1 2 Previous Next 53 Replies Latest reply: Jan 24, 2014 8:04 AM by osgood_ RSS

    php problem

    streetwitch Community Member

      I created this page using Dreamweaver, and following a php tutorial (thanks, David Powers).  I'm not at all experienced with writing php and have run into problems trying to incorporate a recaptcha spam check.  I've used the check successfully with forms which call a separate script, but need to incorporate the code on the actual page in this case and can't get it to work.

       

      Can anyone help?

       

      Here's the page:  http://www.ukcountryradio.com/vote_artist2.php

       

      And here's the php - I've included all of it so there's quite a lot...  The page works correctly apart from the recaptcha check.

       

      Thanks,

       

      SW

       

       

      <?php require_once('Connections/ukcr.php'); ?>

      <?php

      if (!function_exists("GetSQLValueString")) {

      function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")

      {

        if (PHP_VERSION < 6) {

          $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

        }

       

        $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

       

        switch ($theType) {

          case "text":

            $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

            break;   

          case "long":

          case "int":

            $theValue = ($theValue != "") ? intval($theValue) : "NULL";

            break;

          case "double":

            $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";

            break;

          case "date":

            $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

            break;

          case "defined":

            $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

            break;

        }

        return $theValue;

      }

      }

       

      mysql_select_db($database_ukcr, $ukcr);

      $today = date('l');

      $query_schedules = "SELECT `day`, `time`, short_title, presenter FROM schedules WHERE day='{$today}' AND time > '0700' ORDER BY time, short_title ASC";

      $schedules = mysql_query($query_schedules, $ukcr) or die(mysql_error());

      $row_schedules = mysql_fetch_assoc($schedules);

      $totalRows_schedules = mysql_num_rows($schedules);

       

      $errorurl = "http://www.ukcountryradio.com/error.php" ;

      $my_recaptcha_private_key = '6LdAFb0SAAAAAP5qTVqEAfoycaImqp7-koT8tWlK' ;

       

      $editFormAction = $_SERVER['PHP_SELF'];

      if (isset($_SERVER['QUERY_STRING'])) {

        $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

      }

       

      if (strlen( $my_recaptcha_private_key )) {

                      require_once( 'recaptchalib.php' );

                      $resp = recaptcha_check_answer ( $my_recaptcha_private_key, $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field'] );

      }

       

      if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist")) {

        $insertSQL = sprintf("INSERT INTO vote_artist (`name`, `email`, artist, REMOTE_ADDR) VALUES (%s, %s, %s, %s)",

      GetSQLValueString($_POST['name'], "text"),

      GetSQLValueString($_POST['email'], "text"),

      GetSQLValueString($_POST['artist'], "text"),

                                                                                         GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"));

       

      mysql_select_db($database_ukcr, $ukcr);

        $Result1 = mysql_query($insertSQL, $ukcr) or die(mysql_error());

       

        $insertGoTo = "vote_thanks_artist.php";

        if (isset($_SERVER['QUERY_STRING'])) {

          $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

          $insertGoTo .= $_SERVER['QUERY_STRING'];

        }

      header(sprintf("Location: %s", $insertGoTo));

      }

      ?>

        • 1. Re: php problem
          Rick Gerard MVP

          I went to your page, cast a vote, and everything appeared to work. What is your problem? Is it that the votes are not being counted? The captcha is working and pointing me to the success your vote has counted page.

          • 2. Re: php problem
            streetwitch Community Member

            Hi, the page is working correctly apart from the captcha - the votes are being counted correctly.  If you input the voting details you can skip the captcha, and get taken straight to the success page.  I really need the captcha to work.  Any idea what might be wrong with my code?

            • 3. Re: php problem
              Rick Gerard MVP

              Nope. FYI I use a hidden text field instead go capcha because IMHO it is more secure and much more friendly than any other system. I have had capcha forms hacked several times. They become a target because it's obvious what kind of protection you are using.

               

              A normal text field moved way off the page by CSS and a standard id type will be filled in by a spambot then some simple php will redirect the bot to a phony thank you page and kill the post at the same time.

              • 4. Re: php problem
                streetwitch Community Member

                Yes, that does sound better.  Could you let me have the code?  I'm really not very experienced with php and would appreciate the help,

                 

                Thanks

                 

                SW

                • 5. Re: php problem
                  MurraySummers ACP/MVPs

                  If you have this CSS -

                   

                  <style type="text/css">

                  #address2 { left:-999px; top:-999px; }

                  </style>

                   

                  And this field in your form -

                   

                  <input type="text" id="address2" name="address2" value="">

                   

                  Then the field would be invisibly placed 999px to the left and 999px above the page (use left and above since they won't generate scrollbars). A spam bot will see that field as part of the form, though and will fill it in. SO your PHP would just check to see if the field value is still null, and if it isn't then you must have a bot submission, for example -

                   

                  <?php

                   

                  if (array_key_exists('submit', $_POST)) {

                   

                  if ($_POST['address2'] == '') {

                       /* continue with your processing - it's safe */

                  } else {

                       /* got a bot */

                       header("Location: http://www.example.com/botpage.php");

                  }

                  }

                  ?>

                   

                  Get it?

                  • 6. Re: php problem
                    MurraySummers ACP/MVPs

                    This code assumes your form has a submit button named "submit"!

                    • 7. Re: php problem
                      streetwitch Community Member

                      Yes - the css is no problem, and I think I understand the php.  It's a nice neat bit of code.

                       

                      I'll give it a go - thanks very much. 

                      • 8. Re: php problem
                        MurraySummers ACP/MVPs

                        Good luck!

                        • 9. Re: php problem
                          Rick Gerard MVP

                          Murray's code is almost identical to mine. The only difference is that I have a specific time generated hashed placeholder in the text field that css pushes off the page and if 8 seconds have not passed since the page was opened the error is thrown and the bot is sent to a phony thank you page that looks just like the real one. Nobody can fill in the form in less than 10 seconds but a bot will do it in a few milliseconds...

                          • 10. Re: php problem
                            streetwitch Community Member

                            HI Murray

                             

                            I thought I understood this but I can't for some reason get the php to work - I've made the input field visible so that I can test it, but if I populate it, the rest of the php still runs and the database is updated.  I suspect that I may be putting the code in the wrong place, but have tried it in several places with no success.

                             

                            Can you help?

                             

                            Here's all the code again, with the new part in bold,

                             

                            Thanks

                             

                            SW

                             

                            <?php require_once('Connections/ukcr.php'); ?>

                            <?php

                            if (!function_exists("GetSQLValueString")) {

                            function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")

                            {

                              if (PHP_VERSION < 6) {

                                $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

                              }

                             

                              $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

                             

                              switch ($theType) {

                                case "text":

                                  $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

                                  break;   

                                case "long":

                                case "int":

                                  $theValue = ($theValue != "") ? intval($theValue) : "NULL";

                                  break;

                                case "double":

                                  $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";

                                  break;

                                case "date":

                                  $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

                                  break;

                                case "defined":

                                  $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

                                  break;

                              }

                              return $theValue;

                            }

                            }

                             

                            mysql_select_db($database_ukcr, $ukcr);

                            $today = date('l');

                            $query_schedules = "SELECT `day`, `time`, short_title, presenter FROM schedules WHERE day='{$today}' AND time > '0700' ORDER BY time, short_title ASC";

                            $schedules = mysql_query($query_schedules, $ukcr) or die(mysql_error());

                            $row_schedules = mysql_fetch_assoc($schedules);

                            $totalRows_schedules = mysql_num_rows($schedules);

                             

                            $editFormAction = $_SERVER['PHP_SELF'];

                             

                            if (isset($_SERVER['QUERY_STRING'])) {

                              $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

                            }

                             

                            if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist")) {

                              $insertSQL = sprintf("INSERT INTO vote_artist (`name`, `email`, artist, REMOTE_ADDR) VALUES (%s, %s, %s, %s)",

                                                   GetSQLValueString($_POST['name'], "text"),

                                                   GetSQLValueString($_POST['email'], "text"),

                                                   GetSQLValueString($_POST['artist'], "text"),

                                                   GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"));

                             

                              mysql_select_db($database_ukcr, $ukcr);

                              $Result1 = mysql_query($insertSQL, $ukcr) or die(mysql_error());

                             

                            if (array_key_exists('submit', $_POST)) {

                            if ($_POST['address2'] == '') {

                                 /* continue with your processing - it's safe */

                            } else {

                                 /* got a bot */

                                 header("Location: http://www.ukcountryradio.com/botpage.php");

                            }

                            }

                             

                              $insertGoTo = "vote_thanks.php";

                              if (isset($_SERVER['QUERY_STRING'])) {

                                $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

                                $insertGoTo .= $_SERVER['QUERY_STRING'];

                              }

                              header(sprintf("Location: %s", $insertGoTo));

                            }

                            ?>

                             

                            Then this - at the end of the page:

                            <?php

                             

                            mysql_free_result($schedules);

                            ?>

                            • 11. Re: php problem
                              MurraySummers ACP/MVPs

                              This is on an insert page not a 'submit' page, so you can just duplicate the code already there to test if the insert button has been clicked -

                               

                              if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist")) {

                              if ($_POST['address2'] == '') {

                                   /* continue with your processing - it's safe */

                              } else {

                                   /* got a bot */

                                   header("Location: http://www.ukcountryradio.com/botpage.php");

                              }

                              }



                              • 12. Re: php problem
                                streetwitch Community Member

                                Thanks - not sure though where I should put the code? Tried putting it in the same place but its still not working.  Sorry - I reckon that there is something really obvious here that I'm not doing.

                                 

                                Can you advise?

                                • 13. Re: php problem
                                  Dsarchy Community Member

                                  Using the code already posted :

                                  <?php

                                   

                                  if (array_key_exists('submit', $_POST)) {

                                   

                                  //changed this - use isempty() as it will return 0 even if the variable is "" or 0;

                                  if (isempty($_POST['address2'])) {

                                      

                                           /* YOUR CODE GOES HERE -

                                              this part of the code will only execute if the above is true, or in this case address2 is empty */

                                   

                                  } else {

                                   

                                       /*BOT CODE : $_POST['address2'] wasn't empty so we have a bot and need to exit/redirrect. */

                                   

                                      header("Location: http://www.example.com/botpage.php");

                                   

                                  }

                                  }

                                  ?>

                                  • 14. Re: php problem
                                    MurraySummers ACP/MVPs

                                    Let's see the PHP you have now, please.

                                    • 15. Re: php problem
                                      streetwitch Community Member

                                      Darn, now I'm starting to get confused.  Suspect I have not done what you intended, as now the form doesn't work at all.

                                       

                                      Here's the code - thanks

                                       

                                      <?php require_once('Connections/ukcr.php'); ?>

                                      <?php

                                      if (!function_exists("GetSQLValueString")) {

                                      function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")

                                      {

                                        if (PHP_VERSION < 6) {

                                          $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

                                        }

                                       

                                        $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

                                       

                                        switch ($theType) {

                                          case "text":

                                            $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

                                            break;   

                                          case "long":

                                          case "int":

                                            $theValue = ($theValue != "") ? intval($theValue) : "NULL";

                                            break;

                                          case "double":

                                            $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";

                                            break;

                                          case "date":

                                            $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

                                            break;

                                          case "defined":

                                            $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

                                            break;

                                        }

                                        return $theValue;

                                      }

                                      }

                                       

                                      mysql_select_db($database_ukcr, $ukcr);

                                      $today = date('l');

                                      $query_schedules = "SELECT `day`, `time`, short_title, presenter FROM schedules WHERE day='{$today}' AND time > '0700' ORDER BY time, short_title ASC";

                                      $schedules = mysql_query($query_schedules, $ukcr) or die(mysql_error());

                                      $row_schedules = mysql_fetch_assoc($schedules);

                                      $totalRows_schedules = mysql_num_rows($schedules);

                                       

                                      $editFormAction = $_SERVER['PHP_SELF'];

                                       

                                      if (isset($_SERVER['QUERY_STRING'])) {

                                        $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

                                      }

                                       

                                      if (array_key_exists('submit', $_POST)) {

                                      //changed this - use isempty() as it will return 0 even if the variable is "" or 0;

                                      if (isempty($_POST['address2'])) {

                                               /* YOUR CODE GOES HERE -

                                       

                                                  this part of the code will only execute if the above is true, or in this case address2 is empty */

                                       

                                      if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist")) {

                                        $insertSQL = sprintf("INSERT INTO vote_artist (`name`, `email`, artist, REMOTE_ADDR) VALUES (%s, %s, %s, %s)",

                                                             GetSQLValueString($_POST['name'], "text"),

                                                             GetSQLValueString($_POST['email'], "text"),

                                                             GetSQLValueString($_POST['artist'], "text"),

                                                             GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"));

                                       

                                        mysql_select_db($database_ukcr, $ukcr);

                                        $Result1 = mysql_query($insertSQL, $ukcr) or die(mysql_error());

                                       

                                        $insertGoTo = "vote_thanks.php";

                                        if (isset($_SERVER['QUERY_STRING'])) {

                                          $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

                                          $insertGoTo .= $_SERVER['QUERY_STRING'];

                                        }

                                        header(sprintf("Location: %s", $insertGoTo));

                                      }

                                       

                                      } else {

                                           /*BOT CODE : $_POST['address2'] wasn't empty so we have a bot and need to exit/redirrect. */

                                          header("Location: http://www.ukcountryradio.com/botpage.php");

                                      }

                                      }

                                      ?>

                                      • 16. Re: php problem
                                        MurraySummers ACP/MVPs

                                        Show us your form code, please (the HTML).

                                        • 17. Re: php problem
                                          streetwitch Community Member

                                            <form method="POST" action="<?php echo $editFormAction; ?>">

                                              <table border="0" cellpadding="8" cellspacing="8" summary="contacts form">

                                          <tr>

                                            <td><label>Name</label>:</td><td><span id="sprytextfield1">

                                            <input name="name" type="text" size="65" maxlength="40" />

                                            <span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldMinCharsMsg">Minimum number of characters not met.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span></span></td></tr>

                                          <tr>

                                            <td><label>Email</label>:</td><td><span id="sprytextfield2">

                                            <input type="text" name="email" size="65" />

                                            <span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldInvalidFormatMsg">Invalid email address format.</span><span class="textfieldMinCharsMsg">Minimum number of characters not met.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span></span></td></tr>

                                          <tr>

                                            <td><label>Artist</label>:</td><td><span id="sprytextfield3">

                                            <input type="text" name="artist" size="65" />

                                            <span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span></span></tr>

                                           

                                          <tr><td><input type="text" id="address2" name="address2" value="" /></td></tr>

                                          <tr>

                                           

                                          <td align="center" colspan="2">

                                           

                                              <input type="submit" name="insert" id="insert" value="submit" />

                                           

                                            <input type="hidden" name="MM_insert" value="vote_artist" />

                                           

                                          </td>

                                          </tr>

                                          </table>

                                          </form>

                                          • 18. Re: php problem
                                            MurraySummers ACP/MVPs

                                            Change this -

                                             

                                            if (array_key_exists('submit', $_POST)) {

                                            ...everything else to the bottom of the PHP block

                                             

                                            to this -

                                             

                                            if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist")) {

                                            /* only executes if form has been submitted */

                                                 if( isempty($_POST['address2'])) {

                                                      /* not a bot */

                                                 } else {

                                                           /* got a bot */

                                                           /*BOT CODE : $_POST['address2'] wasn't empty so we have a bot and need to exit/redirect. */

                                                           header("Location: http://www.ukcountryradio.com/botpage.php");

                                                           exit();

                                                 }

                                            $insertSQL = sprintf("INSERT INTO vote_artist (`name`, `email`, artist, REMOTE_ADDR) VALUES (%s, %s, %s, %s)",

                                                                   GetSQLValueString($_POST['name'], "text"),

                                                                   GetSQLValueString($_POST['email'], "text"),

                                                                   GetSQLValueString($_POST['artist'], "text"),

                                                                   GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"));

                                             

                                              mysql_select_db($database_ukcr, $ukcr);

                                              $Result1 = mysql_query($insertSQL, $ukcr) or die(mysql_error());

                                             

                                              $insertGoTo = "vote_thanks.php";

                                              if (isset($_SERVER['QUERY_STRING'])) {

                                                $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

                                                $insertGoTo .= $_SERVER['QUERY_STRING'];

                                              }

                                              header(sprintf("Location: %s", $insertGoTo));

                                            }

                                             

                                            That should work.

                                            • 19. Re: php problem
                                              Dsarchy Community Member

                                              if ( isempty ( $_POST['address2'] )) {

                                                        /* not a bot */

                                              } else {

                                                             /* got a bot */

                                                             /*BOT CODE : $_POST['address2'] wasn't empty so we have a bot and need to exit/redirect. */

                                                             header("Location: http://www.ukcountryradio.com/botpage.php");

                                                             exit();

                                              }

                                               

                                              If your not going to wrap code inside the IF/ELSE condition it could be inverted to NOT by using - ! - you could then leave out the ELSE statement

                                               

                                              //IF address2 is NOT empty

                                              if ( ! isempty ( $_POST['address2'] )) {

                                               

                                                //redirrect the page

                                                header("Location: http://www.ukcountryradio.com/botpage.php");

                                               

                                                //Stop any further PHP from executing, even if the header redirrect doesn't work

                                                exit();

                                              }

                                               

                                               

                                              Might be easier to understand whats happening.

                                              • 20. Re: php problem
                                                MurraySummers ACP/MVPs

                                                Yes.

                                                • 21. Re: php problem
                                                  streetwitch Community Member

                                                  Thanks - done, but now its coming up with a fatal error: 

                                                  Fatal error:  Call to undefined function isempty() in /homepages/18/d238009569/htdocs/vote_artist2.php on line 51

                                                   

                                                  Line 51 is:  if( isempty($_POST['address2'])) {

                                                   


                                                  • 22. Re: php problem
                                                    osgood_ MVP

                                                    Just to butt in and confuse mattters why are we placing the field off to the left of the page with css when you could just hide it?

                                                     

                                                    <input type="hidden" id="address2">

                                                    • 23. Re: php problem
                                                      osgood_ MVP

                                                      streetwitch wrote:

                                                       

                                                      Thanks - done, but now its coming up with a fatal error: 

                                                      Fatal error:  Call to undefined function isempty() in /homepages/18/d238009569/htdocs/vote_artist2.php on line 51

                                                       

                                                      Line 51 is:  if( isempty($_POST['address2'])) {

                                                       


                                                      No such thing as 'is' should be:

                                                       

                                                      if(!empty($_POST['address2'])) {

                                                       

                                                      }

                                                      • 24. Re: php problem
                                                        streetwitch Community Member

                                                        Thanks very much - that's got rid of the fatal error, but the code still isn't working - when I input something into the field to test it, it still updates the database and goes to the correct thankyou page, not the spoof bot page.

                                                         

                                                        If you have a go with http://www.ukcountryradio.com/vote_artist2.php you should see what I mean.

                                                         

                                                        SW

                                                        • 25. Re: php problem
                                                          streetwitch Community Member

                                                          Forgot to say - the address2 field is the unlabelled one at the bottom of the form,

                                                           

                                                          Thanks by the way to everyone for the help with this - its much appreciated,

                                                           

                                                          SW

                                                          • 26. Re: php problem
                                                            osgood_ MVP

                                                            Try amending the bottom section of the php script to as below. The script should stop running IF address2 form field has been filled out.

                                                             

                                                             

                                                            if(!empty($_POST['address2'])) {

                                                            exit;

                                                            }

                                                            else ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist")) {

                                                              $insertSQL = sprintf("INSERT INTO vote_artist (`name`, `email`, artist, REMOTE_ADDR) VALUES (%s, %s, %s, %s)",

                                                            GetSQLValueString($_POST['name'], "text"),

                                                            GetSQLValueString($_POST['email'], "text"),

                                                            GetSQLValueString($_POST['artist'], "text"),

                                                                                                                                                GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"));

                                                             

                                                            mysql_select_db($database_ukcr, $ukcr);

                                                              $Result1 = mysql_query($insertSQL, $ukcr) or die(mysql_error());

                                                             

                                                              $insertGoTo = "vote_thanks_artist.php";

                                                              if (isset($_SERVER['QUERY_STRING'])) {

                                                                $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

                                                                $insertGoTo .= $_SERVER['QUERY_STRING'];

                                                              }

                                                            header(sprintf("Location: %s", $insertGoTo));

                                                            }

                                                            ?>

                                                            • 27. Re: php problem
                                                              osgood_ MVP

                                                              streetwitch wrote:

                                                               

                                                              Forgot to say - the address2 field is the unlabelled one at the bottom of the form,

                                                               

                                                              Thanks by the way to everyone for the help with this - its much appreciated,

                                                               

                                                              SW

                                                              Not sure what you mean 'unlabelled' just needs to be:

                                                               

                                                              <input type="text" name="address2">

                                                               

                                                              Then you can hide it once testing is over:

                                                               

                                                              <input type="hidden" name="address2">

                                                              • 28. Re: php problem
                                                                Dsarchy Community Member

                                                                No such thing as 'is' should be:

                                                                 

                                                                if(!empty($_POST['address2'])) {

                                                                 

                                                                }

                                                                My Bad :3 (java syntax)

                                                                • 29. Re: php problem
                                                                  osgood_ MVP

                                                                  Dsarchy wrote:

                                                                   

                                                                  No such thing as 'is' should be:

                                                                   

                                                                  if(!empty($_POST['address2'])) {

                                                                   

                                                                  }

                                                                  My Bad :3 (java syntax)

                                                                   

                                                                  No worries, I have a lot of brain freeze dealing with so many different aspects of web design. I kind of got heavily into jQuery a couple of weeks ago after avoiding it for several years............now I have trouble remembering which syntax to use for which language I'm writing in.

                                                                  • 30. Re: php problem
                                                                    streetwitch Community Member

                                                                    Looks like there may be a syntax error - its coming up with

                                                                    Parse error:  syntax error, unexpected '{' in /homepages/18/d238009569/htdocs/vote_artist2.php on line 53

                                                                     

                                                                    Which is...    else ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist")) {

                                                                     

                                                                    I don't know enough about this to start guessing at which bits to take out.

                                                                     

                                                                    Thanks!

                                                                    • 31. Re: php problem
                                                                      osgood_ MVP

                                                                      Try the below. I've moved the if/else statment further up the php script:

                                                                       

                                                                       

                                                                       

                                                                       

                                                                      <?php require_once('Connections/ukcr.php'); ?>

                                                                       

                                                                      <?php

                                                                       

                                                                      if (!function_exists("GetSQLValueString")) {

                                                                       

                                                                      function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")

                                                                       

                                                                      {

                                                                       

                                                                        if (PHP_VERSION < 6) {

                                                                       

                                                                          $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

                                                                       

                                                                        }

                                                                       

                                                                       

                                                                       

                                                                        $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

                                                                       

                                                                       

                                                                       

                                                                        switch ($theType) {

                                                                       

                                                                          case "text":

                                                                       

                                                                            $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

                                                                       

                                                                            break;  

                                                                       

                                                                          case "long":

                                                                       

                                                                          case "int":

                                                                       

                                                                            $theValue = ($theValue != "") ? intval($theValue) : "NULL";

                                                                       

                                                                            break;

                                                                       

                                                                          case "double":

                                                                       

                                                                            $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";

                                                                       

                                                                            break;

                                                                       

                                                                          case "date":

                                                                       

                                                                            $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

                                                                       

                                                                            break;

                                                                       

                                                                          case "defined":

                                                                       

                                                                            $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

                                                                       

                                                                            break;

                                                                       

                                                                        }

                                                                       

                                                                        return $theValue;

                                                                       

                                                                      }

                                                                       

                                                                      }

                                                                       

                                                                       

                                                                      if (!empty($_POST['address2'])) {

                                                                      exit;

                                                                      }

                                                                      else {

                                                                      mysql_select_db($database_ukcr, $ukcr);

                                                                       

                                                                      $today = date('l');

                                                                       

                                                                      $query_schedules = "SELECT `day`, `time`, short_title, presenter FROM schedules WHERE day='{$today}' AND time > '0700' ORDER BY time, short_title ASC";

                                                                       

                                                                      $schedules = mysql_query($query_schedules, $ukcr) or die(mysql_error());

                                                                       

                                                                      $row_schedules = mysql_fetch_assoc($schedules);

                                                                       

                                                                      $totalRows_schedules = mysql_num_rows($schedules);

                                                                       

                                                                       

                                                                       

                                                                      $errorurl = "http://www.ukcountryradio.com/error.php" ;

                                                                       

                                                                      $my_recaptcha_private_key = '6LdAFb0SAAAAAP5qTVqEAfoycaImqp7-koT8tWlK' ;

                                                                       

                                                                       

                                                                       

                                                                      $editFormAction = $_SERVER['PHP_SELF'];

                                                                       

                                                                      if (isset($_SERVER['QUERY_STRING'])) {

                                                                       

                                                                        $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

                                                                       

                                                                      }

                                                                       

                                                                       

                                                                       

                                                                      if (strlen( $my_recaptcha_private_key )) {

                                                                       

                                                                                      require_once( 'recaptchalib.php' );

                                                                       

                                                                                      $resp = recaptcha_check_answer ( $my_recaptcha_private_key, $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field'] );

                                                                       

                                                                      }

                                                                       

                                                                       

                                                                       

                                                                      if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist")) {

                                                                       

                                                                        $insertSQL = sprintf("INSERT INTO vote_artist (`name`, `email`, artist, REMOTE_ADDR) VALUES (%s, %s, %s, %s)",

                                                                       

                                                                      GetSQLValueString($_POST['name'], "text"),

                                                                       

                                                                      GetSQLValueString($_POST['email'], "text"),

                                                                       

                                                                      GetSQLValueString($_POST['artist'], "text"),

                                                                       

                                                                                                                                                          GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"));

                                                                       

                                                                       

                                                                       

                                                                      mysql_select_db($database_ukcr, $ukcr);

                                                                       

                                                                        $Result1 = mysql_query($insertSQL, $ukcr) or die(mysql_error());

                                                                       

                                                                       

                                                                       

                                                                        $insertGoTo = "vote_thanks_artist.php";

                                                                       

                                                                        if (isset($_SERVER['QUERY_STRING'])) {

                                                                       

                                                                          $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

                                                                       

                                                                          $insertGoTo .= $_SERVER['QUERY_STRING'];

                                                                       

                                                                        }

                                                                       

                                                                      header(sprintf("Location: %s", $insertGoTo));

                                                                       

                                                                      }

                                                                      }

                                                                       

                                                                      ?>

                                                                      • 32. Re: php problem
                                                                        osgood_ MVP

                                                                        Actually the first post should have worked but seems I missed out a couple of braces (see below the text marked  in red)

                                                                         

                                                                        if(!empty($_POST['address2'])) {

                                                                        exit;

                                                                        }

                                                                        else {

                                                                        if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist")) {

                                                                          $insertSQL = sprintf("INSERT INTO vote_artist (`name`, `email`, artist, REMOTE_ADDR) VALUES (%s, %s, %s, %s)",

                                                                        GetSQLValueString($_POST['name'], "text"),

                                                                        GetSQLValueString($_POST['email'], "text"),

                                                                        GetSQLValueString($_POST['artist'], "text"),

                                                                                                                                                             GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"));

                                                                         

                                                                        mysql_select_db($database_ukcr, $ukcr);

                                                                          $Result1 = mysql_query($insertSQL, $ukcr) or die(mysql_error());

                                                                         

                                                                          $insertGoTo = "vote_thanks_artist.php";

                                                                          if (isset($_SERVER['QUERY_STRING'])) {

                                                                            $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

                                                                            $insertGoTo .= $_SERVER['QUERY_STRING'];

                                                                          }

                                                                        header(sprintf("Location: %s", $insertGoTo));

                                                                        }

                                                                        }

                                                                        ?>

                                                                        • 33. Re: php problem
                                                                          streetwitch Community Member

                                                                          Halleluja!  Yes - that has stopped the script - thankyou so much.  At some stage in all this though the headers for the correct thankyou page and the spoof page for bots have stopped working.  Can you help?

                                                                           

                                                                          I can also see that the original recaptcha code has reappeared - can this safely be deleted?

                                                                           

                                                                          SW

                                                                          • 34. Re: php problem
                                                                            streetwitch Community Member

                                                                            Ooops - your latest post has appeared since I wrote my response.  The code I've implemented is from your post timed at 2.20,

                                                                             

                                                                            Thanks again

                                                                            • 35. Re: php problem
                                                                              osgood_ MVP

                                                                              Try the solution posted 2.38 and see if that works. There might be some php scripting above that which you may need. Yes, you can delete the recaptha php code.....I was just trying to find a complete copy of the php and that was from your first post.

                                                                              • 36. Re: php problem
                                                                                streetwitch Community Member

                                                                                No joy I'm afraid - the code is still stopping the script correctly, but neither of the headers are working.  I can see that the original one to the bot page is missing (I'm not sure how to insert it), but can see that the code for the thankyou page is there.  No idea what to do now - can you help?

                                                                                 

                                                                                Thanks, again

                                                                                • 37. Re: php problem
                                                                                  osgood_ MVP

                                                                                  streetwitch wrote:

                                                                                   

                                                                                  No joy I'm afraid - the code is still stopping the script correctly, but neither of the headers are working.  I can see that the original one to the bot page is missing (I'm not sure how to insert it), but can see that the code for the thankyou page is there.  No idea what to do now - can you help?

                                                                                   

                                                                                  Thanks, again

                                                                                   

                                                                                  Does a record still get inserted into the database if you fill in the required form fields?

                                                                                   

                                                                                  But then you don't get redirected to to the thankyou page?

                                                                                  • 38. Re: php problem
                                                                                    osgood_ MVP

                                                                                    OK try a differnt approach - the antispam field has been amalgamated with the if statement - see below. Not sure if this will work but give it a go and see what happens. What it is saying now is ' if address2 is empty proceed'. If address2 is not empty it should not process the code between the braces.

                                                                                     

                                                                                     

                                                                                     

                                                                                    if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist") && (empty($_POST['address2'])) {

                                                                                     

                                                                                      $insertSQL = sprintf("INSERT INTO vote_artist (`name`, `email`, artist, REMOTE_ADDR) VALUES (%s, %s, %s, %s)",

                                                                                     

                                                                                    GetSQLValueString($_POST['name'], "text"),

                                                                                     

                                                                                    GetSQLValueString($_POST['email'], "text"),

                                                                                     

                                                                                    GetSQLValueString($_POST['artist'], "text"),

                                                                                     

                                                                                                                                                                        GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"));

                                                                                     

                                                                                     

                                                                                     

                                                                                    mysql_select_db($database_ukcr, $ukcr);

                                                                                     

                                                                                      $Result1 = mysql_query($insertSQL, $ukcr) or die(mysql_error());

                                                                                     

                                                                                     

                                                                                     

                                                                                      $insertGoTo = "vote_thanks_artist.php";

                                                                                     

                                                                                      if (isset($_SERVER['QUERY_STRING'])) {

                                                                                     

                                                                                        $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

                                                                                     

                                                                                        $insertGoTo .= $_SERVER['QUERY_STRING'];

                                                                                     

                                                                                      }

                                                                                     

                                                                                    header(sprintf("Location: %s", $insertGoTo));

                                                                                     

                                                                                    }

                                                                                     

                                                                                    ?>

                                                                                    • 39. Re: php problem
                                                                                      osgood_ MVP

                                                                                      Bum - left a ) off the end see marked in red.

                                                                                       

                                                                                      if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist") && (empty($_POST['address2'])))

                                                                                       

                                                                                       

                                                                                       

                                                                                      So the bottom bit of the script should look like:

                                                                                       

                                                                                       

                                                                                      if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "vote_artist") && (empty($_POST['address2']))) {

                                                                                       

                                                                                        $insertSQL = sprintf("INSERT INTO vote_artist (`name`, `email`, artist, REMOTE_ADDR) VALUES (%s, %s, %s, %s)",

                                                                                       

                                                                                      GetSQLValueString($_POST['name'], "text"),

                                                                                       

                                                                                      GetSQLValueString($_POST['email'], "text"),

                                                                                       

                                                                                      GetSQLValueString($_POST['artist'], "text"),

                                                                                       

                                                                                        GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"));

                                                                                       

                                                                                       

                                                                                       

                                                                                      mysql_select_db($database_ukcr, $ukcr);

                                                                                       

                                                                                        $Result1 = mysql_query($insertSQL, $ukcr) or die(mysql_error());

                                                                                       

                                                                                       

                                                                                       

                                                                                        $insertGoTo = "vote_thanks_artist.php";

                                                                                       

                                                                                        if (isset($_SERVER['QUERY_STRING'])) {

                                                                                       

                                                                                          $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

                                                                                       

                                                                                          $insertGoTo .= $_SERVER['QUERY_STRING'];

                                                                                       

                                                                                        }

                                                                                       

                                                                                      header(sprintf("Location: %s", $insertGoTo));

                                                                                       

                                                                                      }

                                                                                       

                                                                                      ?>

                                                                                       

                                                                                       

                                                                                       


                                                                                      1 2 Previous Next