You are not logged in. [Log In] UBB.threads PHP Forum Software Community » Forums » Managing & Customizing your Board » How do I? » Subscription pages with custom form
Register User    Portal Page     Forum List        Calendar     Active Topics     Search     FAQ
Site Links
Home
Features
Documentation
Pricing & Order
Members Area
Support Options
UBBDev.com
UBBWiki.com
Who's Online
4 registered (Iann128, SD, ayawkho, SteveS), 41 Guests and 15 Spiders online.
Key: Admin, Global Mod, Mod
Featured Member
Registered: 03/21/08
Posts: 224
Top Posters (30 Days)
Ruben 61
SD 52
Gizmo 48
gliderdad 33
Dunny 21
driv 18
dbremer 16
Mark S 13
Stan 12
Iann128 10
Latest Photos
Testing
Basildon Train Station
Basildon Town Centre looking from the rounderbout
Basildon Town Square
Gizzo Marx
Page 1 of 2 1 2 >
Topic Options
#238609 - 08/10/10 10:26 PM Subscription pages with custom form
Iann128 Online gnasher

enthusiast 		Registered: 03/21/08
Posts: 224
Loc: Austin, AR
OK so we are moving the message board to Mindraven and on our old server we had a form inside the subscription page to update a non ubb database. You can see the form here http://www.fgmcc.com/html/howtojoin.shtml and click on the second link. When you click on the submit button for the form it updates the database, but displays what ever I put in the update.php file, then you have to click back to submit the subscription to ubb. I have been looking at using $PHP_SELF action as the action and adding the php code to the subscription description field in the control panel. Do you think this will work? I have also read that using the $PHP_SELF can be a bad idea because of script kiddies... Any other ways to do this?
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
Express Hosting
Express Hosting "We are the official hosting company of UBB.threads. Ask us about our free migration services to migrate your UBB.threads installation."
#238611 - 08/10/10 10:52 PM Re: Subscription pages with custom form [Re: Iann128]
Gizmo Offline

Registered: 06/05/06
Posts: 14904
Loc: Portland, OR; USA
So long as you properly sanitize the variable you should be fine:
Php Code:
$this_page = strip_tags(htmlspecialchars($_SERVER["PHP_SELF"]));
_________________________
Forums: UGN Security & VNC Web Design & Development
UBB.Threads: UBB.Wiki, My UBBSkins, UBB.Sitemaps
Longtime UBB Supporter, UBB Beta Tester & Resident Post-A-Holic.
UBB Modifications, Styling, Coding Services, Disaster Recovery, and more!
Top
#238612 - 08/10/10 11:05 PM Re: Subscription pages with custom form [Re: Gizmo]
Iann128 Online gnasher

enthusiast 		Registered: 03/21/08
Posts: 224
Loc: Austin, AR
So this would work? I assume it would not reload the current page?
Code:
<form action="strip_tags(htmlspecialchars($_SERVER["PHP_SELF"]));" 
 method="post">
<?php
Check to see if submit button has been pressed
other php code
?>

html form stuff

</form>
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
#238613 - 08/10/10 11:29 PM Re: Subscription pages with custom form [Re: Iann128]
SD Online partay
Registered: 04/19/07
Posts: 4031
Loc: SoCal, USA
Php Code:
form action="<?php echo htmlentities($_SERVER['PHP_SELF']) ?>"
 method="post">
....


is what i do smile

or go total paranoid (which i don't) and do:

Php Code:
substr($_SERVER['PHP_SELF'], 0, (strlen($_SERVER['PHP_SELF']) - @strlen($_SERVER['PATH_INFO'])));


for the echo.. i had that del.icio.us'd somewhere laugh
_________________________

Threads tutorials . Threads & Wordpress experts . UBB resume

If I you, click this link as to why
Top
#238614 - 08/10/10 11:33 PM Re: Subscription pages with custom form [Re: SD]
Iann128 Online gnasher

enthusiast 		Registered: 03/21/08
Posts: 224
Loc: Austin, AR
It has to work inside the subscription template... Right now I just added the <form> ... </form> code to it...
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
#238616 - 08/11/10 11:10 AM Re: Subscription pages with custom form [Re: Iann128]
Iann128 Online gnasher

enthusiast 		Registered: 03/21/08
Posts: 224
Loc: Austin, AR
OK so still learning... Here is what I have in the body of the subscription... It displays the form, and some of the code instead of checking to see if the submit button has been clicked. Can I use php and html in the description filed of a subscription?

Click to reveal..

Code:
<center>
<form action="<?php echo htmlentities($_SERVER['PHP_SELF']) ?>" method="post">
<?php
if(isset($_POST['submit']))		//submit button pressed
  {
  echo '<p>Thank-you for submitting your member information, please choose from one of the options below to pay.</p>'
  
  //Process the individual form controls
  }
else					//display the form
  {
  ?>

<!- HTML code for the form -->


  <table border="0" width="650" height="868" cellpadding="0" align="left">
     <tr>
      <td width="100%" height="750" colspan="2" valign="top" align="left">
        <b>
        <font face="Verdana" size="3">Personal Information</font>
        </b>
        <table border="1" width="100%" height="1" cellspacing="3" bordercolor="#000000" bordercolorlight="#000000" bordercolordark="#000000">
          <tr>
            <td width="23%" height="12" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">First Name:</font></td>
            <td width="77%" height="12" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="F_Name" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="12" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Last Name:</font></td>
            <td width="77%" height="12" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="L_Name" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="12" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Middle Name:</font></td>
            <td width="77%" height="12" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="M_Name" /></font></td>
          </tr>
          <tr>
            <td width="23%" height="13" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Street Address:</font></td>
            <td width="77%" height="13" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="S_Address" /></font></td>
          </tr>
          <tr>
            <td width="23%" height="7" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">City:</font></td>
            <td width="77%" height="7" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="City" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="10" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">State/Province:</font></td>
            <td width="26%" height="10" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="State" /></font></td>
            <td width="25%" height="10" bordercolor="#000000" bgcolor="#E5E5E5"><font face="Verdana" size="3">Zip/Postal Code:</font></td>
            <td width="26%" height="10" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Zip" /></font></td>
          </tr>
          <tr>
            <td width="23%" height="7" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Country:</font></td>
            <td width="77%" height="7" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Country" value="United States" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="9" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Phone
              Number:</font></td>
            <td width="77%" height="9" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Phone" /></font></td>
          </tr>
          <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">E-mail
              Address:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Email" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Year of Monte:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana">
			<select name="Year">
			<option value="1970">1970</option>
			<option value="1971">1971</option>
			<option value="1972">1972</option>
			</select></font></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Engine:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Engine" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Transmission:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Transmission" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Exterior Color:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Ext_Color" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Interior Color:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Int_Color" /></font></td>
          </tr>
		  <tr>
            <td width="87%" bgcolor="#E5E5E5" height="19"><font size="3" face="Arial">Vinyl Top</font></td>
            <td width="13%" height="19"><input type="radio" name="V_Top" value="1" /> Yes<br />
  <input type="radio" name="V_Top" value="0" /> No<br /></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Vinyl Top Color:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="V_Color" /></font></td>
          </tr>
        <b><font size="3" face="Verdana">
      
             <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000" valign="top" rowspan="2"><font size="3" face="Verdana">Any
              comments?:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000" valign="top"><font size="3" face="Verdana"><input type="text" name="Comments" />
			</font></td>
          </tr>
 </table>
        <font size="3" face="Verdana">
        <b>Club Roster</b></font>
        <table border="1" width="100%" bordercolor="#000000" cellspacing="3" height="1">
          <tr>
            <td width="87%" bgcolor="#E5E5E5" height="19"><font size="3" face="Arial">Would
              you like to be listed in the club roster?</font></td>
            <td width="13%" height="19"><input type="radio" name="Roster" value="1" /> Yes<br />
  <input type="radio" name="Roster" value="0" /> No<br /></td>
          </tr>
          <tr>
            <td width="87%" bgcolor="#E5E5E5" height="19"><font size="3" face="Arial">Would
              you like your address to be listed in the club roster?</font></td>
            <td width="13%" height="19"><input type="radio" name="Roster_Add" value="1" /> Yes<br />
  <input type="radio" name="Roster_Add" value="0" /> No<br /></td>
          </tr>
          <tr>
            <td width="87%" bgcolor="#E5E5E5" height="1"><font size="3" face="Arial">Would
              you like your phone number listed in the club roster?</font></td>
            <td width="13%" height="19"><input type="radio" name="Roster_Num" value="1" /> Yes<br />
  <input type="radio" name="Roster_Num" value="0" /> No<br /></td>
          </tr>
		  <tr>
		     <td><input type="submit" value="Submit" /></td>
		  </tr>
        </table>
		<?php
   }				//close off the ending bracket for the else statement
?>
<?php
 $F_Name=$_POST['F_Name']; 
 $L_Name=$_POST['L_Name']; 
 $M_Name=$_POST['M_Name'];
 $City=$_POST['City'];
 $State=$_POST['State'];
 $Zip=$_POST['Zip'];
 $Country=$_POST['Country'];
 $S_Address=$_POST['S_Address'];
 $Phone=$_POST['Phone'];
 $Email=$_POST['Email'];
 $Year=$_POST['Year'];
 $Engine=$_POST['Engine'];
 $Ext_Color=$_POST['Ext_Color'];
 $Int_Color=$_POST['Int_Color'];
 $V_Top=$_POST['V_Top'];
 $V_Color=$_POST['V_Color'];
 $Transmission=$_POST['Transmission'];
 $Comments=$_POST['Comments'];
 $Roster=$_POST['Roster'];
 $Roster_Add=$_POST['Roster_Add'];
 $Roster_Num=$_POST['Roster_Num'];  
 mysql_connect("xxx", "xxx", "xxx") or die(mysql_error()); 
 mysql_select_db("xxxxx") or die(mysql_error()); 
 mysql_query("INSERT INTO `xxxx` (F_Name, L_Name, M_Name, City, State, Zip, Country, S_Address, Phone, Email, Year, Engine, Transmission, Ext_Color, Int_Color, V_Top, V_Color, Comments, Roster, Roster_Add, Roster_Num) VALUES ('$F_Name','$L_Name', '$M_Name', '$City', '$State', '$Zip', '$Country', '$S_Address', '$Phone', '$Email', '$Year', '$Engine', '$Transmission', '$Ext_Color', '$Int_Color', '$V_Top', '$V_Color', '$Comments', '$Roster', '$Roster_Add', '$Roster_Num')"); 
 ?> 
		</form>
        </td>
    </tr>
  </table>
  </center>


Edited by Sirdude (08/20/10 04:22 PM)
Edit Reason: put code in spoilers..
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
#238617 - 08/11/10 11:51 AM Re: Subscription pages with custom form [Re: Iann128]
SD Online partay
Registered: 04/19/07
Posts: 4031
Loc: SoCal, USA
you'll need to do some serious sanitizing.. i'd recommend running that thru the ubb.engine, which does all that for you 1st..
_________________________

Threads tutorials . Threads & Wordpress experts . UBB resume

If I you, click this link as to why
Top
#238618 - 08/11/10 11:53 AM Re: Subscription pages with custom form [Re: SD]
Iann128 Online gnasher

enthusiast 		Registered: 03/21/08
Posts: 224
Loc: Austin, AR
Where / How?
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
#238649 - 08/15/10 12:35 PM Re: Subscription pages with custom form [Re: Iann128]
Iann128 Online gnasher

enthusiast 		Registered: 03/21/08
Posts: 224
Loc: Austin, AR
Still working on this, it is the last thing I need to get working before I can move the rest of the site to the new host frown Any other pointers / places to look?
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
#238774 - 08/20/10 02:37 PM Re: Subscription pages with custom form [Re: Iann128]
Chevy454 Offline
journeyman 		Registered: 01/24/05
Posts: 72
Originally Posted By: Iann128
OK so we are moving the message board to Mindraven and on our old server we had a form inside the subscription page to update a non ubb database. You can see the form here http://www.fgmcc.com/html/howtojoin.shtml and click on the second link. When you click on the submit button for the form it updates the database, but displays what ever I put in the update.php file, then you have to click back to submit the subscription to ubb. I have been looking at using $PHP_SELF action as the action and adding the php code to the subscription description field in the control panel. Do you think this will work? I have also read that using the $PHP_SELF can be a bad idea because of script kiddies... Any other ways to do this?

Hey, another car forum admin here! And one I'm actually a member of & visit!

Wish I could help ya, but it's over my head.
_________________________
www.yenko.net
UBB.Threads 7.5.5
Top
Page 1 of 2 1 2 >



Moderator:  AllenAyres, Harold, Ian, Ron M 
Shout Box

Today's Birthdays
No Birthdays
Recent Topics
Edit Post
by Bert
01:19 PM
A positive note
by SteveS
09:36 PM
How to locate links to particular site if they are only used in images?
by Conrad
02/10/12 09:41 PM
Pictures not displaying
by Marker23
02/09/12 10:04 PM
Issue with logging out constantly
by Flanuva
02/09/12 07:05 PM
Forum Stats
10214 Members
36 Forums
33667 Topics
180917 Posts

Max Online: 978 @ 06/24/07 11:19 PM
Random Image
Board Rules · Mark all read
Contact Us · UBBCentral · Top