requinix

Might it be running on Windows?

Think it through. "If HTTPS is on or the host is not the www version then redirect" versus "If HTTPS is off or the host is not the www version then redirect".

If you're getting a 404 then the PHP isn't executing in the first place. Try with just S.php and see if it works.

Why? They're two completely different things: a contact form and a newsletter registration form. It doesn't make sense to combine them.

You're overwriting $results['events'] every time. What you should do is start with "events" as an array and then add to it. $sql = mysql_query("SELECT * FROM schedules") or die(mysql_error()); $results = array('events' => array()); while($rs=mysql_fetch_array($sql)){ $results['events'][] = array( 'id' => (int)$rs['id'], 'start' => $rs['date_start'], 'end' => $rs['date_end'], 'title' => $rs['details'], 'free' => (bool)$rs['isfree'], 'userId' => (int)$rs['techID'], 'color' => render_color_code($rs['zip']) ); }And you're nesting your arrays wrong. array([]) will put an array inside another array. Use either the array() or [] syntax to get just the one array.

Given that sample JSON data, what would the table look like? Because I'm not sure that anyone here has any idea what the difference between "freebusys" and "events" is.

Top one doesn't have you jumping in and out of PHP mode. Bottom one keeps the HTML separate from the code. What do you think is better?

"mysql:host=HOST;dbname=DB_NAME"PDO doesn't know that "HOST" and "DB_NAME" are PHP constants. You have to put the values in yourself. "mysql:host=" . HOST . ";dbname=" . DB_NAME

Yeah, I don't like the idea of combining the input and output just to pass it all around either. Passing both separately wouldn't be that bad... Do you need the entire input object, either because you need to know a lot of it or because you don't know which parts are relevant? If you only needed a couple pieces of data, and you knew which pieces, then I'd deal with those separately. Like $this->view = ClassThatCreatesViewsFromOutputData::factory($input["field1"], $input["field2"], $output);The idea is to reduce the dependency on the structure of the input data - at least as far as the view generation goes. One way to think about that is "what would I do if the input method changed (eg, command-line program instead of an HTML form)" or "how could I make this easier to test automatically using unit testing" *. Decoupling the relevant input data (field1 and field2) from the actual input itself helps this part easier. Question: given that the hypothetical field1 and field2 are part of the input data, implying that they are potentially necessary when generating the output data, would you be able to get the necessary information from the output instead? Everything you've said so far is pretty abstract so I have no idea whether that's possible, or whether the question even makes sense, but that's the next place I would look. You've probably already considered and discarded this idea. Otherwise... I think you're stuck with passing the input and output data around with each other. $this->view = ClassThatCreatesViewsFromOutputData::factory($input, $output);It then means that the view is necessarily coupled to the structure of both the input and output data, but I can't think of any better options. * Unit testing. Something everybody should do but nobody ever actually does. There are two potential tests here: 1. Given particular input data, derive the correct output data 2. Given particular output data and required other data (eg, the input's field1 and field2), derive the correct view (and one could consider a third too: deriving the correct view from particular input data, which is equivalent to tests 1+2) Having the process broken down into the two steps makes it easier to locate bugs when something goes wrong, and means needing to write less code to test multiple varieties of input and output. Testing #1 is not a problem. Testing #2 removes the idea of "input data" from the equation entirely, which is why I would try to keep the entire $input away from the process of determining the view. But as I said, there may not be any better way to deal with it, and you may be forced to say that the "required other data" is potentially everything from the input.

So the question is who computes the output data, who determines the template, and how do they share the necessary information with each other? In MVC terms you have the controller, view, and model. Looks like the code you posted comes from the controller? Then the view should be the appropriate template, according to the output, while the model is the part that computes the output data from the input. The model should not be aware of the view - that is, determine the template to use for displaying its data. And inside the view is too late to determine which view to use. Then it's up to the controller to decide. If determining the template is easy, like a few lines of code or something not too big and scary to put into a helper method, then I'd put it in the controller: this logic won't be used elsewhere (I guess?) so it should stay as "close" to the controller as possible. public function controller() { $model = new ClassThatComputesData(); $output = $model->compute($input); if ($output->property == "special value") { $this->view = "special_view.php"; } else if ($output->method() > MAGIC_VALUE) { $this->view = "magic_value_view.php"; } else { $this->view = "generic_view.php"; } }May seem weird but the whole point of a controller is to shuffle information between the various models and various views, so determining which view to serve some model is part of its job. Otherwise I'd go for a view factory. It's code somewhere specifically dedicated to figuring out which view is appropriate for given input data. The controller can simply use the view factory to get the appropriate view. public function controller() { $model = new ClassThatComputesData(); $output = $model->compute($input); $this->view = ClassThatCreatesViewsFromOutputData::factory($output); } public function factory(OutputModel $model) { // lots of work that will eventually { return "particular_view.php"; // } }

So you're saying you tried making a bunch of requests, watching in the browser as each request gets sent, until you got one of them to insert 0 for a question? And the value of "n" in the browser (or the value of "answ" in the request data) is always 1 or -0.25? Do you have email set up? Try something as simple as if ($mark != 1 && $mark != -0.25) { mail("yourself@example.com", "mark={$mark}", var_dump($_REQUEST, true), "From: yoursendingaccount@example.com"); }Then you'll get an email every time $mark doesn't have the right value, and it will include all the form data that was sent. And you say it's a recent development? That must mean something has changed recently. Were there any changes to the site? Did your host upgrade PHP versions or change other configuration?

For completeness, there's an alternative solution: changing the while loop into a do/while loop. elseif(is_numeric($duty['Duty'])){ // friend WORKING $starttimes = array(); $finishtimes = array(); do { $starttimes[] = $duty['BeginTime']; $finishtimes[] = $duty['EndTime']; } while($duty=mysqli_fetch_assoc($result2));Using this structure requires knowing that $duty starts off with a valid value (ie, the query returned at least one row). The code satisfies that requirement already because of the is_numeric() check; it's not as good as an explicit check that $duty isn't empty, and will potentially raise warnings/notices, but it works.

<?php $sqlfriend = "SELECT * FROM Users INNER JOIN friends ON friends.FriendCode = Users.Code WHERE friends.Code = '{$_SESSION['Code']}' ORDER BY Users.Code DESC"; $resultfriend = mysqli_query($cxn,$sqlfriend) or die ("Cant get friends."); while($rowfriend=mysqli_fetch_assoc($resultfriend)) { // CHECKS IF WORKING, STBY or OFF $sql = "SELECT Duty,BeginTime,EndTime FROM rosters WHERE Code = '{$rowfriend['FriendCode']}' AND SectorDate = '$today' ORDER BY BeginTime ASC"; $result2 = mysqli_query($cxn,$sql) or die ("Cant find out friends duties for today."); $duty = mysqli_fetch_assoc($result2); if(strpos($duty['Duty'],'SBY') !== false) { // friend STBY $border = 'warning'; $friendsdutytoday = 'Today: <br /> <b>Standby until '.$duty['EndTime'].'</b>'; } elseif (strpos($duty['Duty'],'OFF') !== false || strpos($duty['Duty'],'A/L') !== false || strpos($duty['Duty'],'ADHOC') !== false) { // friend $border = 'success'; $friendsdutytoday = 'Today: <br /> <b>'.$duty['Duty'].'</b>'; } elseif(is_numeric($duty['Duty'])){ // friend WORKING $starttimes = array(); $finishtimes = array(); while($duty=mysqli_fetch_assoc($result2)) { $starttimes[] = $duty['BeginTime']; $finishtimes[] = $duty['EndTime']; } $border = 'info'; $friendsdutytoday = 'Working today <br />'; foreach($starttimes as $value) { echo $value; } echo '<b>'.reset($starttimes).'Z - '.end($finishtimes).'Z</b>'; /////// ERROR ECHOED HERE ///////// } else { $border = 'info'; $friendsdutytoday = 'Today <br /> <b>No Roster</b>'; }Right. Because the first row is the $duty you fetched on line 15. When you start the while loop (31) you throw away $duty and start fetching more rows. Instead of using an empty array for $starttimes and $finishtimes, use an array with the values you already have in $duty.

Pretty straightforward: look at all the files on the server and see if there are any that don't belong. Files you didn't put there yourself. It's also possible that existing files were modified, not just new ones created. As you're looking through everything, keep an eye on the modification times and consider they match up with when you last modified them yourself.

Have you checked whether the server itself was compromised? Somebody is running their own code on it which is blasting emails?

Apparently it's ongoing, which helps. Add some code that will log every time an email is sent. Include at least the date sent, subject line, recipient, and visitor's IP address. Wait a couple days and check the logs to see if it's sending emails that it shouldn't be. Because odds are that (if it's truly sending emails then) there's some sort of exploit, or another tactic, where someone can cause an email to be sent. For sure someone could abuse the registration system to send an email to anyone, but they couldn't hijack it for spam emails so it's not really worth the effort.

That would mean the value of "n" from the Javascript would be 0 or something that cannot be converted to a number. Right? So what is the actual value of n during those requests? Or alternatively, what does the AJAX request look like in terms of the form data submitted (which you should be able to get directly from the browser).

Seems weird that you have this mixture of numbers and strings, but whatever. So you only want to add to $SLevels if the data is a number? I figure if($tmp[0] != '-')would be a good place to do that. To test for a number, try is_numeric.

Looks like you did a print_r(get_object_vars($this))Right? 1. The thing you printed is an array, because that's what get_object_vars does. But $this is an object. 2. "config" is the thing inside it. 3. It is an object (a Config object). 4. "config" is (again) the next thing inside it. 5. It is an array. 6. "sess_expiration" is one of the values you want. Objects use -> and arrays use []. $this->config->config["sess_expiration"]

It'd totally expect you could copy/paste those pages (probably many at a time, or even all at once) into Excel or Google Sheets, then get a CSV version of it. That'd make importing very easy.

If you don't mind too much, I'm going to remove that link you posted. Drive-by malware is not cool. halp.pdf

Kinda depends on what the PDF looks like...

One of two things is true: 1. Your "constants" file is not defining constants. It is defining variables. Variables do not work like constants: variables defined outside a function are not available inside the method. 2. Your constants file is actually defining constants, meaning with define() or const, but you're trying to use variables instead. Because as you can see, Access denied for user ''@'localhost' (using password: NO)you are definitely not passing "root" as the user nor providing the password. As for why the error message is not in your logs, that's because it's output. Actual output. From the code. It outputted the message. print "Error!: " . $e->getMessage() . " ";Right there.

If you have stuff written from back when register_globals was acceptable then it's been a very long time and your code probably needs a once-over. Not just for this problem but potentially others. Otherwise the best thing you can do is fix the code. Really. It might take a while but all you need is stuff like $variable = (isset($_GET["variable"]) ? $_GET["variable"] : "reasonable default value");or if (isset($_GET["variable"])) { $variable = $_GET["variable"]; } else { // show an error }

I don't have MAMP so try... this?