Error Submitting Form

JayC

Well-Known Member
Aug 8, 2013
5,505
1,401
I need it to submit to a form


<select id="choose">
<option selected="selected">Choose Image</option>
<option data-image=" "> Image One </option>
<option data-image=" "> Image Two </option>
<option data-image=" "> Image Three </option>
</select><br />

thats the select, but for the form to acknowledge it, it needs to be name=choose but if I turn it to name javascript doesn't function correctly..
<script type="text/javascript" src=" "></script>
<script type='text/javascript'>
$(window).load(function(){
$('#choose').change(function(){
var image = $("#choose option:selected").data('image');
$('#selected').attr("src", image);
});
});
</script>

if(isset($_POST['Groups']))
{
$rid = filter($_POST['room_id']);
$name = filter($_POST['name']);
$desc = filter($_POST['desc']);
$Priv = filter($_POST['priv']);
$Stat = filter($_POST['stat']);
$badge = filter($_POST['choose']);

Then I need to get just the ending.. so like it sends I need just ES079
 

JayC

Well-Known Member
Aug 8, 2013
5,505
1,401
Alright heres the whole thing divided up:
JavaScript
Code:
    <script type="text/javascript" src="http://code.jquery.com/jquery-git.js"></script>
    <script type='text/javascript'>
      $(window).load(function(){
        $('#choose').change(function(){
          var image = $("#choose option:selected").data('image');
          $('#selected').attr("src", image);
        });
      });
    </script>
Form
Code:
<form name="form" action="" method="post">
    <span title="Pick Your Room">Room ID: </span><br />
    <select name="room_id">
    <?php
    $getRoomInfo = mysql_query('SELECT id,caption FROM rooms WHERE id AND owner = "'.USER_NAME.'"');
while($roomInfo = mysql_fetch_array($getRoomInfo))
{
  echo '<option value="'.clean($roomInfo['id']).'">'.$roomInfo['id'].' - '.clean($roomInfo['caption']).'<br /></option>';
}
?>
    </select><br /><br />
    <select id="choose">
      <option selected="selected">Choose Image</option>
      <option data-image="http://aeon-hotel.net/r63/c_images/groups/POKE1.gif"> Image One </option>
      <option data-image="http://aeon-hotel.net/r63/c_images/groups/ES079.gif"> Image Two </option>
      <option data-image="http://aeon-hotel.net/r63/c_images/groups/ES078.gif"> Image Three </option>
    </select><br />
    <img id="selected" src="http://placehold.it/50x50/aaaaaa" /><br>

   
    <span title="Name">Group name: </span><br />
    <input type="text" name="name" /><br /><br />
   
    <span title="Desc">Group Description: </span><br />
    <textarea name="desc" rows="4" cols="40"></textarea><br /><br />
   
    <span title="Priv">Group Privacy: </span><br />
        <select name="priv">
  <option value="open">Open</option>
  <option value="blocked">Blocked</option>
</select><br /><br />

    <span title="Stat">Group Status: </span><br />
    <select name="stat">
  <option value="open">Open</option>
  <option value="locked">Locked</option>
  <option value="closed">Closed</option>
</select><br /><br />
   
    <input type="submit" name="Groups" value="Create" class="submit">
</form>
PHP
Code:
<?php


if(isset($_POST['Groups']))
{
  $rid = filter($_POST['room_id']);
  $name = filter($_POST['name']);
  $desc = filter($_POST['desc']);
  $Priv = filter($_POST['priv']);
  $Stat = filter($_POST['stat']);
  $badge = filter($_POST['choose']);
 
  $hope = dbquery("SELECT * FROM rooms WHERE id='".$rid."'");
  $room = dbquery("SELECT * FROM groups WHERE roomid='".$rid."'");
  $room2 = mysql_fetch_assoc($room);
  $hope2 = mysql_fetch_assoc($hope);
 
  if(mysql_num_rows($room) > 1)
  {
   echo '<center><div class="rounded rounded-red"><strong>Room already has a group</strong></div></center>';
  }elseif(strstr($desc, "<") || strstr($desc, ">") || strstr($desc, "?") || strstr($desc, "&") || strstr($desc, "#") || strstr($desc, "@") || strstr($desc, "*") || strstr($desc, "%")) {
  echo '<center><div class="rounded rounded-red"><strong>Why are you trying to exploit?</strong></div></center>';
  }elseif(strstr($name, "<") || strstr($name, ">") || strstr($name, "?") || strstr($name, "&") || strstr($name, "#") || strstr($name, "@") || strstr($name, "*") || strstr($name, "%")) {
  echo '<center><div class="rounded rounded-red"><strong>Why are you trying to exploit?</strong></div></center>';
  }elseif(is_numeric($name))
  {
   echo '<center><div class="rounded rounded-red"><strong>No numbers in the group name please</strong></div></center>';
  }elseif($hope2['owner'] != $users->Id2name(USER_ID))
  {
   echo '<center><div class="rounded rounded-red"><strong>That room doesn\'t belong to you.</strong></div></center>';
  }elseif(strlen($name) < 1 || strlen($name) > 12)
  {
   echo '<center><div class="rounded rounded-red"><strong>The Group Name must be between 1 - 12 characters.</strong></div></center>';
  }elseif(strlen($desc) > 120)
  {
   echo '<center><div class="rounded rounded-red"><strong>The Group Desc must be less than 120 characters.</strong></div></center>';
  }elseif($Priv != "open" && $Priv != "blocked")
  {
   echo '<center><div class="rounded rounded-red"><strong>Privacy Invalid Response</strong></div></center>';
  }elseif($Stat != "open" && $Stat != "closed" && $Stat != "locked")
  {
   echo '<center><div class="rounded rounded-red"><strong>Status Invalid Response</strong></div></center>';
  }else
  {
   dbquery("INSERT INTO groups (name,desc,badge,owner_id,created,roomid,locked,privacy) VALUES ('".$name."','".$desc."','".$badge."','".USER_ID."','" . date('j F Y h:i') . "','".$rid."','".$Priv."','".$Stat."')");
   echo '<center><div class="rounded rounded-green"><strong>Your bot has been added, unload your room and bam your bot is there! :)</strong></div></center>';
  }
}
?>
 

JayC

Well-Known Member
Aug 8, 2013
5,505
1,401
I have a new problem now...

It says my query is wrong:
dbquery("INSERT INTO groups (name,desc,badge,ownerid,created,roomid,locked,privacy) VALUES ('".$name."','".$desc."','".$badge."','".USER_ID."','".$x."','".$rid."','".$Priv."','".$Stat."')"); 
 

Users who are viewing this thread

Top