-
Posts
15,232 -
Joined
-
Last visited
-
Days Won
427
Everything posted by requinix
-
Whatever the problem is, I doubt needing deferrable constraints is the answer. Why do you think you need them?
-
I can't help but notice you had to sudo to access the file. Think about what that mmight mean. Maybe. Maybe not. I'm not the one who designed it. There might be a reason they made it just a warning.
-
I don't see any PHP in there. I do see Javascript though. Probably means this question will do better in the Javascript forum. document.form1.sku999.value="44"; sku999 is a name. It is not a variable. You cannot stick a variable in there because Javascript is only going to look at its name. document.form1.'sku'+a.value="44"; I don't know why you think you can just stick a string in there. There are rules to how this kind of stuff works. Follow the rules. document.form1.conc.value="44"; Better except that "conc" is a variable, and like I said earlier, Javascript will only look at the name. And form1 doesn't have a "conc". Fortunately there is a way to access an object member using the value of a variable or expression. Square brackets. Just like arrays. document.form1['sku'+a].value="44";
-
You begin checking the web server configuration. Web. I don't recommend starting with the cronjob or syslog configuration.
-
The 404 has nothing to do with the SSL certificate. The problem is somewhere in your web server configuration.
-
As a very simple and hopefully straightforward approach, try copying the certificate file to your computer and just seeing what sorts of things you can do with it. You assume you know how to right-click?
-
Private keys are private. Keep them that way. IIRC you take the public key from the server and install it on your computer. Then, when your browser sees that and asks your computer what to do, your computer can say that it's trusted. For creating a certificate authority... nevermind. It's going to be too much work. Do the Let's Encrypt thing, or if you can't then the install thing.
-
Yes. You would accomplish that by writing code to prevent it from inserting values into MySQL if they are left blank. Also, you need to switch to prepared statements now. You can continue using mysqli if you wish, but much of the PHP community prefers PDO because it is a little easier to use.
-
Where's the rest of the code?
-
You will get the warning when your computer does not trust the signing authority. Which is the case for self-signed certificates. The certificate functions, it's just not trustworthy. You can download and store the public key on your computer and tell it to trust that. Or you can create a certificate signing authority, trust that, then have it create the cert. Or you can get a certificate by Let's Encrypt, if there's a way to get the domain name publicly exposed.
-
Have you considered that might have something to do with the part of your code that deliberately returns a 500?
-
Notice: Trying to get property of non-object in
requinix replied to PythonHelp's topic in PHP Coding Help
Are you getting an error from mysqli? Or is it from PHP this time? Do you see the "no data found" message? -
Notice: Trying to get property of non-object in
requinix replied to PythonHelp's topic in PHP Coding Help
You need to learn how to read error messages from the software you want to use. Syntax error messages from MySQL (and forks) will show you where in your query the problem was detected. That almost always means what you need to do is look at that spot, or perhaps slightly before, to see what's wrong. -
Notice: Trying to get property of non-object in
requinix replied to PythonHelp's topic in PHP Coding Help
Your query failed to run. Get an error message from mysqli to see what the server thinks is wrong. Or spend a couple minutes looking closely at the query. That might do it too. -
Apparently some bad people have finally realized how to make obfuscated scripts in a way that can't be decoded by just anyone. It's more than 99.9% likely that's malicious. Assume that your website and any databases have been compromised. Take down your website, restore everything from backups, update WordPress and all your plugins, then bring the site back up. Also notify your web hosting company that your site was compromised so they can make sure their own systems weren't affected.
-
ob_start before session and includes? or after?
requinix replied to StevenOliver's topic in PHP Coding Help
That question has the same answer as whether $a = 1; $b = 2; is a "better coding practice" than $b = 2; $a = 1; No. The second form suggests that you don't know whether the session has been started yet, and not knowing what your code is doing is not "proper". -
That's not all you have to change... What input is the Javascript expected to send and what response is it looking for? To make sure we both understand the requirements.
-
Sure, why not.
-
A new error. You have to fix your code so that it doesn't assume everything, like query string parameters, are in the format you expect. This particular problem you're dealing with is something most PHP developers never even care about. They should, they just don't. No. Not only will the code not make the problem go away (and actually create a new problem along the way), what you're trying to do is not a good idea. It'll take me longer to explain what I'm thinking in words than in code, so here: class SearchQuery { public $value = ""; public static function readFromRequest() { $query = new self(); if (isset($_GET["search"]) && is_string($_GET["search"])) { $query->value = $_GET["search"]; } return $query; } } $query = SearchQuery::readFromRequest(); // pass $query around to places that need to know about searching
-
Oh, that's what the file was? I think the issue is in {$smarty.request.search|escape:'htmlall'} That's the only place that uses unknown input. The search was an array, as in search[]=.... Submit a regular search, then go into your browser's address bar and add brackets to the search=. Then see what happens. How to fix that, it's kinda up to you. Standard MVC is that you should be passing the search value into the view, not getting it from the request. If you did that then you would validate the search value in your regular code: the 404 page, and any other place that ends up including top_menu_bar. Right, yes, you did post the code I asked about. What I meant was "well that's not where the problem is". Was rather ambiguous, now that I look at it again.
-
Well that's not it. Most recent template was Smarty_Internal_Template._subTemplateRender("file:page_elements/top_menu_bar.tpl", null, null, "0", "120", Array[0], "0", false) What's in that file?
-
If you skip over the template stuff in the backtrace, you'll see these two lines: include("/home/siteaddress/public_html/errors/404.php") # line 34, file: /home/siteaddress/public_html/smarty_plugins/function.load_product.php Product.init("api") # line 5, file: /home/siteaddress/public_html/smarty_plugins/function.load_product.php What is the code for function.load_product.php?
-
Get your proof by recording activity according to the user's account, not their IP address. After all, they have to be logged in to see stuff. If the account has been active enough then you don't allow the refund. Then it doesn't matter whether someone browses with Tor or not. Or whether they browse from home, or the office, or their phone, or anywhere else that there will be a different IP address. Give previews of content so that people have some idea what they could get, then charge for full access. But yeah, there's basically nothing you can do to stop people from copying the content while they have access to it and then using the copies when their access expires or gets cancelled. You can try to spot abuse with scraping, with bad repeat customers, with content sharing, and any other way you can, but ultimately you cannot stop everything. Make it easy for people to get what they want and they'll be less likely to fight the system, then track what they do so you can give yourself some degree of confidence that you're able to detect typical levels of abuse.
-
Wait a minute. Your goal here is to not issue refunds to people who have paid money for use of your site and have used the site enough that you feel they have received their money's worth, right? We're talking about money here. Aren't you dealing with user accounts to do this? User creates an account, spends money, and gets content?