I would like the content to be in UTF-8 since it contains Japanese and French characters. Is it possible ? For the moment only the French entries are OK in the DB, Japanese entries are not recognized...
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm not sure what you need. I have never had to even think about it. I do know that the form does not specify a character set so you coud add this information to the form1,html file. The admin index page does specify so you could change that file.
If you could give me more detail I could try to help you with this issue.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The form (http://www.quebec-japon.com/usinephp/use/Ajoutdesvisiteurs/form1.html) sends me a proposition to insert new words in my Japanese-French dictionary. The visitor insert the Japanese word (kanji field), it's phonetic expression (kana), the French translation (Français) and finally some commments (Commentaire). When the visitor clicks on Envoyer (Send), two things happen:
1. The data are sent to me by email.
2. The data are inserted in a mysql table.
I need both to be in UT8.
Alain
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
You might also try adding this
accept-charset='*'
to the form tag in the form1.html
replace
<form enctype='multipart/form-data' action='process.php' method='post'>
with
<form enctype='multipart/form-data' action='process.php' method='post' accept-charset='*'>
I have never tried this nor have I the resources to try this so you will have to work with me on this one.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Thank you !!! I tried the second suggestion cause it seemed quite simple... and it works ! :D
----
I'm a bit worried about the security of what I did above (writing the URL to my form)... I read a previous post on security matters but I'm not sure to understand. I locked my admin folder, but is there any danger that someone can find my login and password for the mysql database? The database is not very important (since I receive everything by email too) but I wonder as for the rest of my site...
Alain
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Precision : My security concern comes from the fact that my form is for visitors who want to suggest new words for the dictionary. I trying to understand how I can make it safe but... open to visitors. ???
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm not sure I understand your security concern. There are lots of ways to make your form more secure but if all you do is take suggestions from your visitors, what are you trying to protect?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
A coupl eof comments:
First
The mods you made included "accept-charset='*'>'"
the >' characters do not belong.
Standard form tag is <form>, options are added after the word form and before the ending >. Inserting an extra > or misplaced ' will cause problems. Your form tag should look like this
<form enctype='multipart/form-data' action='process.php' method='post' accept-charset='*'>
You need to clean up the extra stuff within the form tag and just after it "action='process.php' method='post'>".
If this post looks wierd or has "<" stuff in it, send me an email and I'll send this back in an email where it won't get translated for the forum.
Second
Security of the default phpFormGen is not the best but does prevent the average user from getting to far. There should be nothing wrong with your form1.html file (no worries here). the process.php file is in the same folder as the form, so if someone looks for it they can get at it. By default your mysql access names and passwords are in this file. To better secure this file you will need to replace the hard coded names and passwords with variable names. The variable names should be stored in the config.inc.php file located in the admin folder. The process.php file also has to have the include statement added for this config file. Once this is setup and working then you can password protect the admin folder. The form will still work and the names and passwords will become much more difficult to access or viewed by anyone attempting to hack your mysql data.
Just my opinion:
There is allot of unwarranted paranoia about internet security. Unless you really have some good data (money to be had, government secrets, etc...) why would anyone want to hack your site??
Unless you are storing personal data from your visitors, you really should not be too concerned about security.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
2. You say: To better secure this file you will need to replace the hard coded names and passwords with variable names. The variable names should be stored in the config.inc.php file located in the admin folder. The process.php file also has to have the include statement added for this config file.
I know nothing about php. Can you tell me where I can find a good explanation/procedure for that? It sounds like Chinese and I speak only Japanese ;-) .
I don't have really important stuff on my site, but still there's a forum with about 80 translators (there's many months of work/exchange in that forum), so I don't want it to be hacked.
Alain
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I could do them for you easier than trying to explain it to you. Send me an email and we can trade personal email accounts. You could then send me your project and would make the changes and send it back to you.
Otherwise let me know and I'll try to take you through it step by step.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I would like the content to be in UTF-8 since it contains Japanese and French characters. Is it possible ? For the moment only the French entries are OK in the DB, Japanese entries are not recognized...
I'm not sure what you need. I have never had to even think about it. I do know that the form does not specify a character set so you coud add this information to the form1,html file. The admin index page does specify so you could change that file.
If you could give me more detail I could try to help you with this issue.
Ok, I will try to explain what I need.
The form (http://www.quebec-japon.com/usinephp/use/Ajoutdesvisiteurs/form1.html) sends me a proposition to insert new words in my Japanese-French dictionary. The visitor insert the Japanese word (kanji field), it's phonetic expression (kana), the French translation (Français) and finally some commments (Commentaire). When the visitor clicks on Envoyer (Send), two things happen:
1. The data are sent to me by email.
2. The data are inserted in a mysql table.
I need both to be in UT8.
Alain
Oups, the third field is Traduction (translation), not Francais.
The form1.html is created with standard HTML header and trailer. Try puting the form1.html file into the body section of the following html.
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Form1</title>
</head>
<body>
</body>
</html>
You might also try adding this
accept-charset='*'
to the form tag in the form1.html
replace
<form enctype='multipart/form-data' action='process.php' method='post'>
with
<form enctype='multipart/form-data' action='process.php' method='post' accept-charset='*'>
I have never tried this nor have I the resources to try this so you will have to work with me on this one.
Thank you !!! I tried the second suggestion cause it seemed quite simple... and it works ! :D
----
I'm a bit worried about the security of what I did above (writing the URL to my form)... I read a previous post on security matters but I'm not sure to understand. I locked my admin folder, but is there any danger that someone can find my login and password for the mysql database? The database is not very important (since I receive everything by email too) but I wonder as for the rest of my site...
Alain
Precision : My security concern comes from the fact that my form is for visitors who want to suggest new words for the dictionary. I trying to understand how I can make it safe but... open to visitors. ???
I'm not sure I understand your security concern. There are lots of ways to make your form more secure but if all you do is take suggestions from your visitors, what are you trying to protect?
A coupl eof comments:
First
The mods you made included "accept-charset='*'>'"
the >' characters do not belong.
Standard form tag is <form>, options are added after the word form and before the ending >. Inserting an extra > or misplaced ' will cause problems. Your form tag should look like this
<form enctype='multipart/form-data' action='process.php' method='post' accept-charset='*'>
You need to clean up the extra stuff within the form tag and just after it "action='process.php' method='post'>".
If this post looks wierd or has "<" stuff in it, send me an email and I'll send this back in an email where it won't get translated for the forum.
Second
Security of the default phpFormGen is not the best but does prevent the average user from getting to far. There should be nothing wrong with your form1.html file (no worries here). the process.php file is in the same folder as the form, so if someone looks for it they can get at it. By default your mysql access names and passwords are in this file. To better secure this file you will need to replace the hard coded names and passwords with variable names. The variable names should be stored in the config.inc.php file located in the admin folder. The process.php file also has to have the include statement added for this config file. Once this is setup and working then you can password protect the admin folder. The form will still work and the names and passwords will become much more difficult to access or viewed by anyone attempting to hack your mysql data.
Just my opinion:
There is allot of unwarranted paranoia about internet security. Unless you really have some good data (money to be had, government secrets, etc...) why would anyone want to hack your site??
Unless you are storing personal data from your visitors, you really should not be too concerned about security.
1. Thank you, I made the correction.
2. You say: To better secure this file you will need to replace the hard coded names and passwords with variable names. The variable names should be stored in the config.inc.php file located in the admin folder. The process.php file also has to have the include statement added for this config file.
I know nothing about php. Can you tell me where I can find a good explanation/procedure for that? It sounds like Chinese and I speak only Japanese ;-) .
I don't have really important stuff on my site, but still there's a forum with about 80 translators (there's many months of work/exchange in that forum), so I don't want it to be hacked.
Alain
I could do them for you easier than trying to explain it to you. Send me an email and we can trade personal email accounts. You could then send me your project and would make the changes and send it back to you.
Otherwise let me know and I'll try to take you through it step by step.
Ok thank you, I finally decided to forget about the mysql table stuff. I made a new form just for email. I feel safer that way.
One more time, thanks a lot for your kind help !
Alain