Posts by veedeoo

I honestly believe, you can use composer autoloader and symfony class loader and http-foundation.

Supposed we have our development environment in localhost/myapp/, and we are running xampp or wampp on windows. We can easily solve the autoload problems in two ways. This is just an example. If you will running this on linux, then just add $ in front of the composer command that simple

First install the composer..,
1. Test the composer after installation and make it is working. Open the command prompt, and then type

composer

it should return the version and info. about your composer version.

1. Now let us create our simple application using composer autoload. Create the directory called myapp in your xampp/htdocs/myapp. Inside the myapp directory create another directory called application.

2. Open your text editor or any suitable source code editor and then paste codes below, and save as composer.json

   {
   
   "require": {
       "symfony/class-loader": "2.4.*@dev",
       "symfony/http-foundation": "2.3.*@dev",
       "phpunit/phpunit": "3.7.*",
       "swiftmailer/swiftmailer": ">=4.2.0,<4.3-dev"
   },
   
   "minimum-stability": "dev"
   }
   

I added some common vendors found on PHP MVC framework like Laravel, PPI and Kohana. I mean this is an actual build if you want to create your own framework.

I also added phpunit for you to experiment. If you will be applying for a 6 figure job as a developer, you must know all this, otherwise you will be debugging other people's codes for a long long time.

1. Go back to your command prompt and type

   cd c:/xampp/htdocs/myapp
   

once you are …

Like what Pritaeas and Cereal said, Laravel is well coded from the beginning to end. Laravel is also built upon Symfony Components without the Twig. I have seen questions on the web asking which one is better Symfony or Laravel. This question seems to be valid and yet Ignorant and extremely mal-informed. Laravel will not exist without the Symfony components and foundation. The founder of Laravel even acknowledge this, because of one of the person at the convetion asking him, if he want to close Symfony's door. His response was " We would never existed, if Symfony does not exist". So, what this means is that, the dependency of of Laravel's core to symfony is pretty high.

So, to add answer to your question, I would choose Laravel over CI, because it uses components that are regularly updated.

Here are the framework questions that are pretty confusing, unless you are extremely active in PHP community. I mean active at the core where all of the changes and developments are announce.

CakePHP -- Pretty much on its own, except for some contributed plugins and modules. Composer ok

Zend -- Pretty much on its own, but have enough resources to lead the framework game. No matter what convulated opinions we picked up from the web, Zend is not going away. They are pretty much part of the governing bodies that drives the evolution of PHP. Unless, our 3rd grade teacher who barely read technology news, said it is not true. Can take …

I also think $_SERVER['REQUEST_URI'] is a lot nicer thing to do. Most frameworks uses this approach that is why there is no big chunk of .htaccess file in CI but deny from all.

Hi,

There is no simplest form of a solution to a problem, without going into the basics.

I never crossed past the PHP forum, but I just did this time. It is not that I am not capable of writing codes in Ruby, but it is because I am so darn lazy.

My question is, what good will it brings you, if I or someone ever give you the codes that will satisfy your school homework questions?

Here are the stages of Ruby that I have to go through, while learning the language. Believe me it is not that hard really... at least for me. I just have to remind me about all these things.

1. Learn the form formatter.

   print "What's your name?"
   first_name = gets.chomp

2. Learn the operators like so..

   Addition (+)
   Subtraction (-)
   Multiplication (*)
   Division (/)
   Exponentiation (**)
   Modulo (%)

to multiply

1 * 2

to add

1 + 2

to exponentiate

2 ** 2

1. Learn sring function . Remember pretty much everything in Ruby are objects.

to get the length of a string

"mystring".length

"mystring".upcase

# this will create a  lower case of MYSTRING
"MYSTRING".downcase

1. Learn the naming conventions

   my_localvariable = "hello Ruby"

   this is legal in Ruby, but you must stay within the norms

   @my_localvariables = "hello Ruby"

2. Master the control flow as you move along

   print "Type a number: "
   num_typed = Integer(gets.chomp)

   if num_typed > 0
   

Hi,

To be able to use sqlite, you will have to use PDO wrapper. The most basic PDO approach can be something similar to this..

try {

$conSql= new PDO("sqlite:PathOfYourDatabase");

}
## catch exception right after the try
catch(PDOException $error){
echo $error->getMessage();
}

The linked script above is old, I am pretty sure it will have difficulty thrieving in the latest PHP environment. For example, looking at the class itself it is more of a backward compatible to the older version of PHP. So, the best way to make the script compatible to what you are trying to achieved is to make an upgrade.. In this part of the code,

class FGMembersite
{
var $admin_email;
var $from_address;

var $username;
var $pwd;
var $database;
var $tablename;
var $connection;
var $rand_key;

var $site_name; // this is from the salt.php
var $randK; // this is from the salt.php
var $userType = false;
var $userSess = null;
var $user;


var $error_message;

//-----Initialization -------
function FGMembersite()
{
    $this->sitename = $this->site_name;
    $this->rand_key = $this->randK;
}

function InitDB($host,$uname,$pwd,$database,$tablename)
{
    $this->db_host  = $host;
    $this->username = $uname;
    $this->pwd  = $pwd;
    $this->database  = $database;
    $this->tablename = $tablename;

}

You may want to upgrade it to something like this..

class FGMembersite{

## if you want you can itimize them nicely..

private $admin_email, $from_address, $username, $pwd, $database, $tablename, $connection, $rand_key, $site_name, $randK, var $user;

## like these
private $userType = false;
private $userSess = null;
private $error_message;


public function __construct(){

## we can create an instance of the PDO in …

Hi,

I totally agree with Broj1. To answer your 2nd questions, there are no definite numbers of ways, it all depends on what will comes up on the black box. Any vulnerabilities found on the website are tested if it can be use to make a bigger splash.

About the MD5 hash this has been exposed and abused too many times already, even the so called sha is getting closer to be exposed in a broad daylight, but I will take sha rather than using the MD5. What is new in PHP 5.5.0 -> 5.5.1 is the stronger hashing called password_hash. For now, I think it will be nice and tight because it is an algorithm option as parameter.

Below is a simple class, I just jotted down on my notepad++ to test the new password_hash, but when I began to test it, I've realized that I was running PHP 5.4.7 on my localhost. So, I retracted back and added the SHA hashing method for backward compatibility. I was going to use this as a replacement for the kohana password handler, or in sentry 2, because I don't really believe in open source when it comes to hashing. I always have doubts and too suspicious that maybe someone left the back-door open.

I used MD5 here just for the purpose of creating salt and key. You can modify the script below to your own taste, it is just an skeleton for testing, and not intended for production server..But …

Dude,

What the text meant is not to crawl any pages within and below the directory where the robot.txt is located.

If you don't want the spider to crawl the image directory, you can give the instruction like this

User-agent: *
Disallow: /images/

this

User-agent: *

is for all the robots or spiders.. I would disallow a crawl from an evil spider such as slurp, and allow the rest. so, my code will be something like this

User-agent: *

User-agent: Slurp
Disallow: /

The above will disallow the spider Slurp to crawl my site.

You must itimized all the not allowed bots.

You should be rewarded for solving this question. :) Check your skill endorsement...I pretty seldom I stop by in this part of Daniweb. It is not that I can't do all these things, but I found the other side more challenging..

just add something like this

move_uploaded_file($tmp_name, '/upload/images/photos/' . $name);
echo  '<img src="uploads/'.$name.'"/>';

on the file_exists declaration, just update the location..

The script above shows the image uploaded... you can change it to your #2 request.

I will look into this again tomorrow, maybe we can improve your script a little...

Please allow me to add my opinion about developing an extensible codes in OOP. It is always nice to start on the right track than going back for some bits and pieces that were left behind.

There are 10 design patterns in PHP. I was 13 when I first hit my keyboard to type <?php ?>, and as far as I can remember there were only 3 to 5 design patterns commonly used in PHP. Today, PHP has become a powerful Object oriented programming language and the design patterns acceptable to PHP development are now 10. It might be more, but I will only give the 10 to help you out which one will be your gig.

Just be very careful though, because design pattern does not apply to all situations. Important quote I picked up along the way "When you are holding a hammer, everything looks like a nail."

The reason I brough up this subject is to help people know that for every application there is a proper tools or coding techniques that should be implemented. I know very well that typing echo "this" returns the string "this", but that is only a speck of dust hovering by the PHP's front door. The core of PHP is evolving at an extremely high speed. If you ever tried writing codes in python or ruby there isn't a lot of upgrade activity there, while in PHP the update is happening every day if not hours.

After learning the construct, one …

sorry, I forgot to comment on your original question..

change this on line 62

<script>alert('Access Denied!');</script><?
goToURL("index.php");

to this

<script>alert('Access Denied!');</script>

<?php
goToURL("index.php");

Make sure to make corrections on all occurences of <?. For now, stay away from using the short tags. You can use later on..

@1a2p3a4c5h6e,

!Warning! Codes are not tested... but should work with pretty minor tweaks, just fix my excess parenthesis or missing quotes...

Just another humble thoughts of refactoring your codes is to use a framework style routing. To be able to do this, you will have to ** rename your php pages after the action** (the same as the action name, literally).

Can pretty much eliminate the elseif --if not all, as shown by simple routing function below.. You can also use FILE to make it like a wordpress style.. the choice is yours.. You are always welcome to add switch within the function to accomodate other file names as needed..

function get_Action($action,$directory){

$include_this_file = basename($_SERVER['SCRIPT_NAME'], '.php');

if(($include_this_file !=="") || (file_exists($directory .'/'. $include_this_file))){

    return $directory.'/'.$include_this_file;
}       
else{
     return $directory.'/show_laporanbelajar_guru.php';
     }
}

We can easily use it like this

include_once(get_Action(getParam('act'),'viewer'));

We can further refactor the above function by using a single line return.. similar to the common practices in Ruby or Python..thus, eliminating the else completely..

return((($include_this_file !=="") || (file_exists($directory .'/'. $include_this_file)))? $directory.'/'.$include_this_file : $directory.'/show_laporanbelajar_guru.php');

Aside from the extension entry, this is how the mysqli section on php.ini file should look or similar to this. Again this is all dependent to what..value of your Server API ? Apache module or fast CGI? should be shown on your phpinfo();

[MySQLi]

; Maximum number of persistent links.  -1 means no limit.
; http://php.net/mysqli.max-persistent
mysqli.max_persistent = -1

; Allow accessing, from PHP's perspective, local files with LOAD DATA statements
; http://php.net/mysqli.allow_local_infile
mysqli.allow_local_infile = On

; Allow or prevent persistent links.
; http://php.net/mysqli.allow-persistent
mysqli.allow_persistent = On

; Maximum number of links.  -1 means no limit.
; http://php.net/mysqli.max-links
mysqli.max_links = -1

; If mysqlnd is used: Number of cache slots for the internal result set cache
; http://php.net/mysqli.cache_size
mysqli.cache_size = 2000

; Default port number for mysqli_connect().  If unset, mysqli_connect() will use
; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
; compile-time value defined MYSQL_PORT (in that order).  Win32 will only look
; at MYSQL_PORT.
; http://php.net/mysqli.default-port
mysqli.default_port = 3306

; Default socket name for local MySQL connects.  If empty, uses the built-in
; MySQL defaults.
; http://php.net/mysqli.default-socket
mysqli.default_socket = "MySQL"

; Default host for mysql_connect() (doesn't apply in safe mode).
; http://php.net/mysqli.default-host
mysqli.default_host =

; Default user for mysql_connect() (doesn't apply in safe mode).
; http://php.net/mysqli.default-user
mysqli.default_user =

; Default password for mysqli_connect() (doesn't apply in safe mode).
; Note that this is generally a *bad* idea to …

Dude,

You are welcome...:)

I am not assuming that you don't know. I know that you already knew, but how are you going to confirm which loaded configuration file your server uses? The easiest way to find out that you are indeed editing the right php.ini file for your server is to view what is on the phpinfo()..

There are two types of php.ini file in most servers configured with fast CGI, if apache module you might end up with the third one located in the apache2 directory.

1. cofiguration file =====> /usr/lib ( common in shared hosting or vps with multiple accounst created through the WHM)

2. Loaded configuration file ==> this is the one being utilize by the server, and this is where the editing should be done. We will not know where it is exactly, without running the phpinfo().

I am aware about your query... but in order for me to help, we need to find out and make sure you are editing the right php.ini file. Again, I am not assuming here that you don't know. My only concern is that , is it the right php.ini file? Your ability to edit php.ini file here is not in question..it is the right configuration file.

As what you already stated, even after uncommenting this extension=mysqli.so mysqli is a no show.

What is left there to investigate is the possiblity of ==> server has not been restarted since the last edit of the php.ini file (hence, I always assume …

Hi,

You can use xampp, wamp,nginx portable ( this require a lot of work, but lighter). I would recommend for you to use xampp, because just in case you will need more help in setting it up, there are many people that can help you out.

No, you do not need to make any changes when you put it online or the production server. In fact, you can directly import your local mysql database tables to your online database.

The public_html in xampp is called htdocs.

Hi Dani,

Might not be the best answer, but I think among the few PHP functions that does not go really well with the suppressor, unserialize is one of them..

The reason is that, even with the suppressor, unserialized($var) will always gives an error if $var is not serialized.

Warning: unserialize() expects parameter 1 to be string, array given

Besides the much bigger frameworks e.g zend, cake,codeIgniter, I found wordpress to also use this function to store data..

I don't mean any harm to the wordpress people, and I honestly sorry if I have to disassemble this part of the codes for the reason of GOOD cause..

So, my idea is to check if the $data is serialized before returning the method is_serialized..

Here we go !WARNING! Borrowed from Wordpress without authorization.

Let's create a new method to check and confirm that $data is serialized or not..(This returns Boolean)

private function checkIf_serialized( $var ) {

    if ( !is_string( $var ) )
        return false;
    $var = trim( $var );
    if ( 'N;' == $var )
        return true;

    if ( !preg_match( '/^([adObis]):/', $var, $s_chars ) )
        return false;

    switch ( $s_chars[1] ) {
        case 'a' :
        case 'O' :
        case 's' :
            if ( preg_match( "/^{$s_chars[1]}:[0-9]+:.*[;}]\$/s", $var ) )
                return true;
            break;
        case 'b' :
        case 'i' :
        case 'd' :
            if ( preg_match( "/^{$s_chars[1]}:[0-9.E-]+;\$/", $var ) )
                return true;
            break;
    }
    return false;
}

The is_serialized method above can be rewritten as follows

public function is_serialized($data)
    {

    //return (@unserialize($data) …

Dude,

It can't be the same result if you are following my first response, Where it says look for the value of the "Loaded Configuration File"..

The value assigned to the loaded configuration file is the location of the php.ini file currently being loaded by the apache server to initialize the PHP support.. that's simple..

DO NOT EDIT the php.ini file located in the C:\WINDOWSthis is a system php.ini file. Apache needs to at least tell the mother ship what it intends to do..

This-> Loaded Configuration File and NOT this ->** Configuration File (php.ini) Path**

Normally, the loaded configuration file is located in the php directory compiled with the apache2..for example

C:\php\php.ini 

If you are using wamp or xampp, it is more likey located in

C:\xampp\php\php.ini 

To help you out more, this is how the default setting would look like

;;;;;;;;;;;;;;;;;;;
; Resource Limits ;
;;;;;;;;;;;;;;;;;;;

; Maximum execution time of each script, in seconds
; http://php.net/max-execution-time
; Note: This directive is hardcoded to 0 for the CLI SAPI
max_execution_time = 30

; Maximum amount of time each script may spend parsing request data. It's a good
; idea to limit this time on productions servers in order to eliminate unexpectedly
; long running scripts.
; Note: This directive is hardcoded to -1 for the CLI SAPI
; Default Value: -1 (Unlimited)
; Development Value: 60 (60 seconds)
; Production Value: 60 (60 seconds)
; http://php.net/max-input-time
max_input_time = 60

; Maximum input variable nesting level
; http://php.net/max-input-nesting-level
;max_input_nesting_level = 64

; How many GET/POST/COOKIE input variables may be accepted
; max_input_vars = 1000

; Maximum amount of memory a script may consume (128MB)
; http://php.net/memory-limit
memory_limit = 128M

change this

 ; max_input_vars = 1000

to this

 max_input_vars = 3000

comment line in php.ini file is

;

If you have suhosin installed, consult their docs.

To answer your last question, you can either increase it to or higher. It is your call. Don't forget to restart the apache.

max_input_vars = 3000

I forgot to tell you that you will need to restart the apache server.

Hi,

copy, paste to notepad, save as whateverfile.php, and direct your browser to this file.

<?php 

    phpinfo(); 

    ?>

Look for the value of this

Loaded Configuration File 

Using your windows explorer and locate the php.ini file as shown on your Loaded Configuration File .

Change the values of the following

post_max_size
upload_max_filesize

it is ok to give it a higher value like 200M.

last thing, change this value to a higher value as needed by your php applications..

max_execution_time

@Jkon,

Thanks for bringing that up..it is deprrecated since version 5.5.0.

So, to self-correct my response above, it should read like these...

In PDO, it has an equivalent object called FETCH_OBJ, where the column name is return as object's properties, similar to the now deprecated mysql function called Mysql_fetch_object.

$this_result = $statement->fetch(PDO::FETCH_OBJ);

## the same as above..
$this_result->Column_Name;

The same assumption can be placed on the mysql_fetch_array equivalent. The only difference is that in PDO this_result is also an object and here is why..

$this_result = $statement->fetch(PDO::FETCH_ASSOC);

## we can now iterate the object this_result

foreach($this_result as $column_name=>$values)
{
echo $column_name.' - '.$values.'<br />';
}

Still using it in OOP, the FETCH_ASSOC still make sense.. most importantly if it is for the template engine as shown by the updated example below..

public function someFunction(){

$this->query = "any_thing goes here";
$this->statement = $dbh->prepare($this->query);
$this->statement->execute();

return( $this->statement->fetch(PDO::FETCH_ASSOC));
}

The code above is a lot lighter than the codes written for the regular mysql in my previous example..

hi,

Just want to add something..

This $OOO000000 is equal to fg6sbehpra4co_tnd..

The strings are encoded in such a manner that O is equavalent to 1 where as...

$OOO0000O0 is formulated dependent and referenced to 11100010

which is equavalent to 226 in human numbers..and this $OOO0000O0=$OOO000000{4} is actually equal to 228 in human numbers but it is 11100100 computer's own understanding OR it is just a mere E4 if it is expressed as HEX.

Hi,

Too many other ways of doing this. We can make it at lot simpler, but I don't like auto loading whenever a db connector is involve, I rather write it in basic class and then deliver the instance of the class by Singleton.

kinda like this... you should convert the mysql to mysql PDO.. I don't have my PDO reference, so I will have to do it in the old ways which I can remember easily.

You must remove the error announcement or modify it to something else to prevent actual error broadcast on failed attempt. Please take note of any syntax errors... I don't have the chance testing it....

This is pretty much the semi-model of the application. If you are to use the pure MVC design pattern the Admin.class.php should be included in the model, and the instantiator is the helper to the model, after the controller sort all the url requests and acted with the proper routing response.

WARNING! CODES BELOW ARE NOT TESTED.. IT CAN, OR IT MAY HAVE SOME ERRORS ON IT. IT is provided as a guidelines only and NOT intended for production server, until all security issues are considered.

filename: Database.class.php

<?php

    class Database{

    private $results, $inserted_id, $connection_id;

    public function __construct(){
    }

    public function Connect($host, $user, $password, $database) {
        $this->connection_id = @mysql_connect($host, $user, $password) or $this->db_error(mysql_error()) ;
        @mysql_select_db($database) or $this->db_error(mysql_error()) ;
        $host = '';
        $user = '';
        $password = '';
        $database = '';
    }

    /*
    *@ method query :  prepare the database …

Hi,

Two doors where the shell hack can take over the server.

1. First, the ftp credentials of the server users where maliciously stolen from the PC. For example, sitemanager.xml of filezilla is an easy target because it is just a text file that can be grab and send to the trojan executioner.

2. Second, entry by force and slow cooking. This method is used along with the cURL remote form spoofing. What happened here is that they create an alpha numeric array base e.g. A, a, B, b, C, c, 1,2,3,4,and the list goes on., they go to the target site and attempt a fake registration just to find out how many characters, what type of characters are allowed for a password, they look around to the site and look for any valid registered users e.g. admin. Once they find all these info., they feed the cURL with the random alphanumeric combination using your own password control. They continue to do this process in loop for X^n where x is the sum of alpha numeric in the array and n = x/no. of minimum and maximum password characters required.

something like this, but I am not going to make the code even near to a working codes..

$pass_array = array(## all possible allowed alha-numeric ##);
$pass_cCount = 12; ## minimum

$generate_fake_password = randomized_array($pass_array,$pass_cCount);

$gnenrate_md5_pass = md5($generate_fake_password);

The expected output of the above script is feed to the cURL as password e.g.

$y = 0;
while($y<= 10000000000){

    ## do this …

Hi Dani,

My guess is that the constructor of your class is always overloaded. Will it be possible to write a new class that will responsible for checking if there is an instance of Memcached on each page?

You can use a simple singleton to act as the director or instantiator for all Memcached instance request. By doing this, you will be able to remove the object and others from the constructor and replace it with the singleton. So by doing this, the instance requests can be effeciently monitored.

If using the singleton, you will probably need to create a new method to handle all of your conditions that are located on your constructor.

Although Singleton's constructor is also loaded, but it is better to overload one class for monitoring purposes than overloading the constructor of the application class..

I really don't know if this can be of any help, but this is how I would do it on a much bigger application. Most importantly, if we have too many classes overlapping each other. Monitoring them is pretty tricky..

WARNING! singleton codes below are coming from top of my head... I getting ready for my flight to Princeton. I might have to double check on this, once I get into my computer..instead of a netbook. There might be some errors on the codes below..

<?php

final class GetInstance
{

private static $classIntance = array();

## in nature this contructor is overloaded, but only this one
private function __construct(){}

## we …

Hi,

You may want to try using array_push() function.

example of usage...

<?php
    $bd= array('1','420'); 

    array_push($bd,'2','520');

    echo $bd[0].'<br/>';
    echo $bd[2].'<br/>';
    echo $bd[1].'<br/>';
    echo $bd[3].'<br/>';

@lastMitch,

not necessarily.. I just included the player for duration comparison.

Here is the demo of the script unable to read the proper duration. The video loaded on the player is an h264/mp4 not process by MP4Box or any moov atom application. The reason it is streaming, before the entire file has been loaded by the browser because of the floyplayer javascript stremaing module file.

I installed the ffmpeg, mencoder, flvtool2,mp4box, and ffmpeg-php on this server to demonstrate how the ffmpeg-php can read the video duration regardless of the file types or codecs.

Results;

Player duration readings : 10:17
The php function above  :  2:3:55 

// because of the increase in file size and h264 codec in the mix, the php function above failed . It's approximation is way out of the ten minutes. This is probably due to its inability to dig into the video file using fread, so by default the approximation was solely based on the file size.

FFMPEG PHP : accurately read the video duration in seconds  **617.68371582031**

Php code used for the ffmpeg-php

$video = new ffmpeg_movie($videoFile);

echo 'Duration in Seconds: ' $video->->getDuration();

Even the html5 player will have a hard time playing the h264/mp4 video files with the moov atom located in the end of the file. This will create a tremendous amount bandwidth usage. So, for people who are trying to have a video site with medium traffic, flv or ogg should be the codec of choice. The …

Hi LastMitch,

The script may only work on flv, avi, mp4, but it has some limitations though. Some video files like the h264 that hasn't been process with mp4box, the PHP function may not be able to read the time duration, because of the position of the moov atom.

For h264 videos, the moov atom is located in the end of the file, while the flv ,avi, and divx, the moov atoms are all in the beginning of the stream file. Actually, when it comes to flv it is called metadata..

Here is the demo.. I loaded the video on the flash player, and then below the player I used the function to reflect the time as seen by the PHP script. The video durations shown in the player and outputted by the PHP script are pretty close to each other.

The limitation of the function above relies heavily on the reliability and integrity of the PHP function fread().. I strongly believe that as the video file gets bigger in size, the script will eventually heads for failure. Most standard video file size for web streaming is little under 200MB. I have not had the chance to test the function above or beyond the 30MB video, because most of my test videos are all lower than 30MB.

Hi,

Do as suggested by arti18, and then you go like this just right after the delete query..

WARNING! make sure the page reponsible for deleting items both database entries and images in the directory, must have a controlled access. Otherwise, if the search spider is able to crawl these images and accidentally followed the delete link, all of your images will be gone in one sweep...

first we check if the file exist.. let say the file name you have in the directory is based on the image_id.ext, and it is located in the imagedirectory.. we can do like this

## the delete query here..
## put the mysql error here.
## check if the file exist
    ## define the location of the image to be deleted
    $image_file = 'YourImageDirectory/'.$image_id.'.jpg;

 if (file_exists($image_file)) {
    unlink($image_file);
    echo 'image deleted';
} 
else {

    echo 'image does not exist';
}

Alternatively, we can write a simple class for the upload processor, and then just add the methods for database insert and delete..

I am more likely the guy on the left, shifted to face-palming after all the hair were pulled out...oouchhhh that hurts. :)..

Let me do a test also....maybe we can change those faces to a happy face.. :) :)..

Hi,

What framework are you using?

can you var_dump or print_r this ?

listStats($id);

and this

$this->listStats

what do you get?

I am assuming that $this->listStats is a method of the view class?

@nunuaziz_,

try code739 recommendation first.. if it does not do the job.. try...

look inside your server's directory, look for a directory named send mail..and your local server should have a Mercury Mail in it or equivalent.

For Wampp and Xampp this directory is inside the installation dirctory, or the same level as the Apache directory.

Before posting your response, copy, paste to notepad, save as find.php in the htdocs dirctory of your localhost this code

<?php 

phpinfo(); 

?>

Use your browser and point it to http://localhost/find.php ..

Locate "Loaded Configuration file" ... this will tell you which php.ini file is loaded or currently being use by your server.

Using a notepad or any suitable text editor.. open the php.ini file as shown by your phpinfo above.

IMPORTANT!!!! You need to have a gmail account for this work..

on your php.ini file as mentioned above, locate

  [mail function]

find

 SMTP = localhost
smtp_port = 25
sendmail_from = postmaster@localhost

change the above to

SMTP = smtp.gmail.com
smtp_port = 587
sendmail_from = YourAccountUserName@gmail.com

SAVE YOUR CHANGES.....

Second Step ... find the sendmail This is located or in the same level as the htdocs, apache, mysql, and phpMyAdmin..

Open the sendmail directory and locate the file named sendmail.ini

once again, find

smtp_server=localhost
smtp_port=25
;auth_username=
;auth_password=

change the above to this

;smtp_server=localhost
;smtp_port=25
;auth_username=
;auth_password=

JUst below the commented entries above, addd

smtp_server=smtp.gmail.com
smtp_port=587
auth_username= YourAccountUserName@gmail.com
auth_password= YourGmailAccountPassword

Save your changes on both …

Hi,

Please allow me to share my views and experiences with these template engines. Things I have not tried yet, are not included in the list..

pretty much, it all depends on how big is your application, the methods of how the php data is going to be passed to the template. How important for you is the template inheritance, how much multi-dimensional arrays the template engine has to process, do you want the template to be able to cached?

Things like those I mentioned above are very important in selecting which template engine work best in your application environment.

For lightweight applications, I will probably use RAIN TPL or TinyButStrong. These two are pretty lightweight and can outperform the big template engines like twig and smarty.

Strength of lightweight template engines: 1 file, 1 class , less methods, less tags. For example, RAIN TPL and TinyButSTrong both falls into this category of being a lightweight. Another lightweight template engine that is worth mentioning is the Savant engine.

These templates have a pretty unique ways of handling arrays. The reason I must put so much emphasis on how a template engine will handle arrays, because most applications now a days relies on the contents stored in the database. To retrieve these contents the script needs to iterate through them. Some template engines does not accept a direct assignment of a database query without looping through the result first. In most cases, template engines would need to iterate through the data, …

Hi,

Try reading this, and follow the download link.

I totally agree with Diafol and Atli's recommendations. Ioncube is the most cost effective at less than a dollar per page. While the rest are just expensive to purchase, because they don't offer per file or page obfuscation. There is a source guardian for 199 dollars and another one I don't remember its name runs for 99 dollars. For the expensive ones, you can keep the software and can do unlimited obfuscatation as you want.

Now, real truth about obfuscating your source. Pretty much all of them now can be decrypted offshore. I know a company that can easily decrypt large application in less than a week for less than $50.00 a pop. Compare that to your licensing fee.. make sure to price your product less than the cost to obfuscate your application.

Besides, any highly knowledgeable programmers will be able to recreate any PHP programs, or maybe better. PHP is a fast changing language; thus making codes written today becomes an obsolete codes by tomorrow. Why waste all the money and time in obfuscating the source, only to decrypt them at a later date for upgrade. Many PHP functions are being thrown into the deprecated bin everytime a new distros are release.

Advance solution (REQUIRES LOTS AND LOTS of Coding and logic analysis).. I did this for a company some 1 1/2 years ago.

1. Create an environment-aware installer. Make sure that the installer will gather all important data about the server, salted id, and domain name, every time the …

You will be able to use or implement either one of the common design patterns. My favorite is the observer pattern and Singleton pattern.

Benefits in writing codes in OOP
1. One or more classes can be derived from a base class. This is called inheritance. As the application grows overtime, new methods are needed to accomodate the growth .

For example, if we have a bicycle class responsible for displaying information all about bicycle, years later our applications needs to provide information for both the bicycle and the motorcycle. For non-OOP programmers, the first thing that will come to mind to accomodate this change is to trash bin the original bycycle class and create a new one that will handle both. However, for the OOP programmers, the first thing they do is to analyze what makes motorcycle similar to bicycle. All features of motorcyle that are not in the bicycle will be aded in the extended bicycle class.

A simple example to clarify my statement 1 above.

class Bicycle{

public $wheels, $chain, $power;

public function __construct($wheels, $chain, $power){
$this->wheels = $wheels;
$this->chain = $chain;
$this->power = $chain;
}

public function get_wheels(){
return $this->wheels;
}
public function get_chain(){
return $this->$chain;
}
public function get_power(){
return $this->power;
}
}

Example of inheritance, extending the bicycle class above to create a new child class motorcycle.

class Motorcycle extends Bicycle{

public $wide_wheels, $wide_chain, $motor_power;

public function __construct($wheels, $chain, $power, $wide_wheels, $wide_chain, $motor_power ){
    parent::__construct($wheels, $chain, $power);
    $this->widerWheels = $wide_wheels;
    $this->widerChain = …

you cannot embed html tags like that. You will have to close the PHP first and then add your html tags.

mysql_select_db('snack', $con);
?>
<form action="action.php" method="post">
<?php
mysql_query("INSERT INTO Produk VALUES ('Produk')");
mysql_query("INSERT INTO Jumlah VALUES ('Jumlah')");
mysql_query("INSERT INTO Tanggal_Masuk VALUES ('Tanggal_Masuk')");
?>
<input type="submit">
</form>

But then again, I have doubts if those codes will ever work though, because we don't have any clues about the rest of the codes.

In addition to what Diafol already mentioned, you can use plain javascript for OR use the REST. You will need to read more on how to implement the REST in this API, then and ONLY then you can convert the REST codes to PHP using the cURL plugins.

Yes, it will take you some time, but the learning experience is priceless.

To use the REST API, you can read more about it here.

basic syntax for the REST connection

    https://apis.live.net/v5.0/me/albums?access_token=ACCESS_TOKEN

basic REST syntax for the skydrive as suggested by the microsoft

    POST https://apis.live.net/v5.0/me/skydrive/files?access_token=ACCESS_TOKEN

Basic information for POST and GET for cURL are shown here.

basic implementation of POST using cURL to the skydrive api,, just like the apis.live...albums

$url = 'POST https://apis.live.net/v5.0/me/skydrive/files';
$form_data = array(
              'token'=> 'ACCESS_TOKEN',
              'file' => 'FILE_NAME',
              'name' => 'NAME_OF_DIRECTORY'
              )

send the data to the API using the cURL "CURLOPT_POSTFIELDS "

$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $form_data);
$result = curl_exec($ch);
curl_close($ch);

the rest are just a matter of retrieving the data response from the remote server..

I am not sure if the skydrive response is json encoded array. If it is, then you can probably get away with it by passing the cURL output ( response from the remote server)...use something like this to test the response from the skydrive.

use var_dump to view the response array from the remote server..

    var_dump(json_decode($result)); …

Just to follow up.. If you will be using Micah's class, you will have to set your form like this

This will be on the storefront with the payment button or whatever settings you prefer.

First, open the ipn.php file and fill-in your paypal sandbox credentials. As shown by the lifted snippets from the ipn.php

     mail('YOUR EMAIL ADDRESS', 'Verified IPN', $listener->getTextReport());

} else {
    /*
    An Invalid IPN *may* be caused by a fraudulent transaction attempt. It's
    a good idea to have a developer or sys admin manually investigate any 
    invalid IPN.
    */
    mail('YOUR EMAIL ADDRESS', 'Invalid IPN', $listener->getTextReport());
}

Remember that the email address is the email address of the vendor you have created in the paypal sandbox, and the buyer must use the email address of the created buyer account.

Two, the storefront form can be as simple as this

    <?php

    ## define the location of the ipn.php
    $ipn = 'ipn.php';
    ## define the sandbox seller email addresss created from step one.
    $seller_email = "seller@yourDomain.com";
    ## define the item you are selling
    $item = 'ipad';
    $item_price = 600.00;
    $currency = 'USD'; // define your currency
    $return_url = 'YourSite.com';

    ?>
    <!-- show the form -->

    <form name="_xclick" action="https://www.sandbox.paypal.com/cgi-bin/webscr" 
method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="<?php echo $seller_email;?>">
<input type="hidden" name="currency_code" value="<?php echo $currency;?>">
<input type="hidden" name="item_name" value="<?php echo $item;?>">
<input type="hidden" name="amount" value="<?php echo $item_price;?>">
<input type="hidden" name="return" value="<?php echo $return_url;?>">
<input type="hidden" name="notify_url" value="<?php echo $ipn;?>">
<input type="image" src="http://www.paypal.com/en_US/i/btn/btn_buynow_LG.gif" …

Hi,

quickest way of doing this in wordpress without breaking this module is to send the full-image to a dynamic page.

There are many tutorials on the web about creating dynamic page in wordpress environment. I am not going to cover it here, but I will give you two links and show you the work around.

If you take a look at this approach posted on stackoverflow.. and another plugin here ..

Warning! Codes below is not tested. I don't have any locally installed wordpress at the moment.

I am more in favor of the first option than the plugin. That would be my reference.

Say we call our dynamic page as view.php.. and we will using the same codes as lifted from stackoverflow..

    <?php
    ## filename: view.php

    define('WP_USE_THEMES', false);
    require("/wp-path/wp-blog-header.php");
    get_header();

    if(isset($_GET['view'])){
    $image = $_GET['img'];
    $title = $_GET['title'];
    $alt = $_GET['alt'];
    $id = $_GET['view'];

    echo '<img src="'. $image .'" alt="'. $alt .'" /><br/>';
    echo  $title .'<br/>';

    ## do what you need to do with rest of the data..
    }
    else{

    ?>
    There is nothing here

    <?php
    }
    get_footer();
    ?>

Save this new page in the wordpress directory.. or in the same directory as your index.php

Now let's go back to our target codes.. we can modify it to this

  $gallery_content .= '<a data-type="'.$item_type.'" href="view.php?view='.$att_id.'"&title='. $att_title .'&img='. $att_img[1] .'&alt='. $alt_data_str .' title="'.$att_title.'" data-medium="'.$att_img_med[0].'" data-med-size="'.$att_img_med[1].'-'.$att_img_med[2].'" data-full-size="'.$att_img[1].'-'.$att_img[2].'" '.$alt_data_str.' class="list-item-pad image-content">'.$item_index.'</a>';   

Try experimenting witht he codes above..don't forget to set these values properly

    define('WP_USE_THEMES', …

these codes right here..

 $gallery_content .= '<a data-type="'.$item_type.'" href="'.$att_img[0].'" title="'.$att_title.'" data-medium="'.$att_img_med[0].'" data-med-size="'.$att_img_med[1].'-'.$att_img_med[2].'" data-full-size="'.$att_img[1].'-'.$att_img[2].'" '.$alt_data_str.' class="list-item-pad image-content">'.$item_index.'</a>';   

should be the focus of modification.. we should be able to pass the unique id of the images so that wordpress engine be able to interpret it as post..

Hi,

Like any other responses I've posted for all framework based questions..e.g. cake, CI, Zend, symfony, and others.. All of these frameworks shares a pretty similar coding convention. So, for the Code Igniter, the syntax will be as simple as this

General syntax for the CI database library

$your_query = "SELECT * FROM everywhere WHERE something = '$something'";
## use the CI query method
$this_query = $this->db->query($your_query);

Now, you decide what are you going to do with the query result.. example one

## put them in some row variable and echo them
foreach ($this_query->result() as $row)
{
   echo $row->col1;
   echo $row->col2;
   echo $row->col3;
}

example two, Send the result to the template engine e.g. smarty, twig, dwoo, tinybutstrong. It does not matter, they are all the same in nature.

## this query result is a CI built in method included in the library and it will return an array  if not false
## using the same query above send the result to the template engine

$smarty->assign('data_from_db',$this_query->result());

If you are new to CI and PHP, I strongly suggest for you to learn the ins and outs of the OOP . Otherwise, I don't see any reason to rush in using a framework at this level. It is not that hard, it just requires patience. I mean lots and lots of them...

Update! Here is a nice tutorial on building grids with jquery. The concept is the same as I have already mentioned above, with the exception …

here is a simple function that will generate a random integers based on the number of digits you defined. This will be a lot easier on your mysql server.

    function generate_id($range_a, $range_b, $digits)
            {
            return rand($range_a, pow($range_b, $digits));
            }

Usage sample, say we want a 8 digits random number between 1 and 100, we can call the function above like this

        echo generate_id( 1 , 100 , 8 );

The function above demonstrate the flexibility and control of the output. You can define any combination of min. and max (range_a and range_b), and the number of digits

php reference pow function.

UPDATE! stackoverflow has a better solution in controlling the number of digits. My function does not work all the time. I missed it by few more codes.. :)

There is a php class called simple html DOM parser that can also help you achieved this task. For google, they have a custom search API, however this have a limit of 100 quieries per day and they want a fee of $5 per 1000 queries, for up to 10,000 queries per day.

How did they set-up the indexes in the array? You might be able to add it there..

I believe CakePHP allows this type of data assignment.

$this_Data = array(

            'string_var1' => $value,
            'string_var2' => $value_two,
            'string_var3' => $value_three,
            'url'   => $this->request['param']
            );

   $this->set($this_data);

If you can add the url data in the array, you can easily follow the existing reiteration in the view side to display the url.

I understand your situation. Sometimes previous coders or "ADMIN and BOSS" would do a pretty lazy approach.. something like this.

$this->set($some_function_or_method_here());

## or a hard coded const from the model file
$this->set(model::var_string());

## common practice they don't even make a comment on where the method is coming from. 

I hate it when people do that, because it will be difficult to reference variable values on the view.

You can also try looking at your application model file.. look for something like this

class Name_Of_Your_Application extends AppModel{

 public $YourApplicationVar = array(
    'Something' => array(
        's_var1'  => 'SomethingHere',
        's_var2' => 'somethingHere_again',
        ## watch out for array like this
        's_array' = array('s_array1'=>'s_array1_value', 's_array2' => 's_array2_value' )
    )
);
}

Hi,

There are two php functions called "opendir" and "readdir". By using these functions, you can easily create a simple php script to generate download links for the files located in the directory you assigned.

For example, WARNING! script below is not tested, but I am confident this will work in the absensce of the any syntax errors.

<?php

function this_download($dir,$extension){
## use opendir please see referenced link above
if ($handle = opendir($dir)) {

## cycle items in the directory
 while (false !== ($entry = readdir($handle))) {
    ## get show only the file extension you want downloaded
    ## otherwise just remove this
    if(substr(strrchr($entry, '.'), 1) === $extension){

    ## generate the download link
    echo '<a href="'. $entry .'">Download This file</a>';
    }
}

}

to use the function above just supply the dir and the file extension you want the download link generated.

 ## sample usage
 $createDownloadLink = this_download('downloadDir', 'flv');

please read opendir and readdir as referenced above.

When sending data from logic side to the view side, we can safely assumed that pretty much all frameworks and templating engines have identical coding convention, .

Like smarty, dwoo, twig just to name a few, the data are passed in this convention

$this->FrameWork_method('string_variable', $value_of_string_variable_from_anywhere');

So, for our Cake it can be something like this in the controller

$this->set('url',$this->request['param']);

The 'set' method made the string variable available for view's disposal. To display the url on the view, it can be coded as simple as this

    <!-- Here is the code for the url -->

    Url: <?php echo $url ?> 

do as adviced, and if you have the chance, join the github and look for projects that interests you. If you found one that interests you, fork it.. if you don't know where to start, fork these. It is a simple commentator script and youtube video for CodeIgniter for you to practice on. If you don't feel comfortable with forking, contribute to any of the repositories that you like. Most applications grew this way, even some of the google's API originated as community build.

Here is a good example of validation and comparison. Pay attention to the commented part of the script. Most importantly on the id.

I am assuming that your script should give you a captcha "foo"? , and therefore the my_text should validate to foo and so as the $captcha_code = $captcha->generate() which is derived from the array of figlet. The validation and comparison of the two is the same as what is stated on the link I have provided above. Here is the snippet from the zend site.

if ($captcha->isValid($_POST['foo'], $_POST)) {
// Validated!
}

so, in your case it can be something like this

if ($captcha->isValid($_POST['my_text'], $_POST)) {
// Validated!
}