Changing ID Chosen Being dropdown PHP -


i have script forum. default, users can post if has opened site determine parent first. example domain.com/new.php?parent=3

here trying modify using dropdown. example: option 1 (value1) option 2 (value2) option 3 (value3)

i add $parent=$_post['parent']; following example of $title=$_post['title']; failed.

is there solution?

code:

<?php //this page let users create new topics include('config.php'); if(isset($_get['parent'])) {     $id = intval($_get['parent']); if(isset($_session['username'])) {     $dn1 = mysql_fetch_array(mysql_query('select count(c.id) nb1, c.name categories c c.id="'.$id.'"')); if($dn1['nb1']>0) { ?> <!doctype html public "-//w3c//dtd xhtml 1.0 transitional//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">     <head>         <meta http-equiv="content-type" content="text/html; charset=utf-8" />         <link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="style" />         <title>new topic - <?php echo htmlentities($dn1['name'], ent_quotes, 'utf-8'); ?> - forum</title>         <script type="text/javascript" src="functions.js"></script>     </head>     <body>         <div class="header">             <a href="<?php echo $url_home; ?>"><img src="<?php echo $design; ?>/images/logo.png" alt="forum" /></a>         </div>         <div class="content"> <?php $nb_new_pm = mysql_fetch_array(mysql_query('select count(*) nb_new_pm pm ((user1="'.$_session['userid'].'" , user1read="no") or (user2="'.$_session['userid'].'" , user2read="no")) , id2="1"')); $nb_new_pm = $nb_new_pm['nb_new_pm']; ?> <div class="box">     <div class="box_left">         <a href="<?php echo $url_home; ?>">forum index</a> &gt; <a href="list_topics.php?parent=<?php echo $id; ?>"><?php echo htmlentities($dn1['name'], ent_quotes, 'utf-8'); ?></a> &gt; new topic     </div>     <div class="box_right">         <a href="list_pm.php">your messages(<?php echo $nb_new_pm; ?>)</a> - <a href="profile.php?id=<?php echo $_session['userid']; ?>"><?php echo htmlentities($_session['username'], ent_quotes, 'utf-8'); ?></a> (<a href="login.php">logout</a>)     </div>     <div class="clean"></div> </div> <?php if(isset($_post['message'], $_post['title']) , $_post['message']!='' , $_post['title']!='') {     include('bbcode_function.php');     $title = $_post['title'];     $message = $_post['message'];     if(get_magic_quotes_gpc())     {         $title = stripslashes($title);         $message = stripslashes($message);     }     $title = mysql_real_escape_string($title);     $message = mysql_real_escape_string(bbcode_to_html($message));     if(mysql_query('insert topics (parent, id, id2, title, message, authorid, timestamp, timestamp2) select "'.$id.'", ifnull(max(id), 0)+1, "1", "'.$title.'", "'.$message.'", "'.$_session['userid'].'", "'.time().'", "'.time().'" topics'))     {     ?>     <div class="message">the topic have been created.<br />     <a href="list_topics.php?parent=<?php echo $id; ?>">go forum</a></div>     <?php     }     else     {         echo 'an error occurred while creating topic.';     } } else { ?> <form action="new_topic.php?parent=<?php echo $id; ?>" method="post">     <label for="title">title</label><input type="text" name="title" id="title"  /><br />     <label for="message">message</label><br />     <div class="message_buttons">         <input type="button" value="bold" onclick="javascript:insert('[b]', '[/b]', 'message');" /><!--         --><input type="button" value="italic" onclick="javascript:insert('[i]', '[/i]', 'message');" /><!--         --><input type="button" value="underlined" onclick="javascript:insert('[u]', '[/u]', 'message');" /><!--         --><input type="button" value="image" onclick="javascript:insert('[img]', '[/img]', 'message');" /><!--         --><input type="button" value="link" onclick="javascript:insert('[url]', '[/url]', 'message');" /><!--         --><input type="button" value="left" onclick="javascript:insert('[left]', '[/left]', 'message');" /><!--         --><input type="button" value="center" onclick="javascript:insert('[center]', '[/center]', 'message');" /><!--         --><input type="button" value="right" onclick="javascript:insert('[right]', '[/right]', 'message');" />     </div>     <textarea name="message" id="message" cols="70" rows="6"></textarea><br />     <input type="submit" value="send" /> </form> <?php } ?>         </div>         <div class="foot"><a href="http://www.webestools.com/scripts_tutorials-code-source-26-simple-php-forum-script-php-forum-easy-simple-script-code-download-free-php-forum-mysql.html">simple php forum script</a> - <a href="http://www.webestools.com/">webestools</a></div>     </body> </html> <?php } else {     echo '<h2>the category want add topic doesn\'t exist.</h2>'; } } else { ?> <h2>you must logged access page.</h2> <div class="box_login">     <form action="login.php" method="post">         <label for="username">username</label><input type="text" name="username" id="username" /><br />         <label for="password">password</label><input type="password" name="password" id="password" /><br />         <label for="memorize">remember</label><input type="checkbox" name="memorize" id="memorize" value="yes" />         <div class="center">             <input type="submit" value="login" /> <input type="button" onclick="javascript:document.location='signup.php';" value="sign up" />         </div>     </form> </div> <?php } } else {     echo '<h2>the id of category want add topic not defined.</h2>'; } ?>

there no input element name parent in form, therefore $_post['parent'] not set. verify dumping $_post after submit: var_dump($_post).

you reuse $id variable holds $_get['parent'] value.

as has been mentioned in comments:

make sure sanitize input values before stating sql queries prevent sql injection attacks!


Comments

Post a Comment

Popular posts from this blog

javascript - jQuery: Add class depending on URL in the best way -

i have html progress meter: <div class="col-md-3" style="margin-left: -20px;"> <div class="progress-pos active" id="progess-1"> <div class="progress-pos-inner"> login </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-2"> <div class="progress-pos-inner"> scan items </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-3"> <div class="progress-pos-inner"> confirm address </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-4"> <div class="progress-pos-in...
Read more

caching - How to check if a url path exists in the service worker cache -

i need check if particular url path exists in service worker cache. example, suppose url is: /myserviceworker/service?a=110&b=70 this url exists in cache, there many of them different values of , b. now, suppose want refresh of these urls, how can that? i want know how access key values service worker cache. if know key, plan follows: var url = new url(key); if(url.pathname === "\/myserviceworker/service") refetch key but not sure how cache key , in format is. mean, string or url? cache api has match() method returns promise resolving in response object if match or undefined if no match exists. second parameter object can specify ignoresearch not take account url parameters. the ignoresearch option supported firefox ( chrome status here ). in other hand, retrieve cache entries, can use keys() method.
Read more

Redirect to a HTTPS version using .htaccess -

i need modify .htaccess file redirect urls https version without "www". http://example.com --> https://example.com http://www.example.com --> https://example.com https://www.example.com --> https://example.com this how .htaccess file looks like: rewriteengine on rewritecond %{request_filename} !-d rewritecond %{request_filename} !-f rewriterule ^(.*)$ redirect.php?id=$1&page=$2 [qsa,l] what modifications need make .htaccess in order forward https without "www"? it depends on doing current code. looks file called redirect trying display php page seo friendly url. think might confusing people. anyway, need , force https without www, need 1 more rule above. also second rule needs two capture groups in rewriterule test string because wanting 2 different values using $1 , $2 references. rewriteengine on #rediect www non www and/or http https --- combinations. rewritecond %{http_host} !^example\.com [nc,or] rewritecond %{https} !^...
Read more