1

// EDIT

In addition to rproffitt's: contents, in the MS knowledge board, are loaded through Javascript, file_get_contents() won't load them, you need a rendering engine (like browsers do) to run your scripts. So you need something like PhantomJS: http://phantomjs.org/

Few months ago I posted an usage example here:

Which generates a screenshot of the page. The discussion was about testing the existence of a page with an HEAD request, which MS drops, and on success perform a GET request.

1

Hi,

if you can edit the main php.ini file, change the option to on:

allow_url_fopen=on

then reload the phpinfo page to see if it applied. The location of the file is defined in the Configuration File (php.ini) Path of the phpinfo view. If you cannot edit the main php.ini, you can try to create a new php.ini file in the document root. And just add the options you want to change. The Loaded Configuration File field of the phpinfo view should show if the new file is loaded.

Note: some times, the configuration (of PHP or of the web server) does not allow to override the settings through custom php.ini files, so you may need to contact your hosting support to make changes.

For more info, see the HOST and PATH directives:

1

Hi,

you are missing a comma between these two columns, in the update statement:

work_carry = '$work_carry' demage_found = '$demage_found'

Then edit_customer_detail is not set by the form which, however, is okay if this is set by a previous step and carried through GET.

1

I see why, to be honest I was reading the documentation for PDO and saw why you were using fpassthru():

PDO::PARAM_LOB tells PDO to map the data as a stream, so that you can manipulate it using the PHP Streams API.

However while testing I got:

PHP Warning:  fpassthru() expects parameter 1 to be resource, string given

And in fact a comment in the same page states the same issue:

1

Just a note!

I was just curious to learn why anyone would bother using the long version if the short version can do the same job. file_get_contents() using a URL is not guaranteed to work in all situations, as it depends on a configuration setting to allow it to use HTTP (which is sometimes disabled for security reasons) ...

It happens because allow_url_fopen is set to false, in case curl is not available you can also use sockets or fsockopen() & co.

Also, file_get_contents() allows more complex requests, in fact, it can make POST requests, by using the resource context parameter. The same can be done by file(), readfile(), fopen() and in general by all functions that support streams, an example:

<?php

$url = "https://www.apple.com/";

// Resource context
$rc["http"]["method"] = "GET";
$rc["http"]["header"] = "Accept-language: en\r\n";
$rc["http"]["follow_location"] = 1; // 1 = yes, 0 = no
$rc["http"]["timeout"] = 10; // seconds

$context = stream_context_create($rc);

$fp = fopen($url, "r", FALSE, $context);

while( ! feof($fp))
    print fread($fp, 4096);

fclose($fp);
2

$name is defined? If not the loop will not run:

while($i < count($name))
{
    $stmt->execute([':user_id' => $user_id, ':name' => $name[$i], ':email' => $email[$i], ':role' => $role[$i]]);
    $i++;
}

Also, you could add debugDumpParams() to see what looks like the prepared statement:

while($i < count($name))
{
    $stmt->execute([':user_id' => $user_id, ':name' => $name[$i], ':email' => $email[$i], ':role' => $role[$i]]);
    print_r($stmt->debugDumpParams());
    die;
}

This will stop the execution after the first loop and will show the contents of the query. If it does not help paste the result here and also the code.

Votes + Comments
Big hyand for debugDumpParams
2

There is a missing $ in $email[$i] and $role[$i].

Then you are passing three arguments to the execute() method: one array and then email and role with a syntax that would probably send some warnings.

$this cannot be used in this context, use $stmt.

In the prepare() method, the syntax to define the placeholder is not correct, the format is :keyword, not : keyword, nor =: keyword and not even = : keyword. And it is missing the last column: role.

The query has also another issue, a bracket: (, I think here you were trying to mix the two available syntaxes for inserts in MySQL:

INSERT INTO table (column, column) VALUES('', '');
INSERT INTO table SET column = '', column = '';

The first is the standard, the second is a peculiarity of MySQL.

To recap:

$stmt = $pdo->prepare("INSERT INTO `contact` (`user_id`, `name`, `email`, `role`) VALUES (:user_id, :name, :email, :role)");

while($i < count($name))
{
    $stmt->execute([':user_id' => $user_id, ':name' => $name[$i], ':email' => $email[$i], ':role' => $role[$i]]);
    $i++;
}

However there is still an issue. In the form there are some checkbox, by default if none are selected, the checkboxes will not be set by the browser and so the POST array will miss them. So, if your forms has fields for two identities (Person1, Person2) and you select only Teacher for Person2, you will get role[0] => Teacher. Value, that according to the loop, will be associated to Person1, not to Person2, as expected.

To avoid this, you have ...

2

Hi,

what is the size of the array? There are few errors:

  1. a syntax error: you are missing a comma between user_id and dateTime;
  2. dateTime, it does not matter the case, is a reserved word, so use backticks.

Also you could move prepare() outside the loop and use placeholders:

$stmt = $dbh->prepare("INSERT INTO `worksheet` SET `user_id` = :user_id, `dateTime` = NOW(), `indicator` = :indicator");

And set an array into execute() to define the values of each loop:

$stmt->execute([':user_id' => $user_id, ':indicator' => $indicator[$i]]);

You should move the header() outside the loop, too, but after, otherwise you keep setting it at each iteration. Right after that set exit, to stop the execution and make the server redirect. To recap:

$stmt = $dbh->prepare("INSERT INTO `worksheet` SET `user_id` = :user_id, `dateTime` = NOW(), `indicator` = :indicator");

while($i < count($indicator))
{
    $this->execute([':user_id' => $user_id, ':indicator' => $indicator[$i]]);
    $i++;
}

header('Location: form-page2.php');
exit;

See if these changes, in particular the syntax error, makes a difference. Otherwise, as you defined the exception mode, set a try catch block to see if PDO sends an exception.

2

All my other scripts (mysqli and procedural) worked like this:
if($sql)
So, why didn't it tonight ?
Why it only worked with oop style ?
if(TRUE === $conn->query($sql))
Is it because most part of the script is oop ?

No, it happens because $sql is a string, you could either do:

$conn->query($sql);

Or procedural:

$sql = mysqli_query($conn, "INSERT QUERY HERE");

With the procedural then your IF statement would work fine:

if($sql)

as the result of the query is assigned to the $sql variable. In my example I just skipped the assignement to a new variable an ran the query directly in the statement. It's the same.

it is not actually dumping just the url I am visiting but more. Infact, it's logging other links on my visited page.
Is it because the browser called those links to load the images (even though I did not click them) ?

Yes, the proxy is rewriting all the urls, so the browser is going to request them through the proxy script, it's the same list that you get through the Network tab of the Developer Tools.

and one link twice ?

It happens because there is a redirect with status code 301 or 302, then it reloads the page with status code 200, so the script log its boths.

If you were in my position, how would you code it so the img or video links (that are residing on the visited page) ...

2

Those sites you are viewing do not host your http://localhost:80/proxy/test.php? links nor precede it but your proxy itself does it.
Now, as you can see the proxy is preceding "http://localhost:80/proxy/test.php?" in order to proxify your chosen url. But my idea is, instead of getting it to precede "http://localhost:80/proxy/test.php?", why don't we get it to precede "http://localhost:80/proxy/tracker.php?" instead.
Now, can you figure-out which part of the code to replace with what to get the script to start logging ?

Sorry, but tracker.php what should do? It's the same code of test.php? Then just rename the file. If it's different and you want to send people from script A (test.php) to script B (tracker.php), you just need a form whose action points to script B, but then what is the role of the proxy here? Once you are on the tracker script, the proxy won't work anymore as the execution is completed. If you want to mix the proxy with the tracker then rename test.php to tracker.php and include your tracking code inside this file.

I have already suggested where you can place the tracking code.

Also consider that you don't need a form to initialize the proxy script, just append a link to the file name with a ? and it will work fine. Anyway, see if you get other replies. Bye.

1

@UI

in addition to Andris, the first 16 lines are useless, because it makes a request to google and it does not use it. Line 21 ($url) is not used by the following code, so curl sends a request to the homepage not to the search. Even by changing that, to run the query and set an additional fake user agent, it will hit against a robot check:

<!--
    To discuss automated access to Amazon data please contact api-services-support@amazon.com.
    For information about migrating to our APIs refer to our Marketplace APIs at https://developer.amazonservices.com/ref=rm_c_sv, or our Product Advertising API at https://affiliate-program.amazon.com/gp/advertising/api/detail/main.html/ref=rm_c_ac for advertising use cases.
-->

or status code 503 from CloudFront. Why? Try running the link you want to access through the command line curl:

curl -s -D - https://www.amazon.com/s/field-keywords=movies+2017 -o /dev/null

You get:

HTTP/1.1 301 Moved Permanently
...
Location: https://www.amazon.com/movies-2017/s?ie=UTF8&page=1&rh=i%3Aaps%2Ck%3Amovies%2B2017

which means you have to add a curl option to follow redirects. Would now work? Yes, but it probably won't return results because this part of the pattern ._AC_US_160_.jpg, in the preg match expression, is not pointing to what is currently returned by Amazon results page. So, you can:

  • open the source page and verify what is in use and hard code the change
  • or modify the pattern to be more flexible to code changes

in your current code it returns what is in the scr and in srcset attributes, so you can get an extended list of links for each entry and you could apply another ...

1

Hi,

in practice you want to log the $url variable. Between line 202 and 246 the scripts initialize the variable, verifies if the url format is valid and finally it attemps to contact the server. Now you have to decide at which step you want to log, for example if you want separate logging for successful and failed requests do it after line 246, i.e. after this line:

$response = makeRequest($url);

and use the responseInfo index returned in the $response array to log the differences.

1

Hi,

read the notice and the warning:

Notice: Use of undefined constant RETURNTRANSFER - assumed 'RETURNTRANSFER' in C:\xampp\htdocs\test\curl.php on line 27

Warning: curl_setopt() expects parameter 2 to be integer, string given in C:\xampp\htdocs\test\curl.php on line 27

The notice tells you that RETURNTRANSFER is not defined. The PHP engine in this case makes an assumption: you probably meant to use it as a string, so it dress the constant with quotes and serve it to the code.

The warning is just curl_setopt() complaining because, by consequence of the PHP engine assumption, received a string, when it was expecting an integer. So, have you checked if, among curl constants, there is something like RETURNTRANSFER?

2

Hi,

you cannot do this with plain HTML. You need javascript: you could use AJAX to submit the two forms, but you are going to generate two separated requests, with two separated responses from the server(s). Which means the second could return before the first is completed. Or one could fail, due to timeout or other issues. To solve these scenarios you could use the Promise API:

In practice the requests are performed asynchronously, and each will generate a promise, i.e. an object that represents a successful response or a failure. This can be done also in server side, see:

Can you explain why you want to keep them separated?

Votes + Comments
Promises, promises :) These multiple-form submits never add up for me.
1

Hi!

Those are definitions of the same function (hcf), the first line is defining a default in case the second argument is 0, in that case returns the first argument (a). Why? Because if you run mod 1 0 you get an exception:

*** Exception: divide by zero

In haskell there are partial and total functions, mod is partial, as it returns an error in case the argument is not a valid value. By defining the default for 0 you cover that error. See:

2

Hi,

in this case the artisan command won't solve the issue, because it's PHP telling those functions are deprecated as PHP 7.1.0.

The Mcrypt library has been declared deprecated and will be moved to PECL with the release of PHP 7.2.0, this because it relies on libmcrypt which has not been developed or mantained since 2007, see:

To solve, update the code with an alternative library.