Jump to content

ginerjm

Members
  • Content Count

    4,557
  • Joined

  • Last visited

  • Days Won

    58

Everything posted by ginerjm

  1. You have two posters telling you the same basic thing - you have a problem with your assumed values of things that needs to be addressed rather than ignored. Moreover - you state that you "do the normal $varX= $var1 + $var2". I"m not sure what you are really implying here but have to say that, as a rule, you are not validating your data most of the time if that arithmetic line is "normal" for you. That further indicates to me that you have some serious problems with this application that up until now have been ignored but now has to be resolved. Sorry to say but it does look like you have some thinking to do as to how to easily identify where these issues can arise. One solution might be to replace these kinds of lines with a function that analyzes the incoming values before doing the math. The hard part of course is finding these kinds of lines. Good luck!
  2. ginerjm

    Site Won't Submit Multiple Variables

    Looking at what you just posted: //First Page with Selector// <form id="main-search-form" method="GET" action="<?= $baseurl; ?>/_searchresults6.php" role="search"> The first line appears to be a PHP comment line - certainly not an HTML comment. Therefore your next line is confusing since it seems to be plain html that includes some php code which has to cause a syntax error at some point PS - why a GET? Most of the time it is better to use POST for retrieving form data. PS - your error messages refer to the use of "explode". I can't find an "explode" call in any of this code? Wassup?
  3. ginerjm

    bots and forms

    Apparently you don't understand how English works. My sentence did not quote the manual - it made a statement re: the issue you are having. The manual does however specifically tell you that a 0 or '0' will give a false answer - which is the problem you are having. Am I clearer now?
  4. It appears that your from address is correct, assuming that you are actually using a domain that your server recognizes. BTW - Earlier you stated that you were using PHPMailer yet the code you just posted is NOT using PHPMailer. What happened?
  5. ginerjm

    bots and forms

    That pesky PHP manual. It comes in SO VERY handy. If you looked up 'empty' in the manual's function reference you would see very clearly that you can't rely on empty if a 0 or '0' is a possible entry. It is explicitly mentioned there.
  6. Since nothing seems to be happening with this topic, let me ask this: Can you post the php code that is setting up your email headers for us to review? I basically want to see what the from address is set to since you never actually confirmed that for us.
  7. Is the 'from' address in the email a valid address of your domain name? Meaning, if you are paying a host to serve your domain/website and to handle emails for that same domain name, then the emails you send have to use that domain name in the "from" header of the email. That's the way it is always explained here.
  8. ginerjm

    php get url and pass it to a variable possible?

    Add a new field to the output form and use type='hidden'. Then when you received the POST'ed data, be sure to grab that field along with whatever other input fields you are grabbing. Ok? (Perhaps a quick check of your favorite HTML reference would be helpful here.)
  9. ginerjm

    Faking sessions

    Another thing you could do (OTW here) is create a random "value" to store in that uid that is NOT a true user id or anything resembling an important value. Then use that token to do a lookup on a table setup to just store login data and if you find that token value you will have whatever info you need - such as the true user's id. This way - nobody can alter the session value (good luck with that) to another value that could cause you harm since they are all random and not viewable at all by the hacker. This is an awful lot of work to do for something that is pretty darn safe as it is, but if you think that your appl/data is THAT super-sensitive, then go for it! Rather than read the articles that express fear about the safety of Session data, why not find the ones that tell you how sessions really work and how safe they can be?
  10. ginerjm

    browser history broken after form submit

    Let me say this: Double quotes are not responsible for a "variable to be executed". YOU are totally responsible for any "executing" of variables. Using double quotes rather than single quotes allows for a variable to be "interpreted" as in the following: $myvar = 'abc'; echo 'Myvar is now $myvar'; This will produce an output of : Myvar is now $myvar Using this string: echo "Myvar is now $myvar"; will output: Myvar is now abc which is what you usually want to have happen. There is no "executing" going on here. You use double quotes (or no quotes at all!) in order to have the contents of a variable read or interpreted properly. Many beginners run into this problem (single or double?) before they realize the difference. One rarely uses single quotes around php vars unless they are already wrapped inside another (outer) pair of double quotes. For example: echo "Myvar is now '$myvar' " will output the expected value of: Myvar is now 'abc' simply because the outer pair of double quotes takes precedence over the single ones surrounding the var. Of course you can skip using the quotes by using concatenation of your strings but many times it is easier to read the code when strings are properly using the correct quotes.
  11. ginerjm

    php coding to send email from html form

    Regarding the code here - I don't know why you are using the <button> tag in your form but you must have some reason. While the <input> tag is the much preferred method for submitting a form, you can use <button> but you need to actually specifiy the type='submit' clause in it since different browsers may have a different default when you don't specify what you want. Why are you using <button> anyway? PS - input syntax: <input type='submit' name='btn' value='Submit'> A simple example that does a submit for you. You can use any value for it - I just used Submit.
  12. ginerjm

    check if a file is exist in folder

    Or you could write your code like this: $count3 = count($scan3) - 3; if($count1 !== 0) { header('location:exist.html'); exit; } elseif ($count2 !== 0) { header('location:exist.html'); exit; } elseif ($count3 !== 0) { header('location:exist.html'); exit; } While the tabs in this forum are a bit wider than I would like to see, writing your code in simple straight one-command lines is much better to read. My personal choice is to use the curly braces each on their own line as well - again to make it easy on the eyes. NEVER put 2 commands on one line.
  13. ginerjm

    upgrade OR implimentation problem

    I think we would like to see your EXACT table definitions so we can see how you are storing things.
  14. Requinix - as usual you are "more right" than I. OP - sorry for my lack of understanding.
  15. I hate to sound rude and crude, but if you are 'new' then why are you in charge of such a serious project?
  16. ginerjm

    Sessions Without Cookies in PHP 7

    And who/what told you to not use cookies???
  17. ginerjm

    php get url and pass it to a variable possible?

    If you are making the decision when you send the page out as to what property is involved, why not have a hidden field in that same form that identifies the property for you? Perhaps an id number from your database of properties? And when you receive the form be sure to validate the hidden id against your database to avoid hackers.
  18. ginerjm

    check if a file is exist in folder

    Not sure how you determine that a file exists or not. Normally we would use the is_file function to specifically look for a filename in a folder. Have you tried that approach instead of a counting method?
  19. ginerjm

    findAndModify() usage in a function

    And your most recent post makes it even more unclear...
  20. ginerjm

    findAndModify() usage in a function

    I stand behind my previous post. Your code makes no sense to us. For example - what does this SINGLE line do for you? $conn = DB::table('counter')->where('name', $name )->first(); It doesn't appear to be calling any function unless you have a class named DB that has a method named 'table'. And if it does - what exactly are the arguments that you are providing in the call to that method?
  21. ginerjm

    Unable to use connection to MySQL

    Obviously, code is required if you really want us to try and help... BUT - please - only the relevant code? Like maybe the method that does the connection and the code that calls it and tries to go further after making/not making the connection.
  22. ginerjm

    findAndModify() usage in a function

    You do realize that you are showing us virtually nothing? The calls to what seem to be methods of some undefined class cannot be interpreted by us since we have no idea what code we are attempting to access with those calls. Even the structure of the calls is confusing without knowing the underlying structure of the class' methods. I assume the class is named 'DB' but I don't know how one creates and uses a line that references somethings called "table", "where" and "first" all in one statement, if that is even what we are supposed to think is happening here.
  23. ginerjm

    <?php echo "\n" sourcing

    If you don't know much about php WHY would you want to modify a block of code that is creating your entire front page??? Yes - this line does a php "echo" (ie, send something to the client/web page) to generate some output that is created by the method call to the 'frontSections()' function. The line switches into php mode for the echo and call and then exits php mode so that you are then back in html mode.
  24. ginerjm

    onsubmit php in form

    I would move the onsubmit to a submit button element (or whatever is actually triggering it) and use a "return xxxxx" format so that it cause the submit action to fail if your function doesn't like something. Your style may work but not being familiar with using the onsubmit at the form level instead of the type=submit level I have to work with what I (think) I know. The format of that call would be : <input type='submit' name=xxx onclick='return myfunction()'> where your function has to return either a true or false value in order to cause to to work properly. Of course you can use the function to display any error messages generated, using a hidden ( or unused) text area (or span) for showing any messages. Have fun! Ps - you might want to learn how to do your design stuff (ie, 'css') using actual CSS code rather than doing it inline on each and every element that you want to stylize.
  25. ginerjm

    Cant figure out PHP/MySQL Error

    Now that it has been pointed out to me that 2 &'s are necessary I suddenly realize that I have never seen anyone NOT use 'AND' in their queries. For PHP, yes && is the rule.
×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.