Spectre
Sep 17 2006, 04:05 PM
| | Just try adding some simple checking of each element:
CODE $rad1 = !empty($_POST['rad1']) ? $_POST['rad1'] : '';
$_1stNumber = !empty($_POST['txt1stNumber']) ? $_POST['txt1stNumber'] : 0;
$_2ndNumber = !empty($_POST['txt2ndNumber']) ? $_POST['txt2ndNumber'] : 0;
if( $rad1 == 'Divide' ) {
if( $_2ndNumber == 0 ) {
echo('<font color="#FF0000">Cannot divide by 0.</font>');
$rad1 = '';
}
}
$result = "";
if ($rad1 != null){
|
Reply
darran
Sep 18 2006, 01:57 AM
I am pretty new to testing php pages on a live server. Can you give me a guide as to which security changes must be made? And can all these be done on the CPanel? I believe my first php page is more or less completed with the exception of some minor glitches and also the security regarding XAMPP. PS: Changing the value of $result to 0 did not reset the value when I clicked the reset button.
Reply
jlhaslip
Sep 18 2006, 02:18 AM
Three rules of Security on php pages are as follows: - Never trust user input
- Never trust user input
- Never trust user input
A common method is to set the variables using the following techique: CODE
... code to input the value from the User ...
$my_variable = stripslashes(trim($_POST['user_input']));
... rest of code uses $myvariable ...
trim() removes white-space before or after the data in $_POST['user_input'] and stripslashes() removes any backslashes found in $_POST['user_input']
Reply
darran
Sep 18 2006, 02:45 AM
Is that the security issue you are talking about? I thought it had something to do with Apache or on the server side. Another PHP question from me, I want to create a button to handle the clearing of values, but from my understanding, only javascript is able to do this but what if it was disabled by the user, how am I to interact with the button in a php page? How about the reset button? It does not reset the value to 0.
Reply
Spectre
Sep 18 2006, 06:56 AM
When you're just dealing with numeric values, you don't need to do any form of sanitization outside of is_numeric() - if the value is not numeric, then cancel. Additonally, unless you are passing the value to something outside of PHP, evaluating it as code, or treating it as a filename (as well as a few other exceptions), there isn't really a lot that can be manipulated by user input. The worst that could happen in this particular case is the operation failing, resulting in an error being displayed and revealing path information etc. darran, set the initial value of the input fields to '0' and the reset action should result in them reverting to this (ie. <input type="text" name="field" value="0">).
Reply
darran
Sep 18 2006, 09:26 AM
As for the validation, I am only checking for the numeric numbers using is_numeric() but also I need to validate whether a radio button is selected and whether the user has entered anything. All that is fine with the exception of the reset button not doing what it should. Resetting the result to 0 or empty I did as you said, setting the initital value of input fields to '0' but when I clicked the reset button, my $result variable value did not reset along with the form entered by the user.
Reply
jlhaslip
Sep 18 2006, 12:53 PM
I can't see where you are re-setting the txt1stnumber or the txt2ndnumber variables, so they are probably producing the result and the result is being echo'd out each time. Maybe re-post the current code here.
Reply
darran
Sep 19 2006, 04:21 AM
Here is the code CODE <?php
function calculate() {
$result = 0;
$_1stNumber = 0;
$_2ndNumber = 0;
if (isset($_POST['submitted'])){
$_1stNumber = stripslashes(trim($_POST['txt1stNumber']));
$_2ndNumber = stripslashes(trim($_POST['txt2ndNumber']));
if (!is_numeric($_1stNumber) || !is_numeric($_2ndNumber)) {
exit("<font color=#FF0000>Enter a number in the textbox</font>");
}
if (isset($_POST['rad1'])){
$rad1 = $_POST['rad1'];
switch($rad1){
case "Add": $result = $_1stNumber + $_2ndNumber;
break;
case "Subtract": $result = $_1stNumber - $_2ndNumber;
break;
case "Multiply": $result = $_1stNumber * $_2ndNumber;
break;
case "Divide": $result = $_1stNumber / $_2ndNumber;
break;
}
echo("<font color=#FF0000>$result</font>");
} else {
exit("<font color=#FF0000>Select an operation</font>");
}
}
}
?> However I feel this is not the right way, this is just setting the starting value of the 2 variables $_1stNumber and $_2ndNumber to 0. And clicking on the reset button does not help in changing this value back to 0. Is there a way to check when the reset button is pressed so that I can reset the value of the result there? On a general question, is there anyway to handle button clicks other than using javascript because not everyone would have javascript enabled.
Reply
Spectre
Sep 19 2006, 07:11 AM
I'm not quite sure what you're asking, but if you mean how do you reset the variables within PHP when the Reset button is pressed... the value is only going to be sent to the server when the user clicks 'Submit'. The Reset button is handled only on the client-side, so clicking it doesn't interact with the server at all. The variables are going to contain the value they were initially assigned (in this case, the integer value '0') each time the script is executed, and the values will not be 'remembered'. And no, the only way to handle button clicks (and most other client-side events outside of the standard markup) is via JavaScript. Most people have it enabled.
Reply
darran
Sep 21 2006, 04:37 AM
My question was a way to reset the values by pressing a button, it is a default reset button but I want it to be able to reset my values to the original ones I defined. In other words, I can reset the value of the variable using javascript? Something along the lines of CODE <script language="javascript" for="btnReset" event="onclick">
<? php $result = 0; ?>
</script> Please correct me on this? But lets say a person decides to disable javascript for whatever wierd reason, is there a way to handle button clicks in a web-based environment?
Reply
Similar Topics
Keywords : submit, restrictions, bypass, localhost
- Destination Address For "submit" Button
Adding a destination email address to a "Submit" button (5)
Ips Installer Database Details [resolved]
It wont accept localhost... (6) CODE Access denied for user 'skyed211_central'@'localhost' to database
'skyed211_centralgaming' I get this error message when trying to install my IPB. It will
not accept localhost, nor mysql. Can I get any help please? I've tried many times to get past
this part, but it's not happening /sad.gif" style="vertical-align:middle" emoid=":(" border="0"
alt="sad.gif" />....
How To Make Image Buttons Act As Submit Button
(8) Hi guys I m making a personal website .... I asked in the forum how to create and use images as
buttons...thanks for your help.. I can make them work as links....give some hovering effects
etc...they work very well..untill I use them in forms and use them as SUBMIT or RESET button...when
I do this nothing happens on clicking the image button... the code I use is like but there
is problem in making them act as SUBMIT or RESET button. I have tried very hard to make it work, but
didn't succeed .... I know html and CSS quite well but , don't know....Javascr....
On Line Proxies!
Bypass your limited settings... (11) Hey, I found one working online proxy that will be useful for everyone those internet settings are
limited, like the ones who are at school, university or some more educational places. Go to:
www.canhide.info. I checked it today, it works perfect. Some people assert that it can be used to
download files from rapidshare server, I mean you do not need to wait for a long time, to download
the file itself.....
Frontpage Problem
Strange message when press Submit (0) Trying to set up a "skeleton" form generated with Frontpage 2000. After installing Frontpage
Extensions, when I hit Submit on the form I get this response: *-*-* :-| :^| :-/ :-( 8-( *-*-*
* status=1 * osstatus=0 * msg=FrontPage security violation. * osmsg= I'm new at
this, and don't understand any of the above response. Please explain the above stuff and suggest
how to fix it. Thanks, Jack Here's the brief code: <!--webbot
bot="SaveResults" S-Label-Fields="TRUE" B-Reverse-Chronology="FALSE" S-Email-Format="TEXT/CS....
List Of Free Directories To Submit Your Websites
(7) Hi: Submission in free directories is a world-known way to increase ranking and traffic. But most
of you don't know a good source of that list of directories. Here is a great source of free
directories list . Just start submission in those directories in your free time, and see you
ranking.......
Restrictions On Php & Forms?
$_GET/POST/REQUEST? (2) alright, so heres me again (theres probably a contact page on the website but I figure somebody
has/will have this question and they'll want to know it so why not ask and share the love &
knowladge (minus the love)) so I've been working on a two part contact page. contact.php
CODE <p><img src="images/sig.gif" align="left" width="37"
height="69" style="margin-right: 5px;" alt="B/S Signature"/>
<font class="head">Contact!</font><br/> <form action=&#....
What Is Mysql Host Address?
Not localhost (6) Dear All I want to know what is my mySQL databade host adress, not "localhost" because I want to
connect to mySQL externally, thank you very much /smile.gif" style="vertical-align:middle"
emoid=":)" border="0" alt="smile.gif" />....
Submit Your Site To Google
How to make google find your site (14) How to submit website to google? Is there any fast and guaranteed way to do it?....
Question About Restrictions If Any
(1) I was wondering if there are any cpu load restrictions.. are scripts set to timeout in 60secs(like
powweb) or anything like that? also are they any file size/type restrictions?? Can you customize the
php.ini?? if you can't what is the file size limit on uploads using php? Are there any
limitations or restrictions should I know about before hand?? Can webmail be installed on the
server or is there one included? I am not sure which plan I am going to be getting yet I still have
to decide between Plan 7s, 9s, or Freedom Finally witht he 7s and 9s plans do you have to....
Stop Double Post/submit
(10) Hi Whats the best way of stopping a double post from occurring? Re-directs? I was hoping that
there was another way because I am using smarty and with the current setup of my site implementing
redirects would be a right pain. Thanks for any help. ....
Getting Information From Submit Button
I need to grab information from a submit button. (1) I basically have an array that uses characters as keys and has an integer value to it. I have a
loop that outputs the list in that array. For each entry I want a a button to remove it. The button
will submit the form to another page which contains the script to be able to remove it from the
array. The infomation for the keys name is used for the buttons name value. Im not sure how you go
about grabbing this information once on the submitted page. heres my code CODE
echo("<form name='jobs' action='remove_job.php'>"); foreach....
<?php ?> Get Search Results To Your Localhost
Simple way to get 100 results without allowing cookies (2) Ultimately simple script that allows you getting google search results to your localhost. This is
the first part of the Crawler script i'm developing, and if you are interested in developing the
script with me, IM me @icq328866661@msn/evil_matak/ a \hotmail-com. Here's the form
part... QUOTE search.php QUOTE if (@$_POST ==""){ echo "What are you
doing?"; } else{ $query =
file_get_contents("http://www.google.com/search?q=".urlencode($_POST
)."&num=100&hl=en&ie=UTF-8&filter=2"); //needs to be added with more queries �....
Regis Philbin Goes In For Bypass Surgery This Week.
Wish him well and luck. (1) I am sure everyone was surprised like I was when I heard the news yesterday that everyone's
favourite. Daytime talk show host of "Live With Regis and Kelly" will be going for a bypass. Open
heart surgery this week. I was really surprised when I heard the news. But knowing Regis they'll
have to give him alot of stuff to put him to sleep for his operation. Or else I bet his operation
will be a very loud experience for the Doctors that will have to work on him. lol Well let's all
hope he pulls through his operation. And that he gets back to his show soon so that....
Submit Multiple Forms At Once
(5) Is there a way I can submit multiple forms at once? For e.g. I click on a dropdownlist to generate
6 forms (I have done this) using Javascript, but I am not sure how I can define each form with a
name and their action. Is it possible to do this and if so, can you enlighten me further?....
I Need A Free Way To Submit My Website To The Search Engines
(6) the title say's everything i want to kown but i will repeat it. I need a way to submit my
website to the search engines. I apresiate any good sugestion. Thank in advance....
Form Dosn't Submit In Opera
Works in IE and FireFox (1) My form dosn't submit, it works in IE and FF, its validated HTML 4.01 and all, Code:
/**********************************/ /** Post Topic :: EvilBoard **/
/**********************************/ /* Session Start */ session_start(); /* Start Submit Script */
if ( isset($_POST )) { header("Refresh: 0; redirect.php?posttopic");
define("RELOADED","YES"); } /* End Submit Script */ /* Include File::Header.php */
include("include/header.php"); echo " "; /* If Script can't find SESSION user_name */ if (
!$_SESSION ) { /* Echo :: Forbiden */ echo '....
Un-filtered Browsing
How can I create a proxy on my website to bypass my schools internet f (0) My highschools internet is all filtered from accessing webistes such as games porn etc. In the past
i have managed to overcome this by accessing a proxy on numerous websites. This involves going to
this website then entering the desired blocked website into a input box. Then that website transfers
me to the blocked website via this webiste. At least this is how i think it works.... How can I add
something similar to this on a website of my own?....
Preventing A Form To Submit If A Field Is Empty?
(7) Well, I've just started learning Javascript, so I'm no wiz yet... Anyways, I have a form
where I want to show an error message when the user has not filled out the "name" field. My code
looks like this: CODE <script type="text/javascript"
language="JavaScript"> function nameempty() { if (
document.form.name.value == '' ) { alert('No name was
entered!') return false; } } </script> <form
action="submit.php" method="post" name="form�....
Yahoo Submission Feed Generator
For Site Submit in yahoo, need url feed. (5) For submitting a site on Yahoo! search engine for FREE, we have to submit a feed which explains
our site in detail. Is there any Yahoo! Search Submit Free Feed Generator sites available? If
you are familier with any, please mention them in here. Hopping that a positive response will get
from others.....
What You Think Of My Localhost Site?
(11) well, after overwriting my original localhost website, i decided to build a new one. I began this
two nights ago, and liked the end result, check it out:
http://www.unkieconstruction.com/digital-ink/local/ if any of you want this on your computer, i
would be more then happy to give this to you. All you need is PHP5 and MySql installed and running.
comment!....
How Do I Script A Tutorial Submit Site
(3) I am very interested in learning how to create or start my own tutorial submitt site. What do I
need to learn ? What do I need to have. Is there a script that can be made up or a software? What
I would like to do is start my own tutorial submit site. something similar to good-tutorials and or
pixel2life except those sites are really big and cover many tutoriasl for many different programs.
Id like to just cover tutorials for maybe a total of 3 to 4 different programs. Im sure I need
hosting a domain a site and some good forums to get something good going. But t....
Smallbusiness Application: From Web Submit To Fax Machine
sending order confirmation to regular fax via website (0) I am looking for a service or a script that will send online form submitted to my regular land-line
fax machine. I have been searching for a while and the keywords "email to fax" returns few services
but I have never heard of them. So here is what I'm thinking. I'm assuming email to fax is
the best option since that's the only think I can think of. I do not know any other application
that can be eaisly transferable to a fax machine. But I can be narrow in vision that I may be
missing something. Please advise me if you know of better way. Secondly, these are....
About Submit Form Box
(8) I make the form tags like this: CODE <form action="check.php"
method="post"> <table> <tr> <td>Username:</td>
<td><input type="text" name="user"></td> </tr>
<tr> <td><input type="submit" value="set"></td>
</tr> </table> </form> my question: in the tags above, it will produce
a submit box, right? I want to make just text: "set" that one can click it, then link it to the fo....
Request: Php Submit Script With Save In Host
Get Picture form url (13) Hi all i want make one form whit php , when users submit there urls , then my site give one picture
form url and save on my host ! how can do that ? thanks....
Php Mail Restrictions And Phpbb
(0) Let me start by saying I have several domains hosted by computing host and had some problems with
their consistency in the beginning. Lately however, they seem to have really turned things around,
and their uptime has been very good. I appreciate that they were diligent enough to work out their
problems. Anyway here's my prob: It seems that when using the php mail(), I'm only able to
send to my hosted domain. I can send to me@myhosteddomain.com and not
you@yourdomainhostedsomewhereelse.com if you know what I mean. I understand why this is being done
and I&#....
Free Links Directory
submit your links for free in the Central Directory (0) Central Directory is a free directory of qualiy links no reciprocal links
needed.Featured listings is available for only 2.25$ per 6 months.The directory is growing very
well. If you need any categories to be added request here.....
Multiple Drop Down Menus W/ Submit Button
(6) I am building a page that will have 2 drop down menus and a submit button. The first menu will have
one set of options, say colors (red, blue, green, yellow). The second menu will have another set of
options, say sizes (small, medium, large). What I want to be able do is select a color and a size,
click submit and have it go to the page for those options. So if a user picks 'Red' and
'Small' and clicks submit they will be linked to page1.html. If they pick 'Blue' and
'Large', they will be linked to page2.html, and so on. Any ideas how to ....
How To Submit Website To Search Engines
(2) can any one tell me how to submit the website to the search engines using the built-in script
function in the trap17 hosting.I submitted 2 days ago , to all search engines using that script but
today google is saying that no any page of my domain is indexed there.how i can know if my website
is submitted to search engine or not ? my site url is http://pakdir.com thanks....
Yahoo Page Search Submit
How to get free Yahoo! Search? (3) Hello, I have an question if any one here knows where to go. I need free Yahoo! Search. What I
mean when other people search Yahoo! They can see my website. Where can I get one please. I
don't mean Yahoo! Search HTML. I mean Search. Thank you, Webviper2005 /dry.gif'
border='0' style='vertical-align:middle' alt='dry.gif' /> Edited topic title. ....
Looking for submit, restrictions, bypass, localhost
|
*RANDOM STUFF*
*SIMILAR VIDEOS*
Searching Video's for submit, restrictions, bypass, localhost
*MORE FROM TRAP17.COM*
|
advertisement
|
|
