-
Posts
15,227 -
Joined
-
Last visited
-
Days Won
427
Everything posted by requinix
-
PHP Glob, Readdir() and even Exec( ls ) miss files in a directory
requinix replied to spoole's topic in PHP Coding Help
800 isn't enough to run into the one or two PHP bugs I know of (which also have their own specific circumstances) but you should avoid putting everything into one directory on principle. Typically one partitions into ~a hundred or so per directory "tier". Though really, you shouldn't be storing stuff in files like this to begin with. -
PHP Glob, Readdir() and even Exec( ls ) miss files in a directory
requinix replied to spoole's topic in PHP Coding Help
And how many files are in this directory? -
You know, I'm not actually sure how to "professionally" solve this. The issue being, to be clear, that with a certain viewport height there is a certain range where scrolling into it causes the bar to hide, thus decreasing the height of the document, and if the viewport is also close enough to the bottom, the decreased height causes the document to scroll "up" and triggering the bar to display, and that can cause a scroll event again where it's re-calculated that the bar should be hidden... And narrowing the viewport width enough causes wrapping which increases the element's height and thus also the size of the problematic range, making it easier to trigger. Barring more specific advice, my suggestion would be to toss out what you've come up with and see if Google can suggest a different implementation to use. eg. https://www.google.com/search?q=css+disappearing+nav+scroll+down I'm betting that a successful solution will involve the scrollTop property.
-
317000 GET (ahem) To emphasize what mac_gyver said earlier: you're not running specific logic on specific days. What you should be doing is looking at the current state of things (like the date) and comparing with the previous state of things (like when The Thing last happened) and figuring out what to do. If you want to give the user the option to do something "on the first of the month" then the current state is the date, the previous state is the last time the user exercised the option, and the comparison is whether it's now a new month since then. If the current month is June 2023 and the user did the thing in May, or April, or March, then you let them do the thing; if they did the thing in June (ie. this month) then you don't let them do the thing. If you wanted to give them the option every month with rollover, you do the exact same thing except the comparison is "how many months have lapsed since they did the thing". If they did the thing in March then you would grant them 3 (April, May, June) options.
-
Try it and find out. Seriously. That would have been the easiest option this whole time. All you had to do is manually find a setuid executable, such as sudo, and run different find commands to see what happens.
-
"any" means that if one or more of the bits are set then it counts as a match. "all" means that every bit you set has to be there for it to match. Since you only care about one particular bit, both of those will have the same effect.
-
Include the ID with the form, either as a query parameter or as a form field. Pre-fill the fields with the existing data. Change your PHP code to do an UPDATE instead of an INSERT. And, obviously, change everything that says "add".
-
Your rules say that every single thing containing a slash needs to be rewritten to page.php. Are you sure you don't mean that every single thing containing a slash which does not exist should be rewritten?
-
It is not possible to know the MAC address of a client's computer. At all. You'll need to find an alternative method to identify a user.
-
parse_blocks isn't a built-in function. Something is providing it, likely either your own code or some library you installed. And if it's your own code then you can change it... But anyway, I'm not sure given your description, but it sounds like you need a foreach loop on that array which looks for any keys starting with "testimonials_". Extract the number and the last part and use those to build a different array - perhaps one looking like array( 0 => array( testimonial => ... name => ... company => ... ) )
-
/u=s checks if any of the permission bits are set. -u=s checks if all of the permission bits are set. A mode of 4666 means setuid + owner read/write + group read/write + other read/write. A mode of 4000 means setuid only. I'd link you a page that tells what the numbers mean but apparently nobody likes to document them directly - only constants. So it's easier to just believe me.
-
What's this parse_blocks doing? Because if it's returning a whole bunch of information you don't want and the parts you do want aren't in the format you need, then shouldn't that be adjusted?
-
No, that is not all of your code. Because it doesn't show what $rgy or $newamount are. The problem isn't the update itself. As gizmola suggested, the problem is going to be whatever sets up the different variables which the update uses.
-
You make it sound like your question is "how do I find files with the setuid bit set" but you posted the answer yourself in one of those examples, so I don't think this is the question you actually want to ask. Maybe you mean to say "what's the difference between these commands?" in which case I would point you to the documentation to see what -mode and /mode mean. I think you have a more specific question to ask. One that directly answers something you aren't understanding. And it's probably not the first question you started with.
-
Remember the part where I said you might not be validating transaction amounts? Did you look into that?
-
We don't know anything about your application. If you wrote it and you don't know what happened, what would we be able to do? That said, my guess is an unvalidated input somewhere. Do you verify that all transactions must be for positive amounts?
-
not sure what to do with action equals index.php
requinix replied to Old_Dog_New_Tricks's topic in PHP Coding Help
That's good. That's not good. For example, let me point out something: this shuffle($numbers); sort($numbers); randomly shuffles the $numbers and then sorts them in increasing order. It's nonsense, and not the sort of thing you should be trying to learn. "AI" is good at stringing words together in a way that, according to some calculated probabilities, hopefully make sense. But that is all it does - and it is certainly not intelligent. Be very careful with anything it says or creates. -
Nor are you expected to: Javascript development has these things called "libraries" which you can use to do the work for you.
-
How to count the number of rows of a table used in the query?
requinix replied to polaryeti's topic in MySQL Help
You're finding the one record that is the fourth lowest, right? If you're only finding one then it doesn't matter how you sort... But if you want to consider ties then you'll need a ranking-type solution anyways. -
Which is why many big supermarkets have an "index" somewhere: a sign or list listing a bunch of different types of items and which isles they're on. Because they want to make it easy to find things - but not too easy. But that aside, you're at least thinking like a user now in recognizing that going through a list of everything is too much - unless, perhaps, it's sorted (which supermarket isles aren't, but that's another story). So back to the webpage. You're looking for cookies. What do you want to do? Do you want to scroll through a list of categories until you find one that may or may not be applicable? Like you said, if I want cupcakes then it could be with breads or it could be with cookies, so there's still going to be some guesswork. Here's a more specific question: do you, as the user, actually care about the category? For example, if you could find cookies without having to know whether it's in the bread isle or the cookies isle, would you like that? Hint: go into the post editor box and type "@r"...
-
Forget the technology, forget the dropdowns and the Javascript and the CSS, forget all the details for a minute and try to put yourself into the shoes of a user: You've been asked to provide the food you ate last. You can choose a type of candy, or a type of fruit, or a type of meat. What would you, as a user, ideally want to see in order for you to make the choice. Would you rather have one list of everything? Do you want to choose the type of food first and then the specific food second? Do you want all the lists of food available at once and you'll just pick one from the appropriate list? Something else? And does your answer change if you're on desktop vs mobile? Decide what the overall user experience should be, at a high level, as if by someone who doesn't understand web development, and create a UI to support it.
-
You don't do any validation of $class to make sure it's a number between 8 and 55 before trying to use it with $days Same for $class as used with $periods, except values of 7, 8, 15, 16, 23, 24, and so on aren't valid You do a mysqli_connect for every single mysqli_query. All you need is one at the beginning of the script, then assign the connection to a variable and use that You're connecting as root, and without a password. Do things right and create a proper user with a proper password. If $whose is a string then don't put the variable directly into a query - use prepared statements instead Same for $sub, except it's even worse because that value came from the user, and a malicious user could easily screw up your database by doing something as simple as inserting an apostrophe And then you turn around and use $sub as a table name? That's completely wrong: never use unknown variables, especially from $_GET or $_POST, as table or column names. Fixing the above should resolve the error message too Why are there <br>s in your data? That doesn't make sense and suggests you're doing something weird with the data, like putting HTML into it. Using isset with the pwd in the $_POST only checks if there was a field named "pwd" in your form. If that field is left empty, isset will still return true. And assuming pwd is a password, shouldn't you be checking that password? When you do check the password, make sure that your code does not keep running after that. Right now the user will get redirected with some Javascript, yes, but all your code kept on running. And you're doing the thing where you use a variable as a table again, this time with $whose Are you putting multiple values into your $whose table? Don't. One value at a time, using multiple rows if you have to. On that subject, apparently $period is a column name? Don't. What you're doing with $day, where you have a column named "day" and multiple rows for the days, is what you should be doing with periods too. ...Are you putting an actual password into your form? And your own phone number as the sender? What's the point of the "msg" form field? Either that or what's the point of the "s" message you put into the session? What's going on with this? And why have a form that automatically submits? If you want to do something immediately then do it - don't send a form to the user (which they won't see for long) that is just going to come right back to you. All your various outputs need to be escaped with functions like htmlspecialchars so that someone like me can't insert <>s or "s that will mess up your HTML, or worse let me hijack some other user's browsing sessions for my own malicious purposes. Is this a school assignment or something?