Jump to content

cyberRobot

Moderators
  • Content Count

    2,896
  • Joined

  • Last visited

  • Days Won

    23

cyberRobot last won the day on November 1 2018

cyberRobot had the most liked content!

Community Reputation

113 Excellent

About cyberRobot

  • Rank
    Much to Learn

Contact Methods

  • Website URL
    http://www.cyberscorpion.com/

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

84,488 profile views
  1. It looks like there are some missing descriptions / broken placeholders on pages like the following: https://forums.phpfreaks.com/forum/3-php-coding/ The placeholder text can be found under the "PHP Coding" heading. Instead of displaying a description, it says "forums_forum_3_desc". The same goes for the following pages: Client Side - https://forums.phpfreaks.com/forum/6-client-side/ Web Server Administration - https://forums.phpfreaks.com/forum/4-web-server-administration/ Other - https://forums.phpfreaks.com/forum/9-other/ General Discussion - https://forums.phpfreaks.com/forum/8-general-discussion/ Archive - https://forums.phpfreaks.com/forum/12-archive/
  2. Also note that the link provided by requinix contains examples of passing by reference. In case you're not aware, PHP can be set to display all errors and warnings. The settings are helpful during the development / debugging process. Just be sure to change the settings back to where errors / warnings are not displayed publicly once your script is live. The messages aren't user friendly and can aid malicious actors. More information about showing / hiding errors and warnings can be found here: https://www.php.net/manual/en/function.error-reporting.php
  3. Alternatively, you could use a search engine like Google. Searching for function names like "mysqli_fetch_array" usually lead to the corresponding PHP manual page, without needed to know the overarching class. For function names that are common to multiple programming languages, you could try "php count". More often than not, the PHP manual is in the first few links...at least it has been for me. Minor side note @Nikhilesh: mysqli_fetch_array() gives you both an associative array and a numeric array for your data. In other words, if your database table has 2 columns (id and count), $row will contain 4 values ($row[0] - containing the ID, $row[1] - containing count, $row['id'], and $row['count']). I'm guessing that most people who use mysqli_fetch_array() never use the numeric indexes. If you don't plan on using the numeric indexes, you would be better off using mysqli_fetch_assoc() instead. This type of advice also goes for the "*" in your query. Unless you need every column from your database table, it's better to specify the columns you actually need.
  4. I'm guessing Pacific Time since requinix posted the notice. The location set under requinix's profile is "America/Los_Angeles".
  5. Side note: you'll want to avoid outputting the raw value of $_SERVER['PHP_SELF']. Having code like the following opens your page up to XSS (cross-site scripting) attacks: <form method="post" action="<?=$_SERVER['PHP_SELF'];?>"> In this particular case, you can leave the action attribute blank, as Barand's post showed. <form method="post" action=""> If you think that's weird, you could also hard-code the page name. <form method="post" action="bayonette-test.php">
  6. Did you figure out why the SESSION variable wasn't working? As mentioned in Barand's post, session_start() needs to be called at the beginning of the script(s), before using $_SESSION. Could you provide a little more information by what you mean by the "wrong way"? For example, let's say you have a "name" field where you want the person's name. And another website has a "name" field that asking for a product name. Well, if someone happens to fill that form out before yours, autocomplete tries to add the product name into your field. Is that the type of scenario we're talking about here? Isn't that basically what you're doing with the dynamic naming idea? The advantage with turning off auto complete is that it makes the code much simpler to manage in the long run. Just to clarify, the link maxxd provided shows how to tell the browser (for all users) that auto complete shouldn't be used. It's not the local setting that only turn auto complete off for you. Maxxd's link also shows that auto complete can be disabled for an entire for or a single input field. So there is some flexibility.
  7. What does the code for setting $sort look like? Have you tried setting PHP to show all errors and warnings? Perhaps that will provide a clue.
  8. I'm guessing that your external style sheet is stored in a different directory than the page where you used the inline style. The period technically works in both external style sheets and inline with the code. Just be aware that the period is relative to the document where they are used. For example, lets say your website structure looks like the following: Website root folder inc stylesheet.css img coins.png index.php Using "./img/coins.png" in your index.php file works. However, using that same code in stylesheet.css will not work because the browser is looking for an "img" folder within the "inc" folder. If you really want to use relative links, you would need to change stylesheet.css to "../img/coins.png" so that it's looking for the "img" folder in the parent directory. With that said, this gets much easier (and cleaner) with using root-relative links (e.g. "/img/coins.png"). Root-relative links start with a slash. Then if you ever move your CSS files or pages with inline styles, you don't need to worry about things like image links breaking.
  9. My knowledge of $_FILES is a bit rusty, but I'm confused by the following lines: $target_dir = ""; $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]); $target_file = "$get_current_user.jpg"; Based on the PHP manual, $_FILES["fileToUpload"]["name"] should give you the name of the uploaded file. That's where you would apply the strtolower() function. Note that $_FILES["fileToUpload"]["name"] should only give you the file name. You don't need to run the file name through the basename() function since there is not path to process. Also note that you are overwriting $target_file in the next line with "$get_current_user.jpg". So basically you no longer have the name of the uploaded file. I'm also not seeing where $get_current_user is defined. So I'm not really sure where you're getting a file name with an upper case letter. 😕
  10. @PatrickG19872019 - If you decide to go this route, switching your db_connection file to PDO, just be sure to review the rest of your website first. If there are other pages using db_connection and MySQLi, switching to PDO will break those pages. To prevent breaking existing pages, you could create another function like OpenPDOCon() for all your PDO stuff. Then you can update all your old pages to PDO at your leisure. Note that your existing CloseCon() function won't work with PDO. You would either need to create a separate function for closing PDO connections...or you could let PHP close the connection for you. Connections are automatically closed when the script is done executing.
  11. Thanks for the tip maxxd and kicken! I was just looking at switching $_SERVER['DOCUMENT_ROOT'] to dirname(__FILE__) and/or __DIR__. Be aware that they may not return the same value. The $_SERVER variable returns the value for the root folder. The other options return the value of whatever directory the user is in, which may or may not be the root folder. If the user is viewing "https://www.yourwebsite.com/about/", for example, __DIR__ will return something like "/home/webuser/yourwebsite.com/about". That's not going to work if I'm looking for "/home/webuser/yourwebsite.com". Perhaps using __DIR__ would be a way to make sure the SERVER value isn't corrupted.
  12. Are all of pages where you want this check to happen using a common file? Maybe you have some sort of template where you output the website header, navigation, footer, etc. If so, have you tried adding the check there?
  13. I should mention that you'll need to use something like $_SERVER['DOCUMENT_ROOT'] to reference the root value when importing code with things like "require" and "include". For example require "{$_SERVER['DOCUMENT_ROOT']}/style/navbar.php"; Without the $_SERVER variable, you'll get an error. Also, I just tried using an absolute link (e.g. https://www.yourdomain.com/style/navbar.php). Apparently, my server is configured to disallow URLs within things like "require" and "include". I don't know if that's a common configuration, but it's something to be aware of. Also, I've read a number of recommendations saying that PHP code should be stored outside of the root. Of course, that's not possible for all PHP since something needs to import the code into your web pages. However, code like your includes seem like perfect candidates for things to store outside the root. I don't know if it's possible to point absolute paths to something outside the root. I know that root-relative links can. In case you're interested, here's one explanation for storing PHP scripts outside the root. https://www.php.net/manual/en/security.php#33627
  14. I personally use root-relative links (vs absolute paths). That way if the domain name ever changes, you don't need to go through all your pages to update the links. I'm guessing that you are using "require" or "include" to import the information from scripts like navbar.php. To streamline those lines of code, you could consider setting the include path. More information can be found here: https://www.php.net/manual/en/function.set-include-path.php Absolute path would be something like "https://www.yourdomain.com/style/navbar.php". Root relative would be "/style/navbar.php".
  15. Are you familiar with other programming languages? Are you looking to know more about PHP? In other words, is this a new responsibility for you? Or maybe this is a short-time thing, where are you just trying to fix something? Assuming that you are looking to learn, is this a new website...or an established one? If it's new, you should probably dump the MySQLi code and go straight to PDO. If not, it would probably be better to learn more about MySQLi, for now. Assuming that's what your website typically uses. I'm guessing that's the case since your db_connection.php script uses MySQLi for connecting to the database in the OpenCon() function. That way you can learn from the existing database interactions using working examples. With that said, the call to your database connection script should be imported with "require". The database connection seems pretty crucial to the page being displayed properly. More information about using "require" and the differences between that and "include" can be found here: https://www.php.net/manual/en/function.require.php If/when you want to start using PDO, more information about establishing a connection to the database using that interface can be found here: https://www.php.net/manual/en/pdo.connections.php
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.