I applied the multilingual and i also need to apply in javascript code which part of alerting message.
This is the common.php code.
<?php
session_start();
header('Content-Type: text/html; charset=utf-8');
header('Cache-control: private'); // IE 6 FIX
$CUR_LANG = 'en';
if(isset($_COOKIE['lang'])){
$CUR_LANG = $_COOKIE['lang'];
setcookie('lang', $CUR_LANG, time() + (3600 * 24 * 30));
}
switch ($CUR_LANG) {
case 'ko':
$lang_file = 'ko.php';
break;
default:
$lang_file = 'en.php';
break;
}
include_once("multilingual/".$lang_file);
?>
and this is the signin.html page
<?php include_once('top.php'); ?>
<div class="" style="background:#F7F7F7;">
<div id="wrapper">
<div id="login" class="animate form">
<section class="login_content">
<form id="signin" name="signin" class="signinForm" onsubmit="return false;" method="post" action="signin.html";>
<input type="hidden" name="act" value="signin">
<h1>Login Form</h1>
<div>
<input type="email" class="form-control" id="userEmail" name="userEmail" placeholder="<?= $lang['SIGNIN_ENTER_EMAIL'] ?>" required="" />
</div>
<div>
<input type="password" class="form-control" id="userPassword" name="userPassword" placeholder="<?= $lang['SIGNIN_ENTER_PASSWD'] ?>" required="" />
</div>
<div>
<a class="btn btn-default" id="signin_btn" href="signin.html"><?= $lang['SIGNIN'] ?></a>
</div>
<div class="clearfix"></div>
<div class="separator">
<a class="reset_pass" href="user-password-reset.html"><?= $lang['SIGNIN_RESET_PASSWD'] ?></a>
<p class="change_link"><?= $lang['SIGNIN_CREATE'] ?>
<?= $lang['SIGNIN_ACCOUNT'] ?>
</p>
<div class="clearfix"></div>
<br />
<!--<div>
<h1><i class="fa fa-gamepad" style="font-size: 26px;"></i> GAMEPARTY </h1>
</div>-->
</div>
</form>
<!-- form -->
</section>
<!-- content -->
</div>
</div><!-- #wrapper -->
</div>
<script type="text/javascript">
function checkFormValid() {
var isFormValid = true;
$(".signinForm input").each(function(){
if ($.trim($(this).val()).length == 0){
console.log("(no value)input id : " + this.id);
isFormValid = false;
}
});
if(isFormValid) {
checkEmail();
}else {
alert("<?= $lang['SIGNUP_ALERT_0'] ?>"); //here is the msg!
}
}
This page includes the top.php and top.php also includes the common.php.
The attached bottom of javascript code is needed to validate and alert the message.
The message show well depends on applied multilingual. However, the custom js files also have these kind of multilingual messages to alert but they just shows php code.
function email_form_validation(element) {
var email = element.val();
console.log("email_from_validation : " + email);
var regex = /[0-9a-zA-Z][_0-9a-zA-Z-]*#[_0-9a-zA-Z-]+(\.[_0-9a-zA-Z-]+){1,2}$/;
if(regex.test(email)){
return true;
}else {
alert("<?= $lang['E_FROM_VAL'] ?>");//This msg isn't applied the mulitilingual.
element.focus();
return false;
}
}
The above is the sample of common.js file and this common.js file is included in top.php file because this is the group of validation that must be needed from all files. How can i figure out this? The msg in common.js appears just like this -> "<?= $lang['E_FROM_VAL'] ?>"
How can i bring the php file and show it? Please let me know.
I figured out how to do. I simply renamed the common.js to val.php and also modified the top.php like below.
<script type="text/javascript" src="../val.php"></script>
I also added the <?php include_once('./common/common.php'); ?> to the val.php
That's all. It works great.
Related
I Make CRUD with Php and success.
as usual for show data PHP use while looping.
In the Edit action I used Popup/Modal didn't make a new page for edit, actually my Edit was running smoothly.
But I have a problem with JavaScript for function automatically, when one form/field is filled, the other form/field is filled (actually only one field is automatic).this automatic problem only works on the first row edit action (works smoothly) but on the next row automatically does not work
Javascript doesn't work in while looping, it only works on the first loop, the next loop doesn't work.
I have done various automation methods with Javascript but the results are the same, only Edit the first row, the next row doesn't work. did I do something wrong?
CODE JS(Javascript)
<script type="text/javascript">
function Sremarks() {
if ($('#result').val() != 0) {
var input = parseInt(document.getElementById('input').value);
var result = parseInt(document.getElementById('result').value);
if(input < result){
document.getElementById('remarks').value = "bad";
}else{
document.getElementById('remarks').value = "Good";
}
} else{
document.getElementById('remarks').value = "0";
}
}
</script>
CODE PHP and HTML
here I am using onkeyup = "Sremarks ()" to pass to Function Js like in line Form/Field Edit Input and result
<form action="editmhs.php" method="post" enctype="multipart/form-data">
<!-- Open Php While Looping -->
<?php
$id = $pecah['id'];
$query_edit = mysqli_query($koneksi, "SELECT * FROM axle1 WHERE id='$id'");
while ($row = mysqli_fetch_array($query_edit)) {
?>
<!-- Form/Field Id hidden -->
<input type="hidden" name="id" value="<?php echo $row['id']; ?>">
<!-- Form/Field Edit Input -->
<div class="form-group">
<label>Input</label>
<input type="number" name="input" id="input" class="form-control" min="0" max="100" value="<?php echo $row['input']; ?>" onkeyup="Sremarks()">
</div>
<!-- Form/Field Edit Result -->
<div class="form-group">
<label>Result</label>
<input type="number" name="result" id="result" class="form-control" min="0" max="100" value="<?php echo $row['result']; ?>" onkeyup="Sremarks()">
</div>
<!-- Form/Field Edit Remarks -->
<div class="form-group">
<label>Remarks</label>
<input type="text" name="remarks" id="remarks" class="form-control" value="<?php echo $row['remarks']; ?>" readonly>
</div>
<!-- Button submit and Close -->
<div class="modal-footer">
<button type="submit" name="upload_ubah" value="Upload" class="btn btn-success">Update</button>
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
</div>
<!-- Close PHP While Looping -->
<?php
}
?>
</form>
Hi have checked answer from this page: But it uses action="" is it vulnerable to XSS attacks? If yes then without such solution what are my options?
I tried using header redirect. But as I have 2 forms,(in some pages 4-5 forms) header re direction is not working for me with errors.
Here is my code: (Simplified)
1st form: works ok with a redirect.
<form name="ip_block" method="post" class="form-horizontal">
<div class="form-group">
<label class="control-label col-sm-2" for="ip"> Enter IP:</label>
<div class="col-sm-8">
<input type="text" name="ip" class="form-control" id="ip" />
</div></div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-8">
<button type="submit" class="btn btn-default"
name="ip_block_add">Submit</button>
</div></div>
</form>
<?php
if(isset($_POST['ip'])){
if($IP = filter_input(INPUT_POST, 'ip',
FILTER_SANITIZE_STRING)){
$add_ip = $mysqli->prepare("INSERT INTO block_ip(b_ip)
VALUES(?)");
$add_ip->bind_param("s",$IP);
$add_ip->execute();
$add_ip->store_result();
$add_ip->close();
header("refresh:5;url=./admin-security.php");// avoiding form
resubmission
echo 'Added successfully';
}
else {
echo 'failed to insert';
}
}
?>
Form 2:
<form name="clear_data" method="post">
<input type="hidden" name="data_clear" value="1"/>
<button type="submit" class="btn btn-warning">Clean Data</button>
</form>
<?php
if(isset($_POST['data_clear'])){
if($mysqli->query("CALL clear_old_data")){
header("refresh:5;url=./admin-security.php");// avoiding form resubmission
echo 'operation successfull';
}
else
{
echo 'database failure';
}
}
//----
?>
For Second form I get error like this
Warning: Cannot modify header information - headers already sent by
For 2nd form I am using header before echo still it doesn't work.
reference, I tried with javascript too but that failed.
echo "<script>setTimeout('window.location.href='./admin-
security.php';',4000);</script>";
Updated with Dainis Abols idea: but form re submit option is still showing on page refresh
<form name="clear_data" method="post">
<input type="hidden" name="data_clear" value="1"/>
<?php
$var=111;
$_SESSION['var']=$var;
?>
<input type="hidden" value="<?php echo $var; ?>" name="varcheck"
/>
<button type="submit" class="btn btn-warning">Clean
Data</button>
</form>
<?php
if(isset($_POST['data_clear']) &&
($_POST['varcheck']==$_SESSION['var'])){
// Some code
}
I'd rather use ajax to send data to the database, without form submiting, and on success I would use js to redirect to /admin-security.php. In this case it's not possible to send the data twice.
Here is the PHP Code:
<?php
if(isset($_POST['ip'])){
if($IP = filter_input(INPUT_POST, 'ip',
FILTER_SANITIZE_STRING)){
$add_ip = $mysqli->prepare("INSERT INTO block_ip(b_ip)
VALUES(?)");
$add_ip->bind_param("s",$IP);
$add_ip->execute();
$add_ip->store_result();
$add_ip->close();
echo 1;
}
else {
echo 0;
}
exit;
}
?>
HTML:
<div class="form-horizontal">
<div class="form-group">
<label class="control-label col-sm-2" for="ip"> Enter IP:</label>
<div class="col-sm-8">
<input type="text" name="ip" class="form-control" id="ip" />
</div></div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-8">
<button type="button" onClick="send_form()" class="btn btn-default"
>Submit</button>
</div></div>
</div>
And AJAX written with JQuery
<script>
function send_form() {
$.ajax({
url: "./admin-security.php",
type: "POST",
data: {
ip: $("#ip").val()
},
success: function(response) {
if(response==1) {
alert("Done");
location.href = "./admin-security.php";
}
else alert("Fail!");
}
});
}
im trying to set up a blind input field with php that will check and make sure the input field is empty and if it is not empty it will not send the message that it is set up to send but I've run into several problems with placement and wording of this here is my code any input would greatly be appreciated.
<?php
// Set email variables
$email_to = 'email#example.com';
$email_subject = 'Website Message';
// Set required fields
$required_fields = array('fullname','email','comment');
$fakes = array('Email1');
// set error messages
$error_messages = array(
'fullname' => 'Please enter a Name to proceed.',
'email' => 'Please enter a valid Email Address to continue.',
'comment' => 'Please enter your Message to continue.'
);
// Set form status
$form_complete = FALSE;
// configure validation array
$validation = array();
// check form submittal
if(!empty($_POST)) {
// Sanitise POST array
foreach($_POST as $key => $value) $_POST[$key] = remove_email_injection(trim($value));
foreach($fakes as $fake)
if($fake == 'Email1') if(!check_for_content($_POST[$fake])) die;
else {
// Loop into required fields and make sure they match our needs
foreach($required_fields as $field) {
// the field has been submitted?
if(!array_key_exists($field, $_POST)) array_push($validation, $field);
// check there is information in the field?
if($_POST[$field] == '') array_push($validation, $field);
// validate the email address supplied
if($field == 'email') if(!validate_email_address($_POST[$field])) array_push($validation, $field);
}
// basic validation result
if(count($validation) == 0) {
// Prepare our content string
$email_content = 'New Website Comment: ' . "\n\n";
// simple email content
foreach($_POST as $key => $value) {
if($key != 'submit') $email_content .= $key . ': ' . $value . "\n";
}
// if validation passed ok then send the email
mail($email_to, $email_subject, $email_content);
// Update form switch
$form_complete = TRUE;
}
}
}
function validate_email_address($email = FALSE) {
return (preg_match('/^[^#\s]+#([-a-z0-9]+\.)+[a-z]{2,}$/i', $email))? TRUE : FALSE;
}
function remove_email_injection($field = FALSE) {
return (str_ireplace(array("\r", "\n", "%0a", "%0d", "Content-Type:", "bcc:","to:","cc:"), '', $field));
}
function check_for_content($fake = FALSE) {
return (preg_match('[A-Z0-9._%+-]', $Email1))? TRUE : FALSE;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<!-- Contact Form Designed by James Brand # dreamweavertutorial.co.uk -->
<!-- Covered under creative commons license - http://dreamweavertutorial.co.uk/permissions/contact-form-permissions.htm -->
<title>Contact Form</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/mootools/1.3.0/mootools-yui-compressed.js"></script>
<script type="text/javascript" src="validation/validation.js"></script>
<script type="text/javascript">
var nameError = '<?php echo $error_messages['fullname']; ?>';
var emailError = '<?php echo $error_messages['email']; ?>';
var commentError = '<?php echo $error_messages['comment']; ?>';
</script>
</head>
<body>
<div id="Contactus">
<p>Chisel Multimedia</p>
<p>275 Roswell Street NE <br />
Marietta GA 30060</p>
</div>
<br />
<div id="formWrap">
<div id="form">
<?php if($form_complete === FALSE): ?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post" id="comments_form">
<div id="label1" 865style="display:none">
<div class="row">
<div class="label">Email</div>
<!-- end .label -->
<div class="input">
<input type="text" id="Email1" class="detail" name="Emial1" />
</div>
<!-- end .input -->
<div class="context">e.g. John Smith or Jane Doe</div>
<!-- end .context-->
</div>
<!-- end .row -->
</div>
<div class="row">
<div class="label">Your Name</div>
<!-- end .label -->
<div class="input">
<input type="text" id="fullname" class="detail" name="fullname" value="<?php echo isset($_POST['fullname'])? $_POST['fullname'] : ''; ?>" />
<?php if(in_array('fullname', $validation)): ?>
<span class="error"><?php echo $error_messages['fullname']; ?></span>
<?php endif; ?>
</div>
<!-- end .input -->
<div class="context">e.g. John Smith or Jane Doe</div>
<!-- end .context-->
</div>
<!-- end .row -->
<div class="row">
<div vlass="label">Your Email Address</div>
<!-- end .lable -->
<div class="input">
<input type="text" id="email" class="detail" name="email" value="<?php echo isset($_POST['email'])? $_POST['email'] : ''; ?>" />
<?php if(in_array('email', $validation)): ?>
<span class="error"><?php echo $error_messages['email']; ?></span>
<?php endif; ?>
</div>
<!-- end .input -->
<div class="context">abc#bca.com</div>
<!-- end .context-->
</div>
<!-- end .row -->
<div class="row">
<div vlass="label">Your Message</div>
<!-- end .lable -->
<div class="input">
<textarea id="comment" name="comment" class="mess"><?php echo isset($_POST['comment'])? $_POST['comment'] : ''; ?></textarea>
<?php if(in_array('comment', $validation)): ?>
<span class="error"><?php echo $error_messages['comment']; ?></span>
<?php endif; ?>
</div>
<!-- end .input -->
</div>
<!-- end .row -->
<div class="submit">
<input type="submit" id="submit" name="submit" value="Send Message" />
</div>
<!-- end submit -->
</form>
<?php else: ?>
<p style="font-size: 10px; color: #255e67; width: 65%;">Thank you for your Message!</p>
<?php endif; ?>
</div>
<!-- end form -->
</div>
<!-- end formWrap -->
</body>
</html>
You have to much errors in your code, that prevents you from getting correct results
<input type="text" id="Email1" class="detail" name="Emial1" />
Pay attention, that name="Emial1", but in php code you check for 'Email1'. Correct one of those.
Next piece:
function check_for_content($fake = FALSE) {
return (preg_match('[A-Z0-9._%+-]', $Email1))? TRUE : FALSE;
}
Using $Email1 variable is just out of place. Regex expression is lack of boundaries. At least it should be
function check_for_content($fake = FALSE) {
return (preg_match('/[A-Z0-9._%+-]/i', $fake))? TRUE : FALSE;
}
And when you calling this function why Not condition?
if($fake == 'Email1') if(!check_for_content($_POST[$fake])) die();
I think it should be vice versa.
Anyway, personally I'll just use something like this:
foreach($fakes as $fake)
if(!empty($_POST[$fake])) { die();}
// dont need 'else'
Also when debugging your php code, make sure you turn on errors, it realy helps
error_reporting(0);
ini_set('display_errors', 0);
I trying to construct a registration page with PHP/MySQL ,first time when i tried to register as a new user it worked perfectly .after sometime time ,i checked once again with registration ,that page is not processing the data to the database .
the following code for registration page info as follows
please help me out
<?php
require_once("models/config.php");
if(isUserLoggedIn()) { header("Location: index.php"); die(); }
?>
<?php
//Forms posted
if(!empty($_POST))
{
$errors = array();
$email = trim($_POST["email"]);
$username = trim($_POST["username"]);
$password = trim($_POST["password"]);
$confirm_pass = trim($_POST["passwordc"]);
//Perform some validation
//Feel free to edit / change as required
if(minMaxRange(5,25,$username))
{
$errors[] = lang("ACCOUNT_USER_CHAR_LIMIT",array(5,25));
}
if(minMaxRange(8,50,$password) && minMaxRange(8,50,$confirm_pass))
{
$errors[] = lang("ACCOUNT_PASS_CHAR_LIMIT",array(8,50));
}
else if($password != $confirm_pass)
{
$errors[] = lang("ACCOUNT_PASS_MISMATCH");
}
if(!isValidemail($email))
{
$errors[] = lang("ACCOUNT_INVALID_EMAIL");
}
//End data validation
if(count($errors) == 0)
{
//Construct a user object
$user = new User($username,$password,$email);
//Checking this flag tells us whether there were any errors such as possible data duplication occured
if(!$user->status)
{
if($user->username_taken) $errors[] = lang("ACCOUNT_USERNAME_IN_USE",array($username));
if($user->email_taken) $errors[] = lang("ACCOUNT_EMAIL_IN_USE",array($email));
}
else
{
//Attempt to add the user to the database, carry out finishing tasks like emailing the user (if required)
if(!$user->userPieAddUser())
{
if($user->mail_failure) $errors[] = lang("MAIL_ERROR");
if($user->sql_failure) $errors[] = lang("SQL_ERROR");
}
}
}
if(count($errors) == 0)
{
if($emailActivation)
{
$message = lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE2");
}
else {
$message = lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE1");
}
}
}
?>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Registration | <?php echo $websiteName; ?> </title>
<?php require_once("head_inc.php"); ?>
</head>
<body>
<div class="modal-ish">
<div class="modal-header">
<h2>Sign Up</h2>
</div>
<div class="modal-body">
<div id="success">
<p><?php echo $message ?></p>
</div>
<div id="regbox">
<form name="newUser" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
<p>
<label>Username:</label>
<input type="text" name="username" />
</p>
<p>
<label>Password:</label>
<input type="password" name="password" />
</p>
<p>
<label>Re-type Password:</label>
<input type="password" name="password" />
</p>
<p>
<label>Email:</label>
<input type="text" name="email" />
</p>
</div>
</div>
<div class="modal-footer">
<input type="submit" class="btn btn-primary" name="new" id="newfeedform" value="Register" />
</div>
</form>
</div>
<div class="clear"></div>
<p style="margin-top:30px; text-align:center;">
Login / Forgot Password? / Home Page
</p>
</body>
</html>
also check your connection page properly..
add these kind of queries to your regrestration page..
mysql_query("insert into <your_table>(email,username,password) values('$email',' $username',' $password')");
Where exactly is the MySQL code? You've done your checks for the data but that's all it does. It is not being sent to a database. It's only being validated.
when I hit the send button on my contact form the form itself just disappears, not showing any kind of success message even though the email does still come threw. Below is the php, javascript and html. Thanks in advance for the help.
<!--[if lte IE 8]>
<script src="js/html5shiv.js"></script><![endif]-->
<script src="http://code.jquery.com/jquery-migrate-1.2.1.min.js"></script>
<script src="js/jquery.min.js"></script>
<script src="js/jquery.dropotron.js"></script>
<script src="js/skel.min.js"></script>
<script src="js/skel-panels.min.js"></script>
<script src="js/init.js"></script>
<script src="js/contact.js"></script>
<noscript>
<link rel="stylesheet" href="css/skel-noscript.css" />
<link rel="stylesheet" href="css/style.css" />
<link rel="stylesheet" href="css/style-noscript.css" />
</noscript>
<!-- Contact Form-->
<div class="content style4 featured">
<div class="container small">
<form id="contact" form method="post">
<div class="row half">
<div class="6u"><input type="text" class="text" name="name" id ="name" placeholder="Name" /></div>
<div class="6u"><input type="text" class="text" placeholder="Email" name="email" id="email"/></div>
</div>
<div class="row half">
<div class="12u"><textarea name="text" placeholder="Message" id="message"></textarea></div>
</div>
<div class="row">
<div class="12u">
<ul class="actions">
<li><input type="submit" class="button" value="Send Message" /></li>
<li><input type="reset" class="button alt" value="Clear Form" /></li>
<p class="success" style="display:none">Your message has been sent successfully.</p>
<p class="error" style="display:none">E-mail must be valid and message must be longer than 100 characters.</p>
</ul>
</div>
</div>
</form>
PHP:
<?php
// Email Submit
// Note: filter_var() requires PHP >= 5.2.0
if ( isset($_POST['email']) && isset($_POST['name']) && isset($_POST['message']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) ) {
// detect & prevent header injections
$test = "/(content-type|bcc:|cc:|to:)/i";
foreach ( $_POST as $key => $val ) {
if (preg_match( $test, $val ))
exit;
}
//send email
mail( "test#gmail.com", "Contact Form: ".$_POST['name'], $_POST['message'], "From:" . $_POST['email'] );
}
?>
JS:
$('#contact').submit(function(e) {
e.preventDefault();
var name = $("#name").val();
var email = $("#email").val();
var message = $("#message").val();
//var dataString = 'name=' + name + '&email=' + email + '&message=' + message;
$.ajax({
type : "POST",
url : "mail.php",
data : {name:name,email:email,message:message},
cache : false,
success : function() {
$("#contact").fadeOut(300);
$("#notice").fadeIn(400);
}
});
return false;
});
It disappears because you told it to with this code
$("#contact").fadeOut(300);
But I don't see your #notice container anywhere. It should be somewhere outside the #contact container and hidden by default.
Add something like this bellow your contact form:
<div id="notice" style="display:none">Email sent successfully</div>
But in order for it to be correct you should check in php if it is sent and then return something like "OK" like this:
if(mail(...)){
echo "OK";
}
and then in your response in javascript catch that message to see if it is really sent, like this
success : function(message) {
if(message=="OK"){
//then hide and show success
}
}