Jump to content


Photo

Shoutbox , ridding SPAM, adding features


  • Please log in to reply
34 replies to this topic

#1 kevinoneill

kevinoneill

    Young Padawan

  • Members
  • Pip
  • 61 posts

Posted 26 July 2006 - 04:58 PM

SKIP TO POST 10 !!!

Below is the code I use for my PHP shoutbox. I can read basic PHP fine, I can read and code basic VBA.
Here's what I need help on. Reply to any you know how to work. ^_^

1. If any word from a list is present in the message, do not send.

2. If more than one URL exists within message, do not send.

Can I do this by creating a variable $msg and checking it with with a string of some sort and check the above?

3. I'd like to submit the msg, without the page reloading.

Using something like this to reload the Div containing the shoutbox results (I use this for a real time clock I coded in JS). Very open to other ideas.

function realtimeclock() { insert code... }
function cycle()
{
if (document.all || document.getElementById)
setInterval("realtimeclock()",1000)
}

window.onload=cycle

I don't understand the while {} loop in my shoutbox results. Can someone explain the code?

ShoutBox Code

<form action="<? echo $php_self ?>" method="post">
<input id="name" type='text' value='' name='name' />
<input type="submit" name="submit" value="Submit" />
<textarea rows="2" cols="35" name='message'></textarea>
</form>

<?
mysql_connect("localhost","xxxx","xxxx");
mysql_select_db("xxxx");

if($submit)
{
putenv('TZ=America/New_York');
$time=date("F j, Y, g:i a", time());

$result=MYSQL_QUERY("INSERT INTO shoutbox (id,name,message,time)".
	  "VALUES ('NULL','$name', '$message','$time')");
}

$result = mysql_query("select * from shoutbox order by id desc limit 40");
while($r=mysql_fetch_array($result))
{		
	$time=$r["time"]; 
	$id=$r["id"];
	$message=$r["message"];
	$name=$r["name"];
?>

<? echo $name ?><br />
<? echo $time ?><br />
<? echo $message ?><br />

<? } ?>

4. I want to install PHP on my computer so I don't have to upload to my site and reload to test things. How can I go about doing this on my Apple.

Thanks Pixel Guys!!

Edited by kevinoneill, 28 July 2006 - 09:07 PM.


#2 coolaid

coolaid

    P2L Jedi Master

  • Members
  • PipPipPipPip
  • 1,435 posts
  • Gender:Male
  • Interests:i wonder..

Posted 26 July 2006 - 05:39 PM

3.

the while loop is simple.
while($r=mysql_fetch_array($result))
{
  /// code
}

your $result got each row in a database.

then the $r = mysql_fetch_array($result) seperates each row so we can distinguish them.

so put "$r = mysql_f...." in awhile loop, and it'll repeat itself for each row that exists.

#3 kevinoneill

kevinoneill

    Young Padawan

  • Members
  • Pip
  • 61 posts

Posted 26 July 2006 - 05:46 PM

Ok, I think that makes sense, I think if I new enough about php coding, I wouldn't do it that way with a a while loop. But I do like how it allows me to type in html for the repeat. I'd prob do a for/until loop using the id increment (if i new how ^_^).

Why is th $r in the

$name=$r["name"];

Why when pulling fromthe db do we have to add the $r variable?

Edited by kevinoneill, 26 July 2006 - 05:48 PM.


#4 Hayden

Hayden

    P2L Jedi

  • Members
  • PipPipPip
  • 717 posts
  • Gender:Male
  • Location:Texas

Posted 26 July 2006 - 06:22 PM

Ok, I think that makes sense, I think if I new enough about php coding, I wouldn't do it that way with a a while loop. But I do like how it allows me to type in html for the repeat. I'd prob do a for/until loop using the id increment (if i new how :P).

Why is th $r in the

$name=$r["name"];

Why when pulling fromthe db do we have to add the $r variable?


the while loop makes it so that it does ALL of the data in the SQL Query,

and the $r is because that's the variable/array it's being fetched into

$r=mysql_fetch_array($result))

it could easily be $gobbilygoop["name"] if you so desired. :P

#5 kevinoneill

kevinoneill

    Young Padawan

  • Members
  • Pip
  • 61 posts

Posted 26 July 2006 - 07:35 PM

Here's where I'm at. I managed to write this much.

$count = substr_count($message, 'href');

if ($count > 2) 
	die ();

Problem is... the die kills the rest of the php on the page, I also had to insert it in after the 'message' has been given the value $message, so the content is already shot to the database before it dies....

I need to know how to assign the text inside my text area named 'message' can be assigned as a variable before being sent to the db, and also preventing the info from being sent to the db with out killing all php on the page...

#6 kevinoneill

kevinoneill

    Young Padawan

  • Members
  • Pip
  • 61 posts

Posted 26 July 2006 - 07:59 PM

Ok this works :P next problem!!

if($submit)
{
	putenv('TZ=America/New_York');
	$time=date("F j, Y, g:i a", time());

	$count = substr_count($message, 'href');
	if ($count < 2) {
	  $result=MYSQL_QUERY("INSERT INTO shoutbox (id,name,message,time)".
	  "VALUES ('NULL','$name', '$message','$time')");
	}

}

Maybe you can help me with my other big issue. When my user submits, then say wants to reload the page to see if someone else wrote anything, you get the pop-up box asking "do you want to submit this data again?". Is there a way around that? This stems from my question #3.

#7 coolaid

coolaid

    P2L Jedi Master

  • Members
  • PipPipPipPip
  • 1,435 posts
  • Gender:Male
  • Interests:i wonder..

Posted 26 July 2006 - 08:25 PM

yep, thers a way to get through this.

first you would make page called redirect.php (or whatever...)

in that, you'd enter the query in that page and then use HTTP_REFERER to redirect back to the original page. eg:

if($submit)
{
	putenv('TZ=America/New_York');
	$time=date("F j, Y, g:i a", time());

	$count = substr_count($message, 'href');
	if ($count < 2) {
	  $result=MYSQL_QUERY("INSERT INTO shoutbox (id,name,message,time)".
	  "VALUES ('NULL','$name', '$message','$time')");
	}

}

$referer = $_SERVER[HTTP_REFERER];
redirect ("Location: $referer");

and in the form the action="" would be "url/to/redirect.php"
that should work

Edited by coolaid, 26 July 2006 - 08:26 PM.


#8 Chaos King

Chaos King

    Senior Programmer

  • P2L Staff
  • PipPipPip
  • 676 posts
  • Gender:Male
  • Location:Florida

Posted 28 July 2006 - 07:44 PM

redirect ("Location: $referer");

Don't you mean:

header ("Location: ".$referer);

Just looking out for yah :)

#9 coolaid

coolaid

    P2L Jedi Master

  • Members
  • PipPipPipPip
  • 1,435 posts
  • Gender:Male
  • Interests:i wonder..

Posted 28 July 2006 - 08:12 PM

heh, actually since it's not a.. what do you call 'em... .. encased variable (the ones that use [ ] )?... it doesn't really matter

Edited by coolaid, 28 July 2006 - 08:26 PM.


#10 kevinoneill

kevinoneill

    Young Padawan

  • Members
  • Pip
  • 61 posts

Posted 28 July 2006 - 09:07 PM

Well I've made alot of progress (ok i lie someone made alot of progress for me) but I'm at a hault because i get the "can't write to db" error down in the code.

What's wrong? I can't find it....

<?php 

	 
	$badwordlist = array("addbadwirdsere","addbadwirdsere","addbadwirdsere","addbadwirdsere"); 

mysql_connect("xxxxx","xxxx","xxxxx");
mysql_select_db("xxxxxx"); 


	if ($_POST['submit']) { 
		putenv('TZ=America/New_York'); 
		$time = date("F j, Y, g:i a", time()); 


		if (substr_count($_POST['message'],'http') < 2) { 
			$tomanylinks = true; 

		}		



		foreach($badwordlist as $badword) { 
			if (strpos($_POST['message'],$badword)) { 
				$badwordfound = true; 
				break;   
			}		
		}		

		if (!$tomanylinks && !$badwordfound) { 
			$result = mysql_query(" 
				INSERT INTO shoutbox ( 
					name, 
					message, 
					time 
				) VALUES ( 
					'{$_POST['name']}', 
					'{$_POST['message']}', 
					'$time' 
				)"); 
		}		

		if ($result) { 
			header("Location: {$_SERVER['PHP_SELF']}"); 
		} else { 
			die("FIRST There was an error adding to the shoutbox"); 
		}		
	 
	} else { 
		echo "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"post\">"; 
		echo "  <input id=\"name\" type=\"text\" name=\"name\" />"; 
		echo "  <input type=\"submit\" name=\"submit\" value=\"Submit\" />"; 
		echo "  <textarea rows=\"2\" cols=\"35\" name=\"message\"></textarea>"; 
		echo "</form>"; 
		if ($result = mysql_query("select * from shoutbox order by id desc limit 40")) { 
			while($r = mysql_fetch_array($result)) {	 
?> 

<div class="weblog_comment"> 
<div class="weblog_comment_name"><?php echo $r['name'] ?></div> 
<div class="weblog_comment_time"><?php echo $r['time'] ?></div> 
<div class="weblog_comment_message"><?php echo $r['message'] ?><br /><br /></div> 
</div> 

<?php 
} 
		} else { 
			die("SECOND There was an error displaying the shoutbox"); 
		}		
	} 

?>


#11 Demonslay

Demonslay

    P2L Jedi

  • Members
  • PipPipPip
  • 973 posts
  • Gender:Male
  • Location:A strange world where water falls out of the sky... for no reason.
  • Interests:Graphic Design, Coding, Splinter Cell, Cats

Posted 28 July 2006 - 10:07 PM

<?php
$badwordlist = array("addbadwirdsere","addbadwirdsere","addbadwirdsere","addbadwirdsere");

mysql_connect("xxxxx","xxxx","xxxxx");
mysql_select_db("xxxxxx");
	if ($_POST['submit']) {
		putenv('TZ=America/New_York');
		$time = date("F j, Y, g:i a", time());

		if (substr_count($_POST['message'],'http') < 2) {
			$tomanylinks = true;
		}		

		foreach($badwordlist as $badword) {
			if (strpos($_POST['message'],$badword)) {
				$badwordfound = true;
				break;  
			}		
		}		

		if (!$tomanylinks && !$badwordfound) {
			$result = mysql_query("INSERT INTO shoutbox (name, message, time) VALUES ('{$_POST['name']}', '{$_POST['message']}', '$time')") or die(mysql_error());
		}		

		if ($result) {
			header("Location: {$_SERVER['PHP_SELF']}");
		} else {
			die("FIRST There was an error adding to the shoutbox");
		}		
	
	} else {
		echo "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"post\">";
		echo "  <input id=\"name\" type=\"text\" name=\"name\" />";
		echo "  <input type=\"submit\" name=\"submit\" value=\"Submit\" />";
		echo "  <textarea rows=\"2\" cols=\"35\" name=\"message\"></textarea>";
		echo "</form>";
		if ($result = mysql_query("select * from shoutbox order by id desc limit 40")) {
			while($r = mysql_fetch_array($result)) {	
?>

<div class="weblog_comment">
<div class="weblog_comment_name"><?php echo $r['name'] ?></div>
<div class="weblog_comment_time"><?php echo $r['time'] ?></div>
<div class="weblog_comment_message"><?php echo $r['message'] ?><br /><br /></div>
</div>

<?php
}
		} else {
			die("SECOND There was an error displaying the shoutbox");
		}		
	}

?>

Try this and tell us what it gives you. It should tell us what is wrong with the query.

#12 kevinoneill

kevinoneill

    Young Padawan

  • Members
  • Pip
  • 61 posts

Posted 28 July 2006 - 11:40 PM

First error was saying extra curly, took it out then this....

Parse error: syntax error, unexpected T_ELSE in /home/irekevin/public_html/index2.php on line 138

Which is....

} else {


#13 rc69

rc69

    PHP Master PD

  • P2L Staff
  • PipPipPipPip
  • 3,827 posts
  • Gender:Male
  • Location:Here
  • Interests:Web Development

Posted 29 July 2006 - 12:28 AM

As you have 3 else's in there, and what looks like nothing close to 100 lines, it would help if you could post more of what's above that line.

For the "can't write to db error", it would help if you posted the exact error you got. If the error you got was "FIRST There was an error adding to the shoutbox", then change that string to mysql_error() so we can figure out what the problem is.

Also, i just want to clear something up.

redirect ("Location: $referer");

Don't you mean:

header ("Location: ".$referer);

Just looking out for yah :(

Those are exactly the same :)

heh, actually since it's not a.. what do you call 'em... .. encased variable (the ones that use [ ] )?... it doesn't really matter

Umm, an array? :huh:

All of the following will work (and probably more):
header("Location: $var");
header("Location: ".$var);
header('Location: '.$var); // Note the quote difference
header("Location: {$var}");
header("Location: {$array['foo']}");
header("Location: {$array[foo]}"); // Qutoes again


#14 coolaid

coolaid

    P2L Jedi Master

  • Members
  • PipPipPipPip
  • 1,435 posts
  • Gender:Male
  • Interests:i wonder..

Posted 29 July 2006 - 12:51 AM

array huh, makes sense. but what about like $_SESSION[], $_COOKIE[], etc. don't those have specific variable names? i know there predefiend, but i think they have another name too

Edited by coolaid, 29 July 2006 - 12:51 AM.


#15 Demonslay

Demonslay

    P2L Jedi

  • Members
  • PipPipPip
  • 973 posts
  • Gender:Male
  • Location:A strange world where water falls out of the sky... for no reason.
  • Interests:Graphic Design, Coding, Splinter Cell, Cats

Posted 29 July 2006 - 02:01 AM

Superglobals?
Ya, the mysql_error() is exactly what I put into his code so we could see what it gives him... And I killed some whitespace, just because I can. :huh:

I can't figure what 'else' it is either, since both his version and mine don't even have 100 lines. I'm suspecting it is the 3rd one, not too sure, the nesting on all of them look fine to me.

#16 kevinoneill

kevinoneill

    Young Padawan

  • Members
  • Pip
  • 61 posts

Posted 29 July 2006 - 10:21 AM

Ok guys sorry for all the newbness, as a fellow moderator of another forum I can see how this gets repetitive sometimes :huh:

Started with this....
<?php 

$badwordlist = array("addbadwirdsere","addbadwirdsere","addbadwirdsere","addbadwirdsere"); 

mysql_connect("xxxxx","xxxxx","xxxx");
mysql_select_db("xxxxxxx");

	if ($_POST['submit']) { 
		putenv('TZ=America/New_York'); 
		$time = date("F j, Y, g:i a", time()); 

		if (substr_count($_POST['message'],'http') < 2) { 
			$tomanylinks = true; 
		}		

		foreach($badwordlist as $badword) { 
			if (strpos($_POST['message'],$badword)) { 
				$badwordfound = true; 
				break;   
			}		
		}		

		if (!$tomanylinks && !$badwordfound) { 
			$result = mysql_query(" 
				INSERT INTO shoutbox ( 
					name, 
					message, 
					time 
				) VALUES ( 
					'{$_POST['name']}', 
					'{$_POST['message']}', 
					'$time' 
				)"); 
		}		

		if ($result) { 
			header("Location: {$_SERVER['PHP_SELF']}"); 
		} else { 
			die("SECOND There was an error displaying the shoutbox"); 
		}		
	 
	} else { 
		echo "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"post\">"; 
		echo "  <input id=\"name\" type=\"text\" name=\"name\" />"; 
		echo "  <input type=\"submit\" name=\"submit\" value=\"Submit\" />"; 
		echo "  <textarea rows=\"2\" cols=\"35\" name=\"message\"></textarea>"; 
		echo "</form>"; 
		if ($result = mysql_query("select * from shoutbox order by id desc limit 40")) { 
			while($r = mysql_fetch_array($result)) {	 
?> 

<div class="weblog_comment"> 
<div class="weblog_comment_name"><?php echo $r['name'] ?></div> 
<div class="weblog_comment_time"><?php echo $r['time'] ?></div> 
<div class="weblog_comment_message"><?php echo $r['message'] ?><br /><br /></div> 
</div> 

<?php 
} 
		} else { 
			die("SECOND There was an error displaying the shoutbox"); 
		}		
	} 

?>

Regarding this part of the above code.
if ($result) { 
			header("Location: {$_SERVER['PHP_SELF']}"); 
		} else { 
			die("FIRST There was an error adding to the shoutbox"); 
		}
I get "FIRST There was an error adding to the shoutbox"
Chang to this....
if ($result) { 
			header("Location: {$_SERVER['PHP_SELF']}"); 
		} else { 
		   mysql_error(); 
		}
Shoutbox works. Posts to database. Upon reloading it does the "do you want to send data again" thing. Which I'm trying to have it not do.

So then i tried this....thinking there's an error on the header line....
if ($result) { 
			header("Location: {$_SERVER['PHP_SELF']}"); 
		   mysql_error(); 
		} else { 
		   mysql_error();
		}
Again works and posts fine. Minus the "do you want to send data again" thing.

Edited by kevinoneill, 29 July 2006 - 10:22 AM.


#17 rc69

rc69

    PHP Master PD

  • P2L Staff
  • PipPipPipPip
  • 3,827 posts
  • Gender:Male
  • Location:Here
  • Interests:Web Development

Posted 29 July 2006 - 05:22 PM

Well that cleared things up quick fast and in a hurry. The problem is, demonslay forgot to die ^_^
<?php 

$badwordlist = array("addbadwirdsere","addbadwirdsere","addbadwirdsere","addbadwirdsere"); 

mysql_connect("xxxxx","xxxxx","xxxx");
mysql_select_db("xxxxxxx");

	if ($_POST['submit']) { 
		putenv('TZ=America/New_York'); 
		$time = date("F j, Y, g:i a", time()); 

		if (substr_count($_POST['message'],'http') < 2) { 
			$tomanylinks = true; 
		}		

		foreach($badwordlist as $badword) { 
			if (strpos($_POST['message'],$badword)) { 
				$badwordfound = true; 
				break;   
			}		
		}		

		if (!$tomanylinks && !$badwordfound) {
			mysql_query("
				INSERT INTO shoutbox (
					name,
					message,
					time
				) VALUES (
					'{$_POST['name']}',
					'{$_POST['message']}',
					'$time'
				)") or die(mysql_error()); // See, die.
		}

		header("Location: ".$_SERVER['PHP_SELF']);
	} else {
		echo "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"post\">"; 
		echo "  <input id=\"name\" type=\"text\" name=\"name\" />"; 
		echo "  <input type=\"submit\" name=\"submit\" value=\"Submit\" />"; 
		echo "  <textarea rows=\"2\" cols=\"35\" name=\"message\"></textarea>"; 
		echo "</form>"; 
		if ($result = mysql_query("select * from shoutbox order by id desc limit 40")) { 
			while($r = mysql_fetch_array($result)) {	 
?> 

<div class="weblog_comment"> 
<div class="weblog_comment_name"><?php echo $r['name'] ?></div> 
<div class="weblog_comment_time"><?php echo $r['time'] ?></div> 
<div class="weblog_comment_message"><?php echo $r['message'] ?><br /><br /></div> 
</div> 

<?php 
} 
		} else { 
			die("SECOND There was an error displaying the shoutbox"); 
		}		
	} 

?>

p.s. Coolaid, demonslay is right, they're superglobals. But that is just a fancy term, when you get down to it, they are arrays set by the server with an infinate scope.

p.s.s. I hope nobody took my second sentance literally.

Edited by rc69, 29 July 2006 - 05:25 PM.


#18 kevinoneill

kevinoneill

    Young Padawan

  • Members
  • Pip
  • 61 posts

Posted 29 July 2006 - 05:31 PM

Replaced what you suggetsed...Now looks like so...

<?php 

	 
	$badwordlist = array("addbadwirdsere","addbadwirdsere","addbadwirdsere","addbadwirdsere"); 

mysql_connect("xxxx","xxx","xxxxx");
mysql_select_db("xxxxx");


	if ($_POST['submit']) { 
		putenv('TZ=America/New_York'); 
		$time = date("F j, Y, g:i a", time()); 


		if (substr_count($_POST['message'],'http') < 2) { 
			$tomanylinks = true; 

		}		



		foreach($badwordlist as $badword) { 
			if (strpos($_POST['message'],$badword)) { 
				$badwordfound = true; 
				break;   
			}		
		}		

   if (!$tomanylinks && !$badwordfound) {
			$result = mysql_query("
				INSERT INTO shoutbox (
					name,
					message,
					time
				) VALUES (
					'{$_POST['name']}',
					'{$_POST['message']}',
					'$time'
				)") or die(mysql_error()); // See, die.
		}

		header("Location: ".$_SERVER['PHP_SELF']);
	} else {
		   mysql_error();
		}		
	 
	} else { 
		echo "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"post\">"; 
		echo "  <input id=\"name\" type=\"text\" name=\"name\" />"; 
		echo "  <input type=\"submit\" name=\"submit\" value=\"Submit\" />"; 
		echo "  <textarea rows=\"2\" cols=\"35\" name=\"message\"></textarea>"; 
		echo "</form>"; 
		if ($result = mysql_query("select * from shoutbox order by id desc limit 40")) { 
			while($r = mysql_fetch_array($result)) {	 
?> 

<div class="weblog_comment"> 
<div class="weblog_comment_name"><?php echo $r['name'] ?></div> 
<div class="weblog_comment_time"><?php echo $r['time'] ?></div> 
<div class="weblog_comment_message"><?php echo $r['message'] ?><br /><br /></div> 
</div> 

<?php 
} 
		} else { 
			die("SECOND There was an error displaying the shoutbox"); 
		}		
	} 

?>

Parse error: syntax error, unexpected '}' in /home/irekevin/public_html/index2.php on line 136

Tha error is on the line
header("Location: ".$_SERVER['PHP_SELF']);
	} else {	// HERE 
		   mysql_error();  
		}

What in the world is going on :?:

Edited by kevinoneill, 29 July 2006 - 05:32 PM.


#19 rc69

rc69

    PHP Master PD

  • P2L Staff
  • PipPipPipPip
  • 3,827 posts
  • Gender:Male
  • Location:Here
  • Interests:Web Development

Posted 29 July 2006 - 05:36 PM

I figured that would happen, so i edited my post (obviously i edited it a little late). You just didn't replace everything, copy the code in my previous post and try again.

#20 kevinoneill

kevinoneill

    Young Padawan

  • Members
  • Pip
  • 61 posts

Posted 29 July 2006 - 06:13 PM

It displays, and posts to the db... BUT hehe

Warning: Cannot modify header information - headers already sent by (output started at /home/irekevin/public_html/index2.php:1) in /home/irekevin/public_html/index2.php on line 124

Line 124 is...
header("Location: ".$_SERVER['PHP_SELF']); // HERE!!!
	} else {
		echo "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"post\">"; 
		echo "  <input id=\"name\" type=\"text\" name=\"name\" />"; 
		echo "  <input type=\"submit\" name=\"submit\" value=\"Submit\" />"; 
		echo "  <textarea rows=\"2\" cols=\"35\" name=\"message\"></textarea>"; 
		echo "</form>"; 
		if ($result = mysql_query("select * from shoutbox order by id desc limit 40")) { 
			while($r = mysql_fetch_array($result)) {





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users