My first Php code!

[yilduz]

I created a php code! I made a guestbook. Rather than find a guestbook code and figure it out, I decided to read some tutorials and make my own. I did it and it works and I now have my own guestbook!

I'm confident in learning php now. :D

 

[Hurley4540]

Nice, more than I can make :D

 

[weblord]

where did you place it? can we see the code?

 

[yilduz]

where did you place it? can we see the code?

I placed it on my homepage. :D

http://yilduz.com/contact.php#guestbook

It's not the best in the world, it's only very, very basic. I'm going to improve it eventually, but I just started reading php tutorials yesterday. I think it's good for a day of learning.

 

[weblord]

looks good

 

[yilduz]

looks good

Thank you!

I've been working very hard to get the html, javascript, css, php and mysql all work together. I think I'll get the hang of it soon.

 

[weblord]

finally paid off.

Thank you!

I've been working very hard to get the html, javascript, css, php and mysql all work together. I think I'll get the hang of it soon.

 

[Eric]

I placed it on my homepage. :D

http://yilduz.com/contact.php#guestbook

It's not the best in the world, it's only very, very basic. I'm going to improve it eventually, but I just started reading php tutorials yesterday. I think it's good for a day of learning.

Not a bad start, but tip - www.php.net/empty

I was able to submit a blank entry

 

[yilduz]

Not a bad start, but tip - www.php.net/empty

I was able to submit a blank entry

Ah, thank you.

That's one of the reasons I've been posting it. I'm ALWAYS looking for more tips, help, ideas, etc...

thank you. I'll look at it and make the appropriate edits.

 

[wikes82]

hmm, you need to filter HTML tag in input...
http://en.wikipedia.org/wiki/Cross-site_scripting

hint: http://us.php.net/strip_tags

 

[xrvel]

Who put an alert box there? :p I prefer htmlentities than stripping tags, btw.

 

[wikes82]

Who put an alert box there?

sorry, I just can't resist ... :hehe: i did it...

 

[Barrucadu]

Well done, it's good for a first start. I learned PHP by making an image hosting script, followed by an arcade script.

 

[Mujahid]

I`m also learning php these days. I also know C/C++ so its becoming easy for me to learn php. I`ve left a comment on your guestbook as well.

 

[Smiler]

Where can you get some good practice and tutorial for php coding. I know HTML but I'm hoping to learn php codes in the near future. I've been reading about php and I've learn that its a very dynamic code which is really cool IMO.

 

[yilduz]

Where can you get some good practice and tutorial for php coding. I know HTML but I'm hoping to learn php codes in the near future. I've been reading about php and I've learn that its a very dynamic code which is really cool IMO.

When I coded my guestbook, I was actually looking at several tutorials. I'd google for tutorials and look at a few, when they all did something similar and had the same bit of code, i knew that's what did it. I've noticed that many, many php tutorials are horribly non-descriptive. Most just show a working code and say what the entire thing does. Not really a tutorial, if you ask me. Maybe I'll write some when I learn a bit more.
________________
As soon as I saw that little wazzup box pop up, I knew you guys were doing more stuff to see what I did wrong. :P
Thank you, though. I'll look at what you guys have shown me and learn a bit more.

Thanks for the comments and the help.

Well done, it's good for a first start. I learned PHP by making an image hosting script, followed by an arcade script.

As soon as I get the guestbook good, project 2 is going to be a text-based game. :D

 

[yilduz]

I've been looking around those links you guys gave me. I think it's good now.

Anyone want to check it for me?

 

[thebrokenbox]

Still has annoying javascript popups. It's a nice little script and stuff. Now work on adding anti-spam measures and that whole blank and html issues. Other then that great job. I need to get back into PHP

 

[yilduz]

Still has annoying javascript popups. It's a nice little script and stuff. Now work on adding anti-spam measures and that whole blank and html issues. Other then that great job. I need to get back into PHP

I think I eliminated those problems. The boxes were already put there from other people. i'll get rid of them. See if you can still add that stuff. :D

 

[Eric]

Pulled this from one of my projects, try this:

/**
* Strip any unsafe tags/chars/attributes from input values.
*
* @param  string  Value to be cleaned
* @param  boolean Strip \r\n ?
* @return string
*/
function sanitize($value, $strip_crlf = true)
{
	// Some of what we have in the $search array may not be needed, but let's be safe.
	$search = array(
		'@<script[^>]*?>.*?</script>@si',
		'@<applet[^>]*?>.*?</applet>@si',
		'@<object[^>]*?>.*?</object>@si',
		'@<iframe[^>]*?>.*?</iframe>@si',
		'@<style[^>]*?>.*?</style>@si',
		'@<form[^>]*?>.*?</form>@si',
		'@<[\/\!]*?[^<>]*?>@si',
		'@&(?!(#[0-9]+|[a-z]+);)@si'
	);

	if ($strip_crlf)
	{
		array_push($search, '@([\r\n])[\s]+@');
	}
	$value = preg_replace($search, '', $value);

	// Make sure we get everything..
	$value = strip_tags($value);

	return clean($value);
}

/**
* Cleans either a string, or can clean an entire array of values:
*	clean($array);
*
* @param  mixed  Value to be cleaned
* @return mixed
*/
function clean($value)
{
	if (is_array($value))
	{
		foreach ($value AS $key => $val)
		{
			if (is_string($val))
			{
				$value["$key"] = trim(stripslashes($val));
			}
			else if (is_array($val))
			{
				$value["$key"] = clean($value["$key"]);
			}
		}
		return $value;
	}
	return trim(stripslashes($value));
}

Example:

$name = sanitize($_POST['name']);