Tracking Forums, Newsgroups, Maling Lists
Home Scripts Tutorials Tracker Forums
 
  HOME    TRACKER    PHP




Filtering HTML With PHP


I am using PHP to set up a message board which interfaces with a mySQL database. I am trying to filter malicious HTML code that users would try to leave on the message board. I want to strip all HTML tags except the <A HREF> tag.




View Complete Forum Thread with Replies
See Related Forum Messages: Follow the Links Below to View Complete Thread
Filtering Out Bad Input
I am currently building a website, with a built in news and comment, so far i know have been able to filter out thing such as swear words, however is it possible to filter of say f someone held down the ===================================================== ============= key

Is there a way to prevent this or will i have to have some sort of statement that counts how many times the = or other char is grouped together?
Filtering RSS Content
I need to install an rss aggregator on a website. The catch is that it
should only pull in items from feeds which contain certain keywords.

Any idea how this can be done or if such a content managing software
already exists?

Dirty Filtering
does any one has a list of dirty words, do not post in this forum, but show me url. PHP Code:
Username Filtering
I'm having problems with regular expressions. How could i check if a variable has only letters and numbers in it?
Price Filtering
I am having an issue with filtering price from a form variable so maybe someone can tell me how I'm screwing this up.

I have a search page that has 3 criterias for search - category 'cat', price 'price' and location 'area'. I am using Dreamweaver 8 for this project. I can create the query for both cat and area for the double filter, but when i get to price it removes all the records from view.

I removed the 2 working queries and am now focusing on the 'price' query. My SQL looks something like this: Code:
Filtering Data
I've got a question which is more aimed at drumming up some opinions/starting a discussion then looking for a "right answer". I am writing an application and I wanted to hear some suggestions on how to handle the filtering of data from the user. The data is all coming in through one class where it is then passed as arguments to methods down the hierarchy, so it seems to make sense to do the checking at that top point.

However what isn't as clear is whether the regular expressions (or some alternative) used should be exclusively set by the top level class. For instance I see that Cake (a framework) has a protected _validation array which Models can set with their own regex.

I am not a huge fan of this approach because it leaves the array protected, and because it may be responsibility that goes past the role of the class. In fact I'd prefer a method which didn't rely so heavily on regex in the first place as I find regex hard to maintain.

So what solutions have you come up with to handle input? I'm looking for suggestions which are flexible enough to accomodate unforseen changes in security, but simple enough to be implemented in a single class (or a single method).

To kick this off here's my current solution (somewhat described above)
if (!is_array($this->_validation))
throw new Exception("Unable to validate data bad validation hash found");

$result = array();
foreach ($arguments as $key => $value)
{
$pattern = $this->_validation[$key];
if ($pattern == null)
throw new Exception("The submitted data has no corresponding pattern and can not be evaluated");
if (!preg_match($pattern, $value))
throw new Exception("The submitted data was invalid");
$result[$key] = $value;
}
return $result;
IP Filtering By Country
Does anyone know of some good ways to filter traffic by country?

I can only monetize US, UK, and Canada traffic, but must send them to a different thing for each country.

All other countries I would like to send somewhere else.
Filtering XML Results
I'm in the process of creating a page that displays multiple lines of inventory for a bunch of products (let's call them 'widgets'). The widgets are listed in XML format (they'll end up being pulled from a MySQL DB eventually). Code:
Filtering Of Characters
Does filtering of certain characters make a search engine more efficient?

Speical characters such as ~!@#$%^&*()_+
Error Filtering Bad Language
I have a dynamic shout box service, and I need to filter bad language, so i wrote a function on how it should work. PHP Code:
Filtering Out Keywords In A Search!
I have about 1100 movie titles in a database. I am trying to do a simple search engine and have seperated each keyword using the following code:

$q = $_GET['q'];
if ($q) {
$q = strtolower($q);
$k = split(" ", $q);
$num_keywords = count($k);
for ($i=0; $i<$num_keywords; $i++) {
if ($i) {
$search_string .= "OR moviename LIKE '%" . $k[$i] . "%' "; }
else {
$search_string .= "moviename LIKE '%" . $k[$i] . "%' "; }
} end for
$and .= "WHERE ($search_string) ";
} //end if

$querycount = "SELECT * FROM titles $and";

rest of code...
This works ok, but if I type something in like 'The Killer' it fetches everything with the word 'the' as well.

I have put the words into an array that I want to filter out.

$skipwords = array("the", "of", "and"); etc

Can I use that to filter out the words? I`ve been playing around with the in_array() function, but can`t seem to get it to work like I want it to.
Audio Filtering Via PHP, Program
I have been tasked with trying to find a way to complete this
project... I'm not sure if it is possible, but hopefully you guys can
provide some insight...

I need to create a web application that will allow a visitor to record
their voice into an audio file, then apply different filters/effects
to it (like robot, lady, etc.), and send it to a friend. I haven't the
slightest clue where to begin on doing something such as this. I
searched google for a similar functionality, and have come up empty
handed. Has anyone seen anything like this done, or an application
that would do something like this, PHP or otherwise?
Filtering A Db With A Start And End Date
I have a MySQL table with a datetime field. I need to make a PHP script that will take all rows whose datetime field falls within that of a user-specified begin and end time. Anyone have a code snippet to do that?
DVD Id Is Incorrect After Filtering Results
I am making a basic DVD shop and after having produced code which displays a
list of DVDs from my database, I implemented a search facility which enables
the user to search by title, director or actor.

The user can also browse the DVDs by genre. However, when the DVDs are
filtered, the id that is used to select a DVD and add it to the basket is
incorrect as they are output in a sequential manner and so the DVD placed
into the basket will be that matching the id. Here is the loop that outputs
the DVDs (I have a DVDID field as you probably have guessed):

if (mysql_num_rows ($getdvds_query))
{
for ($id = 0; $dvd[] = mysql_fetch_assoc ($getdvds_query); $id++)
{
echo "<tr>
";
echo "<td>{$dvd[$id][title]}</td>
";
echo "<td>{$dvd[$id][duration]}</td>
";
echo "<td>{$dvd[$id][rel]}</td>
";
echo "<td>{$dvd[$id][descr]}</td>
";
echo "<td>{$dvd[$id][genre]}</td>
";
echo "<td>{$dvd[$id][stock]}</td>
";
echo "<td>{$dvd[$id][price]}</td>
";

echo "<td><a href="$PHP_SELF?add=$id">add to basket</a></td>";
echo "</tr>
";
}
}

Here is the code that adds to the basket variable:

if (isset ($_GET['add']))
$_SESSION['trolley'][] = $_GET['add'];
else if ($_GET['op'] === 'clear')
$_SESSION['trolley'] = "";
HTTP Filtering With PHP & Apache ?
I am looking for a full example how I can achieve an http output
filtering with php on an apache 2 server. I found some hints that the
apache server supports to isntall and conifugrate such filters
http://httpd.apache.org/docs/2.0/mo...addoutputfilter
But I didn't found an example which is related to PHP.

I like to achieve for my shop using a template mechanism based on xml &
xsl with PHP. My idea is currently to use an output filter which does
the xsl transformation.
If anybody knows a tutorial or even some applicable frameworks in this
area please post me here the links.
User Input Filtering
I have a comments system. In this comment system, people can enter certain strings, and it will break my page layout. Such as repeated characters with no spaces. It will just blow the table way out of proportion and completely ruin my layout. How can I break their input up if such a thing happens? Also, how can you number an array of data that is being withdrawn from the database DESC? Such as..

Quote1. itemnumber1
2. itemnumber2
3. itemnumber3
4. itemnumber4
Filtering Results With Php Query
This code works, but I don't know how to filter the results to where only one person is displayed..it displays all records with similar address or state or city, I would like to know how to make it display only one person when multiple search fields are entered.

I'm using PHP5, and I have searched the forums but I'm not sure exactly if I found what I'm looking for...I don't know much about php or mysql. Code:
Filtering Message From The Database
i have a page where people can send in MMS pictures and they get uploaded and displayed on my page, they need to type a keyword in the MMS like "sendmms" to make it work. if they also write "sendmms hey look at me" it also works since "sendmms" was at the beginning of the message and "sendmms hey look at me" get's added to the row "message" in my database. the pictures get an ID in the database and saved with the same ID on the server.

so under each picture sent in i wanted to add the comment they added after the "senmms" part.

so in short, how do i make it filter out "sendmms" and only display "hey look at me" ? and if the Page ID is let's say 13 it should display the "messsage" column for the ID in the database that has the same ID as the page ID is.
Filtering User Input...
I want to take text that a user inputs and store it into a variable. That's the easy part.
I have and array of 30 elements that I want to store the inputted text into.

So.. here's an example...
- I want a user to enter text.
- I'll store it into a variable like $inputText.
- I want to split the text from $inputText into 30 equal sections and store each section into an element in the variable.
- I don't care if the words get separated during the filter, as long as the whitespaces stay where they are.

Could anyone give me some tips to help me get started or point me towards a tutorial or something?
Filtering Results By DATE Value In Database
I have this code in my page for displaying some data from a database, sorted by date. i had posted a messed up version of this a while ago but I couldnt get it working even after a few suggestions. PHP Code:
Filtering A Recordset With A Session Variable
I have two forms, the Form1 and the Form2. One of the answers in the Form1 is saved in a session variable SesVar1.

In the Form2 there is a dynamic table build with a recordset. I need to filter the recordset of the Form2 with SesVar1.

I tryied to do this using a variable in the recordset window of dreamweaver, writing #SesVar1# in the run-time value of the variables for the recordset, but it didn't work.

Please HELP me out with this one. How can I filter that recordset using the value of a session variable? or the Form1's answer?
Image File Upload Filtering
I have made a file uploader,

I also made a filter, I can't make a good filter for jpeg files, but i can filter gif, can you advice, thanks

if ($_FILES["file".]["type"] == "image/gif")
bla bla bla
Filtering Selection In Multiple Drop Down Boxes
I want to allow a user to conduct a search on a database using multiple drop down boxes.
On the first page they will have a drop box filled with records from field A. Once they select which one they want, a second drop down box will then appear with records from field B which are present for field A (a filter).

What I want though is that the first dwon down box still appears on the second page, but shows the record that the user selected. What is happening now is that when the second page comes up, the first box shows the default selection rather than the selection that the user chose. My code for the drop down boxes is: PHP Code:
Filtering The Elements Of A Multi-dimensional Array
I would like to be able to filter every element of a multi-dimensional array
using htmlspecialchars() and to retain the structure of the array. I can't
see how to do this when I don't know how many dimensions the array has.
Dynamic Recursive/nested Foreach (part Deux) With Filtering
I originally wanted to figure a method to better implement a nested foreach to calculate all the permutations held within an array. After posting the topic and getting great responses an elegant solution was found. I then increased the difficulty by requesting that we also include a method to "filter" or "skip" certain values during permutation calculation. The original solution finder quickly came back with yet another code snippet listed below which acomplished the request...it was mere childs play it seems for them (sasa). I marked the topic solved as the original question had been solved.

I am creating this new thread as I am once again adding an additional layer of difficulty. The final previous solution is listed first as a reference, followed by the new and more complex problem underneath that one. My attempts to shunt in the functionality have all failed I think due to the recursive nature...any takers? Code:
HTML Email Using PHP Problem (Receive Html Tags)
When I send the html email, the only thing I receive is the tags (the
html codes basically). I want to be able to see the email like a html
page, what is wrong with my code? Here is a copy paste of it.

$HTML = "</html><body><img src='http://www.somewebsite.com/
someimage.jpg'></body></html>";

$headers = "From: $from
";
$headers .= "MIME-Version: 1.0
";
$boundary = uniqid("HTMLDEMO");
// Now we attach the HTML version

$headers .= "--$boundary
".
"Content-Type: text/html; charset=ISO-8859-1
".
"Content-Transfer-Encoding: base64

";

$headers .= chunk_split(base64_encode($HTML));

mail($to,$subject,"",$headers);

print "mail Sent<br>";

The email I receive has this as text:

</html><body><img src='http://www.somewebsite.com/someimage.jpg'></
body></html>
RemoveHandler .html .htm (parse Php In .html Files)
I want to parse php in .html files.

I put this in .htacces file:

RemoveHandler .html .htm
AddType application/x-httpd-php .php .htm .html

Its work, but some of my php aplications have urls:

www.mysite.com/this-is-page

without .html in the end

how to parse that? Which code I must use.
Embed Php Generated Html In Another Html Page
I am trying to include some php generated html in a page that is just a standard html file, NOT a php file. I have seen other html pages do this by including an src to the cgi script in script tags, like this:

<script src="http://someurl.com/somescript.cgi"></script>

the html page loads and the script is executed and the returned html is displayed in the calling page. So, I tried this:

<script src="http://someurl.com/somescript.php"></script>

It doesnt work!!
DOMDocument Thinks "<html></html>" Has Two ChildNodes?
I'm trying to mess around with PHP5's DOM functions and have run into
something that confuses me:

<?php
$dom = new DOMDocument();
$dom->loadHTML('<html></html>');

echo $dom->childNodes->length;
?>

Why is the output 2? Shouldn't it be 1?
$_POST From HTML --> PHP --> HTML
I've read a bunch of threads but I think I'm missing something.

I am using paypal as a payment method for a client.

But I need to do some variable checking before sending the customer to the paypal page.

I want to pass the variables to paypal as post (so the url doen't get crazy).

Is there a way to pass post variables to a PHP page that doesn't ouput anything (expect header redirect), and include those variables so they appear at the page that is redirected to?
HTML With PHP, How I Can Add PHP-code In HTML...
Could you help me. How i can add my PHP script or PHP- code in HTML-file.
PHP In Html Or Outside Html Page?
what's better, php code in html page or outside the page in seperate php file...the thing is i have my sql data in that code and i don't want people to see it, can people open up the php files?
Include An Html File In Another Html File?
Can I include an html file in another html file usign PHP? Something like the way you would inlclude a text file, only have the html elements show up?
.doc To .txt/.html?
Hi everyone,

I'm making a site where people can upload articles, that are then stored in a mySQL db. The problem will come, of course, when people want to upload Word documents. Which they will.

Is there any way in PHP of turning the .doc file into a .txt? Or even better, a html file with any formatting (bold etc) intact?

A problem I have with my current site, on a related note, is that when people cut and paste from a word document into the form field, then submit it to the db, the resulting text is displayed with non-valid ASCII characters, which the w3c validator chokes on. I'm pretty sure there is a function that converts them, but a search of the manual didn't bring it up.

I'd really appreciate any help you can give me...
HTML 2 PHP
I'm trying to convert my site from html to php. Instead off having to write seperate html files I want to insert my files in a kind of template file (index.php).

I know that the include() function can do that so I have links in the form of index.php?file=whatever.php, but i don't want directly link to my files directly but i want to user variables for that. so my url will say index.php?file=variable or something.

Can I set variables in my index.php so he checks for that variable and replaces the $file with that variable? So if my variable is $foo='anypage.php' that my url will say index.php?file=foo instead of the real filename.
Html Into Xml Tag?
do u know how can i put html into and xml tag
Example:

<element><br></element>

i receive error "the page is not well formatted" ...


Html
I have a piece of software that generates surveys in HTML and then
"should" email the data to me. The script that was used by the survey
was pulled from the public domain and I have to come up with another
way of doing it. The following is the HTML generated by the program:

<P1. Do you favor the potential Hernando County ordinance requiring a
"super majority" for approving changes to the Hernando County
Comprehensive Plan?</P><P><DIR>
<INPUT TYPE="RADIO" NAME="SQQ1" VALUE="1">Yes<BR>
<INPUT TYPE="RADIO" NAME="SQQ1" VALUE="2">No<BR>
<INPUT TYPE="RADIO" NAME="SQQ1" VALUE="3">I don't understand the
issue.<BR>
<INPUT TYPE="RADIO" NAME="SQQ1" VALUE="4">I understand but am
undecided.<BR>
</P></DIR>
<P2. How long have you lived in Hernando County?</P><P><DIR>
<INPUT TYPE="CHECKBOX" NAME="SQQ2" VALUE="1 ">Less than 1 year<BR>
<INPUT TYPE="CHECKBOX" NAME="SQQ2" VALUE="2 ">Between 1 and 5 years<BR>
<INPUT TYPE="CHECKBOX" NAME="SQQ2" VALUE="3 ">Between 5 and 10
years<BR>
<INPUT TYPE="CHECKBOX" NAME="SQQ2" VALUE="4 ">Between 10 and 15<BR>
<INPUT TYPE="CHECKBOX" NAME="SQQ2" VALUE="5 ">Between 15 and 20
years<BR>
<INPUT TYPE="CHECKBOX" NAME="SQQ2" VALUE="6 ">More than 20 years<BR>
</P></DIR>
<P3. Do you own a business in Hernando County?</P><P><DIR>
<INPUT TYPE="RADIO" NAME="SQQ3" VALUE="1">Yes<BR>
<INPUT TYPE="RADIO" NAME="SQQ3" VALUE="2">No<BR>

I need to know what the PHP script would be that would take the input
from this HTML and then email it to me. The required format for the
response is:

SQQ1:

1

SQQ2:

4

SQQ3:

2

The format is required for the software to automatically pull the data
into the software for cross-tabs and report generation.

The developer of the sofware isn't a script/PHP person and depended
upon the hosting company that pulled the script from the public domain.

Any help would be appreciated I've spent the better part of the day
working on it but just don't have the PHP skills (yet!). I can get an
email but can't get the script to load the various values of SQQx and
the response value. Something tells me an array is necessary but I
haven't been successful.
HTML & PHP
how do i define a php variable using html?
i want to set an shtml page as a page with links to products - when each
button is pressed it it sets the product_category variable and lists all
entries with this variable - how do i set the html link to set the
variable? wat do i need to set the product_category to?
--PHP To HTML
if that's the case, please just tell me where the best place for
a newbie PHP question would be.

I'm just learning PHP, and I need to know how to pass data from an HTML
input form to become the content of a new HTML page, using PHP.

In other words, I have an HTML page that lists parenting program
information, thus:

PROGRAM 1
Start Date: Aug 5
End Date: Dec 5
Time: Every second Thursday, 11:00am to 1:30pm
Location: X Building
Duration: 12 weeks
Capacity: 10 parents

PROGRAM 2
Start Date: Aug 7
End Date: Oct 14
Time: Wednesdays, 6:00pm to 9:00pm
Location: Y Building
Duration: 10 weeks
Capacity: 15 parents, up to 30 children

There are about 15-20 programs being offered at any given time, and they're
constantly being added, deleted, and changed, so it's too hard to update
them manually myself. What I want to do is:

1) Design an HTML input form on an intranet page that will allow users to
add, change, or edit program data based on the fields listed above. I know
enough HTML to do this.

2) Take that data and pass it to a new HTML file that will be available to
the public, called "Our Program Info", which will list all the program info.

I did try to RTFM to figure out step 2; but the manual is so large, and I'm
so bad at programming in general (the only reason I'm doing this is because
my wife runs the charity organization that this is for), that I couldn't
find the right place to look. If someone could (gently) nudge me in the
right direction,
Php To Html
I made a website which is in php,mysql driven. I want to convert my website into static html pages..
Html To Pdf
I need to know how to convert html to pdf and print the document with
different paper size?
PHP-Yes, HTML-No --- Why?
I have a tiny program:

<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>MyTitle</title>
<meta http-equiv="Content-Type" content="text/html;
charset=iso-8859-1"/>
</head>
<body>

<?php
$host = $_SERVER['HTTP_HOST'];
$server = strtolower($host);

echo 'My variables<bg>'

echo("<br>Host: $host");
echo("<br>Server: $server");

?>
</body>
</html>

I upload it to my webserver as test.html and as test.php. Then I test
them in my webbrowser. The test.html does not work, but the test.php
does.
PHP Using Php Var In Html
What is going wrong?

$mystring= "part1 part2 part3" // remark the spaces!
.....
<td >
<input type="text" name="test" size="50" value=<?echo ($mystring);?>>
</td>
.......
the text field will only show "part1" and not the rest of the string!
Php To Html?
I urgently need to develop a site with around 30-40 pages.

The site must be multilingual. Usually I use a top.php which generates a
lot of my structure. Then for every page I do:

include('top.php');
....page stuff...
include('footer.php');

in this case if I want to add a simple thing in my menu I only change it
in top.php. For the language part I inlcude a lang.php which is like this:

$lang["menuHome"]["en"]="Home";
$lang["menuHome"]["gr"]="Αρχική";

and so on. In my pages I only put print $lang["menuHome"][$l] where $l
is "en" or "gr" (http://.../page.php?l=en)

The site I must develop must be in php for the web but the customer
asked to have it on a CD-ROM, which of course should be simple html.

Is there a tool to convert my site in simple html?

Doc -> HTML
Google has a cool way of showing .doc files in html format. can this be done using PHP.
Html To Doc And Pdf ?
After suffering with asp.net, i finally convinced the company to turn the
application we are using to PHP but my concern is, what is the easiest and best way to convert html that is generated from mysql databse to microsoft word and pdf files? The application will run on a linux server...
Php On Html?
Can I add php code directly to an html document or is it possible to
have an include on an html page the read a php document?
If so how would I do it?
PDF To HTML
I have PDF file which contains images and text formatted. Is there any free function or classes to convert PDF to HTML files? I need the exact form of PDF in HTML format.
Html To Pdf
fpdf, tcpdf(*), html2pdf NOT working correct. tcpdf my modifier part works (not support 100% css embeded)have idea to class php full html tranks...
Copyright 2005-08 www.BigResource.com, All rights reserved