davidannis
-
Posts
627 -
Joined
-
Last visited
-
Days Won
2
Posts posted by davidannis
-
-
Try adding a line
$total = str_replace(",","",$total);before the line
$centinel_total = $total * 100;
-
Looks to me like you carefully strip commas out of $totalex but then use $total without stripping out commas.
-
it's likely that your actual complete code is deleting the file after you have moved it to the folder. i'm betting if you put a die; statement after the echo '<br>$result: '.$result; line, that the file will be present in the folder.
edit: btw - how do you know the file isn't in the folder? what method are you using to get a listing of the files, since the fault may be in the method being used?
You were right. I was not refreshing the sftp client, assuming incorrectly that it refreshed on a change in directories. In the script itself I was trapping the error on the resize incorrectly. I think I may have it now. You caught two errors. Now to fix the resize error. I'm feeling really stupid. Thanks for the help.
-
it's likely that your actual complete code is deleting the file after you have moved it to the folder. i'm betting if you put a die; statement after the echo '<br>$result: '.$result; line, that the file will be present in the folder.
edit: btw - how do you know the file isn't in the folder? what method are you using to get a listing of the files, since the fault may be in the method being used?
The simple test script that I posted in its entirety does not work so there is nothing past the echo '<br>$result: '.$result; line.
I have used sftp to look for the file. Can't display it. In the full script the resize throws an error because it is not there. I am pretty sure that It is not there.
-
I have moved the upload directory out of public_html and I'm using fileinfo to revalidate mime type in addition to the gd getsimagesizes and the resize. I believe I can strip the EXIF data when I resize but I'll need to put some of it back because I don't want to remove copyright.
-
Thank you for the response.
When I try a simple script using file put contents:
<?php $file2='/home/lineligh/public_html/Art3/artwork'.'/test1.txt'; $current = "Test\n"; file_put_contents($file2, $current); ?>
I get a 5 byte file in the artwork directory as expected.
Besides that, your code is extremely insecure and buggy. You let anybody upload malicious scripts to your server as long as they claim that the file is an image (the type in $_FILES can be set to anything by the client). I strongly recommend that you you learn the basics of secure file uploads before you even think about placing files on your server.The script I posted is a sample extracted from the whole in which I pulled the most bare bones pieces out to illustrate the problem and make sure that the problem wasn't occurring in some prior step. In the full script I validate the file and resize it using the gd imagescale, I move the file after the resize into a directory that has script execution disabled in htaccess but I'll also look at the link you provided to see if I can tighten it further. The actual script is also password protected (with a salted and hashed password) and only available to a limited number of users for whom I have real world identities. Each upload is logged with the user ID.
Thanks,
David
-
I have a script that uploads files fine on my local server running MAMP but when I upload it I get no file upload. I have tried to simplify as much as possible to troubleshoot and came up with the following script:
<?php ini_set('display_errors', 1); error_reporting(E_ALL); define('BASE_DIR', '/home/lineligh/public_html/Art3/'); define('IMG_UPLOAD_DIR',BASE_DIR.'artwork/'); $id='4'; print_r($_FILES); if (isset($_FILES['picture']['name'])) { //check size if ($_FILES['picture']['size'] > 900000) { $uploaderr = true; $uploaderrmsg.='File must be less than 900,000 bytes<br />'; } //check type if ($_FILES['picture']['type'] != "image/jpeg" && $_FILES['picture']['type'] != "image/png") { $uploaderr = true; $uploaderrmsg.='File must be a jpeg or png<br />'; } $uploaddir = IMG_UPLOAD_DIR; $uploadfile = $uploaddir . $id . '.' . end((explode(".", $_FILES["picture"]["name"]))); $result = move_uploaded_file($_FILES['picture']['tmp_name'], $uploadfile); echo '<br>'.$_FILES['picture']['tmp_name']."</br>"; echo $uploadfile; echo '<br>$result: '.$result; } ?>Which produces the following output:
Array ( [picture] => Array ( [name] => Olivia-IMG_8678.jpg [type] => image/jpeg [tmp_name] => /tmp/phpe5Vpyq [error] => 0 [size] => 192649 ) ) /tmp/phpe5Vpyq /home/lineligh/public_html/Art3/artwork/4.jpg $result: 1
So, the file gets to the server, the move_uploaded_file function claims that it successfully renames the file and puts it in /home/lineligh/public_html/Art3/artwork/ but if I look for the file it is not there. I'm stumped as to what else to check. Webhosting company swears that my permissions are correct.
-
The header was sent because of a blank line at the end of an included php file and because of the warning messages. Once I got rid of both the blank line and the warnings it works. Thank you all for the help.
-
Adding http:// makes no difference
Setting Error Reporting to E_ALL gives me warnings about undeclared variables and undefined indexes followed by an error because the header was already sent. error_reporting(E_ERROR); results in the same blank screen.
-
I am trying to redirect to the login page if a user is not logged in. I have the following piece of code:
$slashpos= strrpos($_SERVER['SCRIPT_NAME'], '/'); $path=substr($_SERVER['SCRIPT_NAME'],0,($slashpos+1)); header('Location: '. $_SERVER['HTTP_HOST'].$path.'login.php?message=This%20page%20is%20only%20for%20gallery%20personnel'); //echo 'Location: '. $_SERVER['HTTP_HOST'].$path.'login.php?message=This%20page%20is%20only%20for%20gallery%20personnel'; exit('');If I execute the script as is I get nothing - a blank page.
If I uncomment the echo line I get:
Location: localhost:8888/Art3/theme/login.php?message=This%20page%20is%20only%20for%20gallery%20personnel
which seems right to me.
I have the following lines at the top of the script and I'm getting no errors
ini_set('display_errors', 1); error_reporting(0);I have tried:
just using 'Location: login.php?message=foo' and
constructing the URL from $_SERVER['SERVER_NAME'] and $_SERVER['SERVER_PORT']
-
Can't you just "SELECT FROM in_chatroom WHERE 1" and display all the usernames? The table should have everyone who has been active in the last 5 minutes.
-
You already count good and bad answers and then score them here:
if($good_answers > $bad_answers){ $result = $good_answers - $bad_answers; }else{ $result = 0; }Why not just change the scoring to?
if($good_answers ==3 && $bad_answers==0){ $result = 1; }else{ $result = 0; }-
1
-
-
Unless you are using this as a way to learn to code, instead of reinventing the wheel, I would suggest using a form processor that is already written and tested. I have used the one from tectite before.
-
You have a couple extra opne php tags in there.
$server = ' <?php $link = mysqli_connect( <?php
instead of actual code. Looks like you have that hardcoded on the line below, so you can get rid of those two lines. Also, NEVER post passwords for your databases. You will get hacked.
-
Please post some context. Does the line before end in a ;
-
You need to check if cat is in your string, if wheel is after and if so replace
if (strpos('cat',$line) && (strpos('wheel',$line)>strpos('cat',$line))){ //replace things here } -
In the script to which you submit, you will have a multidimensional array $_POST['check_list'][] with the values. To see what you have try this:
echo "<pre>\n"; print_r($_POST['check_list']); echo "</pre>\n";
To process each value in the array $_POST['check_list'] use
foreach ($_POST['check_list'] as $value){ //do whatever here } -
To put the output from your php script into a div named namehere you'd use a line:
document.getElementById('namehere').innerHTML = ajaxobject.responseText;of using jquery
$("#namehere").html(responseText) -
Do you have the indices flipped?
$prices[$i]['date'], $prices[$i]['price']
Perhaps you meant to type:
$prices['date'][$i], $prices['price'][$i]
try looking at the array with print_r($prices);
-
Sorry but your description of the issue is really hard to follow without code. Please post it when you can.
-
I think that perhaps the problem is this line:
if($_POST['formSubmitRequest'] == "SubmitRequest")
which says only create and send the message if the field formSubmitRequest contains the value SubmitRequest
but the button is named submit and the value has a space in it.
<input type="submit" name="submit" id="submit" value="Submit Request" />You need to change the form or the script so that names and values match.
-
The line
mail($to,$email_subject,$email_body,$headers);
sends an email message to the address contained in $to, with the subject line contained in $email_subject, and the message contents is whatever is in the variable $email_body but you are trying to send yourself information that you are putting in $message. You need to do something like this:
// build message $message = "Drake Centre Event Form.\n\n"; $message .= "name: $name\n\n"; $message .= "address: $address\n\n"; $message .= "phone_number: $phone_number\n\n"; $message .= "cell_number: $cell_number\n\n"; $message .= "email_address: $email_address\n\n"; $message .= "event_date: $event_date\n\n"; $message .= "event_time: $event_time\n\n"; $message .= "attendance: $attendance\n\n"; $message .= "banquet_room: $banquet_room\n\n"; $message .= "both_rooms: $both_rooms\n\n"; $message .= "bar_area: $bar_area\n\n"; $message .= "contact_name: $contact_name\n\n"; $message .= "phone_number: $phone_number\n\n"; $message .= "dvd: $dvd\n\n"; $message .= "questions: $questions\n\n"; mail($to,$email_subject,$message,$headers);
What error messages do you get now that they display?
-
Put this at the TOP of your files so errors display:
<?php ini_set("display_errors", "1"); error_reporting(-1); ?>Also, I noticed that you build your message after you send the mail:
mail($to,$email_subject,$email_body,$headers); // build message $message = "Drake Centre Event Form.\n\n"; $message .= "name: $name\n\n"; $message .= "address: $address\n\n"; $message .= "phone_number: $phone_number\n\n"; $message .= "cell_number: $cell_number\n\n"; $message .= "email_address: $email_address\n\n"; $message .= "event_date: $event_date\n\n"; $message .= "event_time: $event_time\n\n"; $message .= "attendance: $attendance\n\n"; $message .= "banquet_room: $banquet_room\n\n"; $message .= "both_rooms: $both_rooms\n\n"; $message .= "bar_area: $bar_area\n\n"; $message .= "contact_name: $contact_name\n\n"; $message .= "phone_number: $phone_number\n\n"; $message .= "dvd: $dvd\n\n"; $message .= "questions: $questions\n\n";
and you send $email_body but build $message.
-
You should probably post the relevant sections of the code and html in the message so we don't have to download it. Use the <> button on the editor to get a box into which you can paste the code and have it formatted. I'm off to download your code.
cart system 3d secure coding help
in PHP Coding Help
Posted
Someplace in the code that is not shown it is inserting commas to separate thousands digits, I'm sure to make it easier for humans to read. I suspect it does it for the tax too but I can't tell without see the code in question. In any case, you'd need a very expensive cart to have taxes that high and a similar line to strip the commas would work.
Barand is right - you should not store the values with the commas but we'd need to see all of the code to properly fix it.