the sticky form is that if validation didn't pass, re-display the form
with the value in the text input again (and for other input field as
well...)
no book I read did it correctly so far. (just for the text input)
to reduce the problem, how about write a PHP program that will submit
to itself, so that
typing in
foo "bar" foo
and click "Submit" and the form will re-display the form with
foo "bar" foo
already typed in, kind of like what Google will behave.
Of the few books I read, none of them has a correct solution. If you
know which book has a correct solution to this, please point me to it.
16  1344 
On Oct 13, 5:18 am, Summercool <Summercooln...@gmail.comwrote:
>
typing in
foo "bar" foo
and click "Submit" and the form will re-display the form with
foo "bar" foo
and that
foo 'bar' foo
should work too.
..oO(Summercool)
>the sticky form is that if validation didn't pass, re-display the form
with the value in the text input again (and for other input field as
well...)
no book I read did it correctly so far. (just for the text input)
to reduce the problem, how about write a PHP program that will submit
to itself, so that
typing in
foo "bar" foo
and click "Submit" and the form will re-display the form with
foo "bar" foo
already typed in, kind of like what Google will behave.
Of the few books I read, none of them has a correct solution.
What makes you think that they're not correct? What have you tried so
far? What problems do you have?
Actually this is a pretty simple task, in fact the PHP code for a single
input field could be reduced to a single line if necessary. So I'm quite
curious how it's done in your books.
Micha
On Oct 13, 5:29 am, Michael Fesser <neti...@gmx.dewrote:
Actually this is a pretty simple task, in fact the PHP code for a single
input field could be reduced to a single line if necessary. So I'm quite
curious how it's done in your books.
<form action="self.php" method="get">
<input name="val" type="text" value="<?= $_GET["val"] ?>">
<input type="submit" value="Post it">
</form>
</div>
usually they do something like this...
GET and POST are just the same...
none of them work for foo "bar" foo
and foo 'bar' foo
..oO(Summercool)
>On Oct 13, 5:29 am, Michael Fesser <neti...@gmx.dewrote:
>Actually this is a pretty simple task, in fact the PHP code for a single
input field could be reduced to a single line if necessary. So I'm quite
curious how it's done in your books.
<form action="self.php" method="get">
<input name="val" type="text" value="<?= $_GET["val"] ?>">
<input type="submit" value="Post it">
</form>
</div>
usually they do something like this...
OK. Even if the PHP code there is quite small, it contains 3(!) errors,
one of which is critical:
1) It relies on short open tags, which is a bad idea in general, because
it's an optional feature.
Fix: Use <?php echo ... ?to print something out. This will work on all
servers and configurations.
2) It doesn't check if there's a submitted value at all. The first call
of that page would throw a notice.
Fix: Check with isset($_GET['val']) if there is something at all before
using it. Such checks should be done for _all_ submitted variables.
3) The worst is the missing escaping of special HTML chars, which not
only breaks the form if such chars were entered (which is the problem
you encountered), it also allows for cross site scripting attacks.
Fix: Use htmlspecialchars() to escape any special chars in $_GET['val']
before printing it out. See the manual for details about the possible
parameters.
Micha
Summercool wrote:
On Oct 13, 5:29 am, Michael Fesser <neti...@gmx.dewrote:
>Actually this is a pretty simple task, in fact the PHP code for a single
input field could be reduced to a single line if necessary. So I'm quite
curious how it's done in your books.
<form action="self.php" method="get">
<input name="val" type="text" value="<?= $_GET["val"] ?>">
<input type="submit" value="Post it">
</form>
</div>
usually they do something like this...
GET and POST are just the same...
none of them work for foo "bar" foo
and foo 'bar' foo
Other than the fact they're using short tags, it should work fine.
They're assuming short tags are on, and your server probably has them
off. It doesn't mean they are wrong - just that the configuration on
your server doesn't match what the book assumes.
Change
<input name="val" type="text" value="<?= $_GET["val"] ?>">
to:
<input name="val" type="text" value="<?php echo $_GET["val"] ?>">
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
==================
On Oct 13, 6:20 am, Michael Fesser <neti...@gmx.dewrote:
>
Fix: Use htmlspecialchars() to escape any special chars in $_GET['val']
before printing it out. See the manual for details about the possible
parameters.
so you think using that will make it work? i don't know why but i
tried that and it didn't work in Firefox and IE. the foo "bar" foo
will come back as foo \"bar\" foo and click once more will get more
"\".
On Oct 13, 6:20 am, Michael Fesser <neti...@gmx.dewrote:
2) It doesn't check if there's a submitted value at all. The first call
of that page would throw a notice.
Fix: Check with isset($_GET['val']) if there is something at all before
using it. Such checks should be done for _all_ submitted variables.
it would? i thought it would just evaluate to nothing and prints out
nothing.
On Oct 13, 6:25 am, Jerry Stuckle <jstuck...@attglobal.netwrote:
Change
<input name="val" type="text" value="<?= $_GET["val"] ?>">
to:
<input name="val" type="text" value="<?php echo $_GET["val"] ?>">
one essential thing is to make foo "bar" foo
and foo 'bar' foo both work
Summercool wrote:
On Oct 13, 6:25 am, Jerry Stuckle <jstuck...@attglobal.netwrote:
>Change
<input name="val" type="text" value="<?= $_GET["val"] ?>">
to:
<input name="val" type="text" value="<?php echo $_GET["val"] ?>">
one essential thing is to make foo "bar" foo
and foo 'bar' foo both work
It will work. Michael's comments are also valid, but aren't stopping
your code from working.
It sounds like you're running with magic_quotes enabled. It's a setting
I wish they would have never had, and I recommend you turn it off.
If you can't turn it off, check the stripslashes() call.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
==================
On Oct 13, 7:05 am, Jerry Stuckle <jstuck...@attglobal.netwrote:
>
It sounds like you're running with magic_quotes enabled. It's a setting
I wish they would have never had, and I recommend you turn it off.
i checked phpinfo()
yes, magic_quotes_gpc is on, and it is said that it is the default
setting.
magic_quotes_runtime is off by default.
magic_quotes_sybase is off.
so shouldn't we work with the default setting? like if i use a
hosting company like Dreamhost, we can't ask them to turn off just for
us.
Summercool wrote:
On Oct 13, 7:05 am, Jerry Stuckle <jstuck...@attglobal.netwrote:
>It sounds like you're running with magic_quotes enabled. It's a setting
I wish they would have never had, and I recommend you turn it off.
i checked phpinfo()
yes, magic_quotes_gpc is on, and it is said that it is the default
setting.
magic_quotes_runtime is off by default.
magic_quotes_sybase is off.
so shouldn't we work with the default setting? like if i use a
hosting company like Dreamhost, we can't ask them to turn off just for
us.
I always run with magic_quotes_gpc off. If a host is running with it
on, just find another host. They're a dime a dozen.
You can check to see if they are on or off with get_magic_quotes_gpc().
But I always run with them off - why add slashes if you just need to
take them away again? And if I want to add them, I can (and will).
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
==================
On Oct 13, 7:05 am, Jerry Stuckle <jstuck...@attglobal.netwrote:
>
It sounds like you're running with magic_quotes enabled. It's a setting
I wish they would have never had, and I recommend you turn it off.
i checked phpinfo()
yes, magic_quotes_gpc is on, and it is said that it is the default
setting.
magic_quotes_runtime is off by default.
magic_quotes_sybase is off.
so shouldn't we work with the default setting? like if i use a
hosting company like Dreamhost, we can't ask them to turn off just for
us.
Summercool wrote:
On Oct 13, 7:05 am, Jerry Stuckle <jstuck...@attglobal.netwrote:
>It sounds like you're running with magic_quotes enabled. It's a setting
I wish they would have never had, and I recommend you turn it off.
i checked phpinfo()
yes, magic_quotes_gpc is on, and it is said that it is the default
setting.
magic_quotes_runtime is off by default.
magic_quotes_sybase is off.
so shouldn't we work with the default setting? like if i use a
hosting company like Dreamhost, we can't ask them to turn off just for
us.
I already answered you once. Did you read the answer?
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
==================
On Sun, 14 Oct 2007 16:43:09 +0200, Summercool <Su************@gmail.com>
wrote:
On Oct 13, 7:05 am, Jerry Stuckle <jstuck...@attglobal.netwrote:
>>
It sounds like you're running with magic_quotes enabled. It's a setting
I wish they would have never had, and I recommend you turn it off.
i checked phpinfo()
yes, magic_quotes_gpc is on, and it is said that it is the default
setting.
magic_quotes_runtime is off by default.
magic_quotes_sybase is off.
so shouldn't we work with the default setting?
Not neccesarily, that's why they're called settings. The only thing one
should do is trying to create code as independant from settings as
possible.
like if i use a
hosting company like Dreamhost, we can't ask them to turn off just for
us.
PHP settings in Apache can easily be set per virtual host, no other client
on the server need ever be troubled by them. Apache even supports setting
them in a per directory .htaccess files (which I often use on little
project on third-party servers to whip them into shape).
Prices for hosting as they are now, I can recommend anyone being
moderately serious about their site just to pay for a VPS. It's still dirt
cheap and one has close to total control.
--
Rik Wasmus
On Oct 14, 10:43 am, Summercool <Summercooln...@gmail.comwrote:
On Oct 13, 7:05 am, Jerry Stuckle <jstuck...@attglobal.netwrote:
It sounds like you're running with magic_quotes enabled. It's a setting
I wish they would have never had, and I recommend you turn it off.
i checked phpinfo()
yes, magic_quotes_gpc is on, and it is said that it is the default
setting.
magic_quotes_runtime is off by default.
magic_quotes_sybase is off.
so shouldn't we work with the default setting? like if i use a
hosting company like Dreamhost, we can't ask them to turn off just for
us.
PHP6 will no longer support magic quotes,along with register globals
and "safe mode". Some of these may be enabled by default on some PHP
versions, but you should disable them and not rely on them
whatsoever. Take a look at the link below for these changes as well
as reasons why they are going this way from the PHP hackers
themselves. http://www.php.net/~derick/meeting-notes.html
In our last episode, <11*********************@q5g2000prf.googlegroups.c om>,
the lovely and talented ELINTPimp broadcast on comp.lang.php:
If you read a little of the discussions at the link I provided above,
perhaps you will have more appreciation for the work that goes on,
mostly unpaid, behind the scenes to make your life better.
I did read it. The summary is: morons won't read the manual so we have to
save them from themselves by getting rid of this stuff.
--
Lars Eighner <http://larseighner.com/ <http://myspace.com/larseighner>
Countdown: 463 days to go.
What do you do when you're debranded? This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: michael nieuwenhuizen |
last post by:
how do i create a sticky form with multiple fields? say
i want a form with:
name:
address:
country:
and if a user presses the submit button it will show
|
by: dave |
last post by:
Hello,
Ok, i'm missing something probably very simple. I want to have some
forms that are sticky, a user fills one out then is given a personalized
thank you message on the next page and the Email...
|
by: Carramba |
last post by:
#include <stdio.h>
int main( void ){
char cQuit = 'a';
char cKommando , artistNamn , skivansNamn , cChar;
int cK ;
FILE *pekaFile;
printf( "l - for read file\n");
printf( "s - for writte...
|
by: Robert Schuldenfrei |
last post by:
I am an older person trying to learn C# just for the fun of it. I am a
veteran of older style languages (COBOL, FORTRAN, etc.) and I want to learn
an Object Orientated language. Currently working...
|
by: Billy Biro |
last post by:
Hi.
I'm looking for some recommendations for Visual Basic 2005 books.
Specifically, I'm NOT looking for books that detail the elements of
the language, nor explain OOP, but rather present...
|
by: dac |
last post by:
I am quietly going insane on this project. I've never worked on a project like this one before. All my previous sticky forms were for data entry, not editing. I don't know how to display the form...
|
by: sojo |
last post by:
As a web designer with only very rudimentary php skills, I've looked all over for a user friendly php form processor that includes sticky fields. The best match for my needs, php form wizard...
|
by: lorlarz |
last post by:
Crockford's JavaScript, The Good Parts (a book review).
This shall perhaps be the world's shortest book review (for one of the
world's
shortests books).
I like Douglas Crockford (because I am a...
|
by: student4lifer |
last post by:
Hello,
could someone show me how to make sticky form with dynamically
generated form element? for example, if one likes to make the
dynamically generated check box (and its name) 'sticky' that...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |
