Page 1 of 1

limited size of textarea

Posted: Wed Apr 01, 2009 5:24 pm
by Byronled
Greetings,

I don't normally use PHP, but I've been asked to look at a problem regarding an online registration form. Basically, in one of the text area boxes, if more than ~250 characters are used, the input isn't recorded. The form uses POST, not GET, which is the first thing I looked at. Whoever wrote the original page included a MAXLENGTH=200 tag, which I removed, to no avail. Now I'm thinking that tag was present due to an underlying problem I don't understand. This is the link to the page:

http://www.eeidconference.org/Registrat ... ration.php

Thanks in advance for any help - if it matters to you, this is a conference about epidemic disease, so there's extra karma in it for ya :D

Re: limited size of textarea

Posted: Wed Apr 01, 2009 5:57 pm
by McInfo
If form.cgi is written in PHP, there is probably a line in it that contains something like

Code: Select all

substr($_POST['abstract1'], 0, 200)
Edit: This post was recovered from search engine cache.

Re: limited size of textarea

Posted: Thu Apr 02, 2009 6:10 am
by Byronled
The form response page is in Perl and Javascript, but is fairly comprehensible:

Code: Select all

#!/usr/bin/perl -w
 
use CGI;
use CGI qw(:standard);
use CGI::Carp qw(fatalsToBrowser warningsToBrowser);
use DBI;
 
$cgi = new CGI;
print "Content-type: text/html\n\n";
 
%dBattr = (
        PrintError => 0,
        RaiseError => 0
);
 
 
$dbh = DBI->connect("INSERTYOURDBINFOHERE", 'USER', 'PASSWD', \%dBattr) or die("can't connect");
$cgi = new CGI;
#print "Content-type: text/html\n\n";
if(!$hike) {$hike=&quotebits("no")}
if(!$name) {$name=&quotebits("no")};
if(!$email) {$affiliation=&quotebits("no")};
if(!$email) {$email=&quotebits("no")};
if(!$status) {$status=&quotebits("no")};
if(!$poster) {$poster=&quotebits("no")};
if(!$conference) {$conference=&quotebits("no")};
if(!$communication) {$communication=&quotebits("no")};
if(!$abstract1) {$abstract1=&quotebits("no")};
 
#the bit below creates variables with each parameter name containing the param value, eg $param=paravalue and also cleans the input
foreach $valuename ($cgi->param)
{
        $useme=lc($valuename);
        if($cgi->param($valuename)=~/\;|\<|\>|\`|\$/) {next};
        $$useme=&quotebits($cgi->param($valuename));      
}
 
 
$insert="INSERT INTO eeiddata SET name=$name, affiliation=$affiliation, email=$email, status=$status, hike=$hike, poster=$poster, conference=$conference, communication=$communication, abstract1=$abstract1";
$errmessage="No problems!";
$sth = $dbh->prepare($insert) or $errmessage="can't do prepare insert";
$sth->execute or $errmessage= $sth->errstr();
if($conference eq "communication") {$confstatus="yes"}
elsif($conference eq "nocommunication") {$confstatus="no"}
else {$confstatus="no data"};
$abstractbrief=substr($abstract1,0,1000);
$showresults="You submitted the following information:  Name = $name, Affiliation = $affiliation, Email = $email, Student/Faculty Status = $status, Conference Attendence = $conference, Oral Presentation = $confstatus, Hike Preference = $hike, Poster Presentation = $poster, First 1000 Characters of Your Abstract = $abstractbrief.";
$warning="If any of this information is in error or if you don't receive an emial confirmation, please contact Nanda Dorea at: dorea\"at\"uga.edu";
 
print $cgi->h4($showresults),
$cgi->h4({-style=>'Color: red;'}, "$warning"),
 
$cgi->h4("The database responded: $errmessage");
 
print
qq|<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>EEID Conference 2009</title>
<style type="text/css">
<!--
.style1 {
    font-size: 26px;
    font-style: italic;
    font-weight: bold;
    color: #000000;
}
.H4 {
            color: darkgreen;
        }
 
.style2 {color: #660000}
body {
    background-color: #CCCC99;
}
.style3 {color: #000000; }
a:link {
    color: #000099;
}
a:visited {
    color: #000099;
}
a:hover {
    color: #990000;
}
.style5 {
    font-size: 24px;
    font-weight: bold;
}
.style8 {font-size: 24px}
.style11 {font-size: 20px}
.style13 {font-weight: bold}
.style14 {color: #000000; font-size: 20px; font-weight: bold; }
.style15 {font-family: Arial, Helvetica, sans-serif}
.style16 {font-size: 14px}
<style type="text/css">
.style69 {color: #CC0000}
 
.style12 {font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #000066; }
a:active {
    color: #990000;
}
-->
</style>
</head>
 
<body>
<table width="900" border="0" align="center" cellpadding="0">
  <tr>
    <td bgcolor="#990000">&nbsp;</td>
  </tr>
 
  <tr valign="top">
    <td><div align="center"><img src="http://www.eeidconference.org/Banner.jpg" width="900" height="98" /></div></td>
  </tr>
  <tr valign="top">
    <td bgcolor="#990000">&nbsp;</td>
  </tr>
  <tr valign="top">
    <td height="343"><table width="100%" border="0" cellpadding="5" bgcolor="#CCFFFF">
      <tr>
 
        <td bgcolor="#FFFFFF"><div align="center" class="style12"><a href="http://www.eeidconference.org/index.htm">HOME</a></div></td>
        <td bgcolor="#FFFFFF"><div align="center" class="style12"><a href="http://www.eeidconference.org/Workshops/index.html">WORKSHOP</a></div></td>
        <td bgcolor="#FFFFFF"><div align="center" class="style12"><a href="http://www.eeidconference.org/Conference/index.html">CONFERENCE</a></div></td>
        <td bgcolor="#FFFFFF"><div align="center" class="style12"><a href="http://www.eeidconference.org/Hike/index.html">HIKE</a></div></td>
        <td bgcolor="#FFFFFF"><div align="center" class="style12"><a href="http://www.eeidconference.org/Travel/index.html">TRAVEL</a></div></td>
        <td bgcolor="#FFFFFF"><div align="center" class="style12"><a href="http://www.eeidconference.org/Registration/index.html">REGISTRATION</a></div></td>
 
        <td bgcolor="#FFFFFF"><div align="center" class="style12"><a href="../Past Conferences/index.html">PAST EVENTS</a> </div></td>
      </tr>
    </table>
      <table width="100%" border="0" cellpadding="0" bgcolor="#990000">
        <tr valign="top">
          <td>&nbsp;</td>
        </tr>
      </table>
 
      <h2 align="center" class="style3">Ecology and Evolution of Infectious Disease <br />
        7th Annual Workshop and Conference<br/>
        <a href="http://www.uga.edu" target="_blank">University of Georgia </a></h2>
      <p align="center" class="style1">Infectious disease dynamics in multi-host  multi-pathogen communities</p>
      <p align="center" class="style1">Thank you ! After submitting your registration form, please click <a href=https://estore.uga.edu/C21653_ustores/web/store_main.jsp?STOREID=55>here</a> to pay registration fees online</p>
      </td>
  </tr>
</table>
<h2 align="center">&nbsp;</h2>
<h2 align="center">&nbsp;</h2>
<h2 align="center" class="style2">&nbsp;</h2>
<h3 align="center" class="style2">&nbsp;</h3>
</p>
</body>
</html>|;
 
 
sub quotebits
{
        my $quote=shift(@_);
        if($quote eq "") {undef($quote)};
        $quote = $dbh->quote($quote);
        #foreach (@_) {$_ = $dbh->quote($_)}
        return $quote;
}

Re: limited size of textarea

Posted: Thu Apr 02, 2009 7:10 am
by MasterBeta
It may be a database problem. If you're using MySQL, you may want to set your field type to varchar, text, or blob.

Re: limited size of textarea

Posted: Thu Apr 02, 2009 10:41 am
by McInfo
Are you able to run a query on the database? It would be helpful to see the output of

Code: Select all

EXPLAIN eeiddata;
Edit: This post was recovered from search engine cache.