Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 09/21/2019 in all areas

  1. 1 point
    However If you are going to restructure your array then IMHO it would make more sense if you just had ... Array ( [A] => Array ( [1] => Array ( [1] => 0 [2] => 0 [3] => 0 [4] => 0 ) [2] => Array ( [2] => 0 [3] => 0 [4] => 0 ) ) … where you can access a seat value with $val = $srs[$section][$row][$seat];
  2. 1 point
    Apparently from the EXIF information that's embedded in the image. When you take a picture with most intelligent cameras now, they include metadata in the image about the orientation of the camera. Since the photo is always upright with respect to the camera, one can use the metadata to rotate the image so that it's upright with respect to the photographer. Unfortunately the camera (software) manufacturers didn't stop to consider that maybe the camera should automatically flip the image and then use EXIF to give the "original" orientation...
  3. 1 point
    What you are wanting to do is "spoof" the from address. While there can be some legitimate business needs to do this, it can create problems that are difficult/impossible to resolve. Spoofing the from address is rather simple and is something that spammers/scammers have been doing for many years now. E.g. you might be sent an email from representative@yourbank.com as a phishing attempt. The fact that the from address looks to be a legitimate email from your bank gives the email some credibility. Because of this, there are an array of different protections that can be in place to prevent/hinder this. The crux of the issue is that you want to send an email from "user@usersdomain.com" but it is being sent though your form which is going to send it through the email server that you have configured for your form - in this case gmail.com and using the credentials of a gmail account. Generally, an email should be sent through the SMTP server that is responsible for the domain of the sending user (or through an SMTP server that has been identified as an authoritative server for that domain). You cannot control the authoritative servers for domains you do not own. Then, there can be protections on the receiving end: either in the SMTP servers or in third-party services. When an email comes in the system may do a reverse-lookup to ensure the email came from an authoritative server. If not, it gets dropped. To put it simply, you can try it. It may not work for all emails (especially if they are being sent to different domains) and there is no guarantee that it won't stop working one day because you are performing the same action as a scammer would. Having said all that, when sending an email you can specify the sender information within the headers. Here is an example of the header in a sample script of mine using PHP's mail function (this uses a "friendly" name :in addition to a specified from email address $to = 'recipient@recipientdomain.com'; $subject = "Subject of the email"; $message = "Here is body of the email message"; $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; //From info $headers .= 'From: Bob Smith <bob.smith@bobsmithsdomain.com>' . "\r\n"; $headers .= 'Reply-To: Bob Smith <bob.smith@bobsmithsdomain.com>' . "\r\n"; $headers .= 'X-Mailer: PHP/' . phpversion(); $message = "Here is the message"; mail($to, $subject, $message, $headers); For your function, I suspect you would do it like this: $headers = array( 'From' => $_POST['EmailAddress'], 'To' => $to, 'Subject' => $subject ); But, for the reasons stated above, I would not advise this. "System" emails should be coming from the system/application. There are other ways to allow the recipient to respond to the requester.
  4. 1 point
    Considering your lack of knowledge, please pass on my deepest sympathies to your clients.
  5. 1 point
    OK - sorry. A little closer look at the question you're actually asking. first off, date's format 'h' is a 12-hour format with leading 0, so it won't read as '20'. And MySQL TIME type doesn't include AM/PM. Try changing the date format to 'H:i:s'.
  6. 1 point
    User doesn't care. They don't look at URLs when they're just browsing around, and if they want to share the page they'll either use a share button or copy/paste what's up there. In fact that copying and pasting is a huge reason why ideas like putting session IDs into the URL (PHP's session.use_cookies/use_only_cookies) are strongly discouraged. That said, try to keep it simple. example.com/product.php?id=123 (or /products/123) is fine. Attempting to obfuscate it because you're scared, like example.com/product.php?product_id=uw433hyg5kishev6nyliser6nbyioq2gv49n68of325ob8nq534tb8, is not fine. People don't like things they can't understand: "123" is a number and people are okay with numbers, "B00005N5PF" is some sort of cryptic ID but it's okay too because it's short and easy to understand, but "uw433hyg5kishev6nyliser6nbyioq2gv49n68of325ob8nq534tb8" is a code and codes are for hackers. CoDeS aRe FoR hAcKeRs Probably, yeah. Lots of stuff on the internet already works like that. People are used to it.
  7. 1 point
    Create a page template in your theme or child theme. Call your functions from there.
  8. 1 point
    I don't like having side conversations not specific to the thread topic,. But since this appears to be more instructive, I thought I'd respond to this question. There are a multitude of uses for hashes aside from passwords. It all depends on the developer identifying a need and implementing it. Basically any time you need to compare complex data. Here are a couple examples: 1. File comparison. For example, let's say you have an application that picks up a file every hour for processing. The file gets written regularly from some process outside of your application. BUT, even though it gets written regularly, it may not have any new data. I might store a hash when I process the file. Then, every hour I will run a hash on the current file contents. If the hash is the same, then I don't process it. There are many use cases where file comparison is needed and where hashing will fill that need. 2. Creating a unique key. In a mp3/music app I worked on, I needed to quickly look for duplicates based on a combination of multiple meta data fields before I inserted new records into the database. Since I was dealing with raw "text" values from the files being process I had not yet determine the unique IDs for some of that meta data. So, I could not use a unique constrain on a single table and it would require a query with multiple JOINs in order to check for a duplicate - on every MP3 file. The processing was executing against hundreds/thousands of files, so I wanted an efficient process. In order to simplify this process, I just created a unique key using a hash on the multiple values and could just check that value against a single table in the DB.
  9. 1 point
    I wasn't trying to sound sarcastic, but I still don't follow what you are trying to accomplish in real life. Why do you want a product name, color and every SKU associated with it on one row? What happens if you have 25 SKUs of Blue Pliers? If this is a report, I think there is a better way to communicate things. Follow me?
  10. 1 point
    What does a sample of your data look like before the query and what should it look like after? I showed you mine, you show me yours.
  11. 1 point
    This begs the question, "Why the phuk are you boring us to death here, on what is basically a PHP site, with all this Python stuff when you could be doing it to the members of "python-forum.io?"
  12. 1 point
    It's been over 10 years since I messed with Authorize.net API. I first used it to allow people to make single secure payments from a web page of mine to a bank account. That's it. Back then, they didn't have all of this fancy new stuff. Therefore, i really don't have any valuable comparisons to give. Also, I do not consider myself to be anything close to an expert (or even intermediate) level of creating secure systems. I ran a mail server about 6 years ago and that was a total nightmare. Literally, as soon as the server went live, it was plagued with bots and whatever else that started using my SMTP server as an open relay and my IP became blacklisted pretty quickly for spam. I google ad nauseum for how to secure this and how to secure that and what the best practices were, but I was in way over my head with absolutely no budget for anything to help me out. After 4 years of trying to maintain a mail server that successfully sent and received mail with no issues (though, there were still issues), I finally was able to convince my boss to switch to a Google Business account and let them handle all of that guff. Mail servers are an absolute nightmare that I wouldn't wish upon my worst enemy. I mean, installing SSL certificates is easier than maintaining a mail server. Anyway, this topic has nothing to do with mail servers. You know, I've never tried to even perform a breach in my life. I've never even tried to breach myself. It's an exhausting realm of web development that I avoid like the plague. Really, what is secure? Unless you're a Fortune 1000 company or something, I doubt you're going to have a hoard of people trying to hack your site; don't flatter yourself. I was a web developer and ran probably the least secure site, in my opinion, but the audience for that site was so minuscule compared to that of large corporations. It's about the same concept as viruses. Most people running a *nix system do not really need to worry about viruses because *nix systems do not take up much of the market share for personal computers. However, Windows is always being probed and poked and molested because it has a gigantic user-base. In any case, Authorize.net seems to have improved pretty much everything they had when I messed with it over a decade ago. Most, if not everything, of what I utilized is gone or deprecated. I mean, I would trust it. At the end of the day, though, the most secure you'll ever be able to make your system is if you cut it off from the net. If it's not on the internet, you really have nothing to worry about. If you're not connected to the internet, you're not going to get any viruses anytime soon. I know that's not an answer, but it's a hard truth to accept. Online banking is really awesome in my opinion, but I know that at any particular time, something could go awry and cause my life hell.
  13. 1 point
    If you are using Authorize.net, then you can setup Customer Payment Profiles, using their API. You can then store (or relegate) the customer payment profile id to your users table in your database. Then, you don't have to worry about storing credit cards info anywhere. https://developer.authorize.net/api/reference/index.html#customer-profiles-get-customer-payment-profile Maintaining reconciliation with Authorize.net customer profiles and your own database/table of users can allow you to do what you're attempting to do. Using the API, you can send a request for the current users list of payment profiles. If there are more than two profiles, then you can write in whatever logic you want in your PHP script, for instance, aborting the chance of a transaction from the user, showing them an error message. Everything you need and more is available in their API.
  14. 1 point
    According to your first post you have an array of paths/filenames EG $arr = [ 'xxx/yyy/aaa-bbb-xxx.txt', 'xxx/yyy/aaa-vcf.txt', 'xxx/yyy/aaa-bbb-vbn.txt', 'xxx/yyy/aaa-bbb-vvv.txt', 'xxx/yyy/aaa-bbb-vcf.txt', 'xxx/yyy/aaa-bbb-xcv.txt' ]; If that is the case, I think your preg_split line needs to add a "." so the file extension is excluded. I.E. if(preg_split("/[-.]+/", $userBase)[2] == $keyword) ^ then echo array_search_partial($arr, 'vcf'); //--> 4 Also, your function should return something (false ?) if no match is found.
  15. 1 point
    Alternatively you can use the "@@" prefix for system variables E.G. mysql> select user(), @@hostname, @@port; +----------------+-----------------+--------+ | user() | @@hostname | @@port | +----------------+-----------------+--------+ | root@localhost | DESKTOP-DCGAC4S | 3306 | +----------------+-----------------+--------+
  16. 1 point
    Another way is to simply: ALTER TABLE table_name SET AUTO_INCREMENT=0; Hope that helps.
  17. 1 point
    You can use this regex to match internationally, even Japanese. /([\w -'\p{L}]+)/
  18. 1 point
    IANAL. Check Articles 12-22 for the most significant parts. No, there does not have to be a means to contact the site owner, but there does have to be a way for the user to request their information, and/or that the information be destroyed. Which means some means of contact. If you don't already have a contact page then you can put the information in your privacy policy.
  19. 1 point
    Either that or the OP is should not be programming.
  20. 1 point
    Use glob() function which returns an array of the files. E.G. $folder = 'C:/Users/... /chartSamples/' ; foreach (glob("{$folder}*.png") as $fn) { echo basename($fn) . '<br>'; } giving column.png doughnut.png line.png radar.png rosechart.png stacked.png
  21. 1 point
    The $freqs array contains the counts for P1, P2 , P3 for each digit... $freqs = Array ( [0] => Array # digit "0" ( [0] => 4 # P1 [1] => 7 # P2 [2] => 1 # P3 ) [1] => Array ( [0] => 3 [1] => 2 [2] => 6 ) [2] => Array ( [0] => 4 [1] => 4 [2] => 6 ) which, coincidentally, is the same structure as the output table. You now loop through the array and for each digit (row) loop through its array (positions columns) and build the table. // // create frequncy table and calc digit totals // $totals = array_fill_keys(range(0,9), []); $tdata = ''; foreach ($freqs as $n => $occs) { $tdata .= "<tr><td><b>$n</b></td>"; foreach ($occs as $o) { $tdata .= "<td>$o</td>"; } $total = array_sum($occs); $totals[$n] = [$n,$total]; $tdata .= "<td>=</td><td><b>$total</b></td></tr>\n"; } My complete solution...
  22. 1 point
    Binding is useful when you want to process records in a loop. Bind the variables first then, in the loop, update the values and execute. EG $data = [ [ 1, 'Curly'], [ 2, 'Larry'], [ 3, 'Mo'] ]; $stmt = $db->prepare("INSERT INTO testuser (id, username) VALUES (:id, :user)"); $stmt->bindParam(':id', $id, PDO::PARAM_INT); $stmt->bindParam(':user', $username, PDO::PARAM_STR); foreach ($data as $user) { list($id, $username) = $user; $stmt->execute(); } EDIT: But, with PDO, there is the alternative that I used before EG $data = [ [ 1, 'Curly'], [ 2, 'Larry'], [ 3, 'Mo'] ]; $stmt = $db->prepare("INSERT INTO testuser (id, username) VALUES (?, ?)"); foreach ($data as $user) { $stmt->execute($user); } where the values are passed as an array when executing.
  23. 1 point
    The answer is "normalize". Don't store comma-separated lists (especially when the list items are ids). The role_access table should be CREATE TABLE `role_access` ( `id` int(10) NOT NULL PRIMARY KEY, `page` int NOT NULL, `role` int(7) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; INSERT INTO `role_access` (`id`, `page`, `role`) VALUES (1,1,1), (2,2,1), (3,3,1), (4,4,1), (5,5,1), (6,2,2), (7,4,2), (8,5,2); Now you can join to the page table to get the page name
  24. 1 point
    In that case you need to specify the banner you are looking for in the LEFT JOIN's ON clause EG (looking for banner #2) SELECT DISTINCT f.id as frameId , f.title as frameTitle , bf.banner_id FROM frames f LEFT JOIN banner_frame bf ON bf.frame_id = f.id AND bf.banner_id = 2 ORDER BY f.id; +---------+------------+-----------+ | frameId | frameTitle | banner_id | +---------+------------+-----------+ | 1 | Frame 1 | 2 | | 2 | Frame 2 | NULL | | 3 | Frame 3 | NULL | | 4 | Frame 4 | NULL | | 5 | Frame 5 | 2 | +---------+------------+-----------+
  25. 1 point
    Just about all of your code is misplaced. The PHP code should be first. (except for output which should be in the html/body section Your <form> should be in the html/body section. Your <options>..</options>s should be between the <select>..</select> tags plus your course material appears to be many years out of date.
  26. 1 point
    Your ?> is misplaced. It needs to be at the end of the PHP code and before the HTML code.
  27. 1 point
    PHP and ASP are two very different languages and programming styles. Don't try to find PHP versions of the ASP things you know and instead learn the PHP way of doing it. Whatever editor you want. There is no best one.
  28. 1 point
    Not even close. This code... $product_details = "SELECT * FROM product WHERE product_id=".$_GET['product_id']; $prepare = $connect->prepare($product_details); $prepare->execute(); ...would embed any SQL injection code contained in the GET into the query which would then be executed. (Just as an unprepared query would) In the correct version the injection code would only be treated as data and not part of the SQL code.
  29. 1 point
    Truncate the table. It will also delete all the data. TRUNCATE TABLE table_name; TRUNCATE TABLE table_name;
  30. 0 points
This leaderboard is set to New York/GMT-04:00
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.