Test

1. <?php
2.  
3. function clean_string($db_server = null, $string){
4. $string = trim($string);
5. $string = utf8_decode($string);
6. $string = str_replace("#", "&#35", $string);
7. $string = str_replace("%", "&#37", $string);
8. if (mysqli_real_escape_string($db_server, $string)) {
9. $string = mysqli_real_escape_string($db_server, $string);
10. }
11. if (get_magic_quotes_gpc()) {
12. $string = stripslashes($string);
13. }
14. return htmlentities($string);
15. }
16.  
17. $db_hostname = 'localhost';
18. $db_database = 'll15l7b_Football'; //replace with your db name
19. $db_username = 'll15l7b_LiamB123'; //replace with the db username that you created
20. $db_password = 'CPanel123'; //replace with the db password that you created;
21. $db_status = 'not initialised';
22. $output = '';
23. $str_options = '';
24. $db_server = mysqli_connect($db_hostname, $db_username, $db_password);
25. $db_status = "connected";
26.  
27. if (!$db_server){
28. die("Unable to connect to MySQL: " . mysqli_connect_error());
29. $db_status = "not connected";
30. }else{
31. $output = '';
32. mysqli_select_db($db_server, $db_database);
33.  
34. if(isset($_POST['submit'])){ // checks if submit button of form was clicked
35. if(trim($_POST['submit']) == "Submit"){ // set to value of your submit
36. }
37. $query = "SELECT * FROM CostOfFootball"; //Filter query with WHERE clause!
38. $result = mysqli_query($db_server, $query);
39.  
40. if (!$result) die("Database access failed: " . mysqli_error($db_server));
41.  
42. while($row = mysqli_fetch_array($result)){
43. $str_options .= "<option value='" . $row['Club'] . "'>";
44. $str_options .= $row['Club'];
45. $str_options .= "</Club>";
46. }
47. mysqli_free_result($result);
48.  
49. mysqli_free_result($result);
50.  
51. if($_POST['submit'] == "submit"){
52.  
53. $captcha = $_POST['g-recaptcha-response'];
54. $url = 'https://www.google.com/recaptcha/api/siteverify';
55. $secretkey = "6Le4CAETAAAAAGQftFiDise1KTxFd6qTsowFR-TL";
56. $response = file_get_contents($url."?secret=".
57. $secretkey."&response=".$captcha);
58. $data = json_decode($response);
59. $message = "";
60. if (isset($data->success) AND $data->success==true) {
61.  
62. // e.g. Validate the data
63. $output = '';
64. $unsafe_firstname = $_POST['firstname'];
65. $unsafe_lastname = $_POST['lastname'];
66. $unsafe_club = $_POST['Club'];
67. $unsafe_name = $unsafe_firstname . " " . $unsafe_lastname;
68. $safe_name = clean_string($db_server, $unsafe_name);
69. $message .= "Thanks for your input $safe_name!";
70. $output = "You chose:" . clean_string($db_server,
71. $_POST["Club"]) . "</p>";
72.  
73. $Club = clean_string($db_server, $_POST['dropdown']);
74. // create the SQL query
75. $query = "SELECT Club, SeasonTicketCheapest FROM CostOfFootball
76. WHERE ID=$Club";
77. $result = mysqli_query ($db_server, $query);
78. if (!$result) die("Data lookup failed". mysqli_error($db_server));
79. // if there are any rows, print out the contents
80. if ($row = mysqli_fetch_array($result)) {
81. $output = " The cheapest season ticket for " . $row['Club'] . " is &pound;" . $row['SeasonTicketCheapest'];
82. }else{
83. $output = 'The club requested was not found in the database';
84. }
85.  
86. }
87. }else {
88.  
89. // What happens when the CAPTCHA was entered incorrectly
90. $message = "The reCAPTCHA failed. (<em>error message</em>: " .
91. $data->{'error-codes'}[0] . ")";
92. }
93. }
94. }
95. mysqli_close($db_server);
96. ?>
97.  
98.  
99. <html>
100. <head>
101. <title>Captcha Form</title>
102. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
103. <script src="https://www.google.com/recaptcha/api.js" async defer></script>
104. </head>
105. <body> <!-- the body tag is required or the CAPTCHA may not show on some browsers -->
106.  
107. <?php
108. echo $message;
109. echo $output;
110. ?>
111.  
112. <p>
113. <strong>
114. Please enter your details:
115. </strong>
116. </p>
117.  
118. <!-- your HTML content -->
119. <form method="post" action="captcha-form.php">
120. First Name:<input type="text" name="firstname" /> <br>
121. Last Name:<input type="text" name="lastname" /> <br>
122. Find out the cheapest tickets for
123. <select name="dropdown">
124. <?php echo $str_options; ?>
125. </select>
126. <div class="g-recaptcha"
127. data-sitekey="6Le4CAETAAAAAJ58ZxBrDGRawcYuHhjxIXJoZ45g"></div>
128. <input type="submit" name="submit" value="submit" />
129. </form>
130.  
131. </body>
132. </html>