Posts by cereal

You can use session to send data from a page to another:

• http://www.php.net/manual/en/book.session.php

but if you're building a cart then use tables, here you can find an example of the structure you need:

• http://www.databaseanswers.org/data_models/e_commerce_shopping_carts/index.htm

Once defined the tables, it will be easy to write the scripts.

If you're using my previous example you can use count($sum), it will return the total of the selected items. Otherwise you need to create a new loop and apply the IF statements there.

That happens because if the first IF condition is satisfied it will stop executing the other statements. Can you explain what you want to achieve?

For the next time, consider also, to start a new thread, since your new request is different from the original.

You can use insteadof to declare the first trait, then go with as, example:

trait TheErrorOfYourWays{
   public function booboo(){
       echo 'You had a booboo :(';
   }
}
trait SpectacularStuff1 {
    use TheErrorOfYourWays; 
}

trait SpectacularStuff2 {
    use TheErrorOfYourWays;
}

trait SpectacularStuff3 {
    use TheErrorOfYourWays;
}

class DoSomethingSpectacular {
        use SpectacularStuff1, SpectacularStuff2, SpectacularStuff3 {
            SpectacularStuff1::booboo insteadof SpectacularStuff2, SpectacularStuff3;
            SpectacularStuff2::booboo as booboo2;
            SpectacularStuff3::booboo as booboo3;
        }
    }

$do = new DoSomethingSpectacular;
$do->booboo();
$do->booboo2();
$do->booboo3();

Live sandbox: http://sandbox.onlinephpfunctions.com/code/8893d9672a02cf0ceefafe792d3159ce3bf2935e

You can create an array of prices, for example:

$prices = array(
    'sol' => 60,
    'prasok' => 200,
    'vegeta' => 100
);

And then, use a loop to check if the keys of this array matches with the $_GET/$_POST array:

$sum = array();
$getkeys = array_keys($_GET);

foreach($prices as $key => $value)
{
    if(in_array($key, $getkeys)) $sum[] = $value;
}

At the end use array_sum to add the values saved in the $sum array:

echo array_sum($sum);

This works also as white list, since only the values in the array of prices are considered, and everything else sent by the form is discarded.

Yes, on line 13 remove the last quote, so change this:

echo "Error#: " 60"

to:

echo "Error#: " 60

I can only think to an internal redirect, that will empty the $_POST array.

I should add to the OP that the form is located in pages/forums.php and the handler is located in administration.php, but pages/forums.php is included in administration.php

This confuses me :D Can you show more about the script?

Place this die(print_r($_POST)); before the IF statement and check what you get, you can do the same with $_SESSION. Otherwise just try to echo something before and after the conditional statement, if everything works fine, then it's something else. I don't think it's related to $_POST because the redirect seems correct, although I don't see how this is generated.

Unless $_POST['id'] is received as a string, verify it with var_dump, in that case change this:

$stmt->bind_param('isi', $_POST['id'], $_POST["category"], $position);

to:

$stmt->bind_param('isi', intval($_POST['id']), $_POST["category"], $position);

Yes, there are different caches, check the documentation for more information:

• http://dev.mysql.com/doc/refman/5.5/en/query-cache.html
• http://dev.mysql.com/doc/refman/5.5/en/query-cache-status-and-maintenance.html
• http://dev.mysql.com/doc/refman/5.5/en/buffering-caching.html

And there are some limitations, as the subqueries cannot be cached:

• http://dev.mysql.com/doc/refman/5.5/en/query-cache-operation.html

But if you use MariaDB, which is a fork of MySQL, you can cache even those queries:

• https://mariadb.com/kb/en/subquery-cache/

The attribute of the form is enctype not encrypt, that should help to get the correct data, then you have to refer to the $_FILES array, check the documentation:

• http://www.php.net/manual/en/features.file-upload.post-method.php

You missed a dot near $url:

'".$url"'

change it to:

'".$url."'

But you can rewrite it in a cleaner way:

$sql = "UPDATE serv SET title = '$title', description = '$description', url = '$url' WHERE id = $id";

Here you find the documentation: http://httpd.apache.org/docs/2.4/logs.html

You shouldn't change permissions or the user/group that writes the logs, because from that user an attacker will be able to compromise the server. If you want to be able to read the logs then add the user to the adm group.

Then reverse it:

foreach($list as $key)
{
    echo in_array($key, $db2) ? "<input type='checkbox' checked value='$key' />$key" : "<input type='checkbox' value='$key' /> $key";
}

You can use a loop with in_array():

foreach($db2 as $key)
{
    echo in_array($key, $list) ? "<input type='checkbox' checked value='$list' />$list" : "<input type='checkbox' value='$list' /> $list";
}

More information: http://php.net/in_array

The hosts file of the server should point to 127.0.0.1, each client hosts file to the remote IP, i.e. to 10.5.135.75. If this is the setting and there is no firewall blocking port 80 on the server, try the telnets commands and let us know the results. You can also include the error and access logs into the virtual hosts, so you can register these activities on the server, as example:

<VirtualHost *:80>
    ServerAdmin joao.dias@centralcervejas.pt
    DocumentRoot "C:/xampp/htdocs/ad/adtable"
    ServerName kadar
    ServerAlias www.kadar

    ErrorLog ${APACHE_LOG_DIR}/kadar_error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel debug

    CustomLog ${APACHE_LOG_DIR}/kadar_access.log combined

    <Directory "C:/xampp/htdocs/ad/adtable/" >
        Options Indexes FollowSymLinks ExecCGI Includes
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

In addition to AARTI suggestions, you can do this task with one single query:

insert into jannuary (ejant) select (htotal + ptotal + ttotal) as total from house, personal, transport;

Consider also to switch to PDO or MySQLi, since MySQL is deprecated and will be removed by the incoming versions of PHP.

Hmm, have you tried with another browser? The message can be due to an encoding problem of the page, it is not sure it's related to the server settings. Can you telnet from the clients to 10.5.135.75 80:

telnet 10.5.135.75 80
GET / HTTP/1.1

And then send two returns, if you can connect repeat with the domain name:

telnet kadar 80
GET / HTTP/1.1

Or 1.0 in case you get 400 bad request. It should return the index page. Otherwise post the response here.

Agree, it doesn't seems correct. But it can be fixed, I think it depends on your setup:

• IndonusaCI is the DocumentRoot? It's a section of a bigger website? To be sure about the DocumentRoot just place a PHP file in the root of the server with these instructions:

  <?php echo $_SERVER['DOCUMENT_ROOT']; ?>

• have you set a ServerName in the VirtualHost of the Apache configuration file? Have you edited the hosts file to include the ServerName?

• what is the value of $config['base_url'] in your config.php file?

Since I do not know your exact setup, I cannot suggest more to fix the issue. The only suggestion I can think is to avoid, for the moment, the rewritten links and to change the redirects by adding the /index.php/ segment:

redirect('/index.php/admin/home')

Or if this is a subfolder to:

redirect('/IndonusaCI/index.php/admin/home')

If this does not help, explain the structure of your application and show your Apache and CodeIgniter config files.

You have to paste my previous instructions into the root .htaccess file, as example:

/
/.htaccess                 <-- edit this file
/index.php
/application/
/system/

Also, you have to remove the index.php from $config['index_page'] as already suggested, and change $config['enable_query_strings'] = TRUE; to FALSE, once you do this the ? will disappear and the link should work fine.

Can you be more precise? The edit regards the .htaccess in the root of the server or in that in the application directory? If the answer is the former then post the contents of the .htaccess here and also the contents of the config file.

That is the .htaccess of the application directory, which is not responsible for the rewrite of the url. In the root of the server you should have an .htaccess file, the basic contents of this file should be at least these:

<Files .htaccess>
order allow,deny
deny from all
</Files>

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>

This will allow your application to use rewritten links as in your form_open('/admin/verifylogin') otherwise you have to write:

form_open('/index.php/admin/verifylogin')

Also, in the config file /application/config/config.php change this:

$config['index_page'] = 'index.php';

To:

$config['index_page'] = '';

Because, as you can read in the file comments:

If you are using mod_rewrite to remove the page set this variable so that it is blank.

I think this should help to solve your problem. Let us know.

I tried the tutorial, works fine for me. Regarding your code:

<?php echo form_open('verifylogin'); ?>

Should be:

<?php echo form_open('admin/verifylogin'); ?>

Then into controllers/admin/verifylogin.php you have to change the redirect from home to /admin/home, so at line 27:

redirect('/admin/home', 'refresh');

the same applies to the other controllers redirects as example in /admin/home.php.

After the login I get this error:

Unable to load the requested file: admin/admin.php

Which is the view file: standing at the example it should be home_view.php, so this error is probably limited to my test and fixing this it works all fine.

Just remove the session_start() at the beginning of controllers/admin/home.php because you don't need it, since here we are using the CI session library. And you can remove all the PHP closing tags at the end of the controllers, if you want to use it, then be sure to remove all the spaces after that tag, otherwise you can get errors, ref.: http://ellislab.com/codeigniter%20/user-guide/general/styleguide.html#php_closing_tag

Going back to you, can you show your .htaccess contents?

The die (aka exit) construct requires parenthesis when you send a status, so this is wrong:

die 'error here';

The correct version is:

die('error here');

Reference: http://php.net/manual/en/function.exit.php

I get that you are doing that because they would validate, but wouldnt this require that it compares each record by hashing (and reading, anyway) it in order to compare?

Yes, that's the reason why I'm also suggesting to use a unique index over the title column: the insert query will return the SQL state and the user will know that the title is already in use:

$q = $conn->exec('insert into table (title) values("hello world")');
if($conn->errorCode() == 23000) echo 'this title already exists';

More can be done: as removing the punctuation and creating the url slug of the title and use that to create the unique key:

# on mysql client
> alter table tablename add url_slug varchar(255) not null unique;

# on php script
$q = $conn->exec('insert into table (title, url_slug) values("hello world", "hello_world")');
if($conn->errorCode() == 23000) echo 'this title already exists';

Then it depends on the applications features, if you have to deal with big numbers and the slug is not requested, it can be used an hash which has always a fixed length and can be saved as binary:

# on mysql client
> alter table tablename hash binary(16) not null unique;

# on php script
$hash = md5($url_slug);
"insert into table (title, hash) values('$title', unhex('$url_slug'))"

And it should be more efficient than a table scan.

You can use an the md5() MySQL function and do everything within the query:

"select id from table where md5(title) = md5({$newtitle}) limit 1"

Then just check with mysql_num_rows() > 0. Or better: create a unique index for the title column.

Since I don't have a windows box, unfortunately I cannot test and I'm realizing that runas never accepts pipes or redirections (with the pro edition, maybe, you could use the /savecred option), so excuse me for the wrong suggestion.

If the user that you have to call through runas is static, then you could change the apache user to the same one, or at least to the same group, so it should execute the script with the correct privileges. At that point you should be able to avoid runas.

Anyway, while waiting for more appropriate support from windows people, I can only think to try to serve the script as a windows service, so outside from an Apache instance, and use another script to send the input. Good luck!

Try with a pipe:

exec('echo "password" | runas /user:<Computer>\User "notepad.exe"');

Reference: http://technet.microsoft.com/en-us/library/bb490982(en-us).aspx

Use htmlspecialchars() or htmlentities():

• http://php.net/manual/en/function.htmlspecialchars.php
• http://php.net/manual/en/function.htmlentities.php

Consider to use HTML Purifier in your application: http://htmlpurifier.org/

It will give you the ability to whitelist the tags that you want to allow and, most important, it will validate the attributes, removing the javascript included.

@AD right now you can try with:

member "dani" site:daniweb.com

On the google search bar seems to work. Bye!

So if $camp['pozitie'] has a specific value and $camp['cod_garantie'] is empty, you have to alter all the following positions, correct?

You can add a counter and add it to the position key, here's an example:

<?php

$datum[] = array('name' => 'sun', 'pos' => 1, 'magnitude' => '-26.74');
$datum[] = array('name' => 'venus', 'pos' => 2, 'magnitude' => '-5');
$datum[] = array('name' => 'sedna', 'pos' => 3, 'magnitude' => '');
$datum[] = array('name' => 'neptune', 'pos' => 4, 'magnitude' => '8');
$datum[] = array('name' => 'io', 'pos' => 5, 'magnitude' => '');
$datum[] = array('name' => 'moon', 'pos' => 6, 'magnitude' => '-12.74');

echo PHP_EOL;

$i = 0;

foreach($datum as $key => $value)
{
        if(empty($value['magnitude']))
        {
                $i++;
        }

        if($i > 0) $value['pos'] = $value['pos'] + $i;

        echo "\t" . $value['pos'] . ' ' . $value['name'] ."\t" . $value['magnitude'] . PHP_EOL;
}

echo PHP_EOL;

will output:

1 sun       -26.74
2 venus     -5
4 sedna 
5 neptune   8
7 io    
8 moon      -12.74

Note rows 4 and 7, the original values are 3 and 5.

I'm not sure if you're using a backtick at the end of the command to wrap \r\n, you have to use single quotes instead, so the correct command should be:

LOAD DATA LOCAL INFILE 'C:\\temp\\test.csv' INTO TABLE bd_george.test FIELDS TERMINATED BY ';' LINES TERMINATED BY '\r\n' (id,name);

Bye.

An auto increment column MUST be integer, so you cannot use cc123, but you can create composite indexes, so you can create unique content, for example:

create table mytest(
    id int unsigned auto_increment,
    code varchar(3) not null,
    message text,
    primary key (code, id)
) engine = myisam default charset=utf8;

insert into mytest(code, message) values('aaa', 'hello'), ('bb', 'hi'), ('cc','hey'), ('aaa', 'world');
select * from mytest;

Will output:

+----+------+---------+
| id | code | message |
+----+------+---------+
|  1 | aaa  | hello   |
|  1 | bb   | hi      |
|  1 | cc   | hey     |
|  2 | aaa  | world   |
+----+------+---------+

Note that the id does not increments because the primary key is composed by the code and the id column in this order, in practice it is like using a unique index. If you reverse the index order:

primary key (id, code)

Then you get:

+----+------+---------+
| id | code | message |
+----+------+---------+
|  1 | aaa  | hello   |
|  2 | bb   | hi      |
|  3 | cc   | hey     |
|  4 | aaa  | world   |
+----+------+---------+
4 rows in set (0.00 sec)

As you see in this case there are consecutives increments on the id. More information:

• http://dev.mysql.com/doc/refman/5.5/en/optimization-indexes.html
• http://dev.mysql.com/doc/refman/5.5/en/example-auto-increment.html

You can also consider uuid_short() which return unique numeric strings:

• http://dev.mysql.com/doc/refman/5.5/en/miscellaneous-functions.html#function_uuid-short

An example of usage:

create table mytable_us(
    id bigint unsigned not null, …

As the others I've some difficult to understand the result you want to get, to me it seems a compare between A/B arrays, when the values of the correspondent keys are the same, then return 000000, in the other cases return the value of A, unless A is 000000 itself, in that case return the value of B, am I right?

If yes try:

<?php

$a = array(0 => array(0 => '000000', 1 => '000400', 2 => '000450'), 1 => array(0 => '000350', 1 => '000400'));
$b = array(0 => '000350', 1 => '000400', 2 => '000450');

foreach($a as $k => $v)
{
    $i = 0;
    foreach($v as $k2 => $v2)
    {
        if($v2 == $b[$i]) $a[$k][$i] = '000000';
        if($v2 == '000000') $a[$k][$i] = $b[$i];
        $i++;
    }
}

print_r($a);

Outputs:

Array
(
    [0] => Array
        (
            [0] => 000350
            [1] => 000000
            [2] => 000000
        )

    [1] => Array
        (
            [0] => 000000
            [1] => 000000
        )

)

Removing the second IF statement, will return 000000 also for $a[0][0], because it will keep the value of the array A.

Note: I converted the values of the arrays to strings, because as integer will not keep the padding zeros.

Ok, it seems related to permissions. You should check the user running Apache (usually www-data) and switch the ownership of the files and subdirectories of /var/www/code to it, run this:

ps -aux |grep apache2

to see the user, the parent is root, all the child processes should be owned by www-data or another defined user in /etc/apache2/apache2.conf, and then change the ownership:

sudo chown www-data:www-data -R /var/www/code

If this still does not work, then change the write permissions:

sudo chmod 755 -R /var/www/code

Note that 755 works if the owner of the files is the same user used by Apache, otherwise you need to use 777, which can be fine in a development box, but it is not good in a production server. Hope this helps to solve the problem.

Try with error.log and access.log, the others with the numbers are old logs.

Run:

tail -n 20 error.log

This will display the last 20 lines of that file, if you don't see anything particular, reload the page in the browser. If you need to all the file type:

less error.log

If needed do the same with access.log. Then if you don't find anything browse to /etc/apache2/sites-available/ and open the file configuration of your virtual host, from there you can see if your configuration is saving the errors into another path, the line should look like:

ErrorLog ${APACHE_LOG_DIR}/error.log

You can also try to find if CodeIgniter is generating an error log.

Hi, check the Apache log files, 5xx errors are related to the server, so it can be a misconfiguration of .htaccess or something related to write permissions.

Apache is running as root or as www-data user? It should be www-data, verify the output of:

ps -aux |grep apache

You should see the main process owned by root, the childs owned by www-data user. So, in order to work correctly, you have to change the ownership of the directory and of the files under the DocumentRoot of your website, try this:

sudo chown www-data:www-data -R /var/www/ET

With -R flag we recursively change the owners and the group of all the files inside ET directory. That should fix the problem.

Check if the file and also the directory containing the database, have read and write permissions.

Yes if you extend those controllers with Page, something like:

class Connection extends Page
{
    public function __construct()
    {
        parent::__construct();
    }
}

Recalling the construct of Page (parent::__construct()) you can access to the public and protected properties.

In CodeIgniter this can work if you place Page controller inside the System/Core or if you include it when the controller loads:

<?php

include 'page.php';

class Connection extends Page
{
    public function __construct()
    {
        parent::__construct();
    }

    public function index()
    {
        $this->load->view('connection/someindex', $this->data);
    }
}

Read this for more information: http://philsturgeon.co.uk/blog/2010/02/CodeIgniter-Base-Classes-Keeping-it-DRY

You can change $data to a property of the class, so you can do:

class Page extends CI_Controller {

    // declare property
    protected $data;

    public function __construct()
    {
        parent::__construct();

        // define the property
        $this->data['assets'] = array(
                'style' => base_url().'assets/css/style.css',
                'connection' => base_url().'assets/images/connection.jpg',
                'collaboration' => base_url().'assets/images/collaboration.jpg',
                'solution' => base_url().'assets/images/solution.jpg',
                'connectionUrl' => base_url().'index.php/connection/',
                'collaborationUrl' => base_url().'index.php/collaboration/',
                'solutionUrl' => base_url().'index.php/solution/'
        );

        $this->data['navigation'] = array(
               'nav' => base_url().'assets/css/nav.css',
               'logo2' => base_url().'assets/images/logo2.png', 
               'index' => base_url(),
               'connectionUrl' => base_url().'index.php/connection/',
               'collaborationUrl' => base_url().'index.php/collaboration/',
               'solutionUrl' => base_url().'index.php/solution/',
               'foUrl' => base_url().'index.php/connection/fo',
               'wirelessUrl' => base_url().'index.php/connection/wireless',
               'cloudUrl' => base_url().'index.php/collaboration/cloud',
               'emailUrl' => base_url().'index.php/collaboration/email',
               'vconUrl' => base_url().'index.php/collaboration/vcon',
               'sharepointUrl' => base_url().'index.php/collaboration/sharepoint',
               'crmUrl' => base_url().'index.php/collaboration/crm',
               'voiceUrl' => base_url().'index.php/collaboration/voice',
               'networkUrl' => base_url().'index.php/solution/network',
               'systemUrl' => base_url().'index.php/solution/system',
               'surveillanceUrl' => base_url().'index.php/solution/surveillance',
               'searchbutton' => base_url().'assets/images/search button.jpg'
        );

    }

    public function index()
    {
        $this->data['title'] = 'title of this page';
        $this->load->view('templates/navigation', $this->data['navigation']);
        $this->load->view('homepage', $this->data['assets']); 
    }

    public function another_page()
    {
        $this->data['title'] = 'Another title';
        $this->load->view('templates/navigation', $this->data['navigation']);
        $this->load->view('anotherpage', $this->data['assets']); 
    }

}

Reference: http://www.php.net/manual/en/language.oop5.properties.php

If you're using Google Chrome, open the page of your script, then open the Javascript Console (CTRL+Shift+J), open the Network tab and try select an option from the form, if the AJAX works fine you will see a POST request, by clicking on the Name (probably the url of the AJAX call), you can see what was sent.

Verify it is not empty and let us know, we will try to help, bye!

Hey Dany the Bookmark Post feature is awesome, great add! :)

CI logs are enabled? In /application/config/config.php search and change log_threshold to 4:

$config['log_threshold'] = 4;

Then be sure that /application/logs/ is writable. After that just by reloading the page you should find a log file with information and, eventually, errors.

Also is assets directory outside of the application directory?

assets is outside the application directory? What do you get from CI logs?

but checking the database its just importing the filenames without the extension.

Are you sure the data is not inserted in the database table independently from this method? At this point it's hard to suggest the correct approach, can you show the part relative to the insert?

Also you can verify the values of DIR_IMAGE and $this->params['images_dir'] just by echoing them.

image_type_to_extension() will work because it is not based on the file extension, it read the mime type of the file, you can achieve the same result by using finfo: http://www.php.net/manual/en/function.finfo-file.php

And now it makes perfect sense, I wasn't sure about some of those methods, your explanation clarifies my doubts. Try this:

# last part of getImagefile() ...

    } else {

        $file = $this->params['images_dir'].$image;

        //
        // if the image is a regular file
        //

        if(is_file($file.'.jpg') || is_file($file.'.GIF'))
        {
            $finfo = finfo_open(FILEINFO_MIME_TYPE);
            switch(finfo_file($finfo, $file))
            {
                case 'image/jpeg':
                    $file = $file . '.jpg';
                    break;
                case 'image/gif':
                    $file = $file . '.GIF';
                    break;
            }
        }
    }

    return $file;
}

It's just an example but it should work fine. Just pay attention to uppercase, if you're using a linux box image.GIF will be considered different from image.gif. In practice my suggestion is the same solution of yours, the only difference is that I'm not applying $this->params['images_dir'] and DIR_IMAGE togheter. Have you checked the logs of the server to see if there are undefined paths?

Looking at the code you could get your result just by replacing:

return $file;

With:

return $file . image_type_to_extension($image_info[2]);

But you should already get this, since it is used between line 61 and 80.

Line 8, change it to:

if($db = sqlite_open('./ET'))

I suppose ET is the name of the database file.

Currently it runs twice. Change line 10 to:

$sent = mail($email, $subject, $message, $headers);

And line 13 to:

if($sent === TRUE)
{
    # success
}
else
{
    # failure
}