Forum Moderators: coopster
In this example i want to encrypt/make invisible the form action part
<form action="storyinsert_d.php" method="post">
<input type="hidden" name="views" value="0" />
<input type="hidden" name="break" value="0" />
<input type="hidden" name="trusted" value="0" /><input type="hidden" name="time" value="1187072369" />
<input type="hidden" name="ip" value="127.0.0.1" />
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Add/Remove child: Javascript</title></head>
<body>
<form action="storyinsert_d.php" method="post">
Titletext: <input type="text" name="titletext" /><br>
Subject: <input type="text" name="subject" /><br>
Maintext: <TEXTAREA NAME="maintext" ROWS="10", COLS="30">Your data</TEXTAREA><br>
Moral: <input type="text" name="moral" /><br>
Category: <select name="catid">
<option value="1">Chocolate Pie</option>
<option value="2">It's Him</option>
<option value="3">Mixed Bag</option>
<option value="4">Director's Cut</option>
</select><br>
Choose The Mood:
<input type="radio" name="mood" value="Cheerful" checked> Cheerful <input type="radio" name="mood" value="Confused"> Confused <input type="radio" name="mood" value="Sad"> Sad <input type="radio" name="mood" value="Anxious"> Anxious <input type="radio" name="mood" value="Laughing"> Laughing
<input type="radio" name="mood" value="Surprised"> Surprised<br>
<input type="submit" />
<input type="hidden" name="year" value="2007" />
<input type="hidden" name="month" value="8" />
<input type="hidden" name="views" value="0" />
<input type="hidden" name="break" value="0" />
<input type="hidden" name="trusted" value="0" />
<input type="hidden" name="time" value="1187072369" />
<input type="hidden" name="ip" value="127.0.0.1" />
</form>
</body>
</html>
Habtom
mysql_select_db("mysql", $con);
$time=strtotime("now");
$ip=<?php echo $_SERVER['REMOTE_ADDR'];?>
$sql="INSERT INTO phpnews_news (ip,mood, time, month, year, subject, titletext, maintext, views, break, catid, trusted)
VALUES
('$_POST[ip]','$_POST[mood]','$_POST[time]','$_POST[month]','$_POST[year]', '$_POST[subject]','$_POST[titletext]','$_POST[maintext]','0','0','$_POST[catid]' '0')";
Is this how you want me to add the ip, time and the trusted values directly pls see the syntax. I tried it gave me error. please tell me the syntax.i want to assign ip variable the value of the ip address
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "Article added on ";
echo date('l dS F Y h:i:s A');
echo " from ";
echo $_SERVER['REMOTE_ADDR'];
mysql_close($con)
?>
[edited by: kkonline at 4:27 pm (utc) on Aug. 14, 2007]
[edited by: dreamcatcher at 7:47 am (utc) on Aug. 17, 2007]
[edit reason] Fixed side scroll. [/edit]
$ip=<?php echo $_SERVER['REMOTE_ADDR'];?>You already have the php open and close tags. Try this:
$ip=$_SERVER['REMOTE_ADDR'];
Also, make sure the escape the variables within your query using mysql_real_escape_string [php.net]().
>> s this how you want me to add the ip and the trusted values directly
Yes, more or less :)
$year = date("c"); PHP5 will give 2004-02-12T15:19:21+00:00
As there are lots of options check out [uk3.php.net...] for the full list of commands.
<?php
$token = md5(uniqid(rand(), TRUE));
$_SESSION['token'] = $token;
$_SESSION['token_timestamp'] = time();
?>
<form action="/post.php" method="POST">
<input type="hidden" name="token" value="<?php echo $token;?>" />
<p>Subject: <input type="text" name="subject" /></p>
<p>Message: <textarea name="message"></textarea></p>
<p><input type="submit" value="Add Post" /></p>
</form>
Then when you get to your validation page include this.
if ($_POST['token']!= $_SESSION['token']) {
echo "Invalid data!";
exit;
}
$token_age = time() - $_SESSION['token_time'];
if ($token_age >= LOGIN_TIME_LIMIT) {
// time limit can be set here as number instead
// of LOGIN_TIME_LIMIT define, such as 60*10
exit;
}
Is the above code correct?
