?> <!-- ====================================== --> <!-- The line below is a class that I created to mimic the action of the 'blockquote' tag in HTML, which is now deprecated. --> <div class="blockquote"> <?php // FUNCTION CALLS // -- CHECK EACH FIELD FOR MISSING DATA check_submitted("name", "text", $missing_count); check_submitted("email", "text", $missing_count); check_submitted("comment", "textarea", $missing_count); check_submitted("mail", "checkbox", $missing_count); // 4a. Enter your function call for count_errors below this comment. There should be only one line of code. count_errors($missing_count); // Below this point is your our old code for checking for missing data. // Notice that you had more code, and it did less -- it didn't track how many fields were missing. // Once you create the functions and call them, please delete the $counter line and the 'if' blocks in this section. // -- SANITIZE FIELDS (REMOVE DANGEROUS CHARACTERS) -- text boxes and textarea only sanitize("name", "text", $_POST["name"]); sanitize("email", "text", $_POST["email"]); sanitize("comment", "textarea", $_POST["comment"]); // Below this point is your our old code for checking for sanitizing the data. // Notice that you had a lot more code, and it did less -- we didn't escape quote marks in the previous version. // Once you create the functions and call them, please delete the old code in this section. // -- DISPLAY OUTPUT echo "<h3><i>You submitted the following information:</i></h3>"; echo "<div id='formData'>"; display_data("name", "text", $_POST["name"]); display_data("email", "text", $_POST["email"]);
function show_error($error, $extra = NULL) { // show error-message $msg = $error; if ($extra != NULL) { $msg .= " - " . $extra; } add_error($msg); if (empty($_GET['error'])) { session_write_close(); mosRedirect(make_link("show_error", $GLOBALS["dir"]) . '&error=1&extra=' . urlencode($extra)); } else { show_header($GLOBALS["error_msg"]["error"]); $errors = count_errors(); $messages = count_messages(); echo '<div class="quote">'; if ($errors) { echo '<a href="#errors">' . $errors . ' ' . $GLOBALS["error_msg"]["error"] . '</a><br />'; } if ($messages) { echo '<a href="#messages">' . $messages . ' ' . $GLOBALS["error_msg"]["message"] . '</a><br />'; } echo "</div>\n"; if (!empty($_SESSION['jx_message'])) { echo "<a href=\"" . str_replace('&dir=', '&ignore=', make_link("list", '')) . "\">[ " . $GLOBALS["error_msg"]["back"] . " ]</a>"; echo "<div class=\"jx_message\"><a name=\"messages\"></a>\n\t\t\t\t\t<h3>" . $GLOBALS["error_msg"]["message"] . ":</strong>" . "</h3>\n"; foreach ($_SESSION['jx_message'] as $msgtype) { foreach ($msgtype as $message) { echo $message . "\n<br/>"; } echo '<br /><hr /><br />'; } empty_messages(); if (!empty($_REQUEST['extra'])) { echo " - " . htmlspecialchars(urldecode($_REQUEST['extra']), ENT_QUOTES); } echo "</div>\n"; } if (!empty($_SESSION['jx_error'])) { echo "<div class=\"jx_error\"><a name=\"errors\"></a>\n\t\t\t\t<h3>" . $GLOBALS["error_msg"]["error"] . ":</strong>" . "</h3>\n"; foreach ($_SESSION['jx_error'] as $errortype) { foreach ($errortype as $error) { echo $error . "\n<br/>"; } echo '<br /><hr /><br />'; } empty_errors(); } echo "<a href=\"" . str_replace('&dir=', '&ignore=', make_link("list", '')) . "\">" . $GLOBALS["error_msg"]["back"] . "</a>"; if (!empty($_REQUEST['extra'])) { echo " - " . htmlspecialchars(urldecode($_REQUEST['extra']), ENT_QUOTES); } echo "</div>\n"; defined('JXPLORER_NOEXEC') or define('JXPLORER_NOEXEC', 1); } }