GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Online Form PHP Script Help! (https://gfy.com/showthread.php?t=1039465)

adultzone 09-26-2011 08:36 AM

Online Form PHP Script Help!
 
I tried everything but NO luck at all. Can anyone give me the right direction where to go to find that script. I have been searching it all over the internet study some php script but I am getting lazy and getting head aches on reading those words! Now I am trying to ask for help.

An online form which basically a sign up form that will post to my database in my server and I can export those details. Or anyone can give me a ready made online form then I will just insert my database name, username and password. :) Any help will be appreciated.


J

webboy21 09-26-2011 11:00 AM

most database servers won't be accessible from a location that is NOT your own server I think....why not install one on your own server?

if that is what you want I'd be happy to help

just a punk 09-26-2011 12:32 PM

The certainly would but not for free :)

webboy21 09-26-2011 12:51 PM

why did you think I was suggesting that I could help him? ;)

fris 09-26-2011 04:13 PM

not really hard just modify the submit data to store to a db

potter 09-26-2011 09:21 PM

You guys really saying you'd ask for money for 7 lines of (very common) code? Sheesh!

form.php
Code:

<form name="input" action="script.php" method="post">
Username: <input type="text" name="user" />
Email: <input type="text" name="email" />
<input type="submit" value="Submit" />
</form>

script.php
Code:

<?php

$dbconnect = mysql_connect('localhost', 'user', 'password') or die("Unable to connect to MySQL");
$database = mysql_select_db('database_name', $dbconnect) or die("Could not select database");

$user = mysql_escape_string($_POST['user']);
$email = mysql_escape_string($_POST['email']);

mysql_query("INSERT INTO table_name VALUES ($user, $email)");

header("form.php");

exit;

?>


d-null 09-26-2011 09:33 PM

what are the most common injection hack vulnerabilities that a simple script like this might inadvertantly run into in the wrong hands? what should be done as basic protection?

EukerVoorn 09-26-2011 10:22 PM

Guys, is there a secure way to send info from a form like this by e-mail? Can you do pgp mail from a server for example?

Jakez 09-27-2011 12:13 AM

Quote:

Originally Posted by d-null (Post 18453943)
what are the most common injection hack vulnerabilities that a simple script like this might inadvertantly run into in the wrong hands? what should be done as basic protection?

The 'mysql_escape_string' part should take of that. It will escape the common characters people use to sql inject.

Now when people want to correctly use ' or " in the form you're going to run into another problem.

Quote:

You\'re text is going to look something like \\"this\\"


All times are GMT -7. The time now is 04:21 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123