· 8 years ago · Nov 12, 2017, 08:34 PM
1<?php
2
3function clean_string($db_server = null, $string){
4 $string = trim($string);
5 $string = utf8_decode($string);
6 $string = str_replace("#", "#", $string);
7 $string = str_replace("%", "%", $string);
8 if (mysqli_real_escape_string($db_server, $string)) {
9 $string = mysqli_real_escape_string($db_server, $string);
10 }
11 if (get_magic_quotes_gpc()) {
12 $string = stripslashes($string);
13 }
14 return htmlentities($string);
15}
16
17$db_hostname = 'localhost';
18$db_database = 'll15l7b_Football'; //replace with your db name
19$db_username = 'll15l7b_LiamB123'; //replace with the db username that you created
20$db_password = 'CPanel123'; //replace with the db password that you created;
21$db_status = 'not initialised';
22$output = '';
23$str_options = '';
24$db_server = mysqli_connect($db_hostname, $db_username, $db_password);
25$db_status = "connected";
26
27if (!$db_server){
28 die("Unable to connect to MySQL: " . mysqli_connect_error());
29 $db_status = "not connected";
30}else{
31 $output = '';
32 mysqli_select_db($db_server, $db_database);
33
34 if(isset($_POST['submit'])){ // checks if submit button of form was clicked
35 if(trim($_POST['submit']) == "Submit"){ // set to value of your submit
36 }
37 $query = "SELECT * FROM CostOfFootball"; //Filter query with WHERE clause!
38 $result = mysqli_query($db_server, $query);
39
40 if (!$result) die("Database access failed: " . mysqli_error($db_server));
41
42 while($row = mysqli_fetch_array($result)){
43 $str_options .= "<option value='" . $row['Club'] . "'>";
44 $str_options .= $row['Club'];
45 $str_options .= "</Club>";
46 }
47 mysqli_free_result($result);
48
49 mysqli_free_result($result);
50
51 if($_POST['submit'] == "submit"){
52
53 $captcha = $_POST['g-recaptcha-response'];
54 $url = 'https://www.google.com/recaptcha/api/siteverify';
55 $secretkey = "6Le4CAETAAAAAGQftFiDise1KTxFd6qTsowFR-TL";
56 $response = file_get_contents($url."?secret=".
57 $secretkey."&response=".$captcha);
58 $data = json_decode($response);
59 $message = "";
60 if (isset($data->success) AND $data->success==true) {
61
62 // e.g. Validate the data
63 $output = '';
64 $unsafe_firstname = $_POST['firstname'];
65 $unsafe_lastname = $_POST['lastname'];
66 $unsafe_club = $_POST['Club'];
67 $unsafe_name = $unsafe_firstname . " " . $unsafe_lastname;
68 $safe_name = clean_string($db_server, $unsafe_name);
69 $message .= "Thanks for your input $safe_name!";
70 $output = "You chose:" . clean_string($db_server,
71 $_POST["Club"]) . "</p>";
72
73 $Club = clean_string($db_server, $_POST['dropdown']);
74 // create the SQL query
75 $query = "SELECT Club, SeasonTicketCheapest FROM CostOfFootball
76 WHERE ID=$Club";
77 $result = mysqli_query ($db_server, $query);
78 if (!$result) die("Data lookup failed". mysqli_error($db_server));
79 // if there are any rows, print out the contents
80 if ($row = mysqli_fetch_array($result)) {
81 $output = " The cheapest season ticket for " . $row['Club'] . " is £" . $row['SeasonTicketCheapest'];
82 }else{
83 $output = 'The club requested was not found in the database';
84 }
85
86 }
87 }else {
88
89 // What happens when the CAPTCHA was entered incorrectly
90 $message = "The reCAPTCHA failed. (<em>error message</em>: " .
91 $data->{'error-codes'}[0] . ")";
92 }
93 }
94 }
95mysqli_close($db_server);
96?>
97
98
99<html>
100 <head>
101 <title>Captcha Form</title>
102 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
103 <script src="https://www.google.com/recaptcha/api.js" async defer></script>
104 </head>
105 <body> <!-- the body tag is required or the CAPTCHA may not show on some browsers -->
106
107 <?php
108 echo $message;
109 echo $output;
110 ?>
111
112 <p>
113 <strong>
114 Please enter your details:
115 </strong>
116 </p>
117
118 <!-- your HTML content -->
119 <form method="post" action="captcha-form.php">
120 First Name:<input type="text" name="firstname" /> <br>
121 Last Name:<input type="text" name="lastname" /> <br>
122 Find out the cheapest tickets for
123 <select name="dropdown">
124 <?php echo $str_options; ?>
125 </select>
126 <div class="g-recaptcha"
127 data-sitekey="6Le4CAETAAAAAJ58ZxBrDGRawcYuHhjxIXJoZ45g"></div>
128 <input type="submit" name="submit" value="submit" />
129 </form>
130
131 </body>
132</html>