Would this PHP Code Work?
Hello there,
I'm currently designing a website fot myself but need a page
where people can send me feedback about the site or leave any
questions. Now I've used some PHP to accomplish this but I shalln't
be buying web hosting, etc until I've completely finished the site
- therefore I am unable to test the the from to see if it works.
The following is what I have done:
1:) Created a HTML page with the following inserted into the
body of the page:
<form method="post" action="sendmail.php">
Email: <input name="email" type="text" /><br />
Message:<br />
<textarea name="message" rows="15" cols="40">
</textarea><br />
<input type="submit" />
</form>
2:) I then created a PHP page with only the following code in
the PHP file:
<?
$email = $_REQUEST['email'] ;
$message = $_REQUEST['message'] ;
mail( "[email protected]", "Feedback Form Results",
$message, "From: $email" );
header( "Location:
http://www.example.com/thankyou.html"
?>
I would be very grateful if somebody could perhaps test this
or could tell me that it will indeed work - or as the case maybe,
it won't.
All the best,
Kristopher (UK).
Coxdabd wrote:
> I would be very grateful if somebody could perhaps test
this or could tell me
> that it will indeed work - or as the case maybe, it
won't.
Yes, it will work. It will also turn your website into a
wonderful spam
relay. You should never trust user input without checking its
content.
Validating user input isn't something that can be covered in
a simple
forum post, but one thing that would make your script
(marginally) safer
is to remove "From: $email" from the mail() function. As
currently
scripted, it's a wide open security gap.
David Powers, Adobe Community Expert
Author, "The Essential Guide to Dreamweaver CS3" (friends of
ED)
Author, "PHP Solutions" (friends of ED)
http://foundationphp.com/
Similar Messages
-
Curious If All This PHP Code Is Necessary
PHP Newbie Question:
This attached code was made with DW CS3 php-msql server
behaviors - recordset pull down's....
I'm curious if all this code is necessary? Some of it seems
to make things harder to work with .... For example:
1 - why does DW decide to take GET['xVARx'] form variables
and convert them to $Vars? - why not just use the GET['xVARx'] ?
2 - Why do they use sprintf in the $query_test : rather than
something more direct like:
SELECT * FROM phonebook WHERE firstname LIKE
%$_GET['firstname']% and lastname LIKE %$_GET['lastname']% -
etc....
Just curious why they chose these methods... Any insight
would be appreciated....oO(revdave)
>PHP Newbie Question:
>
> This attached code was made with DW CS3 php-msql server
behaviors - recordset
>pull down's....
>
> I'm curious if all this code is necessary? Some of it
seems to make things
>harder to work with .... For example:
>
> 1 - why does DW decide to take GET['xVARx'] form
variables and convert them to
>$Vars? - why not just use the GET['xVARx'] ?
You can't rely on the existance of $_GET['xVARx']. You always
must test
with isset() if the URL parameter is set, before you can use
it or load
it into a local variable. If it doesn't exist, you have to
initialize
the variable with a default value. DW's code does this, so
you can then
safely use $xVARx - it will either contain the value from
$_GET['xVARx']
or a usable default.
> 2 - Why do they use sprintf in the $query_test : rather
than something more
>direct like:
>
> SELECT * FROM phonebook WHERE firstname LIKE
%$_GET['firstname']% and lastname
>LIKE %$_GET['lastname']% - etc....
Such code is much harder to read and maintain and more
error-prone
(watch the quotes for example). When you want to embed
multiple
variables into a string, using sprintf() is the more flexible
way.
You've also missed a little detail. DW doesn't directly use
the given
values in the string, but calls GetSQLValueString() on them
first.
Proper handling of user-submitted values is very important to
prevent
SQL injection. Your example above doesn't prevent this kind
of attack.
HTH
Micha -
Would this storage card work in the Media Card slot of my W700?
Hi,
I'm interested in buying this Lexar 133x SDHC Card:
http://lexarmedia.com/products/lexar-professional-133x-sdhc-card?category=213
Basicallyl, I want to use it as another storage drive (as opposed to putting in my camera or other device). So after I insert it, I want to be able to format it and use it as another storage area. Would this card work?
The reason I'm gravitating to that card is that is that I see in the specs that is minimum 20MB/sec read transfer rate and it does not take up one of my USB slots.
However, even if it does work, would I be better off with their Echo ZX plug-and-forget it USB drive when they ship it?:
http://lexarmedia.com/products/lexar-echo-zx-backup-drive-0?category=90
If both work, which would be faster as a storage drive?
Thanks.It is a SDHC card so it should work on the card reader of the W700.
Regards,
Jin Li
May this year, be the year of 'DO'!
I am a volunteer, and not a paid staff of Lenovo or Microsoft -
Would this 1Tb drive work in my Mini?
I found this...
http://cgi.ebay.co.uk/ws/eBayISAPI.dll?ViewItem&item=150268266034&ssPageName=MER COSIVI_ROSI_PR4_PCN_BIX_Stores&refitem=160259809607&itemcount=4&refwidgetloc=closed_ view_item&refwidgettype=osi_widget&_trksid=p284.m185&trkparms=algo%3DSI%26its%3DI%252BIA%26itu%3DIA%252BUCI%26otn%3D4%26ps%3D42
...while looking for a new HD for my Mini. It looks better value than anything else I've seen - so I suspect I'm missing something.
Anyone know if it would work?That is a 1 TB internal drive. 1-TB drives are going to be 3.5 inches.
The Mini takes a 2.5 inch "notebook" drive.
The 1 TB drive could work if you put it in the correct external enclosure (preferably one with Firewire and USB connections).
But you can often find good deals on ready-to-go external drives, so look around. -
Would this connection scenario work for sharing a printer?
I work from home and my HP LaserJet is on it's last leg. My office computer is a an old Dell Optiplex - no wireless capabilities and my computer locks the PC down quite well so even installing a USB dongle would be out of the question. Hence my question.
I was thinking of buying the Airport Extreme plugging my Samsung SCX-4500 into the Airport. The Airport would be plugged into my DSL router which the office PC is also. Would I be able to use the Samsung from the PC even though the PC is not wireless?
I know my iMac would be able to get to it but I don't want to spend the money for the Airport as my HG2700-D has wireless built in.Would I be able to use the Samsung from the PC even though the PC is not wireless?
Yes a scenario like that is possible as long as you configure the AirPort Extreme base station (AEBS) so that it acts as a bridge or the PC is connected to one of the AEBS's LAN ports. -
Why won't this html code work????
I used iWebMore to convert my html paypal buttons before posting to the server. (I don't use .mac). When I tried this code, it won't convert from code with iwebMore. Is there another way to convert html that's better than this? Here's the code:
<script type="text/javascript"
src="http://ss.webring.com/navbar?f=j;y=tokay;u=defurl1"></script>
<noscript><center><table bgcolor=gray cellspacing=0 border=2 bordercolor=red>
<tr><td><table cellpadding=2 cellspacing=0 border=0><tr><td align=center>
This site is a member of WebRing.
To browse visit
here.</td></tr></table></td></tr></table></center></noscript>did you add the <@::@> to the SHAPE?
you need to create a rounded box. then using the inspector - remove ALL fill and stroke and shade of ANY KIND. WETHER TO TEXT OR THE SHAPE ITSELF!
now paste in the following in the shape:
<@::@>
replace the apple symbol () with the javascript.
THEN EMTPY YOUR CACHE!
max -
Would this sorting algorithm work?
I'm writing a sorting algorithm for a class that implements the Comparable interface. The class (called Memo) has a field, 'entryDate' of type 'Date', which itself has int fields for day, month, and year. I want to have the class sorted by date, earliest to latest, and then (for entries on the same day) by 'priority' (a field of type int; can be 1, 2 or 3).
The one I've written seems to work based on a few tests, but I just want to make sure it will work all the time:
(btw, i have to use the 'getEntryDate()' method because entryDate is a private field in the Memo class' superclass.
public int compareTo(Memo memo)
int comparison = getEntryDate().getYear() - memo.getEntryDate().getYear();
if(comparison != 0) {
return comparison;
comparison = getEntryDate().getMonth() - memo.getEntryDate().getMonth();
if(comparison != 0) {
return comparison;
comparison = getEntryDate().getDay() - memo.getEntryDate().getDay();
if(comparison != 0) {
return comparison;
return priority - memo.priority;
}Generally when you simply subtract one int value from another in the compareTo() method, you'll have to take care that you don't run into an overflow situation (because comparing Integer.MIN_VALUE and (Integer.MIN_VALUE-1) would result in unpleasant surprises otherwise). But in your case you can probably safely assume that all your values are well within the safe range for int.
Also: If you have the chance to modify the Date chance I'd simply make the Date implement Comparable<Date> and delegate that comparison to the Date class.
Also: are two Memos at the same date with the same priority considered equal? Don't they have any other fields? It's important that objects that are not equals (i.e. a.equals(b) returns false) don't compare to be the same (i.e. a.compareTo(b) should only return 0 iff a.equals(b) returns true). Otherwise you might run into situations where objects are silently dropped because some Collection classes consider them to be equal (SortedSet implementations are tricky here). -
PHP Code|Works: you don't want to miss it.
http://db360.blogspot.com/2009/09/php-codeworks-you-dont-want-to-miss-it.html
Just open Music app and tap the Stop or Pause on the control panel.
-
How to write this sql query in php code ?
for example:
insert into temp
select *
from testtable;
after this, i will query data from sql below:
select *
from temp;
how to write this php code ?
who can help me ?
thanks!Have a look at the manual to find out how to issue queries.
http://us3.php.net/oci8 -
Code works in DW8 but not DW CS3
Why would the following code work in Dreamweaver 8 but not in
Dreamweaver CS3?
Expires in
<select name="mnuExpires" id="mnuExpires">
<option value="0"
>0</option>
<option value="30" <% if true then
response.write("selected") %>
>30</option>
<option value="60"
>60</option>
<option value="90"
>90</option>
<option value="120"
>120</option>
</select> days.
Dreamweaver CS3 shuts down after throwing an error: "Adobe
Dreamweaver CS3 has encountered a problem and needs to close. We
are sorry for the inconvenience." Event ID 1000 appears in the
Application Events Log.Brad Boyink wrote:
> Dreamweaver CS3 shuts down after throwing an error:
"Adobe Dreamweaver CS3 has
> encountered a problem and needs to close. We are sorry
for the inconvenience."
> Event ID 1000 appears in the Application Events Log.
http://www.adobe.com/go/kb402776
David Powers, Adobe Community Expert
Author, "The Essential Guide to Dreamweaver CS3" (friends of
ED)
Author, "PHP Solutions" (friends of ED)
http://foundationphp.com/ -
Will this hard drive work with my macbook?
I have a late 2006 Core Duo Macbook. I was wondering if I could use this hard drive with my macbook, it's a 7200 rpm 200 gig hard drive. Btw I mean internal not external. Does the macbook have a limit on how big of a hard drive you can use? Would this hard drive work at 7200 rpm in the macbook?
http://www.newegg.com/Product/Product.aspx?Item=N82E16822145160Hi.
The drive will work perfectly in your macbook. Two weeks ago i was also thinking about buying the Hitachi Travelstar 7k200.
But afterwards i bought this one:
http://www.newegg.com/Product/Product.aspx?Item=N82E16822136123
The WD Scorpio 250GB. Off course it´s not as fast as the Travelstar. But for me three things we´re quiet nice about this harddrive: the noise (it doesn´t make anyone) and the price (got it for 150 euro) and it consumes way less power (means better battery life).
http://www.storagereview.com/WD2500BEVS.sr?page=0%2C7
BTW: It really doesn´t make any noise.
So just in case you´re still unsure whether to buy the Hitachi or anything else. But if you want the fastest notebook HD you can get today, buy the Hitachi.
Have a nice day and fun with your new HD!
Message was edited by: dahack -
PHP code disappearing from Muse html
I'm having an odd error that I'm hoping someone can help me with.
I am using Adobe Muse and a server side CMS called Pulsepro. To run the CMS modules all I have to do is paste an embed line like the following:
<?php include("pulsepro/includes/gallery2.php"); ?>
I am placing this php code in an HTML snippet in muse and then exporting and uploading to server. On the server I have an .htaccess file with the following lines of code to make sure that the browser can find the PHP:
AddType application/x-httpd-php .html .htm
AddHandler application/x-httpd-php .html .htm
When I go to my page, where the php should be is blank. Upon viewing source code it shows that the php include is completed deleted and just has a blank DIV. Now, the local file on my machine (the export from Muse) shows the correct php include line. Why is it that when the browser runs the code it removes the php code from the HTML file? If I put the same php line in a simple html file it runs fine.
Help? I've never had this issue with anything other than Muse.
Best,
OliverBrowsers do not find or process PHP. PHP is found and processed by the server before it hits your browser.
The reason why you may not see anything where you placed the PHP is that it is unable to locate "pulsepro/includes/gallery2.php" or that included PHP file is simply rendering nothing.
What happens when you call "pulsepro/includes/gallery2.php" directly in your browser? Does it display anything? -
Php code is not working as intended in a simple spam block solution
Hi. I'm trying to get some simple php code (as suggested on a tutorial page I found) to work on my form submission test page in order to reduce/stop spam. However, the results so far have not quite been what I expected. Any help will be appreciated.
Basically I used the code given in the two grey boxes on this tutorial page http://myphpform.com/form-spam.php (but had to add this <?php ... ?> around the code given in the second box, otherwise it wouldn't have worked!) for my test page, and the result was supposed to look something like shown on this page http://myphpform.com/contact.php and indeed when I previewed my page in offline mode it displayed as intended with the extra field similar to the "Access code:" as on this example page, however that's not what I got when I uploaded my page.
What happens when I go to the live page is that as soon as it loads it gives me the message: "Wrong access code" before I even have a chance to look at the form there. It's the message the user is supposed to get when they input the suggested code incorrectly, but not when the page first loads! This is what the live test page basically looks like when I go to it http://www.scotiauk.com/contact/forms/smotsContactTest.php. I wonder what's going wrong?
I actually noticed a short while ago, after 'viewing page source' (source code) on the live test page that the page is for some reason only displaying less than half of the html code and cuts off the rest of it (including all of the <body>) just at the point (at the end of the <head> section) where the couple of lines of php script (borrowed from the second grey box in the tutorial) were meant to be - the script that includes "Wrong access code". So I get why it shows a blank page with only that message in it but not why it removes all of the <body> code once it is live!
Just for information, this is what the page is really meant to look like - minus the php code: http://www.scotiauk.com/contact/forms/smotsContact.html. That is the original page that I copied and tried to modify with the new code. So, any ideas will be appreciated, thanks!Just for information, this is what the page is really meant to look like - minus the php code: http://www.scotiauk.com/contact/forms/smotsContact.html. That is the original page that I copied and tried to modify with the new code. So, any ideas will be appreciated, thanks!
The page that you have quoted contains an infection as the following warns.
As far as your problem is concerned, you need to know how a from works. Have a look at this video. -
Why would code work for an application but not an applet?
Hey there,
i'm trying to build a java ftp upload applet. I'm using the enterprisedt ftp class.
The code works fine when i run it as an application but not when i put it in the applet. The applet has been signed and is running off a plug in. I get no error messages, just nothing happens.
Would really appreciate some comments.
regards
hagen
the code
FTPClient ftp = new FTPClient("****");
ftp.login("user1", "***");
ftp.put("C:/INSTALL.log","test.log");hi
im a manuel, from argentina
i would appreciate too much if you can give me that piece of code
i need for a site, an applet that could read files the visitor chosse from his pc and then upload that files to a server
is it possible?? you could help me ?
i think i need to sing my applet alright? how i do this? how it cost??
if anyone can give my a bit of code, to star�t programming, ill be very happy!
thanks!
mi mail: [email protected] -
This code work fine in server 2008, but get this error in server 2012. Do yo have any idea?
Need some more info as to where this is installed and how.
First thing to try would be to uninstall the solution and reinstall.
Check the GAC for your assembly as well as web.config.
If you don't see it in one of those places, something went wrong with the install and you'll need to start over.
Brandon James SharePoint Developer/Administrator
Maybe you are looking for
-
Please help. for some odd reason my app store email address on my Ipad 1 is incorrect. How do i change it? i would like to use the same email address i use on my I Phone and I Mac Please help as i find this situation most frustrating. many thanks Joa
-
Trouble Playing A loaded 'SWF' file in the pain timeline
Hey there. I have created a presentation that loads interactive SWF movies into a 'target' movie clip on the main timeline. As you progress through the presentation different SWF movies are loaded into the presentation. And this in turn allows me to
-
I'm not very tech savy and this Nook is new to me.
-
Solaris 10 JET install and ZFS
Hi - so following on from Solaris Volume Manager or Hardware RAID? - I'm trying to get my client templates switched to ZFS but it's failing with: sudo ./make_client -f build1.zfs Gathering network information.. Client: xxx.14.80.196 (xxx.14.80.0/255.
-
Why can't i print from ipad since upgrade to 6.0 ?
Since installing the 6.0 OS I have not been able to print to my HP photos art 5514.