[PHP] Re: Variables with - in their name
Il Sun, 18 Nov 2012 01:09:11 -0500, Ron Piggott ha scritto: echo select name=\distributor- . $row['promo_code_prefix'] . - . $row['promo_code_suffix'] . \ style=\text-align: center;\\r\n; It could be wrote: ?php echo $distributor-42-2; You MUST disable register_globals in your php.ini Once you have done that (and even before that...) you find your variable in $_POST['distributor-42-2'] (or $_GET, depends on your form method) Bye. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables with - in their name
On 19-11-2012 10:49, Alessandro Pellizzari wrote: Il Sun, 18 Nov 2012 01:09:11 -0500, Ron Piggott ha scritto: echo select name=\distributor- . $row['promo_code_prefix'] . - . $row['promo_code_suffix'] . \ style=\text-align: center;\\r\n; It could be wrote: ?php echo $distributor-42-2; You MUST disable register_globals in your php.ini Once you have done that (and even before that...) you find your variable in $_POST['distributor-42-2'] (or $_GET, depends on your form method) Bye. I agree it should *always* be disabled, however even when it is ENabled, $_POST or $_GET (and also $_REQUEST) will always include that key and value, regardless of the setting on register_globals. In general though, it is most wise to DISable register_globals and code assuming it always will be disabled. - Tul -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables via url
Ashley M. Kirchner ash...@pcraft.com wrote in message news:4fad9d8b.4020...@pcraft.com... Can someone point me at examples or directions on how I can pass a variable via a URL in the following way: http://server.domain.com//script///variable/ I will only be passing one single /variable/. And I want the /script/ to use that. I don't want to see what the script is, for example I don't want it to say 'script.php' or 'script.html' ... Is this possible through PHP only, or do I have to write a rewrite directive in Apache to accomplish this? A URL has to point to a script - how will your server know what to do with the incoming URL if it doesn't point to something? That said - format your URL as a GET string and there's your variable. Ex.: http://server.domain.com/(scriptname)?variableanothervariableanothervariable Or - if this url is coming from an already running script, you could post the var to a session var and then send a url without the script name and let your server's default document (index.php ?) receive it and look up the session var, but that's a pretty silly way to handle things just to hide the scriptname. Of course, someone here with much more knowledge than I could very soon make me look stupid :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables via url
On Sat, 2012-05-12 at 09:21 -0400, Jim Giner wrote: Ashley M. Kirchner ash...@pcraft.com wrote in message news:4fad9d8b.4020...@pcraft.com... Can someone point me at examples or directions on how I can pass a variable via a URL in the following way: http://server.domain.com//script///variable/ I will only be passing one single /variable/. And I want the /script/ to use that. I don't want to see what the script is, for example I don't want it to say 'script.php' or 'script.html' ... Is this possible through PHP only, or do I have to write a rewrite directive in Apache to accomplish this? A URL has to point to a script - how will your server know what to do with the incoming URL if it doesn't point to something? That said - format your URL as a GET string and there's your variable. Ex.: http://server.domain.com/(scriptname)?variableanothervariableanothervariable Or - if this url is coming from an already running script, you could post the var to a session var and then send a url without the script name and let your server's default document (index.php ?) receive it and look up the session var, but that's a pretty silly way to handle things just to hide the scriptname. Of course, someone here with much more knowledge than I could very soon make me look stupid :) I think what you're looking for is URL rewriting. PHP by itself can't do that, you need to do it at the server level, so an .htaccess file would be along the right lines. -- Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] Re: Variables via url
On May 12, 2012, at 9:47 AM, Ashley Sheridan wrote: On Sat, 2012-05-12 at 09:21 -0400, Jim Giner wrote: Ashley M. Kirchner ash...@pcraft.com wrote in message news:4fad9d8b.4020...@pcraft.com... Can someone point me at examples or directions on how I can pass a variable via a URL in the following way: http://server.domain.com//script///variable/ I will only be passing one single /variable/. And I want the /script/ to use that. I don't want to see what the script is, for example I don't want it to say 'script.php' or 'script.html' ... Is this possible through PHP only, or do I have to write a rewrite directive in Apache to accomplish this? A URL has to point to a script - how will your server know what to do with the incoming URL if it doesn't point to something? That said - format your URL as a GET string and there's your variable. Ex.: http://server.domain.com/(scriptname)?variableanothervariableanothervariable Or - if this url is coming from an already running script, you could post the var to a session var and then send a url without the script name and let your server's default document (index.php ?) receive it and look up the session var, but that's a pretty silly way to handle things just to hide the scriptname. Of course, someone here with much more knowledge than I could very soon make me look stupid :) I think what you're looking for is URL rewriting. PHP by itself can't do that, you need to do it at the server level, so an .htaccess file would be along the right lines. Ash is right; however you can leverage off of the index page So your script would be in index.php and the url would be: http://server.domain.com/some_optional_directory_path/?variable Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables via url
On 5/12/2012 7:21 AM, Jim Giner wrote: Of course, someone here with much more knowledge than I could very soon make me look stupid :) Meh, I don't call that looking stupid. I call it a different way of skinning the cat. :) We're all here to learn from one another, right? Thanks for the suggestion. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables in Variables?
Marquez Design said the following on 11/18/2005 04:54 PM:
Greetings.
Does anyone know how to do this?
I have,
$var
$var2
In a field called two_vars in a MySQL db.
I am calling the variables inside PHP document.
In that document I am saying:
$var = time
$var2 = clock
!-- I do the query in MySQL here --
echo $two_vars;
But the what prints out is
$var
$var2
not time and clock. I know that is what is in the database, but I want
it to replace the variables when printed in the PHP file.
Does this make sense to anyone? Does anyone know how to do this?
If I understand your question properly I'd explode $two_vars with
whatever seperator you have between them and then you'll need to use
eval to get your results. Maybe something like...
$dbVars=explode(',',$two_vars); // Assuming comma seperator
foreach($dbVars AS $key = $value) {
$eval=\$temp=.$value.;;
eval($eval);
echo $temp;
}
- Ben
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables in Variables?
Ben wrote:
If I understand your question properly I'd explode $two_vars with
whatever seperator you have between them and then you'll need to use
eval to get your results. Maybe something like...
$dbVars=explode(',',$two_vars); // Assuming comma seperator
foreach($dbVars AS $key = $value) {
$eval=\$temp=.$value.;;
eval($eval);
echo $temp;
}
WTF do you need eval() for?!
$dbVars = explode( ',', $two_vars );
foreach( $dbVars as $value ) {
echo $value;
}
... does exactly the same thing.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables in Variables?
Jasper Bryant-Greene wrote:
Ben wrote:
$dbVars=explode(',',$two_vars); // Assuming comma seperator
foreach($dbVars AS $key = $value) {
$eval=\$temp=.$value.;;
eval($eval);
echo $temp;
}
WTF do you need eval() for?!
$dbVars = explode( ',', $two_vars );
foreach( $dbVars as $value ) {
echo $value;
}
Ah, sorry, I see what I missed now... Still, I'm sure there's a way to
do this without resorting to eval()...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables from database
Stuart Felenstein wrote: I haven't try this yet but wondering if it's possible. Can I do something like this: select fieldone from table ; $myvar = $fieldone ? And more so could I do it with a where clause ? i.e. select fieldone from table where fieldone = 3 $myvar = $fieldone ? This is probably a stupid question. I am also wondering about syntax. Thank you, Stuart Stuart, why don't you try it first, then if you get the syntax wrong(as you have), you can fix it. Then if you are still in trouble, you can come to this newsgroup with a more meaningful request. It'll save you loads of time too. Best regards. . . Dusty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables inside a function
use the global keyword...
http://www.php.net/manual/en/language.variables.scope.php
On 3/7/2004 6:17 PM, Nathan Croker wrote:
I am relatively new to PHP. But something I can't seem to make work is when
I call one of the functions I have made and a variable is set inside that
function
eg. function blah ($bl,$ah) {
$bl++;
$ah++;
$blah=$bl+$ah;
}
I then echo $blah; somewhere else in the script but nothing is echo'd. How
do I make it so that I can use $blah anywhere in the script?
Thank you in advance for any help.
Nathan Croker
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables are working!
Thanks for helping me... Now its working perfectly. Problem was with globals as you all pointed-out. PHP Manual pages at http://www.php.net/manual/en/language.variables.predefined.php was very helpful overcome this problem (thanks alot Ben...). Kaushan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables not working!
Try using $_POST['fname'] instead of $fname. This just means that register_globals is probably set to off in php.ini, which is the recommended setting. Take a look at the section on predefined variables in the PHP manual for more on this: http://www.php.net/manual/en/language.variables.predefined.php -Ben Kaushan wrote: Hi, I am new to PHP scripting and struggling with the following problem. I have two files, an HTML file and a PHP file. HTML file contains a form with one text field and a submit button. When a user pressed the submit button, it calls the php file (form action=test.php ...). What the php file does is just echo back the text received from html file to the user again. Name of the text field is 'fname'. When I used this variable in the php file (as $fname) it does not contain the value of the text field. Query-string appended to the url during the submission is also correct. I checked for all syntax errors, but the codings are perfect. Do I have to change php.ini file to fix this problem. Could anyone can help me to solve this problem. Kaushan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Variables not working!
[snip] Try using $_POST['fname'] instead of $fname. [/snip] Or $_GET['fname'] depending on your form method -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables not working!
[snip] Try using $_POST['fname'] instead of $fname. [/snip] Or $_GET['fname'] depending on your form method Or even $_REQUEST['fname'], which doesn't care about which method is specified in the form. :p Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables scope question
Mike, It depends what you mean by local scope. If you declare the variable as global, it should be available to the code inside include1.txt and index.php. It will not be available to other pages however (i.e. it is not session global). To create a truly global (available to all pages in the site) variable, you should use a session variable. Regards, Steve Mike D [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I have recently noticed something that I wasn't aware of until now. I have index.php which contains include1.txt and include2.txt. If a variable is set in include1.txt it will *only* have a local scope, even if I declare it GLOBAL. Is this normal or a bug? - MD Mike Dunlop AWN, Inc. // www.awn.com [ e ] [EMAIL PROTECTED] [ p ] 323.606.4237 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables not passed on localhost setup
The problem is that your php.ini has register_globals = Off change it to On. You can also do the following at the top of your script - (this is the correct way): ?php $TestVar = (!empty($_GET['TestVar'])) ? true : false; ? Greg Watson wrote: Hi Guys, I've Googled and RTFM'd, but I can't seem to figure this out - it may not even be a php problem but I'm not sure. I've set up Apache, PHP and MySQL on my laptop running XP Home. Although I've coded php for a while now, I had never set these up on my own computer before. The php seems to be parsed ok, but it doesn't look as though variables are being passed from page to page. I used this as a VERY simple test: - p a href=index.php?TestVar=1Variable Test/a ? if (!$TestVar) print font color='red'- Not Set/font; if ($TestVar == 1) print font color='green'- Set and Displayed/font; ? /p - When I use this code on my ISP webserver (which I think is running RedHat Linux, and I know it obviously has php andMySQL), I get the 'Set and Displayed' message after clicking on the link. When I use it locally, although the url displays: http://localhost/index.php?TestVar=1 I still get the 'Not Set' message. I'm assuming I've not configured something correctly, but I don't know where else to look! If anyone could help I'd be very grateful. At least if I know it's not the php and to look more at Apache or something! Thank you, Greg Watson -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables not being past
The Doctor [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Questions, I have a cusotmer using a basic username and password verifier on a php Web Page. This was working and suddenly with I redefined the php environment, the php variables are not getting passed on. why? Questions you should answer 1) What kind of authentication? htaccess/apache, mysqldb, etc.. 2) Who wrote the authentication script? Is it part of the pear::Auth class? 3) What did you do to redefine the php environment? Change the php.ini file? Just to throw a guess out based on what you have given already you should check to see if the 'register_globals' option is set in php.ini. Many configurations will have it turned off for security reasons but if your authentication script was relying on them being turned on then it will fail. You can check the setting by either looking at the php.ini file in an editor or by running the following on your webserver: ?php phpinfo(); ? Good luck - John Zimmerman [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables don't pass... *sniff*
Daniel, Switch register_globals back on, and everything works as it always did. So do it! All this fuss about register_globals being insecure is a complete load of rubbish. This issue really bores me, but it seems programmers are wasting a lot of time on it, so I guess I'd better run through the arguments one more time... 1. You can never know whether the input to your script came from a real GET, a COOKIE, or a POST. It's very easy to create a simulated GET, COOKIE or POST. You don't even need a programming language if you've got the right tools. Even with php, (hardly a typical hacking tool), it's only a few lines of code. 2. That means that checking to make sure a variable was specifically a GET, COOKIE or POST variable has no security value whatsoever. 3. On the other hand, not worrying about how your script got its request variables (i.e. register globals is on) is intrinsically sound programming practice. Your code should work and your logic should be sound regardless of what happened before your script got executed. It's one of the great advantages of the internet. For example, on searches, you can have exactly the same search code and results page driven from a search form, or a link on another page, or a remote http request. You code once, but your code can be used in many different ways. 4. In any case, register globals off only protects the sloppy programmer from the sloppy hacker. It doesn't stop the good programmer from being as cautious as they like. You can already control the order in which variables are registered e.g. to make POST variables always override COOKIES or vice versa. And, you can, if you really need to, double-check with the global variables, HTTP_POST_VARS etc. 5. When it comes to access control, (which seems to be where the bogus security argument starts), there is only one safe approach. That is to require that a valid username and password are supplied with every request and then check them in every script. It's not hard, it doesn't take long and it's the proper way to do it. There's a whole section of the http protocol, http authentication, which is designed precisely to make this easy. But hey, don't worry about all this guff. Just switch register globals back on. If your system administrator/ISP won't let you, just refer them to this mail and tell them I'd be happy to explain anything they don't get. Keep it simple! George [EMAIL PROTECTED] wrote: Hi all! I'm using Apache 2.0.45, PHP 4.3.2RC4, and MySQL 3.23.49 on Windows 2003 Server Standard. I have a problem passing variables between pages. They simply get lost. Neither GET nor POST pass values, and even hardcoding them into the URL, like htpp://localhost/comeon.php?aVariable=dinganotherVariable=dong and putting this in comeon.php: echo(Values: $aVariable, $anotherVariable); only outputs Values: , ...I've tried with RC3 of PHP, even 4.3.1, but it doesn't work. I've used PHP on my machine with Apache 2 before, and it worked fine. Actually I used the same scripts fine on my old config. This was on XP however, so I'm not sure if it's got something to do with the OS. I'm hoping it's a configuration issue. Any ideas are VERY much appreciated =). Thanks, Daniel » There are 10 kinds of people - those who know binary and those who don't. « -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables not being past
Hi, Check the php.ini for register_globals By default, from PHP 4.2.0 register_globals is OFF Cheers, Catalin The Doctor [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Questions, I have a cusotmer using a basic username and password verifier on a php Web Page. This was working and suddenly with I redefined the php environment, the php variables are not getting passed on. why? -- Member - Liberal International On 11 Sept 2001 the WORLD was violated. This is [EMAIL PROTECTED] Ici [EMAIL PROTECTED] Society MUST be saved! Extremists must dissolve. Arsenal Winners of the FA CUp 2003! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables not being past
Could be because there is a solar eclipse somewhere If your going to ask a question, at least give details that matter. Asking a question like: Why isn't the sun shining?? Leaves endless possibilities as to why you can't see the sun. Is there a blanket over your head? Is it night time???.. Just give relevant details The Doctor [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Questions, I have a cusotmer using a basic username and password verifier on a php Web Page. This was working and suddenly with I redefined the php environment, the php variables are not getting passed on. why? -- Member - Liberal International On 11 Sept 2001 the WORLD was violated. This is [EMAIL PROTECTED] Ici [EMAIL PROTECTED] Society MUST be saved! Extremists must dissolve. Arsenal Winners of the FA CUp 2003! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: variables with
a) $mail-Body = h1 style=\color: prple; font-size: 20pt;\Heading/h1; b) $mail-Body = 'h1 style=color: prple; font-size: 20pt;Heading/h1'; The second method is better reabadle but also disable variable substitution and most escape sequences (\n and the like). hth Ian a. gray wrote: Hi, just a quick question. How do I include double quotes in a variable? I am trying to put html code in a variable in a mailing program: $mail-Body = h1 style=color: prple; font-size: 20pt;Heading/h1 Please e-mail me at a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a I know that you don't have to inclose everything in html tags with quotes, but sometimes you do. The above qon't work obviously as it has nested quotes. How do I get the above to work? Many thanks, Ian Gray __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com -- Arnold Schommer FS EDV Service Beratung GmbH An der Pönt 48 40885 Ratingen fon: +49 2102 186 400 fax: +49 2102 186 499 mailto:[EMAIL PROTECTED] http://www.fs-edv.de -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] re: variables with
Using the \ or using single quotes instead of double is great. However I am now finding a problem if someone inputs either single or double quotes on a form which uses php. The user inputs for example: I\ve performed many roles including Figaro, Dandini and 'Wotan' becomes: I\'ve performed many roles including \Figaro\, \Dandini\ and \'Wotan\' Is there a simple way of getting rid of the annoying backslash(\) from a the contents of a variable? Many thanks, Ian Gray = - Ian A. Gray Manchester, UK Telephone: +44 (0) 161 224 1635 - Fax: +44 (0) 870 135 0061 - Mobile: +44 (0) 7900 996 328 US Fax no.: 707-885-3582 E-mail: [EMAIL PROTECTED] - Websites: www.baritone.uk.com (performance) www.vocalstudio.co.uk (Tuition) - __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] re: variables with
php has a function stripslashes() you could try using. - charles On Monday, March 17, 2003, at 10:11 AM, Ian A. Gray wrote: Using the \ or using single quotes instead of double is great. However I am now finding a problem if someone inputs either single or double quotes on a form which uses php. The user inputs for example: I\ve performed many roles including Figaro, Dandini and 'Wotan' becomes: I\'ve performed many roles including \Figaro\, \Dandini\ and \'Wotan\' Is there a simple way of getting rid of the annoying backslash(\) from a the contents of a variable? Many thanks, Ian Gray = - Ian A. Gray Manchester, UK Telephone: +44 (0) 161 224 1635 - Fax: +44 (0) 870 135 0061 - Mobile: +44 (0) 7900 996 328 US Fax no.: 707-885-3582 E-mail: [EMAIL PROTECTED] - Websites: www.baritone.uk.com (performance) www.vocalstudio.co.uk (Tuition) - __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] re: variables with
-Original Message- From: Ian A. Gray [mailto:[EMAIL PROTECTED] Sent: 17 March 2003 15:11 Using the \ or using single quotes instead of double is great. However I am now finding a problem if someone inputs either single or double quotes on a form which uses php. The user inputs for example: I\ve performed many roles including Figaro, Dandini and 'Wotan' becomes: I\'ve performed many roles including \Figaro\, \Dandini\ and \'Wotan\' Is there a simple way of getting rid of the annoying backslash(\) from a the contents of a variable? http://uk2.php.net/stripslashes Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables not being received from form
cann't see any thing without your form! I think it is misstyping error,
check your form variables name,
specially upper case or lower case!
but try
$rank = $HTTP_POST_VARS[rank];
$title_new = $HTTP_POST_VARS[titles];
--
Sincerely your;
pei_world ( .::IT::. )
Peter Gumbrell [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Thanks to those who have helped me with my two other questions this
afternoon.
In the function below, the update query at the end is inserting empty
values
into the database. For some reason the lines:
re not picking up the form values.
Here is the complete function. I do not have a form action set so that I
can
read the SQL message. The update query is working.
function retrieve_select_listing($link, $workshop, $session, $username)
{
$query_retrieve = SELECT choice_ID, rank, workshop_id FROM choices_peter
WHERE workshop_ID = '$workshop' AND username ='$username';
$result1 = mysql_query($query_retrieve, $link) or die(display_db_query:
.
mysql_error());
$row1 = mysql_fetch_array($result1);
$choice_id = $row1[0];
$query_title = SELECT title, CONCAT(sessionlet, sesnumber) AS SessionID
FROM ECOO2003 WHERE sessionlet = '$session';
$result2 = mysql_query($query_title, $link) or die(display_db_query: .
mysql_error());
while ($columns = mysql_fetch_array($result2))
{
$column = $columns['title'];
$sessionid = $columns['SessionID'];
$selected = ;
if ($sessionid == $row1['workshop_id'])
{
$selected = SELECTED;
}
$title_block .= OPTION name='title' value=\$sessionid\
$selected$column/OPTION\n;
}
print trtd colspan=\4\;
$selected_session = $HTTP_POST_VARS['titles'];
print form method=\POST\ name=\update_workshop\ action=\\\n;
print Change the rank of this workshop, or select another workshop from
this session and click the update button.brbr/td/tr;
print trtd colspan=\4\table border=\1\ width=\80%\;
print trthworkshop/ththRank/ththWorkshop Title/th/tr;
print trtd$row1[2]/tdtdinput type = \text\ name =\rank\
value=$row1[1]/tdtdSELECT
NAME=\titles\$title_block/SELECT/td/tr\n;
print trtd colspan =\3\;
print input type=\hidden\ name=\update_select\ value=\v\;
print brAfter you have made your changes, click the Update button to
confirm these.br/td/trtrtd;
print INPUT TYPE=\Submit\ NAME=\Submit\ Value=\Update\/td;
print td/tdtd/td/tr;
print /table;
print /form;
if ($_POST['Submit']=='Update')
{
print updated!!;
$rank = $HTTP_POST_VARS['rank'];
$title_new = $HTTP_POST_VARS['titles'];
print rank =$rankbr;
print title# = $title_newbr;
$query_update = UPDATE choices_peter SET rank = '$rank', workshop_id =
'$title_new' WHERE choice_ID = '$choice_id';
$update = mysql_query($query_update, $link) or die(display_db_query: .
mysql_error());
}
}
Many thanks
Peter
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables not being received from form
Please, please, PLEASE don't correct code that isn't wrong with code
that is! Read http://www.php.net/manual/en/language.types.array.php.
To answer the original question, the $HTTP_POST_VARS variable is out of
scope in your function. Either use $_POST superglobal array if you're
using 4.1.0 or higher, or use $GLOBALS['HTTP_POST_VARS']['formvarhere']
pei_world wrote:
cann't see any thing without your form! I think it is misstyping error,
check your form variables name,
specially upper case or lower case!
but try
$rank = $HTTP_POST_VARS[rank];
$title_new = $HTTP_POST_VARS[titles];
--
Sincerely your;
pei_world ( .::IT::. )
Peter Gumbrell [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Thanks to those who have helped me with my two other questions this
afternoon.
In the function below, the update query at the end is inserting empty
values
into the database. For some reason the lines:
re not picking up the form values.
Here is the complete function. I do not have a form action set so that I
can
read the SQL message. The update query is working.
function retrieve_select_listing($link, $workshop, $session, $username)
{
$query_retrieve = SELECT choice_ID, rank, workshop_id FROM choices_peter
WHERE workshop_ID = '$workshop' AND username ='$username';
$result1 = mysql_query($query_retrieve, $link) or die(display_db_query:
.
mysql_error());
$row1 = mysql_fetch_array($result1);
$choice_id = $row1[0];
$query_title = SELECT title, CONCAT(sessionlet, sesnumber) AS SessionID
FROM ECOO2003 WHERE sessionlet = '$session';
$result2 = mysql_query($query_title, $link) or die(display_db_query: .
mysql_error());
while ($columns = mysql_fetch_array($result2))
{
$column = $columns['title'];
$sessionid = $columns['SessionID'];
$selected = ;
if ($sessionid == $row1['workshop_id'])
{
$selected = SELECTED;
}
$title_block .= OPTION name='title' value=\$sessionid\
$selected$column/OPTION\n;
}
print trtd colspan=\4\;
$selected_session = $HTTP_POST_VARS['titles'];
print form method=\POST\ name=\update_workshop\ action=\\\n;
print Change the rank of this workshop, or select another workshop from
this session and click the update button.brbr/td/tr;
print trtd colspan=\4\table border=\1\ width=\80%\;
print trthworkshop/ththRank/ththWorkshop Title/th/tr;
print trtd$row1[2]/tdtdinput type = \text\ name =\rank\
value=$row1[1]/tdtdSELECT
NAME=\titles\$title_block/SELECT/td/tr\n;
print trtd colspan =\3\;
print input type=\hidden\ name=\update_select\ value=\v\;
print brAfter you have made your changes, click the Update button to
confirm these.br/td/trtrtd;
print INPUT TYPE=\Submit\ NAME=\Submit\ Value=\Update\/td;
print td/tdtd/td/tr;
print /table;
print /form;
if ($_POST['Submit']=='Update')
{
print updated!!;
$rank = $HTTP_POST_VARS['rank'];
$title_new = $HTTP_POST_VARS['titles'];
print rank =$rankbr;
print title# = $title_newbr;
$query_update = UPDATE choices_peter SET rank = '$rank', workshop_id =
'$title_new' WHERE choice_ID = '$choice_id';
$update = mysql_query($query_update, $link) or die(display_db_query: .
mysql_error());
}
}
Many thanks
Peter
--
The above message is encrypted with double rot13 encoding. Any unauthorized attempt
to decrypt it will be prosecuted to the full extent of the law.
[PHP] Re: Variables and http
Hacook [EMAIL PROTECTED] ha scritto nel messaggio [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, I have a page (to create a database) with X text fields called chpX (chp0, chp1, chp2..Etc) that posts these variables to a php file. I would like to know how can i get these values ? (I have also the $i variable that tells me what is the max X) first you have to create the var name in a string, like $var = 'chp'.$i ; // $i is the number then retrive the posted value $value = $_POST[$var] ; bye -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables and http
thanks, works perfectly - Original Message - From: Mattia [EMAIL PROTECTED] Newsgroups: php.general To: [EMAIL PROTECTED] Sent: Thursday, December 05, 2002 12:41 PM Subject: Re: Variables and http Hacook [EMAIL PROTECTED] ha scritto nel messaggio [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, I have a page (to create a database) with X text fields called chpX (chp0, chp1, chp2..Etc) that posts these variables to a php file. I would like to know how can i get these values ? (I have also the $i variable that tells me what is the max X) first you have to create the var name in a string, like $var = 'chp'.$i ; // $i is the number then retrive the posted value $value = $_POST[$var] ; bye -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables
On Dom 03 Nov 2002 06:40, David Jackson wrote: Bryan McLemore wrote: What is a variables value before said value has been assigned a value? Thanks Bryan Wouldn't it be null or empty ? NULL -- Porqué usar una base de datos relacional cualquiera, si podés usar PostgreSQL? - Martín Marqués |[EMAIL PROTECTED] Programador, Administrador, DBA | Centro de Telematica Universidad Nacional del Litoral - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables
Bryan McLemore wrote: What is a variables value before said value has been assigned a value? Thanks Bryan Wouldn't it be null or empty ? Just a guess, David -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables aren't being passed to php page
Jason Wong wrote: On Monday 15 July 2002 03:55, Tim Luoma wrote: Jason Wong wrote: This list gets at least one question a day on this subject ... And there will be a lot more as people scan the web for example scripts and find ones that assume 'register_globals' is set to on. Questions coming from those sources are partly understandable. It was confusing to me to wonder why from one day to the next the same scripts stopped working, until I checked the PHP version. What I was referring to was the particular case of I've got an application that was working perfectly using php X.XX, then I upgraded to php Y.YY and now it doesn't work anymore. It is those people who should look before they leap and read before they upgrade. Quite right. TjL -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables aren't being passed to php page
This is no problem. Since PHP 4.2 register_globals is disabled by default (in prior versions it was enabled). Either you can use the $_POST, $_GET etc. arrays or simply set register_globals in the php.ini to On ! -micha Mike Heffner wrote: Hi, I've recently upgraded from PHP 4.0.4p11 - PHP 4.2.1, but now there seems to be a problem that variables from POST/GET are not being passed to the PHP page. For example, with the following file test.php, using the URL 'test.php?mid=1' displays 'nope'. ? if (isset($mid)) echo $mid; else echo nope; ? Is this a known problem, or is this some configuration issue? Thanks for any help, Mike -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables aren't being passed to php page
Jason Wong wrote: This list gets at least one question a day on this subject ... And there will be a lot more as people scan the web for example scripts and find ones that assume 'register_globals' is set to on. TjL -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables aren't being passed to php page
On Monday 15 July 2002 03:55, Tim Luoma wrote: Jason Wong wrote: This list gets at least one question a day on this subject ... And there will be a lot more as people scan the web for example scripts and find ones that assume 'register_globals' is set to on. Questions coming from those sources are partly understandable. What I was referring to was the particular case of I've got an application that was working perfectly using php X.XX, then I upgraded to php Y.YY and now it doesn't work anymore. It is those people who should look before they leap and read before they upgrade. -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* If all the world's a stage, I want to operate the trap door. -- Paul Beatty */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: variables not being passed from form ??
Got it! 'file_uploads' was Off in /etc/php.ini. That was stopping all form variables from being passed from the file upload form Thanks all! AFC Anthony 'Crash' Ciarochi [EMAIL PROTECTED] wrote in message 024e01c21711$111d2200$[EMAIL PROTECTED]">news:024e01c21711$111d2200$[EMAIL PROTECTED]... I have a web page which contains a form whose action is a php script. Unfortunately, NONE of the form's variables are being passed when the form is submitted. For example: the submit button's name is 'submit', and the value is 'Add', but in the receiving php script, $submit is empty, and so is $HTTP_POST_VARS[submit'] register_globals is On The form method is post. What else am I missing? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables - Using The Contents Of A Varibale Name Built Dynamically
Michael Davey [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... You could give the button the same name in each form - only the fields in between the form/form tags is actually submitted, then put a hidden field in the form that uniquely identifies the data being submitted. Just a thought... it is what I usually do... Won't that treat all radio buttons on the page as one group, instead of being separate groups for each form? -- _ _ o oJason Teagle [EMAIL PROTECTED] v -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables - Using The Contents Of A Varibale Name Built Dynamically
Won't that treat all radio buttons on the page as one group, instead of being separate groups for each form? No - the form/form tags enclose the data that is being submitted - nothing outside of the tags will reach the script that handles the request. Mikey -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables - Using The Contents Of A Varibale Name Built Dynamically
You could give the button the same name in each form - only the fields in
between the form/form tags is actually submitted, then put a hidden field
in the form that uniquely identifies the data being submitted.
Just a thought... it is what I usually do...
Mikey
Jason Teagle [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
I have found an alternate way of achieving what I want, but I'm wondering
if
there was an easier way. I have a PHP file that builds a Web page that
includes forms. The forms are built dynamically based on the contents of a
file, and thus there may be one or two or more forms on the page at any
time. This means that I have controls named $btnChoice1 (first form),
$btnChoice2 (second form), etc. (radio buttons). All of these forms are of
a
similar format, and so lead to the same PHP page in their action - a
parameter is passed in the URL to identify which form it came from.
When the form passes to its action file, another PHP file, there are two
ways to get form data: $_POST[control_name] or $control_name. The
problem
is, the control name I need has to be built dynamically based on which
form
it came from. So I need this:
$btnName = btnChoice . $form_number ;
But now I have the tricky bit - $_POST[$btnName] doesn't work because it
requires nested substitution of variables, and similarly I can't echo
$btnName because that will of course use btnChoice2 instead of the
_contents_ of the control named btnChoice2.
Is it possible to 'dereference' (whatever the term is) the variable name
twice? I tried
$$btnName
in the stupid hope that it would first interpret that to
$btnChoice2
and then interpret that to the contents of the control, but of course it
failed.
I ended up using foreach on $_POST to pull out control names and their
contents, and comparing the control name to my built-up name - but I was
wondering if there's a more elegant way of doing what I wanted?
Promise my next question to the group will be short {:v)
--
_ _
o oJason Teagle
[EMAIL PROTECTED]
v
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: variables
you can use $_POST['name1'] if you're using post vars $_GET['name1'] if you're using get vars Regards Michael Roman Duriancik [EMAIL PROTECTED] schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... When are set in php.ini (php version 4.2.1 on linux) register_globals = Off how I read variables from html files with forms in other php file ? Thanks roman for example : html file : form action=query.php method=POST input type=text name=name1 value= input type=submit value = OK class=button /form and in php file ? echo $name1; ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: variables
Also, it's good to read the press releases: http://www.php.net/release_4_2_1.php External variables We would also like to attend you on a big change in PHP 4.2.0 concerning variable handling. External variables (from the environment, the HTTP request, cookies or the web server) are no longer registered in the global scope by default. The preferred method of accessing these external variables is by using the new Superglobal arrays, introduced in PHP 4.1.0. http://www.php.net/release_4_1_0.php On Wed, May 22, 2002 at 11:52:02AM +0200, Michael Virnstein wrote: : : you can use : : $_POST['name1'] if you're using post vars : $_GET['name1'] if you're using get vars : : Roman Duriancik [EMAIL PROTECTED] schrieb: : : When are set in php.ini (php version 4.2.1 on linux) register_globals = Off : how I read variables from html files with forms in other php file ? -- Eugene Lee [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables within variable names
Once I had a bit of experience with variable variables, I found them very useful. But I did discover that you can't embed variable variables (or values from arrays) in the SQL statements I was sending to MySQL. I had to create a temporary variable for use in my SQL statements. I'm not sure why, whether I was missing something. Rita Mikusch -Original Message- From: HeyJim [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 02, 2002 10:26 PM To: Jackson Miller; [EMAIL PROTECTED] Subject: Re: Variables within variable names I agree with Jason and Miguel, but if you really want to do this, you could try: $type = basic; $user = $type._user; $$user = jaxn; echo $basic_user; I can see where something like this *could* be useful, but I'd still use the arrays. Jim. At 12:43 PM 5/2/02, Jackson Miller wrote: I want to do something along the lines of: $type = basic; $$type_user = jaxn; echo $basic_user; and have the output be jaxn. __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables within variable names
I agree with Jason and Miguel, but if you really want to do this, you could try: $type = basic; $user = $type._user; $$user = jaxn; echo $basic_user; I can see where something like this *could* be useful, but I'd still use the arrays. Jim. At 12:43 PM 5/2/02, Jackson Miller wrote: I want to do something along the lines of: $type = basic; $$type_user = jaxn; echo $basic_user; and have the output be jaxn. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables within a string
On Thursday 14 March 2002 14:14, Analysis Solutions wrote:
[snip]
The examples on that page are lame. For example:
if($HTTP_COOKIE_VARS['username']){
// can only come from a cookie, forged or otherwise
$good_login = 1;
fpassthru (/highly/sensitive/data/index.html);
}
[snip]
Admittedly the example given in the manual wasn't very good or clear. Let's
change the example slightly.
if($HTTP_COOKIE_VARS['username']) {
// can only come from a cookie, forged or otherwise
$good_login = 1;
}
// later on ...
if ($good_login) {
fpassthru (/highly/sensitive/data/index.html); }
else {
echo(Hello, you're not logged in!);
}
Now if register_globals was ON then it's a simple matter of passing a value
in the URL to gain access to the sensitive data without actually having to
log in:
http://www.domain.com/display_secret_data.php?good_login=1
If register_globals is OFF then the above ploy would not work because
good_login would not automatically make it into the variable namespace.
Enabling register_globals is nice and convenient but it's very easy to shoot
yourself in the foot if you don't track where your variables are coming from,
or you don't initialise your variables properly.
--
Jason Wong - Gremlins Associates - www.gremlins.com.hk
/*
Carmel, New York, has an ordinance forbidding men to wear coats and
trousers that don't match.
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables within a string
On Tue, Mar 12, 2002 at 05:42:12PM +0800, Jason Wong wrote:
On Tuesday 12 March 2002 12:27, Analysis Solutions wrote:
The source of the data *does* matter. That is why the latest releases of
PHP ( 4.0.6) recommends having register_globals OFF by default.
... snip snip snip ...
To see why the source of data matters, see the chapter Security::Using
Register Globals
The examples on that page are lame. For example:
if($HTTP_COOKIE_VARS['username']){
// can only come from a cookie, forged or otherwise
$good_login = 1;
fpassthru (/highly/sensitive/data/index.html);
}
Naturally, just because someone submits a user name doesn't make their
submission valid. I know, they're just using that as an example. But,
in the real world, you need to first make sure the username submitted
fits within your expected parameters of length and character types.
Plus, if you're about to put that user name into a query, doesn't
contain any characters which will trick the query. Then, you need to
check that the user name is valid. Then, and only then, would you
permit the user to get the sensitive data. Regardless of where the data
comes from, all of those steps need to be taken. Thus, it doesn't
matter where the data came from.
But if you don't know where the data came from then it's not secure. Consider
a real-life example. Robin Hood steals the Sheriff's ATM card, and the
Sheriff stupidly enough has written the PIN onto the back of the card. Now
Robin can go and withdraw all the money from the Sheriff's account because
the ATM has no way of knowing that the card was stolen (it doesn't know where
the source of the data came from), all it knows is that the data is valid
(right card, right PIN).
Hmm. You're correct. At the same time, the point I'm trying to make is
not about the person transmitting the data, but rather, the means
they're doing so. My issue is the thief would also be able to use that
pin to (hypothetically, of course) access the Sheriff's account via
debit card purchases in stores, the bank's website and bank-by-phone
services.
Regardless of the means used to transmit the PIN, the bank still needs
to ensure the data is clean before they perform the check to see if the
PIN is the right PIN for that account.
Enjoy,
--Dan
--
PHP scripts that make your job easier
http://www.analysisandsolutions.com/code/
SQL Solution | Layout Solution | Form Solution
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables within a string
On Tuesday 12 March 2002 12:27, Analysis Solutions wrote: For security reasons. To make sure the variable did come from POSTing a form and not from the URL. Neither is more or less secure. The source of the data doesn't matter. The source of the data *does* matter. That is why the latest releases of PHP ( 4.0.6) recommends having register_globals OFF by default. That is also why instead of the cumbersome $HTTP_POST_VARS[] (etc) it's been changed to a much shorter $_POST[]. And to further encourage you to use the new form, $_POST[], $GET[] etc have been made super global so they can be used directly inside functions without having to declare them as global. To see why the source of data matters, see the chapter Security::Using Register Globals Regardless of where the info is from, validating user input is the only way to ensure security. But if you don't know where the data came from then it's not secure. Consider a real-life example. Robin Hood steals the Sheriff's ATM card, and the Sheriff stupidly enough has written the PIN onto the back of the card. Now Robin can go and withdraw all the money from the Sheriff's account because the ATM has no way of knowing that the card was stolen (it doesn't know where the source of the data came from), all it knows is that the data is valid (right card, right PIN). -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* Let not the sands of time get in your lunch. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables within a string
I love your example.. But if you don't know where the data came from then it's not secure. Consider a real-life example. Robin Hood steals the Sheriff's ATM card, and the Sheriff stupidly enough has written the PIN onto the back of the card. Now Robin can go and withdraw all the money from the Sheriff's account because the ATM has no way of knowing that the card was stolen (it doesn't know where the source of the data came from), all it knows is that the data is valid (right card, right PIN). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables within a string
On Monday, March 11, 2002, at 10:34 PM, Jason Wong wrote:
On Monday 11 March 2002 11:10, Chris Cocuzzo wrote:
$foo = Entry for . $HTTP_POST_VARS[name];
$foo = Entry for for $HTTP_POST_VARS[name];
But that's not good programming. Associative arrays should have the
key
quoted in order to avoid confusion with contants. See
http://www.php.net/manual/en/language.types.array.php#language.types.array.
donts
Inside of double-quoted strings there is no need to single-quote the
array
key (in fact it can't be done, gives syntax error). The section of the
manual
you quoted states this :)
I thought that it could be done like so:
$foo = Entry for {$HTTP_POST_VARS['name']};
Sorry for butting in,
Erik
Erik Price
Web Developer Temp
Media Lab, H.H. Brown
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Variables within a string
Oh, so that's how you deal with indexed variables inside of double quotes... I can't believe that has eluded me for so long... --- From: Jason Wong [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Mon, 11 Mar 2002 12:09:15 +0800 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: Re: [PHP] Variables within a string On Monday 11 March 2002 11:10, Chris Cocuzzo wrote: I would imagine the problem has something to do with those escaped quote marks, but in any case, you could probably get around it by doing this: $foo = Entry for . $HTTP_POST_VARS[name]; some correct me if I'm wrong Or simply: $foo = Entry for for $HTTP_POST_VARS[name]; -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* If you don't have a nasty obituary you probably didn't matter. -- Freeman Dyson */
Re: [PHP] Re: Variables within a string
On Tuesday 12 March 2002 11:11, Analysis Solutions wrote: On Mon, Mar 11, 2002 at 08:39:16PM -0500, webapprentice wrote: From: Jason Wong [EMAIL PROTECTED] On Monday 11 March 2002 11:10, Chris Cocuzzo wrote: $foo = Entry for . $HTTP_POST_VARS[name]; $foo = Entry for for $HTTP_POST_VARS[name]; But that's not good programming. Associative arrays should have the key quoted in order to avoid confusion with contants. See http://www.php.net/manual/en/language.types.array.php#language.types.array. donts Inside of double-quoted strings there is no need to single-quote the array key (in fact it can't be done, gives syntax error). The section of the manual you quoted states this :) [snip] Now, I wonder why you're even assigning this information to yet another varialbe. Why not just use the information straight up?: echo Entry for for $name; Of course, there are legitimate reasons for your approach, but often new programmers needlessly assign stuff to varialbes. Just making sure. For security reasons. To make sure the variable did come from POSTing a form and not from the URL. Finally, if you really want to use $HTTP_POST_VARS[] AND your'e running PHP 4.1*, consider using the superglobal $_POST[] instead. -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* Nobody knows what goes between his cold toes and his warm ears. -- Roy Harper */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Variables within a string
On Tue, Mar 12, 2002 at 11:34:14AM +0800, Jason Wong wrote: On Tuesday 12 March 2002 11:11, Analysis Solutions wrote: On Mon, Mar 11, 2002 at 08:39:16PM -0500, webapprentice wrote: From: Jason Wong [EMAIL PROTECTED] On Monday 11 March 2002 11:10, Chris Cocuzzo wrote: $foo = Entry for . $HTTP_POST_VARS[name]; $foo = Entry for for $HTTP_POST_VARS[name]; But that's not good programming. Associative arrays should have the key quoted in order to avoid confusion with contants. Inside of double-quoted strings there is no need to single-quote the array key (in fact it can't be done, gives syntax error). The section of the manual you quoted states this :) Yes. Quoting the array key inside a string is not correct. Never said it was. Now that I think about it, though, if you use the associative array inside a string, there's no way the string key can be confused with a constant, so the main point of my initial post is mute. So, you're right that the following is kosher: $foo = Entry for for $HTTP_POST_VARS[name]; For security reasons. To make sure the variable did come from POSTing a form and not from the URL. Neither is more or less secure. The source of the data doesn't matter. Regardless of where the info is from, validating user input is the only way to ensure security. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: variables
Sure you can!
consider this simple example:
html
body
a href=javascript:setvars('var1value', 'var2value')click here to go to
next page/a
script language=JavaScript
!--
function setvars(var1, var2)
{
df = document.dataform;
df.var1.value = var1;
df.var2.value = var2;
df.submit();
}
//--
/script
form name=dataform action=page2.php method=post
input type='hidden' name='var1'
input type='hidden' name='var2'
/form
/body
/html
it's using hidden forms...
you can also use sessions...
[EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hello,
Is it possible to transfer certain variables to a new scripts, but not
doing
this as uri-parameters (../bla.php?var1=varvar2=var#)
I need it for Usernames and passwords and when the pages get cached the
usernames and pwd's can be viewed in the Temp-inetfiles-folder in
Windhoze.
Thanks,
Bart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: variables
Thanks for the fast answer1
Yes I thought of that, but I also got the problem using the $vars in frames:
I'm using a authenticationform for users to get to a frameset. Now I'm
transfering the usernames/pwds in the uri-string to all the framepages. In
all framepages I check for $PHP_AUTH_USER to be set and when so I query the
db again and.
It seems that the vars aren't global. How can I globalize the vars so they
are usable in other files. Are sessions teh only option?
Thanks in advance,
Bart
-Oorspronkelijk bericht-
Van: _lallous [mailto:[EMAIL PROTECTED]]
Verzonden: dinsdag 11 september 2001 12:23
Aan: [EMAIL PROTECTED]
Onderwerp: [PHP] Re: variables
Sure you can!
consider this simple example:
html
body
a href=javascript:setvars('var1value', 'var2value')click here to go to
next page/a
script language=JavaScript
!--
function setvars(var1, var2)
{
df = document.dataform;
df.var1.value = var1;
df.var2.value = var2;
df.submit();
}
//--
/script
form name=dataform action=page2.php method=post
input type='hidden' name='var1'
input type='hidden' name='var2'
/form
/body
/html
it's using hidden forms...
you can also use sessions...
[EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hello,
Is it possible to transfer certain variables to a new scripts, but not
doing
this as uri-parameters (../bla.php?var1=varvar2=var#)
I need it for Usernames and passwords and when the pages get cached the
usernames and pwd's can be viewed in the Temp-inetfiles-folder in
Windhoze.
Thanks,
Bart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Re: variables
In that case you'll have to use session_variables or cookies.
mostly session_variables are better especially for authentication and
login/logout systems...
[EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Thanks for the fast answer1
Yes I thought of that, but I also got the problem using the $vars in
frames:
I'm using a authenticationform for users to get to a frameset. Now I'm
transfering the usernames/pwds in the uri-string to all the framepages. In
all framepages I check for $PHP_AUTH_USER to be set and when so I query
the
db again and.
It seems that the vars aren't global. How can I globalize the vars so they
are usable in other files. Are sessions teh only option?
Thanks in advance,
Bart
-Oorspronkelijk bericht-
Van: _lallous [mailto:[EMAIL PROTECTED]]
Verzonden: dinsdag 11 september 2001 12:23
Aan: [EMAIL PROTECTED]
Onderwerp: [PHP] Re: variables
Sure you can!
consider this simple example:
html
body
a href=javascript:setvars('var1value', 'var2value')click here to go to
next page/a
script language=JavaScript
!--
function setvars(var1, var2)
{
df = document.dataform;
df.var1.value = var1;
df.var2.value = var2;
df.submit();
}
//--
/script
form name=dataform action=page2.php method=post
input type='hidden' name='var1'
input type='hidden' name='var2'
/form
/body
/html
it's using hidden forms...
you can also use sessions...
[EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hello,
Is it possible to transfer certain variables to a new scripts, but not
doing
this as uri-parameters (../bla.php?var1=varvar2=var#)
I need it for Usernames and passwords and when the pages get cached the
usernames and pwd's can be viewed in the Temp-inetfiles-folder in
Windhoze.
Thanks,
Bart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: variables
Thanks,
I'll implement sessions... :)
regards
Bart
-Oorspronkelijk bericht-
Van: _lallous [mailto:[EMAIL PROTECTED]]
Verzonden: dinsdag 11 september 2001 13:30
Aan: [EMAIL PROTECTED]
Onderwerp: Re: [PHP] Re: variables
In that case you'll have to use session_variables or cookies.
mostly session_variables are better especially for authentication and
login/logout systems...
[EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Thanks for the fast answer1
Yes I thought of that, but I also got the problem using the $vars in
frames:
I'm using a authenticationform for users to get to a frameset. Now I'm
transfering the usernames/pwds in the uri-string to all the framepages. In
all framepages I check for $PHP_AUTH_USER to be set and when so I query
the
db again and.
It seems that the vars aren't global. How can I globalize the vars so they
are usable in other files. Are sessions teh only option?
Thanks in advance,
Bart
-Oorspronkelijk bericht-
Van: _lallous [mailto:[EMAIL PROTECTED]]
Verzonden: dinsdag 11 september 2001 12:23
Aan: [EMAIL PROTECTED]
Onderwerp: [PHP] Re: variables
Sure you can!
consider this simple example:
html
body
a href=javascript:setvars('var1value', 'var2value')click here to go to
next page/a
script language=JavaScript
!--
function setvars(var1, var2)
{
df = document.dataform;
df.var1.value = var1;
df.var2.value = var2;
df.submit();
}
//--
/script
form name=dataform action=page2.php method=post
input type='hidden' name='var1'
input type='hidden' name='var2'
/form
/body
/html
it's using hidden forms...
you can also use sessions...
[EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hello,
Is it possible to transfer certain variables to a new scripts, but not
doing
this as uri-parameters (../bla.php?var1=varvar2=var#)
I need it for Usernames and passwords and when the pages get cached the
usernames and pwd's can be viewed in the Temp-inetfiles-folder in
Windhoze.
Thanks,
Bart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: variables.
Hmm... It seems that you're variables are beeing reposted upon each page reload. yes, some code might help. Johan Vikerskog [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED].. . ok, i still am a newbie to this and therefor ill ask this silly question. I have made a small test script which checks the inputted name and pass against my database and if it was successfull it typed out success! and if it wasnt successfull it types out wrong password! My problem is. everytime i reload the page it prints out the last result. I mean when i want to reload the page it should be empty. But it isnt. Does anyone know how i can do this? If you dont understand my question ill post the script here, i just thought i wouldent flame your mailboxes. //Johan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Variables
try this little form example out:
--example.php--
?php
if ( (isset($t1))(isset($t2)) ) {
if ($t1==$t2) {
echo they are equal;
} else {
echo they are not equal;
}
}
?
html
body
br
br
form name=form1 method=post action=?=$PHP_SELF?
input type=text name=t1
t1br
input type=text name=t2
t2 br
input type=submit name=Submit value=Submit
/form
/body
/html
-/example.php--
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] RE: Variables within functions, out?
-Original Message-
From: James, Yz [mailto:[EMAIL PROTECTED]]
Sent: 01 February 2001 22:22
To: [EMAIL PROTECTED]
Subject: Variables within functions, out?
Hey guys. Can I firstly say, thanks to all of you who helped
me out with my
last question about importing MS Access databases into
MySQL... It helped
tons!
However, I have another question.
Firstly, I've strayed away from writing many of my own
functions, because
they give me the fear. But the code on the pages I am
creating has forced
me to wake up... I really sould think about cutting back on code.
SO, anyway, to cut to the chase, my question is this: If I write a
function, which performs checks and assigns variable based on
these checks,
how do I get the assigned variables from within the function?
For example
(this is more than likely VERY wrong), something like this:
global.inc:
?
function CheckBirthday() {
global $year,$month,$day;
if (($day) ($month) ($year)) {
if (checkdate($day,$month,$year) {
$birthday = "$year/$month/$day";
} else {
$birthday = "Invalid";
}
}
}
?
the correct use of a function would be ...
function CheckBirthday($year,$month,$day) {
if (($day) ($month) ($year)) {
if (checkdate($day,$month,$year) {
$birthday = "$year/$month/$day";
} else {
$birthday = "Invalid";
};
};
return $birthday;
}
this function can now be used by a calling program without the callong
program needing to know anything about it's internal working.
File that would update / insert information to a MySQL database:
?
// Connection details here
require("global.inc");
CheckBirthday();
$sql = "UPDATE MyTable
SET
birthday = \"$birthday\"
WHERE id = \"$id\"
";
// etc
?
Even when I KNOW that I have included correct values, the
$birthday variable
never shows up outside the function. It's probably something
simple I'm
missing, as in most cases ;)
Thanks for your patience,
James.
Tim Ward
Senior Systems Engineer
Please refer to the following disclaimer in respect of this message:
http://www.stivesdirect.com/e-mail-disclaimer.html
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
