Jump to content

cbassett03

Members
  • Posts

    32
  • Joined

  • Last visited

Profile Information

  • Gender
    Not Telling

cbassett03's Achievements

Member

Member (2/5)

0

Reputation

  1. Is there a code library out there that can read the exif data from image files, without the use of the php exif extension? I have a Windows hosting package and am noticing that several hosts don't (and won't) enable the exif extension for PHP for some reason. I need Windows for one of my sites which requires MS SQL access, so I can't use a Unix/Linux host because of that. But all of them support PHP on Windows. Suggestions?
  2. So far, my company has been using Apache (Linux)-based web hosts for our hosting needs. Ever since the Heartbleed bug was found in OpenSSL, which is common to open source software, including Apache HTTP Server, I was wondering if Microsoft's IIS was any more secure than Apache. Opinions? My arguement is that although IIS is a closed-source system, it is also a widely targeted platform (Windows) so that may be of concern. My argument for Apache is that it is open source, so exploits can be implemented using the source code as well, which is available for free download. So, the question really is which HTTP server platform is more secure?
  3. Does anyone know how I can go about downloading a specific build of PHP on a Raspberry Pi running Raspbian? I want to try to create a development/testing webserver using the Pi, but I want it to have the same versions of PHP and MySQL that are on my actual production server (which is shared hosting using a web host). So far, using apt-get, all it does is install the latest version available, which I don't want to do. I want a specific version to closely imitate the actual production server. Ideas?
  4. How can I create a PHP script that will trigger a download? For example, if I have a database of files and file IDs, and have a hyperlink like this in an HTML page: getfile.php?FileID=1001 How can I code the getfile.php file so that no matter what type the file is (ZIP, EXE, JPG, AVI, etc), it will cause the browser to prompt the user to download the file? (Not entirely sure if this is more a PHP question or an HTML question because of how I'm approaching it...) (The purpose of me using the getfile.php file is so that files can be physically moved around without me having to update all of the hyperlinks in the HTML files, but rather just update the paths in the SQL database instead.)
  5. How can I get the names and values from an HTML form using PHP when the form is submitted using a Submit button? I think this may involve using a foreach loop (since the form will be dynamically created each time depending on other factors). But I need to be able to capture the form control's name and its value when it is submitted.
  6. I ended up using suggestion #3. But my problem now is that in most cases I may have 3 or more drop down menus. But the right most drop down menu depends on the previous drop down menu to the left of it (they show up progressively from L to R). Anyone want to suggest how I can delete or removed any "down stream" drop down lists when a "parent" list is changed. The lists are all chained and as you work through the lists, they narrow down based on particular characteristic or class type. Here's an example using cars: Car > Ford > 2000 > Taurus > SEL Let's say I want to change it to a 2002 Taurus. I would chang ethe value in the "year" list from 2000 to 2002, but I want the dynamically created lists that contain the model and trim level to be removed so that when the year is changed, the model list would be repopulated with models that were available in that year.
  7. So there isn't just a "return" keyword I can use to return the text value or variable?
  8. Here is a segment of code that I'm using in a PHP script, which is called as part of an AJAX HTTP Request: <?php $result = $user_conn->execQuery($sql_query); while ($row = $result->fetch_array(MYSQLI_ASSOC)) { $resultText .= '<option value="'.$row['id'].'">'.$row['display_text'].'</option><br />'."\n"; } echo $resultText; ?> NOTE: I created a MySQL class with custom functions, so execQuery() is a custom function I created that actually runs the query() command for SQL. Anyway, as you can see, to get the results back to the JavaSCript calling request function, I used ECHO. Is there an alternative so that if someone where to run just this PHP script directly, it wouldn't output any text (because right now it will)? (I asked this a few weeks ago but seem to have "lost" the post.)
  9. I'm working on an AJAX based site (which also involves PHP and MySQL) and I'm trying to create a product selection system, where someone can start with a dropdown list of very generic items, and slowly (through additional drop down menus) "narrow" down to the specific item or class of items they are looking for. My problem is this: I'm not sure how to go about the dynamic portion of it. Should I just create a bunch of drop down lists, and then through Javascript, hide or show them as needed, or should I create them dynamically as I need them? My other issue is that for some items, the lists may be only 2 or 3 levels deep, whereas for others, it may be 4-6 levels deep. I'm trying to minimize the amount of HTML code, so I can decrease the page size and browser processing time, so any advice would be helpful. I am quite experienced in Javascript, HTML, PHP and MySQL. Lastly, I DON'T want to use any third-party libraries, such as jQuery--it needs to be hand-coded by me.
  10. Does anyone know how you can install specific versions of Apache, MySQL and PHP on Linux? Specifically, I'm using a Raspberry Pi (which I'm running Raspbian Wheezy, which is based on Debian but for the ARM architecture) and it uses the apt (or apt-get, not sure which one its called) package manager. I can install whatever version is found in the catalog simply by issuing the install command, but I want to use specific versions of at least PHP and MySQL (to match the versions used on the web server I host my site on). Anyone have any advice? I tried visiting PHP's site and the MySQL site, but can't find the versions I need for this distro and architecture. Will any debian version work, even though its an ARM processor?
  11. The information that is being sent isn't anything confidential. But what I've been doing is using an ECHO statement to return the result from the PHP processing script back to calling javascript function that invokes the script (as part of AJAX). Could i use "RETURN" instead of ECHO? I'm storing the result in a PHP variable, so couldn't I just say "return $variableName;" in my PHP script?
  12. Is there a way that I can execute PHP and HTML that is stored within a field/column from a MySQL table result row? For example, if in a column named "page_code" I have the following text: <html><head><title>Sample</title></head><?php echo "This is a test"; ?></html> Is there a way that I can have a PHP script file execute the above statement. (I'm trying to put multiple web pages with HTML and PHP mixed, into a MySQL table but can't get PHP to execute the code before sending the results to the browser.)
  13. This may be more of an Apache or Mysql question than PHP, but I've heard many suggest that when using AES encryption/decryption with MySQL, they say to store the key in a file not in your "htdocs" folder. Does anyone know how this can be done so it can still be accessed by PHP scripts, but not directly (ie. by someone typing the path into the address bar of a browser).
  14. This is probably a broad question, but is there a way that I can prevent (or greatly reduce) code injection via someone typing in "parameters" into their address bar against a PHP script? For example, preventing something like the known "1=1" injection that causes MySQL to return all values in a table. Should I explicity check each variable to make sure it doesn't include "1=1" or something similar that would cause the database to return everything? I'm aware of htmlentities() function in PHP. Just as an FYI, I generally send most of my data from HTML forms using the POST method, partially so the data and parameters are not shown to the user during transmission. Any suggestions, or sites, that discuss PHP security? (I'd consider myself an intermediate PHP programmer at this point--I know my way around the language, but am getting more concerned with security as I move away from personal projects and into more "real-world" projects.)
  15. Problem is that I'm on a shared hosting system, and I don't think I can modify the PHP.INI settings (especially when it comes to autoloading files). My concern with using require() over and over again is that doesn't that start to consume more memory after being dozens of times or does PHP "recover" memory when a page is not actively being used. I am considering using the SESSION, but think I'm limited to 128MB total for SESSION variables, which this wizard wouldn't require that much, even with user data and my config settings being stored in the session, but from what I'd know of, you can't nest arrays in the $_SESSION variable. What about require_once(). Can you use that on each page or would that not work. Up until now, I've developed sites mainly by hard-coding in filenames and path, but want to to take a different approach to this wizard since I may or may not be updating it in the future (someone else may take over the project in the future, so I'm trying to make it as easy to update/change as possible).
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.