Posts by cereal

Not tested but try:

    $sql = <<<EOD
    INSERT INTO T_Student(Name, Surname, Street, City, F_ID_Teacher) VALUES('$Name', '$Vorname', '$Strasse', '$Plz', '2');
    SET @id = last_insert_id();
    INSERT INTO T_Class(Subjekt, Number, F_ID_Student) VALUES('', '', @id);
    INSERT INTO T_School(Name, Street, City, F_ID_Student) VALUES('', '', '', @id)
EOD;

Here the student id is retrived by the second query which sets a variable @id and returns the value in the following queries. It works if the student id is an auto_increment column type.

More information about the heredoc syntax:

• http://php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc

Hi,

if you want to return the value of a variable then use double quotes, if you want to return plain text, then use single quotes.

For more information check the documentation:

• http://php.net/manual/en/language.types.string.php

i have deleted them and placed my files there. Maybe its because of them ?

This should not affect the execution of your scripts or the connection, in general, to the database.

So i need to pay for my account to use 000webhost ?

No, unless you want to connect directly to the database from another host (i.e. localhost, or another web hosting service).

Also i had on the same server other files and it was working good.. so now when im uploading this new files that error appear.

This confuses me: the error reported in your first post returns a Macedonian IP address, which means the attempt connection was executed from a script in a computer in Macedonia, not from a 000webhost machine.

If $DBServer is a 000webhost database and the scripts are executed in a 000webhost hosting then, you may want to ask help to their support or to their forums.

Hi, supposing 31.170.161.176 was your IP address, you cannot connect directly from your computer to the 000webhost MySQL server because remote connection is disabled, unless you upgrade your account:

• https://www.000webhost.com/faq.php?ID=27

It means that, with the basic plan, they only allow connections to the databases from a defined range of IPs: their hosting machines. So in order to work, you have to upload the script to the 000webhost web server and run it from there, not from your local installation.

It was $rows not $row, the variable was overwriting itself, anyway to avoid confusion do:

$sql  = "SELECT * FROM admin WHERE username = '$username'";
$rows = query($sql);

if(is_array($rows) && count($rows) == 1)
{
    $row = $rows[0];

I was talking about these lines:

// query database for user
$rows = "SELECT * FROM admin WHERE username = '$username'";
// if we found user, check password
if (count($rows) == 1)
{
    // first (and only) row
        $row = $rows[0];

In this case $rows is not a result set, it's only a string and if you do $row = $rows[0]; the contents of $row will be S, i.e. the first letter of the string. You have to submit the query to your function and return the result set, after that you can execute the rest of the code.

Hi,

you should not need the win32 version, just download the archive to a specific path, for example ~/sources/, extract and create a link to /usr/bin/ so that the script is available through the system:

wget https://github.com/pyinstaller/pyinstaller/releases/download/v3.1/PyInstaller-3.1.tar.gz
tar -zxf PyInstaller-3.1.tar.gz
cd PyInstaller-3.1
sudo ln -s $PWD/pyinstaller.py
pyinstaller.py -h | less

And you have finished. Also, instead of the Windows idle you can install the linux version, just run:

sudo apt-get install idle -y
idle &

Bye!

If you're using PHP 5.5+ then you could use array_column with implode(), for example:

<?php

// example contents
$_POST['data'][] = ['a' => 1];
$_POST['data'][] = ['a' => 2];
$_POST['data'][] = ['a' => 3];
//

$data = $_POST['data'];
$data = implode(' ', array_column($data, 'a'));

print $data;

That will print 1 2 3. Docs: http://php.net/array-column

Hi,

you could use the Nowdoc syntax, I prefer it because the code is more readable, but it's your choice, an example:

<?php

$id      = rand(1,1000);
$name    = 'MissMolly';
$email   = 'email@email.tld';
$request = <<<'EOD'
<?php
    $to      = "%1$s";
    $subject = "Invoice Request";
    $message = "%2$s is requesting %3$d quote";
    $headers = "From: %1$s\r\n";

    mail($to, $subject, $message, $headers);
    unlink(__FILE__);
?>
<h1>Invoice Being sent asap</h1>
EOD;

$request = sprintf($request, $email, $name, $id);
$myfile  = fopen('clients/' . $name . '.php', 'w');
fwrite($myfile, $request);
fclose($myfile);

With sprintf() then you replace the placeholders %1$s, %2$s, %3$d with the data you want to inject:

• http://php.net/sprintf

Do you have a specific reason to create such file? The email is already sent by the line 33.

Also, you're using the $name variable to set the filename, but if $name contains special characters or spaces, then it could affect the access to the generated PHP file, you should use a function to replace the spaces, something like this:

• https://github.com/bcit-ci/CodeIgniter/blob/82761265da6a4ccd913583239a89487c40d46329/system/helpers/url_helper.php#L480

Hi,

look here user_id = '".$_SESSION['userid']."' ")" remove the second-last quote, so that changes to: )". Then it should work, but consider that an INSERT query does not support the WHERE statement, unless this is into an INSERT ... ON SELECT query:

• http://dev.mysql.com/doc/refman/5.7/en/insert-select.html

It doesn't look like JSON or anything. It looks like byte codes or something. (I DID NOT WRITE THIS APPLICATION)

So, you have decoded the base64 string and you're seeing some strange code? What is the variable for? It could be an icon. An easy method to see the contents is to set data:text/plain;base64,STRING HERE into a Google Chrome browser tab, being text/plain the code will not be executed, but if in doubt use an incognito browser window or start a new profile... an example:

data:text/plain;base64,PHNjcmlwdD5hbGVydCgiaGVsbG8iKTs8L3NjcmlwdD4=

Will display:

<script>alert("hello");</script>

Otherwise, you can decode through the base64_decode() PHP function:

<?php

    $str = "PHNjcmlwdD5hbGVydCgiaGVsbG8iKTs8L3NjcmlwdD4=";
    file_put_contents("output.txt", base64_decode($str));

And then check the contents of the output.txt file.

Link: http://php.net/file-put-contents

Once you have the contents, if it's code and you don't recognize what it is, you can use the search engines to try to find some information, just paste a function name or some constants, this engine is a good place to start:

• https://searchcode.com/

Bye!

Hi,

the error is telling you the index key cid does not exists in the $_GET array. So, are you submitting the cid attribute through the form or through the action link? I mean, like this:

<form action="script.php" method="post">
    <input type="hidden" name="cid" value="123">

or like this?

<form action="script.php?cid=123" method="post">

By using $_GET the cid key should arrive to the script through the query string ?cid=123, if instead it's inside an input tag, then change it to $_POST:

$cid = $_POST['cid'];

Note: it's always a good practice to check if the expected keys are set and if they are transmitting the expected input. Use filter_input() to validate and sanitize the input, read:

• http://php.net/filter-input

Bye!

Hi,

look at the manual: http://php.net/manual/en/mysqli-result.fetch-array.php

The argument must be a constant, in your case MYSQL_ASSOC without the quotes, the constant in this case is an integer and his value is 1, for MYSQL_BOTH instead is 3, so you could write:

$result->fetch_array(MYSQL_ASSOC);

# or

$result->fetch_array(1);

and get the same result type.

Hi,

you could set the line separator into getValue(), for example at line 28:

editor.getValue('<br>')

But this will add the <br> also in the code blocks, otherwise you can apply a CSS rule to #question-preview:

#question-preview {
    white-space:pre-line;
}

And change the #question-preview pre code white-space rule at your preferences:

#question-preview pre code {
    padding: 0;
    white-space: inherit;
}

Docs: http://codemirror.net/doc/manual.html#getValue

Can someone change their IP address repeatedly in a short time, say less than a minute or five?

Yes, if IP is dynamic you disconnect & connect to get a new address, not always in the same range and it can change even at each request when using services like Tor.

Some use the Etag header, this is used to cache resources into the browser: you set a specific Etag ID for each client and, when the browser asks the server if there is a new version of the resource, you can track the request and by consequence that specific user associated to the Etag ID.

An IP change will not affect the tracking with Etags, but deleting the browser cache will delete the Etag entries.

Other use the screen resolution and viewport size to track users. Consider that these are not considered ethical practices, see:

• https://en.wikipedia.org/wiki/HTTP_ETag#Tracking_using_ETags
• http://www.w3.org/2001/tag/doc/unsanctioned-tracking/

The problem is generated in the IN() statement: what happens if $topuid is empty, like in your code?

$topuid   = array();
$idtopuid = implode(',', $topuid);

The result of $idtopuid will be an empty string, example:

var_dump(implode(',', []));
string(0) ""

This will generate the syntax error you got: syntax to use near ') order by rand() limit 0,5' at line 1 because the IN() statement cannot be empty.

Also, keep in mind that you are setting something that will display as a single CSV string, for example:

$topuid   = ['a', 'b', 'c'];
$idtopuid = implode(',', $topuid);

# in query
... IN(".$idtopuid.") ...

Will generate:

IN(a,b,c)

without quotes, which will work fine if these will be integers [1,2,3], but it will fail if using alphanumeric IDs, because it will be like testing table columns and it could generate an error like:

ERROR 1054 (42S22): Unknown column 'a' in 'where clause'

to avoid it, in case of alphanumeric IDs, the IN() statement values should be set with quotes around each element and commas to separate them, so:

IN('a', 'b', 'c')

Bye!

Hi, I'm not sure I've understood your request and I haven't used L4 in a while, but:

with('message','Message has been sent',compact('account','pageTitle'))

Should not work, as the with() method accepts only two parameters:

• https://github.com/laravel/framework/blob/4.2/src/Illuminate/Http/RedirectResponse.php#L48

You are feeding three. Instead you could try:

with('message', array('Message has been sent', array('account','pageTitle')))

But I'm not sure it will work, and if it works, you can access it through Session::get('message')[0] and Session::get('message')[1]['account'] or something like that.

So why don't you use Session::flash() before the redirect?

Session::flash('account', 'pageTitle');

Hi,

CodeIgniter 2.* is in legacy mode and reached end-of-life on October 31, 2015. It means they are not going to support it anymore. It's there for projects already developed under this code, but you should not use it to start new ones, as if a security issue is found, you would have to patch it on your own.

Switch to Codeigniter 3.* and follow their user guide:

• https://codeigniter.com/user_guide/

There is a tutorial which explains the framework basics.

Maybe your IDE was tricked by the string concatenation, I don't know, what are you using? You should add the PDO error methods to catch the errors.

Anyway, you can write that query in one single string:

$query = $this->db->prepare("INSERT INTO gy_product_detail(product_id, product_detail, product_image_back, product_image_left, product_image_name, product_image_right, product_rate, product_discount) VALUES (last_insert_id(), :product_details, :product_image1, :product_image2, :product_image3, :product_image4, :rate, :discount)");

Or to make it more readable:

$query = $this->db->prepare("
            INSERT
                INTO gy_product_detail(product_id,
                                       product_detail,
                                       product_image_back,
                                       product_image_left,
                                       product_image_name,
                                       product_image_right,
                                       product_rate,
                                       product_discount)
                VALUES (last_insert_id(),
                        :product_details,
                        :product_image1,
                        :product_image2,
                        :product_image3,
                        :product_image4,
                        :rate,
                        :discount)
        ");

Besides this, try to reply with a post and use upvote/downvote comments only when necessary, these will affect users reputation and while it is nice to receive positive rep, it's not nice to receive negative rep, as your previous downvote, if not deserve it... ^__^

Can you show your form code?

Anyway you can setup a simple echo script (echo.php) and see what really happens when a request is sent. You need to open two terminal windows.

Start with this script:

<?php

if($_POST)
    echo 'POST:' . PHP_EOL . print_r($_POST, TRUE);

if($_GET)
    echo 'GET:' . PHP_EOL . print_r($_GET, TRUE);

if($_FILES)
    echo 'FILES:' . PHP_EOL . print_r($_FILES, TRUE);

if($_COOKIE)
    echo 'COOKIE:' . PHP_EOL . print_r($_COOKIE, TRUE);

Then start the internal server in the first terminal:

php -S localhost:8000

And send your requests to this address: http://localhost:8000/echo.php.
From the second terminal window use curl or httpie and send some requests, for example:

http -vf :8000/echo.php id==123 cat=fruit color=red

Here we will append a variable to GET id=123 and two variables to POST cat=fruit&color=red, the request will look like this:

POST /echo.php?id=123 HTTP/1.1
Accept-Encoding: gzip, deflate, compress
Content-Length: 19
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Host: localhost:8000

cat=fruit&color=red

This is what you would type into a telnet session. As you can see the GET is appended in the first statement:

POST /echo.php?id=123 HTTP/1.1

Following there are the request headers, while post variables are appended to the request body, which comes one blank line after the request headers.

If you upload a file, for example:

echo "Hello World" > /tmp/test.txt

and send the request:

http -vf :8000/echo.php id==123 cat=fruit color=red file@/tmp/test.txt

You get:

POST /echo.php?id=123 HTTP/1.1
Accept-Encoding: gzip, deflate, compress
Content-Length: 334
Content-Type: multipart/form-data; boundary=8b41bb14137f4b60a4560f05e149051c
Host: localhost:8000
User-Agent: HTTPie/0.8.0

--8b41bb14137f4b60a4560f05e149051c
Content-Disposition: …

@shany

Hi, consider that MySQL will not return the last inserted id if:

• the table does not have a column with the auto_increment attribute
• or if you manually feed the id

Example:

-- table without auto_increment column
CREATE TABLE IF NOT EXISTS `test` (
    `tid` INT UNSIGNED NOT NULL PRIMARY KEY,
    `msg` VARCHAR(50) NOT NULL
);

-- insert, no auto_increment
INSERT INTO `test` (`tid`, `msg`) VALUES(1, 'a');
INSERT INTO `test` (`tid`, `msg`) VALUES(2, 'b');
INSERT INTO `test` (`tid`, `msg`) VALUES(3, 'c');

-- get last id, will return 0
SELECT last_insert_id();
+------------------+
| last_insert_id() |
+------------------+
|                0 |
+------------------+
1 row in set (0.00 sec)

-- show table statement
SHOW CREATE TABLE `test`;
+-------+-----------------------------------
| Table | Create Table                  
+-------+-----------------------------------
| test  | CREATE TABLE `test` (
  `tid` int(10) unsigned NOT NULL,
  `msg` varchar(50) NOT NULL,
  PRIMARY KEY (`tid`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 |
+-------+-----------------------------------

-- show contents
SELECT * FROM `test`;
+-----+-----+
| tid | msg |
+-----+-----+
|   1 | a   |
|   2 | b   |
|   3 | c   |
+-----+-----+
3 rows in set (0.00 sec)

-- alter table to add auto_increment
ALTER TABLE `test` MODIFY `tid` INT UNSIGNED NOT NULL AUTO_INCREMENT;

-- new table statement, with auto_increment
+-------+--------------------------------------------------
| Table | Create Table                                     
+-------+--------------------------------------------------
| test  | CREATE TABLE `test` (
  `tid` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `msg` varchar(50) NOT NULL,
  PRIMARY KEY (`tid`)
) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=latin1 |
+-------+-------------------------------------------------

-- insert id manually
INSERT INTO `test` (`tid`, `msg`) VALUES(4, 'd');

-- …

No, from SQL injection you're safe with prepared statements, but you are exposed to an XSS attack, here:

echo "<div class='alert alert-success' role='alert'>Well done! You successfully created user: <b>".$_POST['username']."</b></div>";

echo "<div class='alert alert-danger' role='alert'>Oh snap! Failed to create new user: <b>$_POST[username]</b></div>";

$_POST is not sanitized, so I could inject javascript or an iframe. The Google Chrome XSS Auditor in this case will raise an alert, which is visible in the developer console.

Use filter_input() if you want to return the contents to the page:

• http://php.net/filter-input

Hi,

best solution would be to get data through mysqldump and then push the backup into the server. By the way, if there were InnoDB tables then you also need ibdata files otherwise moving the files will not work. Also if there were user defined functions and stored procedures you would need mysql.func and mysql.proc contents.

Try to follow the suggestions in this thread, it could help:

• http://forums.mysql.com/read.php?11,565093,565093#msg-565093

I think I've understood where is the issue (finally :D): $_GET['album'] is set but it does not return any value. At line 28 of your last code version you had:

$album = isset($_GET['album']) ? $_GET['album'] : '';

Which, will initialize the variable but it will not return nothing when opening the script for the first time because, from what I see, the page will not have a query string with this value. In other words you probably can open the page like this:

http://site.tld/script.php

and/or:

http://site.tld/script.php?album=123

So the value of $album in the first case be empty. Later, in the while loop, you have the javascript function with:

javascript:deleteImage(<?php echo "'$album', '$im_id'"; ?>);

Which should get the value of album from $row rather than the $album variable previously set. The extract() function will initialize $im_id, it will not initialize $album because it DOES NOT exists in the columns returned by $row. So:

1. you don't get a notice for undefined variable $album;
2. the $album value arriving here is the one set at line 28 which, as said, can be empty.

I think you can solve the issue by changing the SELECT query at line 61 to return the im_album_id column:

SELECT im_id, im_album_id, im_title, im_thumbnail, DATE_FORMAT(im_date, '%d-%m-%Y') AS im_date FROM tbl_image

And change the javascript code to:

javascript:deleteImage(<?php echo "'$im_album_id', '$im_id'"; ?>);

After these changes the IF conditional statement should work. And var_dump() should return the expected values.

Replace code from line 2 to 24 with:

$error = FALSE;

// check if index key exists and trim, else set it to NULL
$delete  = array_key_exists('delete', $_GET) ? trim($_GET['delete']) : NULL;
$albumId = array_key_exists('album', $_GET) ? trim($_GET['album']) : NULL;
$imgId   = array_key_exists('imgId', $_GET) ? trim($_GET['imgIde']) : NULL;

if( ! empty($delete) && ! empty($albumId) && ! empty($imgId))
{
    // get the image file name so we
    // can delete it from the server 
    $sql = sprintf(
            "SELECT im_image, im_thumbnail FROM tbl_image WHERE im_id = '%s' AND im_album_id = '%s'",
            mysql_real_escape_string($imgId),
            mysql_real_escape_string($albumId)
        );

    $result = mysql_query($sql);

    if($result && mysql_num_rows($result) == 1)
    {
        $row = mysql_fetch_assoc($result);

        // and then remove the database entry
        $sql = sprintf(
                "DELETE FROM tbl_image WHERE im_id = '%s' AND im_album_id = '%s'",
                mysql_real_escape_string($imgId),
                mysql_real_escape_string($albumId)
                );

        // remove the image and the thumbnail from the server
        // only if DELETE query is successful
        if(mysql_query($sql) && mysql_affected_rows() > 0)
        {
            unlink(GALLERY_IMG_DIR . $row['im_image']);
            unlink(GALLERY_IMG_DIR . 'thumbnail/' . $row['im_thumbnail']);  
        }

        else
            $error = 'Delete product category failed. ' . mysql_error();
    }

    else
        $error = 'Select product category failed. ' . mysql_error();
}

In practice we initialize some variables ($delete, $albumId & $imgId) by trimming the contents of $_GET, then we refer to these variables for the rest of the script: this is an important point, if you call $_GET['album'] inside the conditional statement you can insert an untrimmed value, clear?

I'm using empty() to check the contents of the variables, please refer to the documentation to check what is …

Yes, you can by using concat_ws() MySQL function, for example:

UPDATE table1 SET color = concat_ws(',', color, 'green') WHERE id = XX;

But it leads to other problems, for more information read this:

• https://www.daniweb.com/programming/databases/threads/473216/alternative-way-of-an-insert-with-where-clause

Hi,

you are submitting a single string to the PDO constructor:

$connection = new PDO("mysql:host=$host; dbname=$db_name, $db_user, $password");

instead they should be three: dsn, username, password. Or four if appending options:

$connection = new PDO("mysql:host=$host;dbname=$db_name", $db_user, $password);

You could do:

$passwd = crypt($_POST["newpassword"]);

# prepare query
$query = sprintf(
            "UPDATE admin SET hash = '%s' WHERE admin_id = %u",
             mysql_real_escape_string($passwd),
             (int)$_SESSION['admin_id']
         );

# perform query
$result = mysql_query($query);
if($result === FALSE)
    echo "Internal server error occurred.";

Where %s stands for string and so it's quoted, and %u stands for unsigned integer in case the admin_id index, in the session array, is an integer.

Warning: mysql_query() expects at most 2 parameters, 3 given in admin\modify-password.php on line 40

It happens because this function does not support prepared statements, and it only accepts two arguments:

mixed mysql_query ( string $query [, resource $link_identifier = NULL ] )

Where the first argument is the query, the second is the connection link to the database, which can be omitted, unless you want to connect to multiple databases.

Docs: http://php.net/mysql-query

Is it stored as HTML with an <img> tag? If affirmative then you could use a regular expression to extract the image link. For example:

$content = '
    <p>Title</p>
    <div><img class="hello" src="/images/ocean001.jpg" id="img"></div>
    <p>Blue</p>
';

$pattern = '/<img[^>]*src[\s]?=[\s]?["\']?([^"\']*)[^>]*>/i';

preg_match($pattern, $content, $matches);
print_r($matches);

It should return:

 Array
(
    [0] => <img class="hello" src="/images/ocean001.jpg" id="img">
    [1] => /images/ocean001.jpg
)

So in your loop:

$pattern = '/<img[^>]*src[\s]?=[\s]?["\']?([^"\']*)[^>]*>/i';

while ($row = mysql_fetch_array($res))
{
    preg_match($pattern, $row['post_content'], $matches);
    echo'Post Content:' . $matches[1];
}

And replace 1 with 0 if you want the tag. It will be slow. An alternative is to use a DOM library, but in this case you should parse a full document, not a part. If you can, try to separate description from image link before inserting them into the database, and set them together when needed.

An alternative:

$t = call_user_func_array('array_merge_recursive', $r);

where $r is diafol's example array and it will return:

Array
(
    [sub_total] => Array
        (
            [0] => 1000
            [1] => 120
        )

    [total_tax] => Array
        (
            [0] => 82.5
            [1] => 9.9
        )

    [total] => Array
        (
            [0] => 1087.5
            [1] => 129.9
        )

)

Then do:

$totals = array_map("array_sum", $t);

Will return:

Array
(
    [sub_total] => 1120
    [total_tax] => 92.4
    [total] => 1217.4
)

@ganeshvasanth please open your own thread and share what you have done, so we can understand where is the problem.

It's deprecated:

• https://codeigniter.com/user_guide/libraries/cart.html

So it's better to not adopt it, unless you want to update that code on your own.

The point is this: PHP 5.6 is going to be unsupported by the end of August 2017, the CodeIgniter team will not port CI 3 to new versions of PHP.

They are planning to release a new version of the framework (CI 4) by Spring of 2017 it will be based on PHP 7, from this new version the Cart library will be removed, along with Javascript, Unit_test, and Trackback libraries. There will be major differences, so it's not sure you will be able to upgrade without changing the code.

Since the new version is still not public, I would be careful to start anything new with it, because it's still not sure how the project will develop.

Source: http://forum.codeigniter.com/thread-62615.html

It happens because you're using NULL values, for the series it's not a bug, it's a feature:

• https://bugs.mysql.com/bug.php?id=8173

"Request Timeout. Server timeout waiting for the HTTP request from the client."

I'm not much confident with WAMP setups, but this seems to be error 408. I would test PHP configuration by running the internal server, so to understand if it depends on Apache, by the upload form or something else related to WAMP.

In order to test it, create a script with:

<?php

    vardump($_POST, $_FILES);

Then run:

php -S localhost:8000 c:\test.php

And finally use curl to send a request, for example:

curl --trace c:\curl_output.txt -X POST -F filename='asd.jpg' -F file=@c:\asd.jpg http://localhost:8000/

This should create an hex dump of the entire upload cycle, from here you can maybe understand why it hangs and see if through the internal server works.

You can, then, repeat the test by pointing the curl request to your upload script (and by adjusting the -F options to match your upload form), and see what happens to the script handled by WAMP.

A part this I cannot do much else, because we are exploring the issue without seeing the actual code, so if it does not help you may want to share the form and the receiver script.

In the previous century (the owls could still speak sometimes :o) ) we used to keep some sort of diary where we noted every day on which part of the project we did some work.

I do the same, I set up a sort of wiki (an index, a search, CRUD forms with Textile) in which I write about everything I develop, from database table schemas to project definitions.

Try with:

sudo service mysql stop

Then the pid file should disappear.

Ok, then try to reset the root password as described here:

• http://dev.mysql.com/doc/refman/5.7/en/resetting-permissions.html

Excuse me, it was late at night and I suggested an index key of an old version, the line it should not be:

$cfg['Servers'][$i]['nopassword']

but:

$cfg['Servers'][$i]['AllowNoPassword']

as defined in the documentation link.

By the way, are you able to sign in through mysql command line client?

mysql -uUSERNAME -pPASSWORD

remove -p if password was not set.

which one needs to have phpmyadmin installed on it, the web/php server or the machine I'm developing from.

If the database is accessible from remote then you can install PHPMyAdmin wherever you want, just edit the config.inc.php file to set the IP of the database in the host index, check the documentation here:

• http://docs.phpmyadmin.net/en/latest/config.html#server-connection-settings

For the AllowNoPassword check the same documentation:

• http://docs.phpmyadmin.net/en/latest/config.html?highlight=allownopassword#cfg_Servers_AllowNoPassword

In practice set $cfg['Servers'][$i]['nopassword'] to boolean TRUE and you should be able to enter without password.

Note: this kind of setup is fine only for local (your box) development.

/me I can see flames of war coming o_o

I would say because it's easy to use and, at the moment, it's easy to replace developers.

You have to assign a value to parameter:

<?php echo anchor('admin/pages?parameter=value', 'Click Here'); ?>

Otherwise the IF condition fails, try:

var_dump($this->input->get('parameter'));

@Florea

Hi, open your own thread with as much details as possible.

Ok, but the $g4 value is sent to the query? And if you perform the original query directly into a mysql client, do you get results?

Line 30, $options = array(). Why did you need to declare $options as a parameter?

The constructor works like a function, so you have to declare the expected parameters, as example when you call:

$sys = new Engine(array('abc'));

In the class you need:

class Engine {

    public function __construct($data)
    {
        # work with $data
    }

I added a default value $options = array() in case Engine is defined without a parameter:

$sys = new Engine;

But it would raise warnings, as there will be some undefined indexes. It's up to you to define the behaviour of the class, so you can decide to check if the parameter exists and if it's an array and if the indexes are those expected...

I can't understand what you mean, could you shine some more light on it? Are there any changes in outcome or something?

With your current code:

return $z;

You get:

Array
(
    [IMAGES2] => image3.jpg,image2.jpg,image1.jpg

    [IMAGES] => image1.jpg,image2.jpg,image3.jpg

    [TITLE] => Job=test

)

Which apparently is correct, but each index is spaced by a carriage return. By replacing that return with:

return array_map('trim', $z);

You get:

Array
(
    [IMAGES2] => image3.jpg,image2.jpg,image1.jpg
    [IMAGES] => image1.jpg,image2.jpg,image3.jpg
    [TITLE] => Job=test
)

This reflects in the first $toReplaceTemplate array, the result will change, as with your code the unmatched expressions were looking like:

[10] =>         --for image1.jpg,image2.jpg,image3.jpg
 as IMAGE--

With my suggestion they will change to:

[10] =>         --for image1.jpg,image2.jpg,image3.jpg as IMAGE--

Hi,

what is the error message? Have you tried by contacting their support service? From what I've seen you have to perform a curl request and get a response in JSON format:

• https://www.swipehq.com/support/support_detail.php?cat=Developers&title=Example+Code

But from the documentation I cannot see what would happen in case of error and what to expect. I would ask them to point you to full documentation about their API and see if there's already an official or recommended PHP SDK.

Besides, if you feel unconfortable with curl, you can use guzzle, which is an easy PHP HTTP client:

• http://docs.guzzlephp.org/en/latest/

By changing line 50 with:

return array_map('trim', $z);

you avoid new lines in the ParseVariables() generated array and let the regular expression match the pattern.

A problem I see is an undefined index at line 60, which is:

$toReplaceTemplate[$index] = str_replace($contentFrom, $replaceDict[$indexToGo], $toReplaceTemplate[$index]);

And in particular is caused by $replaceDict[$indexToGo]. The $indexToGo matches ++VAR++ and your class is not checking the exceptions, so you could do:

"exceptions"        => array("VAR")

At line 11, then at line 58:

$indexToGo = str_replace("++", "", $output[0]);
if(in_array($indexToGo, $options['exceptions']))
    continue;

You have to add also global $options, but I would avoid such and move the options array to constructor.

You can see the diff here: http://www.mergely.com/f2MpuXAB/

Check also: http://regexr.com/

--- EDIT ---
never mind, jkon's questions are more pertinent to solve this.

Hi,

the insert query is missing the VALUES closing parenthesis:

... ADDDATE(NOW(), INTERVAL 1 MONTH))

When in doubt add mysqli_error():

• http://php.net/manual/en/mysqli.error.php

Bye!