug them in if the page was called by an Ajax GET?

  Read the article

• Codeigniter not returning me to upload form after image upload.

  - by Drew

  I'm still very new to codeigniter. The issue i'm having is that the file uploads fine and it writes to the database without issue but it just doesn't return me to the upload form. Instead it stays in the do_upload and doesn't display anything. Even more bizarrely there is some source code behind the scenes. Can someone tell my what it is i'm doing wrong because I want to be returning to my upload form after submission. Thanks in advance. Below is my code: Controller: function do_upload() { if($this->Upload_model->do_upload()) { $this->load->view('home/upload_form'); }else{ $this->load->view('home/upload_success', $error); } } Model: function do_upload() { $config['upload_path'] = './uploads/'; $config['allowed_types'] = 'gif|jpg|png'; $config['max_size'] = '2000'; $this->load->library('upload', $config); if ( ! $this->upload->do_upload()) { $error = array('error' => $this->upload->display_errors()); return $error; } else { $data = $this->upload->data(); $full_path = 'uploads/' . $data['file_name']; $spam = array( 'image_url' => $full_path, 'url' => $this->input->post('url') ); $id = $this->input->post('id'); $this->db->where('id', $id); $this->db->update('NavItemData', $spam); return true; } } View (called upload_form): <html> <head> <title>Upload Form</title> </head> <body> <?php if(isset($buttons)) : foreach($buttons as $row) : ?> <h2><?php echo $row->image_url; ?></h2> <p><?php echo $row->url; ?></p> <p><?php echo $row->name; ?></p> <p><?php echo anchor("upload/update_nav/$row->id", 'edit'); ?></p> <?php endforeach; ?> <?php endif; ?> </body> </html>

  Read the article

• how to get $form_state outside of FAPI's functions?

  - by logii

  I'm writing a custom module and I'd like to use $form_state of the current form in another non-form api function - custom_facet_view_build(). any help is appreciated :) <?php /** * Implementation of hook_perm(). */ function custom_facet_perm() { return array( 'access foo content', 'access baz content', ); } /** * Implementation of hook_menu(). */ function custom_facet_menu() { $items['faceted-search'] = array( 'title' => 'Faceted Search', 'page callback' => 'drupal_get_form', 'access arguments' => array(), ); $items['facet-search-test'] = array( 'page callback' => 'drupal_get_form', 'page arguments' => array('custom_facet_form'), 'access callback' => TRUE, 'type' => MENU_CALLBACK, ); return $items; } /** * Form definition; ahah_helper_demo form. */ function custom_facet_form($form_state) { $form = array(); ahah_helper_register($form, $form_state); if (isset($form_state['storage']['categories'])) { $categories_default_value = $form_state['storage']['categories']["#value"]; } $form['facet_search_form'] = array( '#type' => 'fieldset', '#title' => t('Faceted Search'), '#prefix' => '<div id="billing-info-wrapper">', // This is our wrapper div. '#suffix' => '</div>', '#tree' => TRUE, // Don't forget to set #tree! ); $form['facet_search_form']['categories'] = array( '#type' => 'select', '#title' => t('Category'), '#options' => _custom_facet_taxonomy_query(1), '#multiple' => TRUE, '#default_value' => $categories_default_value, ); $form['save'] = array( '#type' => 'submit', '#value' => t('Save'), ); return $form; } /** * Validate callback for the form. */ function custom_facet_form_validate($form, &$form_state) { } /** * Submit callback for the form. */ function custom_facet_form_submit($form, &$form_state) { drupal_set_message('nothing done'); $form_state['storage']['categories'] = $form['facet_search_form']['categories']; // dpm($form_state); // There's a value returned in form_state['storage] within this function } /** * Implementation of hook_views_api(). */ function custom_facet_views_api() { return array( 'api' => 2, ); } function custom_facet_view_build(&$view) { dpm($form_state); // form_state['storage] remains NULL even though there's a value on previous submission }

  Read the article

• CSS Hidden DIV Form Submit

  - by Michael

  Using CSS, when a link is clicked it brings up a hidden DIV that contains a form. The user will then enter information and then submit the form. I'd like the hidden DIV to remain visisble, and a 'success message' to be displayed after submission. Then the user will have the option of closing the DIV. I can't get it to work without reloading the page, which causes the DIV to become hidden again. Any ideas? <body> <a href="javascript:showDiv()" style="color: #fff;">Click Me</a> <!--POPUP--> <div id="hideshow" style="visibility:hidden;"> <div id="fade"></div> <div class="popup_block"> <div class="popup"> <a href="javascript:hideDiv()"> <img src="images/icon_close.png" class="cntrl" title="Close" /> </a> <h3>Remove Camper</h3> <form method="post" onsubmit="email.php"> <p><input name="Name" type="text" /></p> <p><input name="Submit" type="submit" value="submit" /></p> </form> <div id="status" style="display:none;">success</div> </div> </div> </div> <!--END POPUP--> <script language=javascript type='text/javascript'> function hideDiv() { if (document.getElementById) { // DOM3 = IE5, NS6 document.getElementById('hideshow').style.visibility = 'hidden'; } else { if (document.layers) { // Netscape 4 document.hideshow.visibility = 'hidden'; } else { // IE 4 document.all.hideshow.style.visibility = 'hidden'; } } } function showDiv() { if (document.getElementById) { // DOM3 = IE5, NS6 document.getElementById('hideshow').style.visibility = 'visible'; } else { if (document.layers) { // Netscape 4 document.hideshow.visibility = 'visible'; } else { // IE 4 document.all.hideshow.style.visibility = 'visible'; } } } </script> </body>

  Read the article

• Effective Data Validation

  - by John Conde

  What's an effective way to handle data validation, say, from a form submission? Originally I had a bunch of if statements that checked each value and collected invalid values in an array for later retrieval (and listing). // Store errors here $errors = array(); // Hypothetical check if a string is alphanumeric if (!preg_match('/^[a-z\d]+$/i', $fieldvalue)) { $errors[$fieldname] = 'Please only use letters and numbers for your street address'; } // etc... What I did next was create a class that handles various data validation scenarios and store the results in an internal array. After data validation was complete I would check to see if any errors occurred and handle accordingly: class Validation { private $errorList = array(); public function isAlphaNumeric($string, $field, $msg = '') { if (!preg_match('/^[a-z\d]+$/i', $string)) { $this->errorList[$field] = $msg; } } // more methods here public function creditCard($cardNumber, $field, $msg = '') { // Validate credit card number } // more methods here public function hasErrors() { return count($this->errorList); } } /* Client code */ $validate = new Validation(); $validate->isAlphaNumeric($fieldvalue1, $fieldname1, 'Please only use letters and numbers for your street address'); $validate->creditCard($fieldvalue2, $fieldname2, 'Please enter a valid credit card number'); if ($validate->hasErrors()) { // Handle as appropriate } Naturally it didn't take long before this class became bloated with the virtually unlimited types of data to be validated. What I'm doing now is using decorators to separate the different types of data into their own classes and call them only when needed leaving generic validations (i.e. isAlphaNumeric()) in the base class: class Validation { private $errorList = array(); public function isAlphaNumeric($string, $field, $msg = '') { if (!preg_match('/^[a-z\d]+$/i', $string)) { $this->errorList[$field] = $msg; } } // more generic methods here public function setError($field, $msg = '') { $this->errorList[$field] = $msg; } public function hasErrors() { return count($this->errorList); } } class ValidationCreditCard { protected $validate; public function __construct(Validation $validate) { $this->validate = $validate; } public function creditCard($cardNumber, $field, $msg = '') { // Do validation // ... // if there is an error $this->validate->setError($field, $msg); } // more methods here } /* Client code */ $validate = new Validation(); $validate->isAlphaNumeric($fieldvalue, $fieldname, 'Please only use letters and numbers for your street address'); $validateCC = new ValidationCreditCard($validate); $validateCC->creditCard($fieldvalue2, $fieldname2, 'Please enter a valid credit card number'); if ($validate->hasErrors()) { // Handle as appropriate } Am I on the right track? Or did I just complicate data validation more then I needed to?

  Read the article

• Having a Link Only Appear If a Logged-In User Appears on a Dynamic List

  - by John

  Hello, For the function below, I would like the link <div class="footervote"><a href="http://www...com/.../footervote.php">Vote</a></div> to only appear if the logged in user currently appears on editorlist.php. (I. e. if the loginid in the function corresponds to any of the usernames that currently appear in editorlist.php.) Appearing on editorlist.php is something that is dynamic. How can I do this? Thanks in advance, John function show_userbox() { // retrieve the session information $u = $_SESSION['username']; $uid = $_SESSION['loginid']; // display the user box echo '<div id="userbox"> <div class="username">'.$u.'</div> <div class="submit"><a href="http://www...com/.../submit.php">Submit an item.</a></div> <div class="changepassword"><a href="http://www...com/.../changepassword.php">Change Password</a></div> <div class="logout"><a href="http://www...com/.../logout.php">Logout</a></div> <div class="footervote"><a href="http://www...com/.../footervote.php">Vote</a></div> </div>'; } On editorlist.php: $sqlStr = "SELECT l.loginid, l.username, l.created, DATEDIFF(NOW(), l.created) AS days, COALESCE(s.total, 0) AS countSubmissions, COALESCE(c.total, 0) AS countComments, COALESCE(s.total, 0) * 10 + COALESCE(c.total, 0) AS totalScore, DATEDIFF(NOW(), l.created) + COALESCE(s.total, 0) * 10 + COALESCE(c.total, 0) AS totalScore2 FROM login l LEFT JOIN ( SELECT loginid, COUNT(1) AS total FROM submission GROUP BY loginid ) s ON l.loginid = s.loginid LEFT JOIN ( SELECT loginid, COUNT(1) AS total FROM comment GROUP BY loginid ) c ON l.loginid = c.loginid GROUP BY l.loginid ORDER BY totalScore2 DESC LIMIT 10"; $result = mysql_query($sqlStr); $arr = array(); echo "<table class=\"samplesrec1edit\">"; while ($row = mysql_fetch_array($result)) { echo '<tr>'; echo '<td class="sitename1edit1"><a href="http://www...com/.../members/index.php?profile='.$row["username"].'">'.stripslashes($row["username"]).'</a></td>'; echo '<td class="sitename1edit2">'.($row["countSubmissions"]).'</td>'; echo '<td class="sitename1edit2">'.($row["countComments"]).'</td>'; echo '<td class="sitename1edit2">'.($row["days"]).'</td>'; echo '<td class="sitename1edit2">'.($row["totalScore2"]).'</td>'; echo '</tr>'; } echo "</table>";

  Read the article

• fancybox image sometimes renders outside box

  - by Colleen

  I have the following django template: <script type="text/javascript" src="{{ STATIC_URL }}js/ jquery.fancybox-1.3.4.pack.js"></script> <link rel="stylesheet" href="{{ STATIC_URL }}css/ jquery.fancybox-1.3.4.css" type="text/css" media="screen" /> {% include "submission-form.html" with section="photos" %} <div class="commentables"> {% load thumbnail %} {% for story in objects %} <div class="image {% if forloop.counter|add:"-1"| divisibleby:picsinrow %}left{% else %}{% if forloop.counter| divisibleby:picsinrow %}right{% else %}middle{% endif %}{% endif %}"> {% if story.image %} {% thumbnail story.image size crop="center" as full_im %} <a rel="gallery" href="{% url post slug=story.slug %}"> <img class="preview" {% if story.title %} alt="{{ story.title }}" {% endif %} src="{{ full_im.url }}" full- image="{% if story.image_url %}{{ story.image_url }}{% else %} {{ story.image.url }}{% endif %}"> </a> {% endthumbnail %} {% else %} {% if story.image_url %} {% thumbnail story.image_url size crop="center" as full_im %} <a rel="gallery" href="{% url post slug=story.slug %}"> <img class="preview" {% if story.title %} alt="{{ story.title }}" {% endif %} src="{{ full_im.url }}" full- image="{{ story.image_url }}"> </a> {% endthumbnail %} {% endif %} {% endif %} </div> {% endfor %} {% if rowid != "last" %} <br style="clear: both" /> {% endif %} {% if not no_more_button %} <p style="text-align: right;" class="more-results"><a href="{% url images school_slug tag_slug %}">more...</a></p> {% endif %} </div> <script> $(document).ready(function(){ function changeattr(e){ var f = $(e.clone()); $(f.children()[0]).attr('src', $(f.children() [0]).attr("full-image")); $(f.children()[0]).attr('height', '500px'); return f[0].outerHTML; } $('.image a').each(function(idx, elem) { var e = $(elem); e.fancybox({ title: $(e.children()[0]).attr('alt'), content: changeattr(e) }); }); }); </script> and I'm occasionally getting weird display errors where the box will either not render anything at all (so it will show up as just a thin white bar, basically) or it will render only about 30 px wide, and position itself halfway down the page. In both cases, if I inspect element, I can see the "shadow" of the full picture, at the right size, with the right url. Image source doesnt' seem to make a difference, I'm getting no errors, and this is happening in both chrome and firefox. Does anyone have any ideas?

  Read the article

• Symfony2 Forms: is it possible to bind a form in an "unconventional way"?

  - by DonCallisto

  Imagine this scenario: in our company there is an employee that "play" around graphic,css,html and so on. Our new project will born under symfony2 so we're trying some silly - but "real" - stuff (like authentication from db, submit data from a form and persist it to db and so on..) The problem As far i know, learnt from symfony2 "book" that i found on the site (you can find it here), there is an "automated" way for creating and rendering forms: 1) Build the form up into a controller in this way $form = $this->createFormBuilder($task) ->add('task','text'), ->add('dueDate','date'), ->getForm(); return $this->render('pathToBundle:Controller:templateTwig', array('form'=>$form->createview()); 2) Into templateTwig render the template {{ form_widget(form) }} // or single rows method 3) Into a controller (the same that have a route where you can submit data), take back submitted information if($rquest->getMethod()=='POST'){ $form->bindRequest($request); /* and so on */ } Return to scenario Our graphic employee don't want to access controllers, write php and other stuff like those. So he'll write a twig template with a "unconventional" (from symfony2 point of view, but conventional from HTML point of view) method: /* into twig template */ <form action="{{ path('SestanteUserBundle_homepage') }}" method="post" name="userForm"> <div> USERNAME: <input type="text" name="user_name" value="{{ user.username}}"/> </div> <div> EMAIL: <input type="text" name="user_mail" value="{{ user.email }}"/> </div> <input type="hidden" name="user_id" value="{{ id }}" /> <input type="submit" value="modifica i dati"> </form> Now, if into the controller that handle the submission of data we do something like that public function indexAction(Request $request) { if($request->getMethod() == 'POST'){ // sono arrivato per via di un submit, quindi devo modificare i dati prima di farli vedere a video $defaultData = array('message'=>'ho visto questa cosa in esempio, ma non capisco se posso farne a meno'); $form = $this->createFormBuilder($defaultData) ->add('user_name','text') ->add('user_mail','email') ->add('user_id','integer') ->getForm(); $form->bindRequest($request); //bindo la form ad una request $data = $form->getData(); //mi aspetto un'array chiave=>valore /* .... */ We expected that $data will contain an array with key,value from the submitted form. We found that it isn't true. After googling for a while and try with other "bad" ideas, we're frozen into that. So, if you have a "graphic office" that can't handle directly php code, how can we interface from form(s) to controller(s) ? UPDATE It seems that Symfony2 use a different convention for form's field name and lookup once you've submitted that. In particular, if my form's name is addUser and a field is named userName, the field's name will be AddUser[username] so maybe it have a "dynamic" lookup method that will extract form's name, field's name, concat them and lookup for values. Is it possible?

  Read the article

• Simple Form validation failing Backbone

  - by Corey Buchillon

  Im not exactly adept at coding so Im probably missing something, but my view here is failing to refuse submission when one or both of the fields are empty. I have a feeling something isnt connected right to my template for the row and the view of the form Form = Backbone.View.extend({ //form vie el: '.item-form', initialize: function(){ }, events: { 'click #additem': 'addModel' }, addModel: function(itemName, price){ // simple validation before adding to collection if (itemName !="" && price !="" ){ var item = new Item({ itemName: this.$("#item").val(), price: this.$("#price").val()}); items.add(item); $("#message").html("Please wait; the task is being added."); item.save(null, {success: function (item, response,options) { item.id= item.attributes._id.$id; item.attributes.id = item.attributes._id.$id; new ItemsView({collection: items}); $("#message").html(""); } }); this.$("#item").val(''); this.$("#price").val(''); } else { alert('Please fill in both fields'); } } }); and HTML <table class="itemTable"> <thead> <tr> <th>Item</th> <th>Price</th> <th></th> </tr> </thead> <tbody class="tableBody"> <script type="text/template" id="table-row"> <td><%= itemName %></td> <td><%= price %></td> <td><button class="complete">Complete</button> <button class="remove">Remove</button></td> </script> </tbody> </table> <form class="item-form"> <input type="text" name="item" id="item" placeholder="Item"/> <!-- goes to itemName in the template for the body --> <input type="text" name="price" id="price" placeholder="Price" /><!--goes to price in the template for the body --> <button type="button" id="additem">Add</button> </form> <div id="message"></div>

  Read the article

• Making an efficient algorithm

  - by James P.

  Here's my recent submission for the FB programming contest (qualifying round only requires to upload program output so source code doesn't matter). The objective is to find two squares that add up to a given value. I've left it as it is as an example. It does the job but is too slow for my liking. Here's the points that are obviously eating up time: List of squares is being recalculated for each call of getNumOfDoubleSquares(). This could be precalculated or extended when needed. Both squares are being checked for when it is only necessary to check for one (complements). There might be a more efficient way than a double-nested loop to find pairs. Other suggestions? Besides this particular problem, what do you look for when optimizing an algorithm? public static int getNumOfDoubleSquares( Integer target ){ int num = 0; ArrayList<Integer> squares = new ArrayList<Integer>(); ArrayList<Integer> found = new ArrayList<Integer>(); int squareValue = 0; for( int j=0; squareValue<=target; j++ ){ squares.add(j, squareValue); squareValue = (int)Math.pow(j+1,2); } int squareSum = 0; System.out.println( "Target=" + target ); for( int i = 0; i < squares.size(); i++ ){ int square1 = squares.get(i); for( int j = 0; j < squares.size(); j++ ){ int square2 = squares.get(j); squareSum = square1 + square2; if( squareSum == target && !found.contains( square1 ) && !found.contains( square2 ) ){ found.add(square1); found.add(square2); System.out.println( "Found !" + square1 +"+"+ square2 +"="+ squareSum); num++; } } } return num; }

  Read the article

• How to connect two files and use the radio button?

  - by Stupefy101

  I have here a set of form from the index.php to upload a zip file, select an option then perform a converter process. <form action="" method="post" accept-charset="utf-8"> <p class="buttons"><input type="file" value="" name="zip_file"/></p> </form> <form action="index.php" method="post" accept-charset="utf-8" name="form1"> <h3><input type="radio" name="option" value="option1"/> Option1 </h3> <h3><input type="radio" name="option" value="option2"/> Option2 </h3> <h3><input type="radio" name="option" value="option3"/> Option3 </h3> <p class="buttons"><input type="submit" value="Convert"/></p> </form> In the other hand, this is my code for the upload.php that will extract the Zip file. <?php if($_FILES["zip_file"]["name"]) { $filename = $_FILES["zip_file"]["name"]; $source = $_FILES["zip_file"]["tmp_name"]; $type = $_FILES["zip_file"]["type"]; $name = explode(".", $filename); $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed'); foreach($accepted_types as $mime_type) { if($mime_type == $type) { $okay = true; break; } } $continue = strtolower($name[1]) == 'zip' ? true : false; if(!$continue) { $message = "The file you are trying to upload is not a .zip file. Please try again."; } $target_path = "C:xampp/htdocs/themer/".$filename; // change this to the correct site path if(move_uploaded_file($source, $target_path)) { $zip = new ZipArchive(); $x = $zip->open($target_path); if ($x === true) { $zip->extractTo("C:xampp/htdocs/themer/"); // change this to the correct site path $zip->close(); unlink($target_path); } $message = "Your .zip file was uploaded and unpacked."; } else { $message = "There was a problem with the upload. Please try again."; } } ?> How can i connect both files that will perform the extracting process? And how to include the codes for radio button after submission? Please Help.

  Read the article

• How dangerous is e.preventDefault();, and can it be replaced by keydown/mousedown tracking?

  - by yc

  I'm working on a tracking script for a fairly sophisticated CRM for tracking form actions in Google Analytics. I'm trying to balance the desire to track form actions accurately with the need to never prevent a form from not working. Now, I know that doing something like this doesn't work. $('form').submit(function(){ _gaq.push('_trackEvent', 'Form', 'Submit', $(this).attr('action')) }); The DOM unloads before this has a chance to process. So, a lot of sample code recommends something like this: $('form').submit(function(e){ e.preventDefault(); var form = this; _gaq.push('_trackEvent', 'Form', 'Submit', $(this).attr('action')); //...do some other tracking stuff... setTimeout(function(){ form.submit(); }, 400); }); This is reliable in most cases, but it makes me nervous. What if something happens between e.preventDefault();and when I get around to triggering the DOM based submit? I've totally broken the form. I've been poking around some other analytics implementations, and I've noticed something like this: $('form').mousedown(function(){ _gaq.push('_trackEvent', 'Form', 'Submit', $(this).attr('action')); }); $('form').keydown(function(e){ if(e.which===13) //if the keydown is the enter key _gaq.push('_trackEvent', 'Form', 'Submit', $(this).attr('action')); }); Basically, instead of interrupting the form submit, preempting it by assuming that if someone is mousing down or keying down on Enter, than that form is submitted. Obviously, this will result in a certain amount of false positives, but it completely eliminates use of e.preventDefault();, which in my mind eliminates the risk that I might ever prevent a form from successfully submitting. So, my question: Is it possible to take the standard form tracking snippet and prevent it from ever fully preventing the form from submitting? Is the mousedown/keydown alternative viable? Are there any submission cases it may miss? Specifically, are there other ways to end up submitting besides the mouse and the keyboard enter? And will the browser always have time to process javascript before beginning to unload the page?

  Read the article

• Do email forms need to be santized before sending?

  - by levi

  I have a client that keeps getting reports from godaddy's "websiteprotection.com" stating how the website is insecure. Your website contains pages that do not properly sanitize visitor-provided input to make sure it contains no malicious content or scripts. Cross-site scripting vulnerabilities let malicious users execute arbitrary HTML or script code in another visitor's browser. Output: The request string used to detect this flaw was : /cross_site_scripting.?nasl.asp The output was : HTTP/1.1 404 Not Found\r Date: Wed, 21 Mar 2012 08:12:02 GMT\r Server: Apache\r X-Pingback:http://?CLIENTSWEBSITE.com/?xmlrpc.php\r Expires: Wed, 11 Jan 1984 05:00:00 GMT\r Cache-Control: no-cache, must-revalidate, max-age=0\r Pragma: no-cache\r Set-Cookie: PHPSESSID=?1jsnhuflvd59nb4trtquston50; path=/\r Last-Modified: Wed, 21 Mar 2012 08:12:02 GMT\r Keep-Alive: timeout=15, max=100\r Connection: Keep-Alive\r Transfer-Encoding: chunked\r Content-Type: text/html; charset=UTF-8\r \r <div id="contact-form" class="widget"><form action="http://?CLIENTSWEBSITE.c om/<script>cross_site_?scripting.nasl</script>.asp" id="contactForm" meth od="post"> It looks like it has an issue with the contact form. All the contact form does is posts an ajax request to the same page, and than a PHP script mails the data (no database stuff). Is there any a security issues here? Any ideas on how I can satisfy the security scanner? Here is the form and script: <form action="<?php echo $this->getCurrentUrl(); ?>" id="contactForm" method="post"> <input type="text" name="Name" id="Name" value="" class="txt requiredField name" /> //Some more text inputs <input type="hidden" name="sendadd" id="sendadd" value="<?php echo $emailadd ; ?>" /> <input type="hidden" name="submitted" id="submitted" value="true" /><input class="submit" type="submit" value="Send" /> </form> // Some initial JS validation, if that passes an ajax post is made to the script below //If the form is submitted if(isset($_POST['submitted'])) { //Check captcha if (isset($_POST["captchaPrefix"])) { $capt = new ReallySimpleCaptcha(); $correct = $capt->check( $_POST["captchaPrefix"], $_POST["Captcha"] ); if( ! $correct ) { echo false; die(); } else { $capt->remove( $_POST["captchaPrefix"] ); } } $dateon = $_POST["dateon"]; $ToEmail = $_POST["sendadd"]; $EmailSubject = 'Contact Form Submission from ' . get_bloginfo('title'); $mailheader = "From: ".$_POST["Email"]."\r\n"; $mailheader .= "Reply-To: ".$_POST["Email"]."\r\n"; $mailheader .= "Content-type: text/html; charset=iso-8859-1\r\n"; $MESSAGE_BODY = "Name: ".$_POST["Name"]."<br>"; $MESSAGE_BODY .= "Email Address: ".$_POST["Email"]."<br>"; $MESSAGE_BODY .= "Phone: ".$_POST["Phone"]."<br>"; if ($dateon == "on") {$MESSAGE_BODY .= "Date: ".$_POST["Date"]."<br>";} $MESSAGE_BODY .= "Message: ".$_POST["Comments"]."<br>"; mail($ToEmail, $EmailSubject, $MESSAGE_BODY, $mailheader) or die ("Failure"); echo true; die(); }

  Read the article

< Previous Page | 24 25 26 27 28 29 30 31  | Next Page >