It, probably, happens because you are calling the session inside application/core/MY_Loader.php but you are loading it from the controller, which is executed after the MY_Loader. Have you tried to autoload the session?
from the screenshot is seems you are trying to load CI resources from outside the application folder. Is Contact.php a CI controller? Can you share it? Remember to remove address and password as the post is public.
BUT right now the img() function can, potentially, allow the access to the contents of any directory on the server, by adding ../ to the variable, as example you can write the following and access /etc/:
It depends on the position of the document root in the file system. You could use an integer and make sure it's valid, for example:
$imageID = filter_input(INPUT_GET, 'imageID', FILTER_VALIDATE_INT, ['options' => ['default' => NULL]]);
if(TRUE === is_null($imageID))
# redirect or show 404
# continue if $imageID is valid
Thank you Jim! Yes, that works fine and also counting the resulting array works fine.
The original query is not like in the above example: I was using FOUND_ROWS() in a PHP PDO class, to automatically extract the number of rows, but it was not working appropriately. So I started playing with an example table and added SQL_CALC_FOUND_ROWS too and came down with the above test.
Even by doing:
SELECT SQL_CALC_FOUND_ROWS * FROM `test` LIMIT 3;
then FOUND_ROWS() should return 5, instead it returns 1. In practice, I do not understand why it does not output the expected result.
I just did a test on MariaDB 10.0.28 and MariaDB 10.1.19 and returns 5, as expected. My current instead is 10.0.29, so it may be a bug.
@Dani, yes, I added SQL_CALC_FOUND_ROWS just to test the query.
I just saw your question, so according to FB best practises:
Use images that are at least 1200 x 630 pixels for the best display on high resolution devices. At the minimum, you should use images that are 600 x 315 pixels to display link page posts with larger images. Images can be up to 8MB in size.
If your image is smaller than 600 x 315 px, it will still display in the link page post, but the size will be much smaller.
We've also redesigned link page posts so that the aspect ratio for images is the same across desktop and mobile News Feed. Try to keep your images as close to 1.91:1 aspect ratio as possible to display the full image in News Feed without any cropping.
The minimum image size is 200 x 200 pixels. If you try to use an image smaller than this you will see an error in the Sharing Debugger.
which will not work if the form set the method to POST:
if you perform a POST request then you have to use $_POST in the PHP side to access the values of the input fields. You could use $_GET, but only if appending values to the action link of the form tag, for example:
In this very specific case, because $ID is expected to be an integer, you could use exec() which returns the number of affected rows by the statement or something that evaluates to boolean FALSE (if something goes wrong) but you have to properly sanitize the variable.
$ID = filter_input(INPUT_GET, 'ID', FILTER_VALIDATE_INT);
if(FALSE !== $ID)
$update = $db->exec("UPDATE table SET count = count + 1 WHERE id=".$ID);
if(FALSE === $update)
// log the error, kill the script, etc.
// successful update
// $ID is not valid
In case of strings, instead, the filter function is not enough, because sending something like 0 OR 1=1 would be valid and expose your query to an SQL injection attack.
I prefer to have few extra lines of code and go with prepared statements.
Besides, in PDO you can send the values as an array, in the execute() method: