So I received this error today, I've narrowed it down to this issue:
My site is my musician page here. It allows people to come in and see photos of me, news, my music and events I'm playing at.
Everything was going swell, I manually input data into MySQL to have it auto-feed to the home page. Now I'm adding the control panel so I can add, edit, delete things in the database from the web.
Everything works fine except for the ability to add/edit events. I've narrowed it down to the fact that I can't input 2 URLs or I get this error. I NEED to input 2 URLs (one to view the event page, one to buy tickets) but I can't input more than 1 at a time, is there anything I can do to correct or work around this error whether in apache or my code?
<?php
$specevlink = "http://facebooklink.com";
$specgigtick = "http://ticketplacelink.com";
?>
<form method="post" action="index.php?page=editgigs">
<table>
<tr>
<td>
Event Page (Link):
</td>
<td style="text-align: left;">
<input type="url" name="giglink" value="<?php echo $specevlink; ?>" />
</td>
</tr>
<tr>
<td>
Event Tickets (Link):
</td>
<td style="text-align: left;">
<input type="url" name="gigtick" value="<?php echo $specgigtick; ?>" />
</td>
</tr>
</table><br />
<input type="submit" name="editgig" value="submit" /><br />
<br />
</form>
EDIT:
I'm adding the full line of code so you can see exactly what I'm using,
Here's a pic of step 1 Here's a pic of step 2
This is included into an index.php file:
<?php
if(isset($_GET["page"])){
$page = $_GET["page"];
} else {
$page = "";
}
if($page === "editgigs"){
include ('inc/logincheck.php');
?>
<div class="label">
EDIT GIGS
</div><br />
<div style="margin: 0 auto; text-align: center; width: 100%">
<form method="post" action="index.php?page=editgigs">
<?php
if(!isset($_POST['selectgigs'])){
if(!isset($_POST['updgigs'])){
?>
Select one of the options below:<br />
<br />
<select name="selgigs" style="max-width: 26%;">
<?php
while($gigsall_data = mysqli_fetch_array($gigsall_query)){
$gigid = stripslashes($gigsall_data['idgigs']);
$gigdate = stripslashes($gigsall_data['date']);
$gigname = stripslashes($gigsall_data['name']);
$gigdate = date('F j, Y', strtotime($gigdate));
?>
<option value="<?php echo $gigid; ?>">
<?php echo $gigdate; ?>: <?php echo $gigname; ?>
</option>
<?php
}
?>
</select><br /><br />
<input type="submit" name="selectgigs" value="Select" /><br />
<br />
<?php
}
}
if(isset($_POST['selectgigs'])){
$gigtoed = trim($_POST['selgigs']);
$specgig_query = mysqli_query($con, "SELECT * FROM `gigs` WHERE `idgigs` = '$gigtoed'") or die(mysqli_error($con));
$specgig_data = mysqli_fetch_array($specgig_query);
$specdate = stripslashes($specgig_data['date']);
$specname = stripslashes($specgig_data['name']);
$specevlink = stripslashes($specgig_data['evlink']);
$specgigtick = stripslashes($specgig_data['ticklink']);
$specnos = stripslashes($specgig_data['noshow']);
if($specnos === '0'){
$noshow = '';
} else {
$noshow = 'checked';
}
?>
<table style="border-spacing: 5px; padding: 10px;">
<tr>
<td>
Past Event?:
</td>
<td style="text-align: left;">
<input type="checkbox" name="nos" <?php echo $noshow; ?> /> Past Event
</td>
</tr>
<tr>
<td>
Date:
</td>
<td style="text-align: left;">
<input type="date" name="gigdate" value="<?php echo $specdate; ?>" required />
</td>
</tr>
<tr>
<td>
Name:
</td>
<td style="text-align: left;">
<input type="text" name="gigname" value="<?php echo $specname; ?>" required />
</td>
</tr>
<tr>
<td>
Event Page (Link):
</td>
<td style="text-align: left; width: 350px;">
<input type="url" name="giglink" style="width: 100%;" value="<?php echo $specevlink; ?>" />
</td>
</tr>
<tr>
<td>
Event Tickets (Link):
</td>
<td style="text-align: left; width: 350px;">
<input type="url" name="gigtick" style="width: 100%;" value="<?php echo $specgigtick; ?>" />
</td>
</tr>
</table><br />
<input type="hidden" name="gigid" value="<?php echo $gigtoed; ?>" />
<input type="submit" name="updgigs" value="Update" /><br />
<br />
<?php
}
if(isset($_POST['updgigs'])){
$newid = trim($_POST['gigid']);
$newdate = mysqli_real_escape_string($con, trim($_POST['gigdate']));
$newname = mysqli_real_escape_string($con, trim($_POST['gigname']));
$newlink = mysqli_real_escape_string($con, trim($_POST['giglink']));
$newtick = mysqli_real_escape_string($con, trim($_POST['gigtick']));
if(isset($_POST['nos'])){
$newnoshow = mysqli_real_escape_string($con, '1');
} else {
$newnoshow = mysqli_real_escape_string($con, '0');
}
echo $newid.' '.$newdate.' '.$newname.' '.$newlink.' '.$newtick.' '.$newnoshow.'<br />';
/*mysqli_query($con, "UPDATE `gigs` SET `date` = '$newdate', `name` = '$newname', `evlink` = '$newlink', `ticklink` = '$newtick', `noshow` = '$newnoshow' WHERE `idgigs` = '$newid' LIMIT 1") or die(mysqli_error($con));*/ //commented for testing
?>
<div style="text-align: center;">
<span class="confirm">
Successfully updated click <a href="index.php?page=events">here</a> to view it!
</span>
</div>
<?php
}
?>
</form>
</div>
<?php
}
FYI- the logincheck.php is does nothing but check if the user is logged in, if not it sends them back to the home page.
Your website is generating error if any user input item is starting with either http://
or https://
.
When I try with a link starting with http://
I got a 406 Not Acceptable :
http://onkore.us/?blah=http://www.google.com
It is fine when I try this :
http://onkore.us/?blah=www.google.com
You've mentioned that you are having problem if it is more than one link , but when I try with two links like below , it is being fine :
http://onkore.us/?blah1=www.google.com&blah2=www.google.com
However either you could find and fix the issue which might be specific to your server configuration or you could try a work around .
I am not sure if this workaround helps , but considering that http://
or https://
are creating the issue , what I am thinking is to remove the http://
and https://
from user input . First you might want to try changing <input type="url"
to <input type="text"
so that URL format is not enforced . Then you could use Javascript to remove occurrences of http://
and https://
from the user input in the form before submitting to server . Additionally you could remove these from the data before populating the form values .
Hope this helps .
Regex : How to remove 'http://' from a URL in JavaScript
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With