requinix

If you're already detecting application/json then it wouldn't be much more to handle urlencoded... Do you need to support []s in other forms in the immediate future? If not then I'd probably go for maxxd's direct approach, even if it's just for this specific form.

Learning? That's fine. But there's one really important thing about programming that lots of newbies don't always get around to learning, and it's really, really important that they understand it sooner rather than later. Indentation. This if(isset($_POST['new']) && $_POST['new']==1){ $pickups = ''; foreach($_POST['pickups'] as $cnt => $pickups) $pickups .= ',' .$pickups; $locations = count($_POST["pickups"]); makes it look like (1) the if statement isn't doing anything and (2) the $locations line is inside the same foreach loop that the $pickups line is. Every { means the next line indents further in by one, every } means the next line indents back out by one. Plus a couple other rules, like how when you don't use braces { } with control structure (like foreach) then the single line after it gets indented - or better yet, always use braces { }. The above code should look more like if(isset($_POST['new']) && $_POST['new']==1){ $pickups = ''; foreach($_POST['pickups'] as $cnt => $pickups) $pickups .= ',' .$pickups; $locations = count($_POST["pickups"]); That properly shows where each line is relative to the if (all of them are included and thus only run when new=1) and to the foreach (it only affects the $pickups line and not the $locations line). Take a moment to learn some more about indentation, then go back to the code you first posted - definitely the PHP but the HTML could benefit from proper indentation as well (<tag> indents in, </tag> indents out) - and then post the revised version. It still won't work correctly, because PHP is a reasonable language and doesn't do stupid things like care about how many spaces or tabs you used to indent your code, but it will be much easier to scan through. Plus it will help to point out exactly what other code is part of that one problematic for loop that is now the subject of conversation.

Well yeah: you put the code to insert inside the for loop that goes over each location.

I have no idea. It's your website, not mine.

Whatever ecommerce thing you're using for that shop has to have its configuration updated so that it knows about the new URL. You're also going to discover that you need another RewriteRule flag. When that happens, check the mod_rewrite documentation for a flag dealing with query strings.

And you're saying that it's specifically a reCAPTCHA problem, right? According to the code, $url = "https://www.google.com/recaptcha/api/siteverify secret =$secretKey&response=$responseKey&remoteip=$UserIP"; the URL you're trying to retrieve is https://www.google.com/recaptcha/api/siteverify%0D%20%20%20%20secret%20=(key)&response=(value)&remoteip=(ip) Does that look like a good URL to you? Those %s represent the line break (because your $url string spans multiple lines) and spaces (because there are spaces in the string) and really, really need to not be there. With that out of the way, 1. You've posted your secret key on a public website. You can safely assume that it has now been compromised. Deactivate that key immediately and get a new one. 2. Screenshots of code are nice but posting the actual code is better. Because I had to type out that $url thing earlier. Please don't make me do that again. When you're writing a post, use the Code <> button and its popup to insert the code into your post.

I don't know what solution you found "at the moment", but a while ago I told you that you have to update the URLs you put onto your site to use the new forms, and that it will not happen automatically for you. For example, that means you have to replace every <a href="/index_pl.php?src=home"> with <a href="/home">

Any particular reason you have to be sending JSON from this form? REST commonly uses JSON nowadays, sure, but that doesn't mean you can't also accept requests in other formats as long as the data decodes into the correct schema. In an ideal web framework, the Content-Type of the input is not restricted. It can be whatever as long as the framework knows how to interpret it. That's why abstracting out $_POST is nice: PHP only handles a couple types, but a framework could read the Content-Type and decode the input appropriately.

That was too easy... To make sure we're on the same page, I'm talking about replacing those 10 $postals with a single array containing up to 10 items. Note the "up to". You only store the good values in there, meaning the whole "I have to check if they're empty" doesn't need to happen (at least not once the values are in there). It also means you could store more than 10 if you wanted. Like (up to) 15. Or maybe you decide you have too many and want to lower it to having (up to) 5. Or whatever. And the code using the array wouldn't have to change.

If your code has and $$s in it then it is doing something terribly wrong. Use an array for the postal codes like a normal person.

Don't make a random number. Use a real number. Even better, don't restrict yourself to a literal number but allow it to be a string. You can do a lot more with a string, such as create an order "number" built from the customer ID and date. But if you want advice that's actually good then you'll have to describe your system and the nature of these order numbers.

The REMOTE_USER is a value that is populated for you if the user is set up to be authenticated through your web server. It is not. Nor is it likely what you should be using if you have to work with a database. You need a custom (potentially) mechanism to authenticate users against your database. That seems to mean using AuthManager.

That is not what REMOTE_USER is for. Why do you think you are supposed to be using it?

As far as I can tell, either you're asking how to do something you already know how to do, or you're asking how to do something I've already told you how to do.

https://forums.phpfreaks.com/topic/312067-i-would-like-nice-url-link-how-change/

People who disable cookies have a fundamentally broken internet experience. They're used to creating exceptions in their browser to allow sites to work. Remind people your site uses cookies - which you kinda "have" to do already, thanks to GDPR. Well that's the dumbest excuse I've heard all month.

starting to run out of crystal balls here... header() redirects tell the browser to go to a different place than they first tried to go. It has nothing to do with transitions. If you want a transition between pages then what you do with header() is irrelevant. If you're having a problem with transitions not working, forget the header() and make them work normally first.

But what about other pages? You'd have to add RewriteRules for every single one. Go back to the version you had just before this one and see if you can't fix it in a different way. A way that would allow you to use the same URL pattern for more than one page. You'll also have to deal with that white page, because even if you don't have a page like /foo, you at least need to make sure index_pl.php?src=foo doesn't crash in some bad way. First step is fixing all of your URLs so that you do not try to give people URLs like /index_pl.php?src=home. You have to change those yourself. It will not happen automatically, Apache will not scan through your HTML and fix your links for you.

I didn't go any further than that. You can test it for yourself easily enough: grab a smartphone, get off your wifi, and browse to http://your-ip-address.

Was I wrong? You said you have some problem with duplicate stuff, or code running too long, and your solution was not to deal with the duplicates or why the code isn't stopping but to do something else to sweep the actual problem under the carpet. Keep sweeping stuff under the carpet and you'll have a big pile of 💩. Do you need help identifying why there are duplicates, or why there's apparently too much stuff, or whatever the real problem is I kinda lost track?

I doubt very much you've been "hacked" by anything, but I just confirmed you really do have port 80 open on your internet-facing machine so who knows, maybe some bot did? All I do know is that there is some important piece of information that you may or may not be aware of which would explain what's happening in a more technical way. Oh, and one more thing: exposing a web server on your personal machine to the internet when you (no offense, but) don't know how to tell whether you've been hacked by something is really not a smart idea. The safest course of action would be to wipe your computer, as well as anything that could have come in contact with it.

http://www.catb.org/~esr/faqs/smart-questions.html

So are you saying that you get a ERR_CONNECTION_REFUSED when you try to browse to a couple pages on your site but not for everything else? And everything in your browser's address bar looks correct, domain and path and all?

If it's not loading on the page then you have to find out exactly why it's not loading on the page. Any errors in your browser's developer console?

Basically, yes, but that's not what you posted. You posted #RewriteCond %{HTTP_HOST} !^www\. #RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] I can assume that the # commenting was added by you and not what the host said to do, but the part where it checks if the domain is wrong and, if so, redirects to the same domain is less likely to be. I don't think so. In fact I'm not even sure [L] matters if you use [R].