Jump to content

mac_gyver

Staff Alumni
  • Posts

    5,450
  • Joined

  • Days Won

    175

Everything posted by mac_gyver

  1. do these images work correctly when your chat code displays them by retrieving the 'pprofilepic' value and producing an <img link? are you sure that the images exist and haven't already been removed? relative paths are relative to the current working directory. what does adding the the following to the script show - echo getcwd(); echo '<br>'; echo __FILE__; also, please browse to one of these images and post the URL for us to see. if you don't want to post your domain name, xxxx it out, but don't change anything that's after the domain name. you could always form an absolute path, starting with '/home/zhetnsdd/public_html/chat2/profile/' and concatenate the 'pprofilepic' value it. if you are going to run this script via a cron job (you are apparently browsing to it now), i'm not sure what the correct env variable would be to build that dynamically.
  2. without having all the code that REPRODUCES the problem all we can do is make guesses. some possibilities - 1) output buffering is on in the php.ini and any output you are sending from the php code is being discarded because you are doing a header(), session_start(), or setcookie() statement after the code you have posted. 2) your page is being requested twice, perhaps once by javascript and a second time by the browser, and the result you are seeing is from the second page request. if you care to post enough of your code that reproduces the problem, less any database credentials, someone could actually find what's causing the problem. edit: also, since you are determining what will be displayed on the page, you should be making a get request, not a post request.
  3. after you figure out if you are going to use prepared queries or not, forget about the INSERT ... ON DUPLICATE part of a single query that i mentioned. you already have the data inserted and an id assigned that corresponds to what is being viewed, you would just use a single UPDATE query. the following code and query will both update the view count by one and retrieve and echo the updated count value - $query = "UPDATE ".$cg->dbprefix."hdflv_upload SET times_viewed = LAST_INSERT_ID(times_viewed+1) WHERE id = ?"; // use a bound parameter in a prepared query for the $idpos value // mysqli prepared query $stmt = $con->prepare($query); $stmt->bind_param("i", $idpos); $stmt->execute(); $addone = mysqli_insert_id($con); // retrieve the updated times_viewed value echo $addone;
  4. because this value is not a string and is not being treated as a string in the sql statement, using any escape string function on it does NOT protect against sql injection. you can inject sql using a hexadecimal value (that encodes some sql syntax) that contains no sql special characters, that the escape string function has no affect on, and mysql will happily convert the hexadecimal value back to the original encoded string. this is made worse by the posted code because is_numeric() allows a hexadecimal value. you need to either validate/cast each value as the CORRECT data type that it is or use prepared sql queries. if the $idpos is expected to be an integer, you must validate/cast it as ONLY an integer value. unfortunately, using any php code that treats the value as an integer will limit the value to php's maximum integer value, which varies depending on the bit length supported on your hardware/operating system. making sure the value only contains numeric characters, see ctype_digit(), will at least limit it to an integer value, including zero. as has already been posted, using PDO for prepared sql queries is more consistent and simpler than using msyqli_ for prepared queries. also, you don't need to SELECT data in order to UPDATE it and in fact there's a race condition present where you will loose counts when there are multiple concurrent instances of your code running. you should be using one INSERT ... ON DUPLICATE KEY UPDATE ... query to do this.
  5. this is a very common error. if you search the web for it, you will get several million results that tell you what causes it and how to fix what is causing it. you cannot send any (1 or more) character to the browser before you use a header(), session_start(), of setcookie() statement. ALL THE HTML MARKUP you have before the header() statement are characters and cannot be sent to the browser. the way to fix this is to refactor your code and move the majority of your php code to the top of your file and put ALL the html document, starting with the <!DOCTYPE tag near the end of your file. the only php code that should be inside the html document as basic php statements that are concerned with displaying the dynamic portion of the html document. logging a user is has nothing to do with the html document. if you read the following post for a recommend page layout to follow, your code won't have this problem, because processing post method form data will be near the top of your file and the html document/template will be at the end - http://forums.phpfreaks.com/topic/297824-database-issues-and-working/?do=findComment&comment=1519095
  6. since you didn't post your script that's dynamically adding the repeat regions, when i tested i used a method that caused the dynamically added regions to work. which is why someone has suggested twice in this thread that you need to post the relevant code that reproduces a problem. unless you are calling your product1() function after you dynamically add a region, the current problem is mostly likely this - $('.form-control.products1').change(function () {. this won't add the change event to any classes that are created after that bit of javascript runs. change that line to the following to get the event to work for all the product select/option menus that exist in the document - $(document).on('change', '.form-control.products1' , function() {
  7. your SELECT query is part of the 'get method' code that determines what to display on the page. it should not be conditional. your 'post method' form processing code should be near the top of your file and come before any html markup. see the following post for a suggested single page code layout that will help make this process fool proof - http://forums.phpfreaks.com/topic/297824-database-issues-and-working/?do=findComment&comment=1519095 also, when asking for help, you must tell or show us exactly what result you got, even if you got a blank page, since we are not sitting there with you and don't know what "it's not working" means.
  8. the code you posted is where the header() statement is at. that's just the affect of the error. the cause of the problem is the OUTPUT you are sending in login.php on line 12 - (output started at /home/wetdogno/public_html/login_scripts/login.php:12)
  9. if the problem was the price select/option menus, the change to the line of code that i gave will fix this. as to id's in the DOM, you don't need any, especially if you are dynamically adding/removing repeat regions in the DOM. if you mean the 1's you have as part of the class names, you don't need these either. they are serving no useful purpose as part of the class name. if you have a current problem that you need help with, you will need to specifically state what the problem is and post the relevant code.
  10. if you are asking about a mysql query statement, a short version for multiple OR's would be - day IN(1,2,3,4)
  11. lol, that may be where the error is occurring, but to find out what's causing the error you will need to determine what the sql query statement in $sql is and what the parameters are in $params, then backtrack to find the code that's producing those and find and fix why it isn't doing the correct things. i would echo $sql; and print_r($params); inside the ->query(....) method as a start.
  12. your code for the id/vat fields works for me with multiple sets of data. however, this part doesn't - $('.form-control.prices1').html(options); that's setting all the select/option menus to the same set of prices, and resetting already selected prices, when you pick a product. you would need to use the following to get the price select/option menus to work independently and correctly - $(this).closest('.form-group').find('.form-control.prices1').html(options); as to why your id/vat fields don't work properly - computer's don't have imaginations. programming is an exact science. exactly what, how, and where you are dynamically adding the markup in the DOM would be the most likely cause of the problem. there's a dozen different ways of doing this/types of mistakes you could have in your code that could be causing the problem. it would take having enough of your code that duplicates the problem in order to help.
  13. your current error is because the number of columns in your db table doesn't match the number of data items. you need to echo out the sql query statement in $query so that you can see what it is. also, you should ALWAYS use the form of INSERT query syntax where you list out the columns. this will help you insure that you are building the sql query statement correctly since the column list will be right there in the code when you are writing the code to put the data into the query. next, your database design needs some help. you should be storing a user_id, not a name, in the table and you should not have columns with names like card1, card2, card3. each piece of data should be stored as a separate row. lastly, you should not be putting external data directly into an sql query statement (you should be using a prepared query or properly escaping/casting data as the correct type) and the msyql_ database functions are obsolete and have been removed from the latest version of php. the PDO database class is the best choice for replacing the mysql_ functions.
  14. the code you posted in this thread was broken because you made edits to it to remove information from the post and you removed at least one quote/semi-colon, which made it next to impossible to help based on the code, because we don't know what else you may have changed in it when posting it. repost the code, literally just replacing any sensitive information with x's (you should have this type of information defined in a require'ed file using variables or defined constants anyway), but do not modify any syntax, such as quotes, semi-colons, ... next, assuming this is a run-time error, and not a php syntax error, you should have the following three lines at the start of your php code to get all php detected run-time errors reported and displayed - ini_set("display_startup_errors", "1"); ini_set("display_errors", "1"); error_reporting(-1); have you tried a .php file with just something simple like the following in it - <?php echo 'yes php works'; ?> is there a .htaccess file that came from the old hosting? it may have some statements in it that's producing an error. however, there should be errors in the web server error log. if you do have a .htaccess file, what is the contents of the .htaccess file? also, what was the web server type on the both the old and new hosting?
  15. this should do what you are asking, without all the hard-coded logic (DRY programming), making it easier to modify any portion of the code or markup - <?php // if the current time period is between (inclusive) the start and end, return true function betweenTime($time, $start, $end) { // strcmp - // greater or equal would be >= 0 // less or equal would be <= 0 if((strcmp($time,$start) >= 0 && strcmp($time,$end) <= 0)) { return true; } else { return false; } } // sample data $Appts = array(); $Appts[] = array('start'=>'2015-12-22 08:00:00','end'=>'2015-12-22 08:00:00'); $Appts[] = array('start'=>'2015-12-22 10:00:00','end'=>'2015-12-22 12:00:00'); $Appts[] = array('start'=>'2015-12-22 13:00:00','end'=>'2015-12-22 13:30:00'); // list of times 8:00 am (08:00) to 12am (00:00) for the <td></td> grid and to test against $times = array ( 0 => '08:00', 1 => '08:30', 2 => '09:00', 3 => '09:30', 4 => '10:00', 5 => '10:30', 6 => '11:00', 7 => '11:30', 8 => '12:00', 9 => '12:30', 10 => '13:00', 11 => '13:30', 12 => '14:00', 13 => '14:30', 14 => '15:00', 15 => '15:30', 16 => '16:00', 17 => '16:30', 18 => '17:00', 19 => '17:30', 20 => '18:00', 21 => '18:30', 22 => '19:00', 23 => '19:30', 24 => '20:00', 25 => '20:30', 26 => '21:00', 27 => '21:30', 28 => '22:00', 29 => '22:30', 30 => '23:00', 31=> '00:00'); // loop over data foreach($Appts as $arr){ // get just the HH:MM of the 'YYYY-MM-DD HH:MM:SS' values $start = substr($arr['start'], 11, 5); $end = substr($arr['end'], 11, 5); echo ' <tr class="participant"> <td class="pname"><div class="pname">James</div></td>' . "\n"; // output the time grid foreach($times as $time){ $class = betweenTime($time,$start, $end) ? 'y' : 'n'; echo '<td class="partTableCell ' . $class . ' dsep pok"></td>' . "\n"; } echo '<td class="partTableCell n dsep pok"><img src="assets/images/delete.png" width="20" height="20" /></td> </tr>' . "\n\n"; }
  16. this is a reply from the end of your last thread - your php code is running the query twice. if you don't see the lines in your code that are doing that, i don't think you are looking at your code.
  17. that's not an 'error'. it's the raw php code. if the raw php code is being output to the browser, either - 1) you didn't use a URL when you requested the page and you ended up requesting the file through the file system. 2) the code doesn't start with a full opening php tag - <?php 3) the file extension isn't .php 4) you don't have php installed and working on your web server.
  18. the code as posted above doesn't produce that error. it's likely that something about how it was published, with the highlighting, and how you copied it into your file or what you used as an editor got some encoded characters or the edits you did introduced a curly/smart-quote instead of a straight-quote. i would copy/paste the above into a completely new file and try it.
  19. we are not here to modify someone else's code to do what you want. if you cannot make this change yourself, ask the Author of the software to do it or find another way. you should also not be using values calculated in the client, on the server, even if you trust the person who is filling in the form on the client. you should only display client-side calculated values, as a convenience for the user, but your server-side code should do any calculation based on the original data that's stored on the server. you should also not store calculated values in a database table. this is derived information and should be calculated when needed.
  20. your code and data doesn't produce that error for me. some of the possibilities would be - your actual code for the join(....) statement contains some characters that php doesn't recognize, but which appear normal after being put into the forum post (are you typing this code or copy/pasting it from somewhere where it could have been 'published' with some non-ascii character encoding?), the data itself or the point where you are displaying the debugging output contains or is in some html markup that's hiding what is really going on (what does the 'view source' in your browser show for that output?) or the code being posted or the line number being mentioned in the error doesn't actually correspond to what the code really is (this usually happens when you have multiple versions of code and the wrong one is being executed or you have multiple statements and the one producing the error is different from the one you are looking at/posting for us to look at.) you are basically asking someone to look at the tail ass end (symptom) of an animal and describe what the head (cause) looks like. this just results in a bunch of guessing and the problem could likely be a more obscure 4th or 5th thing that i didn't even mention. it's not that i/we don't trust you, it's that we have seen every possible combination of output and stated symptoms that don't tell the full story of what the code or result actually is. what is your full code from the point of the sql query statement up through where the current error is being reported at and are you outputting any html prior to this code that could be hiding some of the output?
  21. no one asked what it is being used for.
  22. what is $values being created as? the error means it is being assigned a string value at some point.
  23. you would strip the currency symbol from the submitted form data, in the php code. i hope you are only using this as a learning tool for inserting form data into a database table? this example code is not how you would do this work-flow in real life. it is only a demonstration of some css and javascript tricks and mixes editable form design elements and form data elements. if you were doing this for real, the form design elements (logo, company information...) would be created/edited and persistently stored somewhere and could not be changed by the person adding items to the invoice. if you are creating an invoice for a new customer, you would first add the customer information to `customer` db table. to create a new invoice for a customer, you would select the customer from a list of customers from the `customer` db table. this would create a new entry in an `invoice` db table. only the customer_id would be stored in the invoice table and would be used to retrieve the customer information from the `customer` db table to display it on the invoice. adding an entry to the `invoice` db table would assign the invoice number/invoice_id for this invoice. you would then select/enter items for the invoice. these items would be stored in an `invoice_details` table and be related to the invoice they belong to using the invoice_id.
  24. if your Inmate class is DEPENDENT on using a database class, you should use dependency injection (a web search will explain what that means) to get the instance of the pdo database class into your Inmate class. usually, you would supply the instance of the pdo database class as a call time parameter when you initiate the Inmate class. you would store the instance of the pdo database class in a property in your Inmate class and reference it within the class wherever it is need. why are you passing an empty array as input into your Inmate class when you initiate it, but are not using that array in the constructor method code? this is not how classes are used. when you create an instance of a class, you reference the class methods and class properties of that class. any input data from the calling code would be passed into a method as a call time parameter and any output data back to the calling code would be returned from a method.
  25. here's another issue with the database design and this code. user/customer information, like first and last names, should be stored in a users/customers table. it should not be stored in tables holding purchase_orders and service_orders data. any rows in the purchase_orders and service_orders tables should be related back to the user/customer data using an id.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.