RSS Forums RSS
Please support our PHP advertiser: Lunarpages PHP Web Hosting

Error getting forms to send information

Join Date: Jun 2004
Location: Maryland
Posts: 6
Reputation: fEcAlMaTteR is an unknown quantity at this point 
Rep Power: 0
Solved Threads: 0
fEcAlMaTteR fEcAlMaTteR is offline Offline
Newbie Poster

Re: Error getting forms to send information

  #3  
Jun 13th, 2004
What i like to do with form submissions...

First off, you never want to put your SQL login info directly in your script instead make a file like db.cnnt.php
Inside, write something like this...
<?PHP
//  No direct call...
if(ereg('db.cnnt.php', $_SERVER['SCRIPT_NAME']))
{
    die("Access Denied!  No Direct Call!");
}
//  Set DB login vars...
$SQL_Host = 'localhost:3306';
$SQL_Usr = 'Your_Username';
$SQL_Pss = 'Your_Password';
$SQL_DB = 'Database_Name';
//  Now connect to the database server...
if(!$SQL_LNK = @mysql_pconnect($SQL_Host, $SQL_Usr, $SQL_Pss))
{
    die("Couldn't Connect to Database Server...");
}
//  Now select the database...
if(!$SQL_SLT = @mysql_select_db($SQL_DB))
{
    die("Couldn't Connect to database");
}
// Or if you use multiple databases/users you can just set the different login Vars here and call connect function in the script.
?>

Now make a functions file to house the functions you use on many different pages...
functions.inc.php
<?PHP
//functions
function ControlContent($string)
{
 //You can set more vars to this one.  for instance if you want to only strip_tags from certain inputs...You could add $HTML to the function vars.  If $HTML == 0 or $HTML == NULL then strip_tags ELSE dont strip_tags.  But in this example im just gonna fix the strings
 
 $string =  strip_tags(trim(stripslashes(urldecode($string))));
 return $string;
} //End of function

function NoGET($METHOD)
{
 if(eregi('get', $METHOD))
 {
  die("Access denied!  Post method only");
 }
}

//Of course there are many more functions you could make but I'll stop there.
?>

Now finally
ForumHandle.php
<?PHP
require_once("db.cnnt.php");
require("functions.inc.php");
  NoGET($_SERVER['REQUEST_METHOD']);
  //  takes takes all vars out of the $_POST array.  Now $_POST[email] becomes $email 
  extract($_POST);
  //  This function to clean the input string...
  ControlContent($email);

  //  Now that the strings are clean you can insert them into your database.

  //  After inserting the data close Mysql connection and exit script.
mysql_close();
exit();
?>
Reply With Quote  
Forums | Blogs | Tutorials | Code Snippets | Whitepapers | RSS Feeds | Advertising
All times are GMT -4. The time now is 9:51 am.
Newsletter Archive - Sitemap - Privacy Statement - Contact Us
Forum system based on vBulletin Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
©2003 - 2008 DaniWeb® LLC