Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function clean_string($db_server = null, $string){
- $string = trim($string);
- $string = utf8_decode($string);
- $string = str_replace("#", "#", $string);
- $string = str_replace("%", "%", $string);
- if (mysqli_real_escape_string($db_server, $string)) {
- $string = mysqli_real_escape_string($db_server, $string);
- }
- if (get_magic_quotes_gpc()) {
- $string = stripslashes($string);
- }
- return htmlentities($string);
- }
- $db_hostname = 'localhost';
- $db_database = 'll15l7b_Football'; //replace with your db name
- $db_username = 'll15l7b_LiamB123'; //replace with the db username that you created
- $db_password = 'CPanel123'; //replace with the db password that you created;
- $db_status = 'not initialised';
- $output = '';
- $str_options = '';
- $db_server = mysqli_connect($db_hostname, $db_username, $db_password);
- $db_status = "connected";
- if (!$db_server){
- die("Unable to connect to MySQL: " . mysqli_connect_error());
- $db_status = "not connected";
- }else{
- $output = '';
- mysqli_select_db($db_server, $db_database);
- if(isset($_POST['submit'])){ // checks if submit button of form was clicked
- if(trim($_POST['submit']) == "Submit"){ // set to value of your submit
- }
- $query = "SELECT * FROM CostOfFootball"; //Filter query with WHERE clause!
- $result = mysqli_query($db_server, $query);
- if (!$result) die("Database access failed: " . mysqli_error($db_server));
- while($row = mysqli_fetch_array($result)){
- $str_options .= "<option value='" . $row['Club'] . "'>";
- $str_options .= $row['Club'];
- $str_options .= "</Club>";
- }
- mysqli_free_result($result);
- mysqli_free_result($result);
- if($_POST['submit'] == "submit"){
- $captcha = $_POST['g-recaptcha-response'];
- $url = 'https://www.google.com/recaptcha/api/siteverify';
- $secretkey = "6Le4CAETAAAAAGQftFiDise1KTxFd6qTsowFR-TL";
- $response = file_get_contents($url."?secret=".
- $secretkey."&response=".$captcha);
- $data = json_decode($response);
- $message = "";
- if (isset($data->success) AND $data->success==true) {
- // e.g. Validate the data
- $output = '';
- $unsafe_firstname = $_POST['firstname'];
- $unsafe_lastname = $_POST['lastname'];
- $unsafe_club = $_POST['Club'];
- $unsafe_name = $unsafe_firstname . " " . $unsafe_lastname;
- $safe_name = clean_string($db_server, $unsafe_name);
- $message .= "Thanks for your input $safe_name!";
- $output = "You chose:" . clean_string($db_server,
- $_POST["Club"]) . "</p>";
- $Club = clean_string($db_server, $_POST['dropdown']);
- // create the SQL query
- $query = "SELECT Club, SeasonTicketCheapest FROM CostOfFootball
- WHERE ID=$Club";
- $result = mysqli_query ($db_server, $query);
- if (!$result) die("Data lookup failed". mysqli_error($db_server));
- // if there are any rows, print out the contents
- if ($row = mysqli_fetch_array($result)) {
- $output = " The cheapest season ticket for " . $row['Club'] . " is £" . $row['SeasonTicketCheapest'];
- }else{
- $output = 'The club requested was not found in the database';
- }
- }
- }else {
- // What happens when the CAPTCHA was entered incorrectly
- $message = "The reCAPTCHA failed. (<em>error message</em>: " .
- $data->{'error-codes'}[0] . ")";
- }
- }
- }
- mysqli_close($db_server);
- ?>
- <html>
- <head>
- <title>Captcha Form</title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <script src="https://www.google.com/recaptcha/api.js" async defer></script>
- </head>
- <body> <!-- the body tag is required or the CAPTCHA may not show on some browsers -->
- <?php
- echo $message;
- echo $output;
- ?>
- <p>
- <strong>
- Please enter your details:
- </strong>
- </p>
- <!-- your HTML content -->
- <form method="post" action="captcha-form.php">
- First Name:<input type="text" name="firstname" /> <br>
- Last Name:<input type="text" name="lastname" /> <br>
- Find out the cheapest tickets for
- <select name="dropdown">
- <?php echo $str_options; ?>
- </select>
- <div class="g-recaptcha"
- data-sitekey="6Le4CAETAAAAAJ58ZxBrDGRawcYuHhjxIXJoZ45g"></div>
- <input type="submit" name="submit" value="submit" />
- </form>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement