Jump to content

requinix

Administrators
  • Posts

    15,286
  • Joined

  • Last visited

  • Days Won

    435

Everything posted by requinix

  1. Javascript cannot change the appearance of anything. Only CSS can. But you can use Javascript to affect the CSS. Customize the look how?
  2. Whitelists are better than blacklists: you should specifically list which files are allowed rather than which files are not allowed. You could do that automatically by using scandir() to build an $allowed_files and excluding ".", "..", and the four you don't want (though really putting them in another directory would be better). Alternatively, you could use ctype_alpha or _alnum on $page to validate that it is only letters/letters and digits. Yes, I know you're basename-ing the page name. That's nice, but this is a matter of principle. Oh. And for SEO you shouldn't use basename as that creates the opportunity for accessing a page through multiple URLs, which is not good. Just do the whitelist/ctype thing.
  3. It replaces the $csvdata line and the fwrite. That work you did about building up the line of CSV data and writing it to the file? fputcsv can do all the work for you if you provide it with an array of all the values you want to write. $csvdata = array( $firstName, $lastName, $homeAddress, $homeAddressTwo, $city, $province, $postalCode, $homePhone, $personalEmail, $confirmEmail, $oectaNumber, $memberStatus, $teacherTraining, $teachingYears, $employmentHistoryValues ); // I don't know where the thing with multiple values is - whether it's one of those variables // or whether you haven't written it into the code yet // whatever the answer, you take that array, implode() it to a single value, and put it in $csvdata // like // $csvdata = array( // ..., // implode(",", $array_with_multiple_values), // ... // ); $fp = fopen("formdata.csv", "a"); if($fp) { fputcsv($fp, $csvdata); fclose($fp); }
  4. The only way the CSV would "get confused" is if your code did something weird when generating the CSV data. So... don't do anything weird. Two values? Three values? One value? implode() them to get the comma-separated string, put that into an array with the other values, and use fputcsv to write to the file (instead of building the line yourself and writing using fwrite). $line_of_csv_data = array( "qwertyuiop", "asdfghjkl", implode(",", $array_of_values), "zxcvbnm" ); fputcsv($fp, $line_of_csv_data);
  5. If you mean like qwertyuiop,asdfghjkl,one,zxcvbnm two three then no because then it wouldn't be CSV anymore. Another version would be qwertyuiop,asdfghjkl,"one two three",zxcvbnmthen you can try that but there's no guarantee a CSV reader will understand it. How about combining the values like qwertyuiop,asdfghjkl,"one,two,three",zxcvbnmor simply using multiple rows qwertyuiop,asdfghjkl,one,zxcvbnm qwertyuiop,asdfghjkl,two,zxcvbnm qwertyuiop,asdfghjkl,three,zxcvbnmor using two CSV files, one with the base data and another with the lists. qwertyuiop,asdfghjkl,zxcvbnm qwertyuiop,one qwertyuiop,two qwertyuiop,three(pretending that "qwertyuiop" is a unique identifier)
  6. You cannot have both random and unique: if it's completely random then there's a chance you'll generate the same string twice. But you can generate something unique that looks random, or you can pair something random with something unique into one string. What are your criteria for this string?
  7. Except that can actually be a real problem. At least with PHP the rule is clear and narrow: only if it's the last statement.
  8. Oh no, it wasn't you. I was stuck on an issue that needed changes at the VM layer for our instance. But that's just been dealt with, so I've finished the switchover. We're now (back to) running with Sphinx.
  9. I've been trying to get Sphinx running for the last couple hours so that's been on-and-off broken. It's back to the slow method for now pending some tweaks to the server that I can't make myself. I specifically did it around this time because hey, would who care about search on a Sunday morning? Oh well.
  10. requinix

    mysql error

    If your database server is running on the same machine as your web server then that dumpfile thing is certainly a way to do it. But you won't be able to execute it from phpMyAdmin unless you can find a way to stop it from adding the LIMIT clause. What about phpMyAdmin's Export tab?
  11. requinix

    mysql error

    No, your query was select * LIMIT 0, 25 into dumpfile '/var/www/filename.txt' from calendarSpend a moment to familiarize yourself with the syntax for a SELECT query.
  12. That's just the way the author(s) designed and wrote their code: ImageManager uses namespaces, FirePHP uses a singleton pattern, and mpdf doesn't use namespaces. Sometimes there's history behind the decisions, sometimes there's history to the project itself that predates some PHP features or best practices. Not really much you can do about it.
  13. It is too late to sort $tags at that point. You need to sort it earlier: either in the database query you used, or with something else. Where is $tags defined and where are the values coming from?
  14. Are you storing the dates as DATEs or VAR/CHARs? That's the type of the column. You need to be storing them as DATEs, and when you do you can use functions like MONTH, YEAR, and DATE_FORMAT.
  15. Is this in a database?
  16. Nervous breakdown? Nah, you're just not worth the time and aggravation.
  17. PHP 7 changed how syntax like that gets interpreted.
  18. It's fine for smaller projects, but like maxxd said it should do things like fix backslashes and test that the file exists. strtr() is much simpler. $fixed_class_path = strtr($class, "\\", DIRECTORY_SEPARATOR); I'm not going to argue with him if he comes in and says something, but "security checks" implies someone is able to craft an arbitrary class name and cause your code to execute it, and possibly also got an unauthorized file onto the server. But I'm not even sure it's possible to trigger autoloading on an invalid class in the first place. spl_autoload_register(function($class) { var_dump($class); }); $c = "!@#$%^&*()\\Abc"; class_exists($c); // no output new $c(); // no output
  19. When PHP encounters a class that hasn't been loaded, it triggers autoloaders. If you called spl_autoload_register then all of those will be called in order until one of them causes the class to be defined (like through an include/require). Since your autoloader indiscriminately tries to include "classes/*.class.php", and $class is set to "LoginAttemptsLog", then it will try to include "classes/LoginAttemptsLog.class.php" using the normal rules for including a file with a relative path. If you tried to instantiate a "Site\LoginAttemptsLog" then the code would try to include "classes/Site\LoginAttemptsLog.class.php". What else is there to know... about the code you posted? About autoloading in general? PSR-4? Namespaces?
  20. Given that nobody has said anything about your bug report, likely not. You could probably use a shell command (ie, unzip) as a workaround.
  21. You should probably change some of the code.
  22. So that part works. The email was sent, but your provider bounced it due to a reverse DNS issue: the forums are on a .53 server, the email is from @phpfreaks.com, but phpfreaks.com is still on the old .52 server. I'll change the email to be @forums.phpfreaks.com as a hack for now.
  23. I don't know of any problems with on-site notifications. And I can't be sure but I think that "user adding users" thread may have been moved into MySQL from somewhere else. I just made a test thread. Did you get a notification for it?
  24. There really isn't much more to say than that. The query is retrieving every single user in the database. That's slow. If you used a WHERE to only retrieve the user with the matching username then it would happen in less than a second (probably). Well, one more thing. Are you hashing passwords? It doesn't look like it. You need to.
  25. I see two places in that code that deal with hyphens in strings. Try replacing them with underscores.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.