Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Andrey2017-06-19 16:15:29
CMS
Andrey, 2017-06-19 16:15:29

How to insert a script tag into a page template?

The crux of the matter: have your own bike that connects the page template and the page itself. The specific script code will be below.
However, this script refuses point-blank to save the page if there are third-party scripts in the code.
How to insert lines with scripts into a template?

Template code. Inside is an empty script tag. Doesn't save when completed
<html>
<head>
<title>Начаркина Ирина Александровна</title>
</head>
<body bgcolor=#E0E0E0 onload="startTime()"><center>
<table border=0 width=90% bgcolor=#B939D4>
<tr height=10>
<td colspan=3>
</td>
</tr>
<tr height=40>
<td>

</td> 
<td width=15% bgcolor=#A031B7>
<font color=#FFFFFF face="Century Gothic"></font>
</td> 
<td width=15% bgcolor=#A031B7>
<font color=#FFFFFF face="Century Gothic"></font>
</td> 
</tr>
<tr height=200>
<td colspan=3 align="left" valign="middle">
<table bgcolor=#A031B7 width=55% height=150>
<tr>
<td align=center>
<font color=#FFFFFF face="Comic Sans MS" size=6>Начаркина Ирина Александровна</font>
<br><br>
<font color=#FFFFFF face="Comic Sans MS" size=4>Учитель начальных классов МОУ "Средняя школа №37"</font>
</td>
</tr>
</table>
</td>
</tr>
</table>
<br>
<table border=0 width=90% cellspacing="0" >
<tr>
<td  width=24% bgcolor=#45D2B8 valign=top><br><br><center>
<script type=text/javascript></script>
</center>
</td>
<td  width=2% bgcolor=#FFFFFF>
</td>
<td height=450 bgcolor=#FFFFFF valign="top"><br>

<br><br>
</td>
<td width=2% bgcolor=#FFFFFF>
</td>
</tr>

</table>
</center>
<br><br>
</body>
</html>


Actually a line.
<script type=text/javascript src='http://www.estpovod.ru/informer_show2.php?news_cnt=5&inf_width=250&bg=45D2B8&csp=1&cpd=4&fsz=18&bg1=45D2B8&fcl1=0066FF&fsz1=16&bg2=FFFFFF&fcl=0066FF&fsz2=16&wt=on&show_dat=&wt1=&grp=10&new=on'></script>

The code of the script itself
<?php
include ('../db.php');
include ('config.inc.php');
$title="Редактирование";
$LINK = mysqli_connect($SQLSERVER, $SQLUSER, $SQLPASSWORD,$SQLBASE) or die(mysqli_error($LINK));
mysqli_query($LINK,"SET NAMES 'utf8'");
mysqli_query($LINK,"SET CHARACTER SET 'utf8'");

$footer="</body></html>";

$type = 'page';
if (isset($_GET['type'])) {
    $type = $_GET['type'];
}
$item="";
if (isset($_GET['item'])) {
    $item = $_GET['item'];
};

$array = array();
$response = GetId($item,$LINK);

include ('panel.inc.php');

$p_id = $item;
if (isset($_POST['type'])) {
        switch ($_POST['type']) {
            case 'page':
        $response = GetId($_POST['id'],$LINK);
        $array = mysqli_fetch_assoc($response);
                $p_name = $_POST['name'];
                $p_cnt =$_POST['content'];
                $p_template =$_POST['template'];
                $p_id =$_POST['id'];
                if ($array['id']=="") {
                    $response = AddPage($p_id,$p_name,$p_template,$p_cnt,$LINK);
          $item = $p_id;
                } else {
                    $response = ModifyPage($p_id,$p_name,$p_template,$p_cnt,$LINK);
                }
                break;
            case 'template':
      $response = TemplateCheck($_POST['id'],$LINK);
        $array = mysqli_fetch_assoc($response);
                $p_cnt =$_POST['content'];
                $p_id =$_POST['id'];
                if ($array['id']=="") {
                    AddTemplate($p_id,$p_cnt,$LINK);
                } else {
                    ModifyTemplate($p_id,$p_cnt,$LINK);
                }
                break;
            case 'block':
      $response = GetRealChankId($_POST['id'],$LINK);
        $array = mysqli_fetch_assoc($response);
                $p_cnt =$_POST['content'];
                $p_id =$_POST['id'];
                if ($array['id']=="") {
                    AddChank($p_id,$p_cnt,$LINK);
                } else {
                    ModifyChank($p_id,$p_cnt,$LINK);
                }
      default :
        break;
        }
        $type = $_POST['type'];
        $item = $_POST['id'];
    
}

switch ($type) {
    case 'page':
        $response = GetId($item,$LINK);
        $response = GetTemplateId($item,$LINK);
        $array = mysqli_fetch_assoc($response);
        $idt = $array['template'];
        $response = GetPageName($item,$LINK);
        $array = mysqli_fetch_assoc($response);
        $name = $array['name'];
        $response = GetIdContent($item,$LINK);
        $array = mysqli_fetch_assoc($response);
        $content = $array['content'];
        break;
    case 'template':
        $response = GetTemplate($item,$LINK);
        $array = mysqli_fetch_assoc($response);
        $content = $array['content'];
        break;
    case 'block':
        $response = GetChank($item,$LINK);
        $array = mysqli_fetch_assoc($response);
        $content = $array['content'];
        break;
}

echo '<div align="center">';
echo '<form action="edit.php" method="post" id="mainform">';
echo '<table width="80%" border="1">';
echo '<tr>';
echo '<td height="120px" align="center"><label>Идентификатор: </label></td>';
echo '<td align="center"><input type="text" name="id" value="'.$item.'"></td>';
echo '</tr>';

if ($type=='page') {
    echo '<tr>';
    echo '        <td height="120px" align="center"><label>Имя страницы: </label></td>';
    echo '        <td align="center"><input type="text" name="name" value="'.$name.'"></td>';
    echo '    </tr>';
    echo '    <tr>';
    echo '        <td height="120px" align="center"><label>Шаблон: </label></td>';
    echo '        <td align="center"><input type="text" name="template" value="'.$idt.'"></td>';
    echo '    </tr>';
};
echo ' <tr>';
echo '        <td colspan="2" align="center">';
echo '             <textarea id="mytextbox" form="mainform" name="content" style="height: 450px; width: 900px" value="">'.$content.'</textarea>';
echo '         </td>';
echo '     </tr>';

echo '<tr>';
echo '        <td colspan="2" align="center">';
echo '    <br><br>';
echo '      <input type="hidden" name="item" value="'.$item.'">';
echo '      <input type="hidden" name="type" value="'.$type.'">';
echo '        <input type="submit" class="btn" value="Сохранить" width="80">';
echo '    </table>';
echo '    </form>';
echo '    <form action="index.php" method="get">';
echo '        <input type="hidden" name="id" value="'.$type.'">';
echo '       <input type="submit" class="btn" value="Закрыть" width="80">';
echo '    </form>';
echo '   </div>';


echo $footer;

?>

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
B
Boris Korobkov, 2017-06-19
@BorisKorobkov

return mysqli_query($LINK,'UPDATE template SET content=\''.$content'\' WHERE id = \''.$identificator.'\'');

When $content contains a single quote, the result is invalid SQL, which is obviously not executed. And the old version of the template is shown on the screen.
Use PDO or at least mysql_real_escape_string

Similar questions
S
Syomka Gavrilenko2016-04-27 08:49:35
How to choose js CMS with file database? 2Reply
A
Arthur_po2014-02-23 20:03:35
In which language is it better to create a portal: ASP.NET or PHP? 2Reply
R
Rinat2018-09-27 14:17:39
Which CMS and CRM bundle to choose for the developer? 1Reply
A
Alexander2016-04-29 09:37:37
Why are sitemap plugins throwing 500 errors? 1Reply
M
master1C2016-05-02 21:23:46
Why is there an old price on the main page? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question