The "Freeola Customer Forum" forum, which includes Retro Game Reviews, has been archived and is now read-only. You cannot post here or create a new thread or review on this forum.
I'd like to write a bit of code that will create a scrolling message which changes depending on the date.
So I need to:
Get the current date
Find out if there is a specific message for that date (or between 2 dates) such as "Happy Christmas"
If not, display the default message, such as "Welcome to this site".
Is that possible?
I also need to find the easiest way to include a big box of formatted text that can be altered by anyone who has a password. This is for a weekly newsletter which is in word format that needs to be pasted on to a website every week.
So I need to:
Get the current date
Find out if there is a specific message for that date (or between 2 dates) such as "Happy Christmas"
If not, display the default message, such as "Welcome to this site".
Is that possible?
I also need to find the easiest way to include a big box of formatted text that can be altered by anyone who has a password. This is for a weekly newsletter which is in word format that needs to be pasted on to a website every week.
Page:
hmmm, intersting...
i`m starting to think the best option would just be to make a long html page with most of it commented out that gives the owner instructions on where to paste the name and feedback they want to appear. that will allow for proof reading, etc.
it`s a bit more involved than they`d probably like to get, but safetly is more important i think. the only reason i`m trying to make is so easy is that i can`t guarantee i`ll still be living here as and when they need more stuff doing and i don`t want to leave them with a site that they can`t do anything with unless i do so.
thanks for the suggestions everyone!
i`m starting to think the best option would just be to make a long html page with most of it commented out that gives the owner instructions on where to paste the name and feedback they want to appear. that will allow for proof reading, etc.
it`s a bit more involved than they`d probably like to get, but safetly is more important i think. the only reason i`m trying to make is so easy is that i can`t guarantee i`ll still be living here as and when they need more stuff doing and i don`t want to leave them with a site that they can`t do anything with unless i do so.
thanks for the suggestions everyone!
As Hmmm... has said you're better off removing the public contact form from the process, its easier to secure things and less hassle in long run. Even ignoring spammers, its a huge leap to think people submitting "positive feedback" are going to manage to be able to spell and/or string 2 words together in a legible sentence.
Security wise, make sure you validate all input. Strip out all tags, convert special characters to html entities. In the case of form to mail, you can also check all your fields for strings like to: cc: bcc: content-type: Content-Transfer-Encoding: and so on. You could also throw in a few common spam words into that list like porn, viagra etc.
Security wise, make sure you validate all input. Strip out all tags, convert special characters to html entities. In the case of form to mail, you can also check all your fields for strings like to: cc: bcc: content-type: Content-Transfer-Encoding: and so on. You could also throw in a few common spam words into that list like porn, viagra etc.
I'm not sure allowing comments to 'go live' on a site (guess it does depend on what the site is) is a good idea - I'm afraid even if you are using captcha type code you will always end up with some daft ****** turning up eventually, and I don't think your script allows comments to be easily removed, so that could be embarrassing!
How about you let people submit the feedback which comes in as normal formmail and then someone chooses which comments to use before manually running your script to add them to the marquee.
Your form/script could be protected using .htaccess to make it secure - so the 'admin' person would log in to update things.
Not so instant, but might work out better in the long run...
Search Freeola Chat
How about you let people submit the feedback which comes in as normal formmail and then someone chooses which comments to use before manually running your script to add them to the marquee.
Your form/script could be protected using .htaccess to make it secure - so the 'admin' person would log in to update things.
Not so instant, but might work out better in the long run...
Search Freeola Chat
ah curses!
ok, how do i go about securing the form then? any tips?
would something as simple as having an "are you sure?" alert on submission help?
or perhaps one of those "enter the same code as this one" boxes? or is that still vulnerable because even though the combination would be random, it`ll still be held in a variable.
can i disable html from being allowed?
ok, how do i go about securing the form then? any tips?
would something as simple as having an "are you sure?" alert on submission help?
or perhaps one of those "enter the same code as this one" boxes? or is that still vulnerable because even though the combination would be random, it`ll still be held in a variable.
can i disable html from being allowed?
Most sites get picked up by bots trawling through domain records and ip addresses looking for exploitable forms. What they are looking for is access to server and ability to send spam or install dubious code on your site. The business size or site traffic is totally irrelevant really.
So you're probably better sorting any security vulnerabilities now rather than having to explain to your client why his marquee is advertising porn or his/her domain has been blacklisted etc..
So you're probably better sorting any security vulnerabilities now rather than having to explain to your client why his marquee is advertising porn or his/her domain has been blacklisted etc..
right, i`ve got this working in the following way:
i`ve got an html "leave feedback" form that the customer fills in, they select whether their feedback is positive, negative or neutral feedback. leaving any kind of feedback will send an email containing said feedback to the owner of the business, but if it`s POSITIVE feedback then it gets added to an "open" html file (as in, there are no closing
i`ve got an html "leave feedback" form that the customer fills in, they select whether their feedback is positive, negative or neutral feedback. leaving any kind of feedback will send an email containing said feedback to the owner of the business, but if it`s POSITIVE feedback then it gets added to an "open" html file (as in, there are no closing