Posts by cereal

Do you mean the html code for my menu?

Yes and also the CSS and the Javascript part. Anyway I've attached a test page based on your code pasted here. Looking at the CSS I see a relevant difference between the file currently online and the version pasted here. Which we should consider? The version you pasted here works fine. Just check the example page attached or test this code (which is the same):

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <title>Chamber</title>
    <base href="http://www.ofallonchamber.com/" />
    <script type="text/javascript" src="/SpryAssets/SpryMenuBar.js"></script>
    <style>
    /* The outermost container of the Menu Bar, an auto width box with no margin or padding */

    ul.MenuBarHorizontal

    {
        cursor: default;
        white-space: nowrap;
        display: inline;
        position: relative;
        list-style-type: none;
        font-size: 100%;
        padding: 0px;
        margin-top: auto;
        margin-right: 0px;
        margin-bottom: auto;
        margin-left: 0px;
        clear: none;
        float: left;
        width: auto;
        height: auto;
    }
    /* Set the active Menu Bar with this class, currently setting z-index to accomodate IE rendering bug: http://therealcrisp.xs4all.nl/meuk/IE-zindexbug.html */
    ul.MenuBarActive
    {
        z-index: 1000;
    }
    /* Menu item containers, position children relative to this container and are a fixed width */
    ul.MenuBarHorizontal li 
    {
        text-align: left;
        cursor: default;
        font-family: "Trebuchet MS", Arial, Helvetica, sans-serif, Biondi;
        font-weight: bolder;
        font-style: normal;
        font-size: 100%;
        white-space: nowrap;
        display: inline;
        clear: none;
        line-height: 6px;
        border: 2.4px outset #6688B5;
        padding: 0px;
        position: relative;
        margin: 0px;
        float: left;
    }
    /* Submenus should appear below their parent (top: 0) with a higher z-index, but …

Hi, I don't understand the scheme, how it works the relation between id and parent?

If you can upload or paste here a very simplified version of your page (only header and navigation), maybe it will be easier to fix the problem, I've tried my suggestion on your current version and seems to work on Firefox and Chrome, I still didn't tested on Internet Explorer.

Question: which screen resolution are you using?

Hello, use this format:

data-validation-length="45-60"

Example: http://jsfiddle.net/3XYA4/
& docs: http://formvalidator.net/#default-validators_length

It seems we all got down vote, would be nice to know why :)

Hi,

assuming you're using method GET for your form, you need to read the value assigned to $_GET['grupa_select'] and to use it as condition in your select query. So, something like:

$values = array(
    $_GET['grupa_select']
);

$sql = "SELECT * FROM concerts WHERE groupnaziv = ?";

$query = $pdo->prepare($sql);
$query->execute($values);

$result = $query->fetchAll();

foreach($result as $row)
{
    echo $row['mesto'];
    echo $row['datum'];
    echo $row['karte'];
}

Now, when you write:

in database they are called place=mesto, date=datum, and tickets=karte

Do you mean that these are the table or the column names? Please, show us the table structure.

In my example I'm using PDO, because the MySQL API is deprecated and will be removed, I suggest you to read this:

• https://php.net/manual/en/mysqlinfo.api.choosing.php

I see it in the right side of the page, not to the left. Anyway you could add an id to the td tag containing the menu, declare it as position:relative and then set top and left for ul.MenuBarHorizontal basing on the parent position, so:

#mymenu001
{
    position:relative;
}

ul.MenuBarHorizontal
{
    cursor: default;
    width: auto;
    white-space: nowrap;
    display: inline;
    position: absolute;
    list-style-type: none;
    top: 0;
    left:0;
    right: auto;
    bottom: auto;
    font-size: 100%;
    margin: 0px;
    float: none;
    height: auto;
    border-top-width: 0px;
    border-right-width: 0px;
    border-bottom-width: 0px;
    border-left-width: 0px;
    border-top-style: none;
    border-right-style: none;
    border-bottom-style: none;
    border-left-style: none;
    padding: 0px;
}

The HTML part:

<td nowrap="nowrap" id="mymenu001">

Bye!

Hi,

You can use the required attribute:

<form method="post" action="">

    <label for="fruits">Choose an option:</label>

    <select name="fruits" required>

        <option value="">------</option>
        <option value="fujiapple">Apple</option>
        <option value="vanillaorange">Orange</option>
        <option value="pandoracherry">Cherries</option>

    </select>

    <input type="submit" name="submit" value="submit" />
</form>

By adding an empty option the form will not be submitted. You could also add a javascript check, but you will always need a server-side validation: you cannot trust what is sent by the client.

Related post:

• http://www.daniweb.com/web-development/php/threads/474309/registration-using-php#post2072284

Hello, try with:

.dropdown-menu {
    max-height: 450px;
    overflow-y: auto;
    overflow-x: hidden;
}

Source:

• https://github.com/twbs/bootstrap/issues/1989

Hello,

I think the problem is in the cents variable, this is modified after each IF statement, but doing:

cents = cents%0.25;

Will return 0.065 which means 0, so the other statements will return empty. Try:

var calculate_click = function ()
{ 
    var cents = $("cents").value;

    if (cents > 24){
        var quarters = Math.floor(cents/0.25);
        $("quarters").value = quarters
    }

    if (cents > 9){
        var dimes = Math.floor(cents/0.1);
        $("dimes").value = dimes
    }

    if (cents > 4){
        var nickels = Math.floor(cents/0.05);
        $("nickels").value = nickels
    }

    if (cents > 0) {
        var pennies = Math.floor(cents/0.01);
        $("pennies").value = pennies
    }
}

Hope it's helpful, bye!

@faisal

I get both rows, probably you see them on the same line, try to add a separator, for example <br />:

while ($rows = mysql_fetch_array($sql_count))
{
    echo $rows['approved'] . "<br />";
}

Note: the result set is sorted automatically by the IN() function, so it does not matter if you write IN(0,1) or IN(1,0), in both cases will sort 0,1.

Docs: http://dev.mysql.com/doc/refman/5.5/en/comparison-operators.html#function_in

Use group by and count, for example:

select count(approved) from pma where approved in(0,1) group by approved;

live: http://sqlfiddle.com/#!2/f52df/1

You can use their test mode:

• https://stripe.com/docs/testing

bye!

Hello,

you probably want something like this:

<?php

$temps = range(0, 100);

?>

<table>
    <thead>
        <tr>
            <th>Fahrenheit</th>
            <th>Celsius</th>
        </tr>
    </thead>
    <tbody>
        <?php

        if(count($temps) > 0)
        {
            foreach($temps as $F)
            {

                $C = ($F - 32) * 0.55;

                echo "
                <tr>
                    <td>{$F}</td>
                    <td>{$C}</td>
                </tr>
                ";
            }
        }
        else
        {
            echo "
                <tr>
                    <td></td>
                    <td></td>
                </tr>
                ";
        }

        ?>
    </tbody>
    <tfoot>
        <tr>
            <td></td>
            <td></td>
        </tr>
    </tfoot>
</table>

Hi,

the prepare() method requires execute() not query(), so this:

$sql  = "SELECT * FROM user_right WHERE login_id = '$username' and password = '$password'"; 
$stmt = $dbh->prepare($sql); 
$stmt->setFetchMode(PDO::FETCH_ASSOC);
if($stmt = $dbh->query($sql)){
...

Should be:

$values = array(
    $username,
    $password
);

$sql  = "SELECT * FROM user_right WHERE login_id = ? and password = ? limit 1";
$stmt = $dbh->prepare($sql); 
$stmt->execute($values);
$result = $stmt->fetchAll();
$countRows = $dbh->query("SELECT FOUND_ROWS() as total")->fetchColumn();

if($countRows > 0)
{
    foreach($result as $row)
    {
        $_SESSION["username"] = $row['username'];
        $_SESSION["password"] = $row['password']; # to remove
        header("Location:../admin/"); 
    }
}
else
{
    $handleError="user name or password is wrong";
    $_SESSION["errormsg"] = $handleError;  
    header("Location:../notification/errormsg.php"); 
}

Since you're using prepared statement, the query cannot be injected, but the session yes, because you're using:

$username = trim($_POST['username']);

So, it's better to use the result of the query which should be already sanitized and filtered:

$_SESSION["username"] = $row['username'];

also, it's not a good idea to save the password in session, especially if this is not encrypted.

Docs:

• http://www.php.net/manual/en/pdostatement.execute.php

Moving the .sql files is the easiest method. But if you encounter such problems there's must be something that interferes with your action.

Have you checked the error log of MySQL?

Can you access the database directory in your server? If yes, you should see infracom_links.ibd and infracom_links.frm by manually removing them you should be able to create the table.

Also this seems related to your problem:

• http://bugs.mysql.com/bug.php?id=66211
• https://dev.mysql.com/doc/refman/5.6/en/innodb-troubleshooting-datadict.html

The problem seems to be the same of the previous, but it targets a different table. If so it does not seem to be a syntax error.

Can you explain us how do you export and import your SQL files? Are you copying the ibd and frm files as I was supposing in my previous post?

Hi, I understand the table does not exists, I was suggesting to drop it anyway to force the system to delete the data file, or at least to see if this command would make any difference. The problem happens because you have manually moved the .ibd and .frm files to the database directory:

/var/lib/mysql/project_infracom/

But the id of the table will change in the new database and here starts the corruption. The simplest solution is to manually remove the ibd file from the database directory, so remove infracom_admin.ibd and if it still does not work remove also the frm file. And everything should work fine.

If you perform show tables you can probably see infracom_admin, but if you try to do any action the server will reply that it does not exists, in case the frm file is missing, then you not even see the table name in the result set, but the presence of the ibd file blocks any attempt to create the new table.

Check the documentation to understand how you can move the ibd files between databases, until MySQL 5.5 you have to use the RENAME command, starting from MySQL 5.6 these files are managed differently:

• http://dev.mysql.com/doc/refman/5.5/en/innodb-multiple-tablespaces.html
• http://dev.mysql.com/doc/refman/5.6/en/innodb-multiple-tablespaces.html

Take especially attention to the 5.5 link, check the last paragraph Portability Considerations for .ibd Files it explains how to perform these operations.

Regarding \G this is only a method to display the results vertically, when you open a connection to the …

Hi,

drop the table and retry. If it does not work check the status:

show engine innodb status\G

And verify if there are errors, you could also perform check table infracom_admin but this can stop the server, read the documentation before you try. Your issue can happen if you move the data files from a server to another. Refer to:

• https://dev.mysql.com/doc/refman/5.6/en/innodb-migration.html
• https://dev.mysql.com/doc/refman/5.6/en/check-table.html
• https://dev.mysql.com/doc/refman/5.6/en/innodb-monitors.html
• http://www.mysqlperformanceblog.com/2006/07/17/show-innodb-status-walk-through/

But the problem now is. I get the error message: 'Unable to select table.'?

You get that because of:

or die( "<p><span style=\"color: red;\">Unable to select table</span></p>");

To get the real error message use mysql_error() after the query:

$result = mysql_query("INSERT INTO festivals (name, logo, country, city, deadline, date_from, venue, date_to, info_page, web, about, open_for, flag)". "VALUES('NULL','$name', '$logo', '$country', '$city', '$deadline', '$date_from', '$venue',, '$date_to', '$info_page', '$web', '$about', '$open_for', '$flag')") or die(mysql_error());

If you're referring to the datepicker then yes, use dateFormat:

$("#datepicker").datepicker({
    dateFormat: 'dd-mm-yy'
});

Documentation:

• http://api.jqueryui.com/datepicker/#option-dateFormat
• http://api.jqueryui.com/datepicker/#utility-formatDate

And if you add or die(mysql_error()) to mysql_query() do you receive an error?

mysql_query("INSERT INTO festivals (name, logo, country, city, deadline, date_from, place, id, date_to, info, web, about, open_for, flag) VALUES ('$name', 'logo', 'country', '$city', '$deadline', '$date_from', '$place', '$id', '$date_to', '$info', '$web', '$about', '$open_for', '$flag')") or die(mysql_error());

Hi, can you show us your code? Otherwise it not simple to help.

I'm glad you've solved, bye! :)

Download this:

• http://windows.php.net/downloads/qa/test/php-5.3.2-debug-Win32-VC6-x86.zip

Inside you will find the php5apache2.dll file, hope it works! But if you can, I suggest you to upgrade to Apache 2.2. As you have seen it is more supported.

An alternative to avoid the extra query, is to inject the user session with a variable that will log out the user as soon he performs an action.

So, when you go to logoutuser.php, submit the session id of the user instead of the user id, for example:

/logoutuser.php?sid=2ehks4jp50u6s5isv4713l6uk1

And, from there, call a command line script:

<?php

    $sid = $_GET['sid'];
    exec("php destroy.php {$sid}");

    . . .

The destroy.php script will look like:

<?php

    $sid = $argv[1];

    # load user session
    session_id($sid);
    session_start();

    # inject the new value
    $_SESSION['deleteme'] = TRUE;

Now, in the pages accessed by the users, set a filter like this:

<?php

    session_start();

    if(array_key_exists('deleteme', $_SESSION))
    {
        # bye bye
        header('Location: logout.php');
    }

In theory you could destroy the session from the command line script, but it cannot delete the session cookie, that resides in the user's browser. Bye!

Hi, I'm not sure this is the best solution, but if you open the file jquery.poptrox.js, at line 253 you will find:

_caption
    .on('update', function(e, s) {

        if (!s || s.length == 0)
            s = settings.popupBlankCaptionText;

            _caption.html(s);

    });

Change it to:

_caption
    .on('update', function(e, s) {

        if (!s || s.length == 0)
            s = settings.popupBlankCaptionText;

        if(s.indexOf('|') != -1)
        {
            var part = s.split('|');
            var a = $('<a>', {
                text:$.trim(part[0]),
                href:$.trim(part[1])
            });
        }
        else
        {
            var a = s;
        }

        _caption.html(a);

    });

Then in the title attribute of the image tag set the text and the link separated by the pipe character |, so Title|http://mylink.tld/, example:

<img title="Halloween 2013|https://youtu.be/uci_1MYA2J8" src="image.jpg" />

The above modification will check if there is the pipe | character in the title attribute, if this is matched then it will attemp to create a link, otherwise it will return plain-text.

The $.trim() function will remove extra spaces, in case you want to use them near the pipe:

Halloween 2013 | https://youtu.be/uci_1MYA2J8

Note: for the edit I'm referring to the current version of poptrox.js:

• https://github.com/n33/jquery.poptrox

Bye!

I don't have other ideas, try follow the suggestions of this post:

• http://www.cyberciti.biz/tips/troubleshooting-debian-ubuntu-package-upgrades-removals.html

The file to check it should be /var/lib/dpkg/info/vsftpd.postinst and in practice you have to check if there is something like this:

#!/bin/sh -e

Or:

#!/bin/sh

set -e

And in the first case remove -e, in the second remove set -e. If it still does not work, repeat it for all these files:

ls /var/lib/dpkg/info/vsftpd.*

Hope it helps. Bye!

Ok, then check the dpkg log:

sudo less /var/log/dpkg.log

Go to the end of the file, you should find more information about the error. Or try to remove the package directly from the dpkg tool:

sudo dpkg --purge vsftpd

The apt is, in practice, an interface for the dpkg command:

• http://debian-handbook.info/browse/stable/sect.manipulating-packages-with-dpkg.html

Ok,

regarding the dependency issue it could be, if Apache is 2.2 and the library is for Apache 2.0. In this case you need php5apache2_2.dll.

Hi,

what error do you get when you try the above commands? And have you tried to stop the service? For example:

sudo service vsftpd stop
sudo apt-get remove vsftpd

Ok, the LoadModule directive does not require opening and closing tags as < />. So, it should not be:

<LoadModule php5_module "C:/SERVER/PHP/ext/php5apache2.dll" />

But simply:

LoadModule php5_module "C:/SERVER/PHP/ext/php5apache2.dll"

You can place the directive at the end of the httpd.conf file. If instead you want to check if a module is loaded then you can use the IfModule directive, for example:

<IfModule mod_rewrite.c>
    # rules
</IfModule>

Docs:

• http://httpd.apache.org/docs/2.2/mod/mod_so.html#loadmodule
• http://httpd.apache.org/docs/current/mod/core.html#ifmodule

Try to start Apache with the -t argument, this will:

Run syntax tests for configuration files only. The program immediately exits after these syntax parsing tests with either a return code of 0 (Syntax OK) or return code not equal to 0 (Syntax Error). If -D DUMP_VHOSTS is also set, details of the virtual host configuration will be printed. If -D DUMP_MODULES is set, all loaded modules will be printed.

In practice run httpd -t from the command line. Otherwise check if there is the read-only attribute on the php5apache2.dll file, and remove it.

Hi, check the Apache error log, you should find an extended error message, if you have doubts post the errors here.

Add an else statement to stop the script basing on the result of the filter. Here you can redirect it to your previous page or to a specific error page. You can use the session to collect the errors and display them to the redirected page or, in alternative, you can log the errors quietly by using error_log().

As example with a simple redirect:

<?php

$_POST = array_map('trim', $_POST);

if( filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) !== FALSE)
{
    $email = $_POST['email'];
}

else
{
    header("Location: error_page.html");
}

$name = $_POST['name'];
$message = $_POST['message'];
$formcontent="From: $name \n Message: $message";
$recipient = "jadon.mayhew@me.com";
$subject = "Contact Form";
$mailheader = "From: $email \r\n";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
header("Location: emailsent.html");

Another example:

<?php

$email = FALSE;
$_POST = array_map('trim', $_POST);

if( filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) !== FALSE)
{
    $email = $_POST['email'];
}

if($email !== FALSE)
{
    $name = $_POST['name'];
    $message = $_POST['message'];
    $formcontent="From: $name \n Message: $message";
    $recipient = "jadon.mayhew@me.com";
    $subject = "Contact Form";
    $mailheader = "From: $email \r\n";
    mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
    header("Location: emailsent.html");
}
else
{
    header("Location: error_page.html");
}

Or simply:

<?php

$email = $_POST['email'];
if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === FALSE)
{
    header("Location: error_page.html");
}

Or:

<?php

if($email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
{
    $name = $_POST['name'];
    $message = $_POST['message'];
    $formcontent="From: $name \n Message: $message";
    $recipient = "jadon.mayhew@me.com";
    $subject = "Contact Form";
    $mailheader = "From: $email \r\n";
    mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
    header("Location: emailsent.html");
}

else
{
    header("Location: error_page.html");
}

There are many ways to write this. If still in trouble I'll …

Use this:

<?php

$_POST = array_map('trim', $_POST);

if( filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) !== FALSE)
{
    $email = $_POST['email'];
}

$name = $_POST['name'];
$message = $_POST['message'];
$formcontent="From: $name \n Message: $message";
$recipient = "jadon.mayhew@me.com";
$subject = "Contact Form";
$mailheader = "From: $email \r\n";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
header("Location: emailsent.html");
?>

It works. The filter_var function verifies if the $_POST['email'] is a valid email address. This could be false, as example abc@cba.tld but you cannot always verify if a mail is currently active or not.

Regarding this error:

Warning: trim() expects parameter 1 to be string, array given in /home/bdurodjc/public_html/Home/mail.php on line 2

This is due to another error done by me, I tested your script using a string version:

$email = trim($_POST['email']);

But when I wrote the example I translated that to the entire $_POST array, my fault, the correct version needs the implementation of array_map():

$_POST = array_map('trim', $_POST);

The array_map works essentially as a loop, like this:

foreach($_POST as $key => $value)
{
    $_POST[$key] = trim($value);
}

Docs: http://php.net/array_map

Ok, I'm terrible sorry, my further mistake, not two ending parentheses but one:

<?php
    $_POST = trim($_POST);
    if( filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) !== FALSE)
    {
        $email = $_POST['email'];
    }
    $name = $_POST['name'];
    $message = $_POST['message'];
    $formcontent="From: $name \n Message: $message";
    $recipient = "jadon.mayhew@me.com";
    $subject = "Contact Form";
    $mailheader = "From: $email \r\n";
    mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
    header("Location: emailsent.html");
    ?>

Testing the form and the scripts now it works fine.

This is what it happens when I have the flu and under antivirals o_o'

Sorry that's my mistake, in my first example I didn't close the IF statement:

if( filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) !== FALSE)

It should be:

if( filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) !== FALSE))

With two ending parentheses.

I have no idea why the "Send Message" thing is white and not green, like it should be. It seems to have swapped itself, when I hover over it, it goes green, however it's supposed to be the other way around. Nothing changed in the CSS either.

Probably because of this rule:

form input.button,
form input.text,
form select,
form textarea
{
    -webkit-appearance: none;
    display: block;
    border: 0;
    background: #f5f5f5;
    width: 100%;
    padding: 0.75em;
    -moz-transition: background-color 0.35s ease-in-out;
    -webkit-transition: background-color 0.35s ease-in-out;
    -o-transition: background-color 0.35s ease-in-out;
    -ms-transition: background-color 0.35s ease-in-out;
    transition: background-color 0.35s ease-in-out;
}

The form input.button, declaration overrides this one:

.button
{
    position: relative;
    display: inline-block;
    border: 0;
    background: #35b88f;
    color: #fff;
    text-shadow: 0 0 0.5px rgba(255,255,255,0.25);
    cursor: pointer;
    text-decoration: none;
    outline: 0;
    padding: 1em 3em 1em 3em;
    text-align: center;
    border-radius: 3em;
    font-weight: 400;
    -moz-transition: background-color 0.35s ease-in-out, color 0.35s ease-in-out;
    -webkit-transition: background-color 0.35s ease-in-out, color 0.35s ease-in-out;
    -o-transition: background-color 0.35s ease-in-out, color 0.35s ease-in-out;
    -ms-transition: background-color 0.35s ease-in-out, color 0.35s ease-in-out;
    transition: background-color 0.35s ease-in-out, color 0.35s ease-in-out;
}

So just remove the form input.button from that rule and it should work fine.

The CSS issue happens because of:

3) Sort rules with the same importance and origin by specificity of selector: more specific selectors will override more general ones. Pseudo-elements and pseudo-classes are counted as normal elements and classes, respectively.
4) Finally, sort by order specified: if two declarations have the same weight, origin and specificity, the latter specified wins. Declarations …

In addition: the eregi() function is weak, an attacker can submit extra code by using a null byte character. For example:

<?php

    $email = $_GET['email'];

    if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email))
    {
        echo "<strong>$email</strong> is correct";
    }
    else
    {
        echo "<strong>$email</strong> is wrong";
    }

And submit these links:

# first
http://localhost/test.php?email=my@mail.co

# second
http://localhost/test.php?email=my@mail.co%20,another@mail.co

# third
http://localhost/test.php?email=my@mail.co%00,another@mail.co

The first will return true as expected, the second false as expected because we are trying to submit two mails at the same time, the third instead will return true and will allow to insert two emails instead of one.

More information:

• http://projects.webappsec.org/w/page/13246949/Null%20Byte%20Injection

Bye!

Josh suggestion is syntactically correct but you cannot include javascript in the recipient value, i.e. in the first argument of the mail() function.

The above should be:

<?php

    $name = $_POST['name'];
    $email = $_POST['email'];
    $message = $_POST['message'];
    $formcontent="From: $name \n Message: $message";
    $recipient = "jadon.mayhew@me.com";
    $subject = "Contact Form";
    $mailheader = "From: $email \r\n";
    mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
    header("Location: emailsent.html");

?>

My previous suggestion about the filter_var() instead was an example, based on an hypotetical to input field, something like:

<input type="text" name="to" />

So you have to change it to match your form, in your case:

<?php

    $email = FALSE;

    if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) !== FALSE))
    {
        $email = $_POST['email'];
    }

    $name = $_POST['name'];
    $message = $_POST['message'];
    $formcontent="From: $name \n Message: $message";
    $recipient = "jadon.mayhew@me.com";
    $subject = "Contact Form";
    $mailheader = "From: $email \r\n";
    mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
    header("Location: emailsent.html");

    ?>

If it does not validate then apply the trim() function to $_POST['email'] or simply test an hardcoded email:

if(filter_var('your@mail.tld', FILTER_VALIDATE_EMAIL) !== FALSE))
{
    echo 'The mail is correct';
}

This will validate:

$email = 'your@mail.tld';

This instead it will not:

$email = ' your@mail.tld';

Because of the extra space, so if you want to apply trim, at the top of the script place:

$_POST = trim($_POST);

Complete example:

<?php

    $email = FALSE;
    $_POST = trim($_POST);

    if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) !== FALSE))
    {
        $email = $_POST['email'];
    }

    $name = $_POST['name'];
    $message = $_POST['message'];
    $formcontent="From: $name \n Message: $message";
    $recipient = "jadon.mayhew@me.com";
    $subject …

Hi, check my previous updated answer, i.e. remove the Javascript code from the PHP block and it should work fine.

Can you show the updated code? Currently it seems that the javascript code is still in the PHP block, as example:

<?php

$recipient = "jadon.mayhew@me.com";

/* <![CDATA[ */
(function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
/* ]]> */

The var keyword in the Javascript code, will generate your error, but only because the engine is trying to interpretate the Javascript as PHP, so remove the Javascript from there, if you want to validate the email, use the filter_var() function:

if( filter_var($_POST['to'], FILTER_VALIDATE_EMAIL) !== FALSE)
{
    $email = $_POST['to'];
}

Docs:

• http://php.net/filter_var
• http://us3.php.net/manual/en/tokens.php

Hi,

you cannot submit javascript as recipient, so this:

$recipient = "jadon.mayhew@me.com<script type="text/javascript">
/* <![CDATA[ */
(function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
/* ]]> */
</script>";

must be:

$recipient = "jadon.mayhew@me.com";

check the available formats for the first argument of the mail() function:

• http://www.php.net/manual/en/function.mail.php

So, you want to compare the string that you want to insert into table B against the values in table A, if they match then the insert should go fine, otherwise you want to insert the value into table C. Correct?

If I'm not wrong, a trigger cannot stop the insert statement, unless you use SIGNAL with MySQL 5.5+, but this will cause an error.

You could use procedure instead of the insert & trigger events, so instead of:

insert into tableB (value) values('oranges');

it will be something like:

call matchAB('oranges');

And from there you decide where to insert the value.

Hi,

please can you explain better the relations between these three tables and the conditions that you want to use to insert the data? Right now I do not understand much.

Yes, you can use the linefeed character \n:

update table1 set color = concat_ws('\n', color, 'lime') where id = XX;

But from a usable point of view, a comma separated list is easier to manipulate, for example in PHP with explode() to get an array or with str_replace() to get a string:

print_r(explode(',' $row['color']);
echo str_replace(',', '<br />', $row['color']);

And you can also use the FIND_IN_SET() function of MySQL:

• http://dev.mysql.com/doc/refman/5.5/en/string-literals.html
• http://dev.mysql.com/doc/refman/5.5/en/string-functions.html#function_find-in-set

Consider also JorgeM post, which is a far more flexible solution. Bye!

Hi!

You can use concat_ws() to add content to a string, for example:

update table1 set color = concat_ws(',', color, 'green') where id = XX;

Full example:

> create table table1 (
    id int unsigned auto_increment primary key not null,
    color varchar(255) not null,
    food varchar(255) not null);

> insert into table1 (id, color, food) values(1, 'red,green','rice');

> select * from table1;
+----+-----------+------+
| id | color     | food |
+----+-----------+------+
|  1 | red,green | rice |
+----+-----------+------+
1 row in set (0.00 sec)

> update table1 set color = concat_ws(',', color, 'blue') where id = 1;

> select * from table1;
+----+----------------+------+
| id | color          | food |
+----+----------------+------+
|  1 | red,green,blue | rice |
+----+----------------+------+
1 row in set (0.00 sec)

Regarding the insert query, this can support a subquery in which you can create the conditional statements, but in this case this is not the correct solution to update an existing value, because it will always add a new row, for example:

> insert into table1 (color) select concat_ws(',', color, 'orange') as color from table1 where id = 1;

> select * from table1;
+----+-----------------------+------+
| id | color                 | food |
+----+-----------------------+------+
|  1 | red,green,blue        | rice |
|  2 | red,green,blue,orange |      |
+----+-----------------------+------+
2 rows in set (0.00 sec)

And since the id column is a primary key, if you remove the auto_increment it will still produce an error for duplicate key.

The alternative …

I've used this a couple of times:

• http://dev.umpirsky.com/list-of-all-countries-in-all-languages-and-all-data-formats/

If the undefined index message is related to the $_POST variables it is because when you normally open a page you execute a GET request, when you submit the form, instead, you perform a POST request and only in this case the $_POST array is populated.

So from:

$name = $_POST['name'];

You will get:

Notice: Undefined index: name ...

In order to stop this you can place an IF statement checking if the $_POST array is true:

if($_POST)
{
    $name = $_POST['name'];
    $email = $_POST['email'];
    $message = $_POST['message'];
    $from = 'From: Demo'; 
    $to = 'info@domain.com'; 
    $subject = 'Hello';
    $human = $_POST['human'];
    $body = "From: $name\n E-Mail: $email\n Message:\n $message";
    if ($_POST['submit'] && $human == '4') {                 
        if (mail ($to, $subject, $body, $from)) { 
        echo '<p>Your message has been sent!</p>';
    } else { 
        echo '<p>Something went wrong, go back and try again!</p>'; 
    } 
    } else if ($_POST['submit'] && $human != '4') {
    echo '<p>You answered the anti-spam question incorrectly!</p>';
    }
}