Posts by veedeoo

Hi,

Two doors where the shell hack can take over the server.

1. First, the ftp credentials of the server users where maliciously stolen from the PC. For example, sitemanager.xml of filezilla is an easy target because it is just a text file that can be grab and send to the trojan executioner.

2. Second, entry by force and slow cooking. This method is used along with the cURL remote form spoofing. What happened here is that they create an alpha numeric array base e.g. A, a, B, b, C, c, 1,2,3,4,and the list goes on., they go to the target site and attempt a fake registration just to find out how many characters, what type of characters are allowed for a password, they look around to the site and look for any valid registered users e.g. admin. Once they find all these info., they feed the cURL with the random alphanumeric combination using your own password control. They continue to do this process in loop for X^n where x is the sum of alpha numeric in the array and n = x/no. of minimum and maximum password characters required.

something like this, but I am not going to make the code even near to a working codes..

$pass_array = array(## all possible allowed alha-numeric ##);
$pass_cCount = 12; ## minimum

$generate_fake_password = randomized_array($pass_array,$pass_cCount);

$gnenrate_md5_pass = md5($generate_fake_password);

The expected output of the above script is feed to the cURL as password e.g.

$y = 0;
while($y<= 10000000000){

    ## do this …

Hi Dani,

My guess is that the constructor of your class is always overloaded. Will it be possible to write a new class that will responsible for checking if there is an instance of Memcached on each page?

You can use a simple singleton to act as the director or instantiator for all Memcached instance request. By doing this, you will be able to remove the object and others from the constructor and replace it with the singleton. So by doing this, the instance requests can be effeciently monitored.

If using the singleton, you will probably need to create a new method to handle all of your conditions that are located on your constructor.

Although Singleton's constructor is also loaded, but it is better to overload one class for monitoring purposes than overloading the constructor of the application class..

I really don't know if this can be of any help, but this is how I would do it on a much bigger application. Most importantly, if we have too many classes overlapping each other. Monitoring them is pretty tricky..

WARNING! singleton codes below are coming from top of my head... I getting ready for my flight to Princeton. I might have to double check on this, once I get into my computer..instead of a netbook. There might be some errors on the codes below..

<?php

final class GetInstance
{

private static $classIntance = array();

## in nature this contructor is overloaded, but only this one
private function __construct(){}

## we …

Hi,

it will always return true, because of your where clause

WHERE `permissions` = 1 OR `permissions` = 2"

if there is nothing to count in user_id, then your codes above will return how many members with permission 1 and permission 2. Thus, your script above will literally return the entire count for perm 1 and perm 2.

You can add AND matching only the user_id,, but I am not sure if this is what you are trying to do..

Something like this..

("SELECT COUNT($user_id) FROM `users` WHERE user_id = '".$user_id."' AND `permissions` = 1 OR `permissions` = 2"), 0)

That should return either 0 or the total count of members with the same user ID and with either permission 1 or permission 2..

Hi,

Yes, it will be a lot easier for you, because you don't have to deal with all the extra coding trying to create a bridge between two applications..

Hi,

You may want to try using array_push() function.

example of usage...

<?php
    $bd= array('1','420'); 

    array_push($bd,'2','520');

    echo $bd[0].'<br/>';
    echo $bd[2].'<br/>';
    echo $bd[1].'<br/>';
    echo $bd[3].'<br/>';

@lastMitch,

not necessarily.. I just included the player for duration comparison.

Here is the demo of the script unable to read the proper duration. The video loaded on the player is an h264/mp4 not process by MP4Box or any moov atom application. The reason it is streaming, before the entire file has been loaded by the browser because of the floyplayer javascript stremaing module file.

I installed the ffmpeg, mencoder, flvtool2,mp4box, and ffmpeg-php on this server to demonstrate how the ffmpeg-php can read the video duration regardless of the file types or codecs.

Results;

Player duration readings : 10:17
The php function above  :  2:3:55 

// because of the increase in file size and h264 codec in the mix, the php function above failed . It's approximation is way out of the ten minutes. This is probably due to its inability to dig into the video file using fread, so by default the approximation was solely based on the file size.

FFMPEG PHP : accurately read the video duration in seconds  **617.68371582031**

Php code used for the ffmpeg-php

$video = new ffmpeg_movie($videoFile);

echo 'Duration in Seconds: ' $video->->getDuration();

Even the html5 player will have a hard time playing the h264/mp4 video files with the moov atom located in the end of the file. This will create a tremendous amount bandwidth usage. So, for people who are trying to have a video site with medium traffic, flv or ogg should be the codec of choice. The …

Hi LastMitch,

The script may only work on flv, avi, mp4, but it has some limitations though. Some video files like the h264 that hasn't been process with mp4box, the PHP function may not be able to read the time duration, because of the position of the moov atom.

For h264 videos, the moov atom is located in the end of the file, while the flv ,avi, and divx, the moov atoms are all in the beginning of the stream file. Actually, when it comes to flv it is called metadata..

Here is the demo.. I loaded the video on the flash player, and then below the player I used the function to reflect the time as seen by the PHP script. The video durations shown in the player and outputted by the PHP script are pretty close to each other.

The limitation of the function above relies heavily on the reliability and integrity of the PHP function fread().. I strongly believe that as the video file gets bigger in size, the script will eventually heads for failure. Most standard video file size for web streaming is little under 200MB. I have not had the chance to test the function above or beyond the 30MB video, because most of my test videos are all lower than 30MB.

@oop_php, Dude thanks for accepting my invitation..

@SPeed_FANat1c , red5 and other players will also do the job. This is for paid content streaming though, but for videos that are for gratis or free, you can just provide them with embed codes.

For additional security and validation, you may want to use pseudostreaming script by xmoov. oop_php and I modified the pseudostreaming by xmoov to hide the url of the video, but that is not enough, it has to be delivered by red5 and then use the pseudostreaming for the link with secret salt.

You can search for xmoov on google, or if you can't find it let oop_php know, so that he can help you with the script, and then ask him how to impliment codes below.

$salt = 'K49sS9q0';
define('XMOOV_GET_AUTHENTICATION', 'token');
if($_GET[XMOOV_GET_AUTHENTICATION] != $salt) {
   header("HTTP/1.0 401 Access Denied");
   exit;
}

Codes above if added to the xmoov written by Eric Lorenzo Benjamin jr owner of the xmoov, the video cannot be access directly except by the player..e.g. jwplayer.

Welcome to Daniweb oop_php.. I am heading to New Jersey.... talk to you later Dude.. :)

Hi,

Do as suggested by arti18, and then you go like this just right after the delete query..

WARNING! make sure the page reponsible for deleting items both database entries and images in the directory, must have a controlled access. Otherwise, if the search spider is able to crawl these images and accidentally followed the delete link, all of your images will be gone in one sweep...

first we check if the file exist.. let say the file name you have in the directory is based on the image_id.ext, and it is located in the imagedirectory.. we can do like this

## the delete query here..
## put the mysql error here.
## check if the file exist
    ## define the location of the image to be deleted
    $image_file = 'YourImageDirectory/'.$image_id.'.jpg;

 if (file_exists($image_file)) {
    unlink($image_file);
    echo 'image deleted';
} 
else {

    echo 'image does not exist';
}

Alternatively, we can write a simple class for the upload processor, and then just add the methods for database insert and delete..

English, but I am trying to learn conversational Spanish. Took two Spanish in High School and got excellent grades on both of them, but I am still having difficulty understanding when I am around with the Spanish speaking people. My parents are in California.. I also have Spanish lesson in my ipod that I listen all the time :)..

I am very much interested in learning Mandarin and Japanese also.

I know a little of French, Italian, Irish, and Filipino, because I am a mixed of all these fine wine drinking people... :) :) I am a coffee drinker though and have no affinity to alcohol whatsoever...

hi,

can you please marked this solved.. just to let the volunteers know... landed on this page the third time :), and there is nothing to see here as you noted...

thanks,.

I am more likely the guy on the left, shifted to face-palming after all the hair were pulled out...oouchhhh that hurts. :)..

Let me do a test also....maybe we can change those faces to a happy face.. :) :)..

Hi,

So, you deliver this script to your client? You use the client's gmail account to send mail through script?

If that is your case, all you have to do is tell your client to run the script one more time, and then a failure should occur again, instruct your client or whoever owned the email address to login to their google account. Upon successful login to the gmail account, wait for the red bar notification on top of the page, click this notification and confirm that they have knowledge of the server's IP sending an email and requesting an authorization using their gmail account credentials..

kind of like this...

server PHP MAIL---> initiate mail function -->use gmail account credential instead of the server's default -->data send to gmail for authentication-->

Authentication response--> true? email is sent
Authentication response--> false? SMTP server error: 5.5.1 

I might have the wrong understanding about your question.

Hi,

Based on your script above, you should only get 1 image at a time.. The reason is that you are acessing the image file from your PHP tmp directory.

What you need to do is use

$new_location = 'yourDir/filename.extension';
move_uploaded_file($_FILES['image']['tmp_name'], $new_location);

## then you can bring it on the screen

echo '<img src="$new_location" />';

If you want to upload multiple-images, then you will have to add more file input. If you want to view all the images in the directory including the newly uploaded file, then you will need to write another php script for that..e.g. scan image directory and then iterate through its contents based on the extension you want to show..

Hi,

It all depends if on how your API was written. If it was written to accept a file then you can easily send file from your computer's WAMPP or XAMPP to your external site, assuming that your desktop is connected to the Internet.

You can use cURL to communicate with your API script... that simple...

if you want to print the result from table stock then you should do something like this.

!IMPORTANT! My mysql techniques are pretty rusty.. it has been a while since I used it in application. I am so accustomed of using a database wrapper..

here we go let me give it another try...

$result = mysql_query("SELECT * FROM stock") 
or die(mysql_error());  
while($row = mysql_fetch_array( $result )) {


echo $row['Produk'].'<br/>';

echo $row['Jumlah'];

} 

that's pretty much it... Just a friendly suggestion... if you will be using this script for more than a year, I highly recommend to use a PDO wrapper or mysqli..

PHP language is going for High Level language status pretty soon ( I mean it is already is, but it has to be refined). So, our conventional ways of writing codes may become old style that will only work on older version of PHP. I have no problem with the procedural, but OOP will be the standard pretty soon..

hi,

This might be the culprit

echo mysql_query("SELECT * FROM stock");

Hi,

PLease allow me to add something. I think the closest design you can probably use that is similar to 1stbyste.com is the twitter bootstrap. It is easy to use and easy to implement. In fact, I use it a lot with smarty templating engine as a parent template...

There is another one, but for some reason I cannot remember its name.. I will post back as soon as I remember the name.. :)

Do as suggested above, otherwise, it appears to me that you maybe using an ubuntu? or any linux derivs ? How did you install your server? conical or command line?

Let me know if it is Linux distros... that should be an easy fix...

sudo :)....

Hi,

If your VPS have the latest PHP version on it, this is probably not necessary. Learning it to go backwards is not a good idea, because magic_quotes has been deprecated..

Please allow me to just add these info., because I am sure you will be asking how to create a remote CSV file using the API..

I will be using this as example, the integer coding guideline is located in the last page of the documentation.. I believe this is an example of a CVS file 1 as indicated on the id.

{"method": "Project.importOrdersTripletexCSV", "params": [";2010-01-01;10010;Tripletex;Kronprinsensgt.17;;251;Oslo;post@tripletex.no;;;;;1111;2010-03-01;Leveranseveien14;\"'Dette er en kommentar;;;;;;;;;1000;;3;Ordrelinje (h\u00f8ysats);\r\n","ISO-8859-1",true, false], "id": 1}

First, you can initialize the cURL to

$ch = curl_init('https://tripletex.no/resources/examples/order_import_example.csv');

Then you define your CVS data... values can be from database or from any resources you may have. Here is the equivalent post request in PHP

 $csv_data = array('method'=>'Project.importOrdersTripletexCSV','params'=>array('put all the data here'),'id'=>1);

  $csv_data = jason_encode( $csv_data);

thanks for bringing that up... I will look at throughly later..

For the time being you may want to experiment by sending the cURL post request to https://tripletex.no/JSON-RPC . The common response from tripletex if we send an empty data to this url will be

{"error":{"code":590,"msg":"couldn't parse request arguments"}}

That response will enable us to create a cURL function using the proper protocol as described in the documentation.

Without reading the documentation in its entirety, they want us to send request in this format as shown in their JAVA recommendation.. here is an excerpt of the JAVA code..

public static void main(String[] args) throws Exception {
HttpClient httpClient = new HttpClient();
PostMethod method = new PostMethod("https://tripletex.no/JSON-RPC");
String request1 = "{\"method\": \"Sync.login\", \"params\":
[7,\"test246\",\"test@test.no\",\"pwd\"], \"id\": 1}";

What the JAVA code above is requesting a method login, and sending the user password and id to the tripletex.no/JSON-RPC()..

Now, the challenge is how are we going to create the same functionality in PHP.. Keep in mind that tripletex requires us to have the cookies, and not only a cookie, but specifically they want the second cookie from the two outputted by the server.

here is the typical tripletex response along with two cookies and they want the second one..

RESPONSE:
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.0.2 (build: CVSTag=JBoss_4_0_2
date=200505022023)/Tomcat-5.5
Set-Cookie: JSESSIONID=09E2172BB69BA99F9CBA3AD9C0F2A025; Path=/; Secure
Set-Cookie: JSESSIONID=F81885A42D1CC3876039EAB8C441C5B3; Path=/; Secure
Content-Type: text/plain;charset=utf-8
Content-Length: 29
Date: Wed, 21 Jul 2010 06:59:38 GMT

Tripletex wants to validate on the second cookie from …

Hi,

Sorry for late response... If will be difficult to parse html by converting them into array like that and then re-parse for the xml writter script.

What we need to do is use a dom html parser..download this file from sourceforge and test it with simple html first..,

follow this instruction here..

for example, if we have a simple html document like this

 <html>
 <head>
 <title>this is going to be parsed</title>
 </head>
 <body>
 <table>
 <tr>
 <td>address 1</td>
 <td>address 2</td>
 <td>address 3</td>
 </tr>
 </table>
 </body>

The sample PHP for the parser can be like this..

include_once 'lOCATION_OF_SIMPLE_HTML_DOM_CLASS';
$html = file_get_html('htmllocation');

function parse_this($html){
$td_data = array();
foreach($html->find('tr') as $row){
   foreach($row->find('td') as $item){
    $td_data[] = $item;

}
}
## address 1 to 3 are in this array

return $$td_data;

}

## test it
print_r (parse_this($html));

Let me know if you successfully print out the array as shown in my example... Once you got it working, it will be so easy to generate an xml file..

try this first... put this before the closing bracket of the method listStats;;

    return $data;
    } // closing bracket of method listStats..

like this ..

    public function listStats($id) {
$sql = DB::inst()->query( "SELECT *
FROM ".
TP."tracking
WHERE
mID = '$id'
GROUP BY
mID"
);
$data = array();
if($sql->num_rows > 0) {
while($row = $sql->fetch_assoc()) {
$data[] = $row;
}

}

    return $data;
}

Hi,

What framework are you using?

can you var_dump or print_r this ?

listStats($id);

and this

$this->listStats

what do you get?

I am assuming that $this->listStats is a method of the view class?

Hi,

You can easily free yourself from this problem by trying to change your codes to this.. WARNING! Not tested though.. I am just looking at your codes and possible corrections to make it work..

    <select name="fileselect">
<?php
$pdo = new PDO('mysql:host=localhost;dbname=contisec_portal', 'root', '');
$stmt = $pdo->query("SELECT dateid FROM date_header");
//$stmt = $pdo->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo "<option value='" . $row['dateid'] . "'>" . $row['dateid'] . "</option>";
}
?>
</select>

If you really need to use prepared statement, please let me know so that I can test it. For now, the above codes should work for your purpose..

UPDATE! this will only work to check if the class exists, but will not be able to check if there is an instance of the class already been instantiated.. try looking into this PHP function called instanceof.

you can also create a simple conditional checkpoint.. this is important in real world practice, because as your application gets bigger, you will not be able to track all of the instances going on and off within your appplication.

one method is to use an autoload or to use any of the 5 design patterns e.g. factory,,singleton,observer,chain of command and strategy patterns.
second, is to check if the class exist before actually initializing it. For example, we can put this on top of the php document requiring a class file and needing an instance of that class..

if (class_exists('FaceBookAPI'){
include_once ('location_of_facebook_API_class');
$fb_class = new FaceBookAPI();
}

To learn more about this method, please read my reference.

Here are some of the php functions that can help and can save dosages of headache medication :). I lifted them here..

method_exists() - Checks if the class method exists

is_callable() - Verify that the contents of a variable can be called as a function

get_defined_functions() - Returns an array of all defined functions

class_exists() - Checks if the class has been defined

extension_loaded() - Find out whether an extension is loaded

You can also prevent this from happening to other classes in your application by creating an …

@nunuaziz_,

try code739 recommendation first.. if it does not do the job.. try...

look inside your server's directory, look for a directory named send mail..and your local server should have a Mercury Mail in it or equivalent.

For Wampp and Xampp this directory is inside the installation dirctory, or the same level as the Apache directory.

Before posting your response, copy, paste to notepad, save as find.php in the htdocs dirctory of your localhost this code

<?php 

phpinfo(); 

?>

Use your browser and point it to http://localhost/find.php ..

Locate "Loaded Configuration file" ... this will tell you which php.ini file is loaded or currently being use by your server.

Using a notepad or any suitable text editor.. open the php.ini file as shown by your phpinfo above.

IMPORTANT!!!! You need to have a gmail account for this work..

on your php.ini file as mentioned above, locate

  [mail function]

find

 SMTP = localhost
smtp_port = 25
sendmail_from = postmaster@localhost

change the above to

SMTP = smtp.gmail.com
smtp_port = 587
sendmail_from = YourAccountUserName@gmail.com

SAVE YOUR CHANGES.....

Second Step ... find the sendmail This is located or in the same level as the htdocs, apache, mysql, and phpMyAdmin..

Open the sendmail directory and locate the file named sendmail.ini

once again, find

smtp_server=localhost
smtp_port=25
;auth_username=
;auth_password=

change the above to this

;smtp_server=localhost
;smtp_port=25
;auth_username=
;auth_password=

JUst below the commented entries above, addd

smtp_server=smtp.gmail.com
smtp_port=587
auth_username= YourAccountUserName@gmail.com
auth_password= YourGmailAccountPassword

Save your changes on both …

Hi,

The pdf file link is dead..

To send a jason to the tripletex, the recieved response from paypal can be forwarded to the tripletex..

example...

 ## response from paypal..this may contain payment, item, amount, quantity, subscriptions.
 $this->response_status = strval(curl_getinfo($ch, CURLINFO_HTTP_CODE));

 ## stablish a filtering mechanism to make sure response is true..
 if($this->response_status){

 ## use jason_encode the data recieved from paypal
 $paypal_data = json_encode($this->response_status);  

 ## stablish a new cURL connector for the tripletext
 ////////// put all cURL 
curl_setopt($ch, CURLOPT_HTTPHEADER, array(                                                                          
'Content-Type: application/json',                                                                                
'Content-Length: ' . strlen($paypal_data))                                                                       
);       

If the data from paypal does not match the API format of the TRIPLETEX, then you can either add data to the paypal response or reiterate through the response array and just remove what is not needed.

To add mor data into the array response from paypal, you can use array_push(). Something like this. For example paypal response is given like this

    ## example of paypal response, shown as an array

    $paypal_data = array('success'=>'true','item'=>'ipad','confirmation_id'=>'1235488','amount'=>'15.00','currency'=>'USD');

If you need to add more data as per tripletex requirements, you can do it like this.

array_push($paypal_data,'inventory'=>'100','sold'=>'50','receipt'=>'45597798','t_id'=>'1235488')

Hi,

Can you tell us what do you have in your server?

1. Apache?
2. PHP version?
3. Mercury mail?
4. Send Mail?

Those things we need know..

Hi,

can you type localhost:80/phpmyadmin or localhost:8080/phpmyadmin on your browser? One of these should allow you to access the phpmyadmin page.

Can you use the windows file search and search for the location of wampmanager.ini or wampmanager.tpl? I am not sure though, but I think it is worth trying. You can search the two files on google to see if someone already posted it online for this pupose.

Although I am not sure which of the two is responsible for generating the parameter http://localhost/phpmyadmin/, it has to be changed to http://localhost:8080/phpmyadmin/, if the browser test suggested above works.

Otherwise, you should consider installing xampp or something that can be easily configured. Portable xampp and portable nginx can do this job without using up your free time trying to configure it to work.

sorry, for the double post..how did it happen??????

I believe the penny gained at 40K was coming from 0.00026 . $factor minus the actual value used (0.065)..

No, I am waiting for the original poster to respond. If you were following the thread since it was posted, then you should have let us know...

If you are referring to me.. YES, your assumption is correct I have no knowledge how the registration process, and your efforts will be greatly appreciated if you can teach me how... :).

Hi,

First, you will have provide us with the tags for your xml files. What I meant by tags is your own mark up based on your needs or how do you want the xml file structured.

something like this,

<?xml version="1.0"?>
<mydata>
<item>
<title>my title</title>
<description>my description</description>
</item>
</mydata>

Second, you will have to provide us with your sample html document, so that we are able to see if it can be parsed using PHP, and then ultimately write the parsed data in xml format as file or directly to the browser.

example of possible HTML doc..

<html>
<head>
</head>
<body>
<h1> Title </h1>
<p> My description</p>
</body>
</html>

Here are the wrappers I found One and two. You can either use them or use them as reference.

I wrote an extended version of ricocheting, but it will only work on frameworks and template engine queries.

If you will be following ricocheting's wrappers, this wrapper is written in Singleton pattern. If you will be using an instance manager instead of auto-loader, you must remove the singleton objects.

In an occasion where you still want to go ahead and write your own wrapper, here are my suggestions.

1. wrapper should have a method that can work on all of PDO objects. For example, you may want to create an object within your class that will handle a requests from specific class of an application.

Example codes ..WARNING! NOT TESTED ... just giving you an idea.

public function bind_to_class($thisClass){
## this is an array output
return (self::fetchAll(PDO::FETCH_CLASS,$thisClass));
}

Alternatively, you can write the same method with query option something like this. Warning! This is an skeleton method and will not work until the proper external objects are implemented and defined.

public function bind_to_class($thisClass, $thisQuery){
## just like the first example this will return the result as array 
$fetchThis = self::query($thisQuery, PDO::FETCH_CLASS, $thisClass);

    while($row = $fetchThis->fetch()) {
     $out[] = $row;
    }
    ## this will deliver the output to the outside
    return $out;
    }

1. Wrapper should be able to return affected row count.
2. Wrapper should be able to return single item query result.
3. Wrapper should have a …

this will work also, even if the $element is not initialized

$andy = new ThisArray($nameArray);

because of the the =NULL in the constructor..

You can also access the object similar to what broj1 have suggested.. something like this

foreach($arrayres as $name){
echo $name.'<br/>';

}

If this one, looks odd to you.

public function __construct($array = array(),$element=null)

you can also change it to this to make it a lot nicer

public function __construct(array $array,$element=null)

Hi,

here is a simple class pretty much similar to what you have above. $element is not mandatory during the instantiation. However, the $array is mandatory.

<?php

class ThisArray{

public $element, $array;

public function __construct($array=array(),$element=null){
$this->element = $element;
$this->array = $array;

}

public function load_Array(){

return $this->array;

}

public function get_element(){

return $this->element;
}
}


$element = 'Hello this is element';
$nameArray = array('bob','bill','rich','poorboy');

$andy = new ThisArray($nameArray,$element);

$arrayres = $andy->load_Array();
echo $arrayres[0];
echo '<br/>';
echo $arrayres[1];
echo '<br/>';
echo $arrayres[3];

echo '<br/>';
echo $andy->get_element();

Hi,

Please allow me to share my views and experiences with these template engines. Things I have not tried yet, are not included in the list..

pretty much, it all depends on how big is your application, the methods of how the php data is going to be passed to the template. How important for you is the template inheritance, how much multi-dimensional arrays the template engine has to process, do you want the template to be able to cached?

Things like those I mentioned above are very important in selecting which template engine work best in your application environment.

For lightweight applications, I will probably use RAIN TPL or TinyButStrong. These two are pretty lightweight and can outperform the big template engines like twig and smarty.

Strength of lightweight template engines: 1 file, 1 class , less methods, less tags. For example, RAIN TPL and TinyButSTrong both falls into this category of being a lightweight. Another lightweight template engine that is worth mentioning is the Savant engine.

These templates have a pretty unique ways of handling arrays. The reason I must put so much emphasis on how a template engine will handle arrays, because most applications now a days relies on the contents stored in the database. To retrieve these contents the script needs to iterate through them. Some template engines does not accept a direct assignment of a database query without looping through the result first. In most cases, template engines would need to iterate through the data, …

Hi,

Try reading this, and follow the download link.

I totally agree with Diafol and Atli's recommendations. Ioncube is the most cost effective at less than a dollar per page. While the rest are just expensive to purchase, because they don't offer per file or page obfuscation. There is a source guardian for 199 dollars and another one I don't remember its name runs for 99 dollars. For the expensive ones, you can keep the software and can do unlimited obfuscatation as you want.

Now, real truth about obfuscating your source. Pretty much all of them now can be decrypted offshore. I know a company that can easily decrypt large application in less than a week for less than $50.00 a pop. Compare that to your licensing fee.. make sure to price your product less than the cost to obfuscate your application.

Besides, any highly knowledgeable programmers will be able to recreate any PHP programs, or maybe better. PHP is a fast changing language; thus making codes written today becomes an obsolete codes by tomorrow. Why waste all the money and time in obfuscating the source, only to decrypt them at a later date for upgrade. Many PHP functions are being thrown into the deprecated bin everytime a new distros are release.

Advance solution (REQUIRES LOTS AND LOTS of Coding and logic analysis).. I did this for a company some 1 1/2 years ago.

1. Create an environment-aware installer. Make sure that the installer will gather all important data about the server, salted id, and domain name, every time the …

Hi,

You will need to add something like this

if(isset($_GET['param'])){

## rest of your codes here

}

else{

## code when $_GET is empty

}

The Theory!! Another trick I use outside the norms is this

if($_GET){


## codes here if $_GET is not empty
## make sure to check for empty values.

}
else{
## codes when $_GET is empty

}

Ok, ok,... I know people maybe wondering what the H.... is going on? why am I using it instead of (isset($_GET['param'].

Proof!

 if($_GET){

 var_dump($_GET); 

 ## codes above should return an array if $_GET is not empty

 }

Another way of doing this can be like this,

if($_SERVER['REQUEST_METHOD']=== $_GET){

## do things here

}

Hi,

Try adding, these codes just below the fclose($fh);

echo substr(sprintf('%o', fileperms('/test/test.txt')), -4);

Make sure to put the proper loction of the test.txt.. Let us know of the 4 intengers printed on your screen.

Hi,

Just need patience in waiting for the response. All expert and master coders are volunteers, and ONE junior volunteer like myself is always lazy all the time :)..

In fact, I think I already posted many variations of read_dir function in this forum.. Since, I don't keep a record of those little things, let me write another one.. always new every time..

here we go... I don't have the chance to test my codes below, but I am pretty sure it will work..

   <?php

        function xmlFiles($dir,$ext) {
        $d = dir($dir); 
        while (false!== ($file = $d->read())) 
        {
        $extension = substr($file, strrpos($file, '.')); 
        if(($extension == '.'. $ext))
        $xml[$file] = $file; 
        }
        $d->close(); 
        asort($xml); 

        return $xml; 
        }

to use the function above, do it like this

        $theseXml = xmlFiles('./xml/','xml');
        echo '<select>';
        foreach($theseXml as $file){
        echo '<option value="'.$file.'">'. $file .'</option>';

        }

        echo '</select>';

Always refer to directories in reference with the htdocs directory. Everything within this directory are viewable through a browser. So, this C:/xampp/htdocs/xml is not valid if you are using a PHP script located inside the htdocs directory.

If you want to use something similar to that, then you will have to define it like this.

    define('DS', DIRECTORY_SEPARATOR);
    define('ROOT', dirname(__FILE__));

and your xml directory will can be referenced like this.. assuming that it is located in the htdocs or root directory.

    $xmlDir = ROOT.DS .'xml'. DS;

Hi,

Can you please elaborate which table names?

Mysql? ==> show us your codes?
Something else? ==> show us your codes?

You will be able to use or implement either one of the common design patterns. My favorite is the observer pattern and Singleton pattern.

Benefits in writing codes in OOP
1. One or more classes can be derived from a base class. This is called inheritance. As the application grows overtime, new methods are needed to accomodate the growth .

For example, if we have a bicycle class responsible for displaying information all about bicycle, years later our applications needs to provide information for both the bicycle and the motorcycle. For non-OOP programmers, the first thing that will come to mind to accomodate this change is to trash bin the original bycycle class and create a new one that will handle both. However, for the OOP programmers, the first thing they do is to analyze what makes motorcycle similar to bicycle. All features of motorcyle that are not in the bicycle will be aded in the extended bicycle class.

A simple example to clarify my statement 1 above.

class Bicycle{

public $wheels, $chain, $power;

public function __construct($wheels, $chain, $power){
$this->wheels = $wheels;
$this->chain = $chain;
$this->power = $chain;
}

public function get_wheels(){
return $this->wheels;
}
public function get_chain(){
return $this->$chain;
}
public function get_power(){
return $this->power;
}
}

Example of inheritance, extending the bicycle class above to create a new child class motorcycle.

class Motorcycle extends Bicycle{

public $wide_wheels, $wide_chain, $motor_power;

public function __construct($wheels, $chain, $power, $wide_wheels, $wide_chain, $motor_power ){
    parent::__construct($wheels, $chain, $power);
    $this->widerWheels = $wide_wheels;
    $this->widerChain = …

you cannot embed html tags like that. You will have to close the PHP first and then add your html tags.

mysql_select_db('snack', $con);
?>
<form action="action.php" method="post">
<?php
mysql_query("INSERT INTO Produk VALUES ('Produk')");
mysql_query("INSERT INTO Jumlah VALUES ('Jumlah')");
mysql_query("INSERT INTO Tanggal_Masuk VALUES ('Tanggal_Masuk')");
?>
<input type="submit">
</form>

But then again, I have doubts if those codes will ever work though, because we don't have any clues about the rest of the codes.

One more question, what is the value of this variable $this->_clientref???? is this for the auto_increment id? column? if so, you will have to remove it. Mysql will do that for you automatically.

Hi,

just a suggestion. Since you are using bindParam PDO statement, can it be the data_type be responsible for the query failure? I am not sure, but I think we should try testing this possibility.

try doing this... I am not sure this is going to work, but I think it is worth trying..

$stmt->bindParam(1,$this->_clientref, PDO::PARAM_INT);
$stmt->bindParam(2,$this->_username, PDO::PARAM_STR);
$stmt->bindParam(3,$this->_password, PDO::PARAM_STR);

Before testing the above codes, try testing this method like this without the query..

 public function new_user()
{
  var_dump($this->check_user_exists());
}

If you are not getting the boolean response of 1 or true and 0 or false from the check_user_exists() method, try re-writing it to something like this.

 Private function check_user_exists()
{
$stmt = $this->_db->prepare('SELECT * FROM client_login WHERE Username = ?');
$stmt->execute(array($this->_username));
return (($stmt->rowCount() > 0)? true : false );
}

In addition to what Diafol already mentioned, you can use plain javascript for OR use the REST. You will need to read more on how to implement the REST in this API, then and ONLY then you can convert the REST codes to PHP using the cURL plugins.

Yes, it will take you some time, but the learning experience is priceless.

To use the REST API, you can read more about it here.

basic syntax for the REST connection

    https://apis.live.net/v5.0/me/albums?access_token=ACCESS_TOKEN

basic REST syntax for the skydrive as suggested by the microsoft

    POST https://apis.live.net/v5.0/me/skydrive/files?access_token=ACCESS_TOKEN

Basic information for POST and GET for cURL are shown here.

basic implementation of POST using cURL to the skydrive api,, just like the apis.live...albums

$url = 'POST https://apis.live.net/v5.0/me/skydrive/files';
$form_data = array(
              'token'=> 'ACCESS_TOKEN',
              'file' => 'FILE_NAME',
              'name' => 'NAME_OF_DIRECTORY'
              )

send the data to the API using the cURL "CURLOPT_POSTFIELDS "

$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $form_data);
$result = curl_exec($ch);
curl_close($ch);

the rest are just a matter of retrieving the data response from the remote server..

I am not sure if the skydrive response is json encoded array. If it is, then you can probably get away with it by passing the cURL output ( response from the remote server)...use something like this to test the response from the skydrive.

use var_dump to view the response array from the remote server..

    var_dump(json_decode($result)); …