Jump to content

bsmither

Members
  • Posts

    213
  • Joined

  • Last visited

  • Days Won

    3

Everything posted by bsmither

  1. I will assume the code above is an accurate representation of what you actually have. So, $_SESSION['cart']['$key']['quantity']=$value; The $key is delimited by apostrophes (single quotes). Thus, PHP will not treat this as a variable name. In the HTML <form> block, your <input name="quantity"> is not structured as an array. If these inputs are meant to be an array, then the tag should be <input name="quantity[3]"> where 3 is the key index into the cart's array of inventory - probably the product_id value.
  2. If all this turns out sorted, maybe move the thread to whatever other forum is appropriate.
  3. Would any of these settings influence a GET value of 800+ characters for a given key? suhosin.get.max_name_length 64 suhosin.get.max_totalname_length 256 suhosin.get.max_value_length 512 suhosin.get.max_vars 100 suhosin.post.max_name_length 64 suhosin.post.max_totalname_length 256 suhosin.post.max_value_length 1000000 suhosin.post.max_vars 1000 suhosin.request.disallow_nul 1 suhosin.request.disallow_ws 0 suhosin.request.max_array_depth 50 suhosin.request.max_array_index_length 64 suhosin.request.max_totalname_length 256 suhosin.request.max_value_length 1000000 suhosin.request.max_varname_length 64 suhosin.request.max_vars 1000 suhosin.server.encode On suhosin.server.strip On
  4. I fed the querystring to my local system and it's all good. I modified the index.php file on the other system to show: 21:39:35UTC - 10/12/14 URI => '/index.php?_g=rm&type=gateway&cmd=process&module=SagePay&cart_order_id=141012-123456-0000&crypt=@5057f-800chars IP:PORT=>PORT => '94.x.y.z:80' COOKIE => 'abc' POST => '<empty>' GET => Array ( [_g] => rm [type] => gateway [cmd] => process [module] => SagePay [cart_order_id] => 141012-123456-0000 ) REQUEST => Array ( [_g] => rm [type] => gateway [cmd] => process [module] => SagePay [cart_order_id] => 141012-123456-0000 [__utma] => 123 [__utmc] => 456 [__utmz] => 789 [username] => abc@**.com [PHPSESSID] => abc ) I will agree 99% it's not a PHP setting. That still leaves a security add-on to PHP that may be the culprit. Any suspects come to mind? Would it even be possible? Would you think that parse_str() would not be affected by any such security addon, if that were the case?
  5. Test complete. 'crypt' is not in $_GET either. Five of the six key/values in this querystring survive.
  6. The $_SERVER["QUERY_STRING"] contains the missing key/value. That key/value is missing in the $_REQUEST array (as posted above, I assume it will also not be in the $_GET array, but I have a test in progress). In case it matters for PHP 5.3.28, the key's name is crypt and the value is 802 characters that starts with the @ character. This response comes from the SagePay payment processor. SagePay, a few years ago, had two types of encoded response - the type was indicated by the @ prefix. Since that time, the non-@ encoding method was shelved. I have to assume: * the length of the value did not change appreciably between the two encoding methods * if the @ prefix was causing large numbers of failures, it would have been discarded years ago * if the key name 'crypt' was causing large numbers of failures, it would have been changed years ago I am left to believe that a PHP setting (or a fault with PHP 5.3.28, or a security program setting) is not processing this key/value from the querystring into $_REQUEST (and possibly $_GET). More experiments to conduct.
  7. I have learned the web server is Litespeed, but the version is not yet known. Running PHP5.3.28. I will soon learn the results of $_SERVER["QUERY_STRING"]. Thank you.
  8. I am working with a fellow who runs an eCommerce shop. The transaction resolution comes in on a querystring. I do not yet know what web server software is being used, nor if any security appliance/software is installed. One of the values in the querystring starts with the @ character. We know the web server gets this as there entries in the web server's access log that shows thing value is present. It is not available in PHP's $_GET array. We are trying to get an idea of where this value, and it's key, is getting discarded. Is there a known problem with (actual server software being used not yet known) web server software discarding a key/value if the value has the @ character in the querystring?
  9. Sorry, I wasn't clear. I want a statement in file.php to exit out of a(). In other words, I do not want the last statement in a(), which is echo 'work';, to be executed at all.
  10. There is a function (that cannot be changed) which has an include: <?php function a() { include 'file.php'; echo 'work'; } ?> ==file.php== <?php echo 'play'; ## Need to leave a() now! ?> The included file can be changed. I would like a way for file.php to cause PHP to return out of the function a(). A return; statement in file.php has PHP pick up execution with the statement following include. What is there in PHP that will allow returning out of a() at some point in file.php?
  11. I would say array() is a 'language construct' and may best be thought of as a stack.
  12. The strategy I have seen is this: in a documents table, it contains all the relevant facts about the document, while in a second table, there is a reference to the document ID, a column to identify the language, and a column for each necessary phrase. Documents table: doc_id: 1 ..... Translations table: trans_id: 1 doc_id 1 lang: en-US title: Green Water ----------- trans_id: 2 doc_id: 1 lang: es-ES title: Aqua Verde ----------- trans_id: 3 doc_id: 1 lang: ar-AR title: [symbols]
  13. In post#2 above, how many bytes do you think the query string is? At the end of the query, I see [...] which means there is more than the string length limit for this line of error report. I will assert that the query is getting chopped off (truncated) as it is passing through the MySQL client to the server because it exceeds the string length limit. But my having absolutely no knowledge of Wordpress, I cannot make a suggestion as to where or why this SQL statement is being assembled. If you have control over the database, you may find a databse configuration setting that will let you pass a higher string length limit.
  14. PHP could parse the URL, but that would require the web server to be configured to run the PHP script on most anything. The most likely scenario is that the .htaccess file (Apache, or equivalent file for other web servers) has some rewrite rules that basically say: start with the ?, then use whatever follows (like, 'home') and reformat that to be index.php?page=home The PHP script index.php runs and the variable $_GET['page'] holds the page to render.
  15. I recently came across a paper on searching and sorting. One of the topics explained the difference between two approaches to the needle/haystack scenario: This query (I forget it's academic name): WHERE needle BETWEEN haystack_A AND haystack_B vs this query: WHERE haystack BETWEEN needle_A AND needle_B This reply is not an answer to your question, but the paper was very enlightening.
  16. I am sorry to say that your "Why don't you..." response is disagreeable to me on several levels. Primarily, if I were to have already accepted the inscrutable reality of all of this and dumped my initial (and still current) environment, I would have gone the "can't be bothered to understand" user route and installed a preconfigured LAMP image (similar to pfSense).
  17. Stumbled across this stack: WempServer Claims to have PHP-FPM, and indeed, once installed, I see the php-fpm.exe file. I put the executable in my PHP 5.5.6 x64 folder but realize this WempServer stack is x86. So I create a PHP 5.5.14 x86 folder and use that. Just to what would happen, I started (double-clicked on) the php-fpm.exe file. I get a custom (that is, not within the cmd window) alert window that says the proper usage is: php\php-fpm -b 9000 (1-65535) which I take to mean I can use any number between 1 and 65525 instead of 9000. This command format is almost identical to the php-cgi command line format, I figure it should work, and if it doesn't, I would expect a more detailed cause of what's wrong. But, no!! Every time I try to start this puppy, I get the Incorrect Usage window (as I said, a custom alert window with "See website for info"). There is no info! Q: Will php-fpm.exe run, if given proper command line parameters, without a php-fpm.conf file? (php.ini is in the installed directory)
  18. Been to that site as well. It is virtually abandoned and completely irrelevant. The documentation and support that is supposed to be at the main PHP website is incredibly sparse. In PHP 5.5.6, phpinfo(), says, in parts: Configure Command cscript /nologo configure.js "--enable-snapshot-build" "--enable-debug-pack" "--disable-zts" "--disable-isapi" "--disable-nsapi" "--without-mssql" "--without-pdo-mssql" "--without-pi3web" "--with-pdo-oci=C:\php-sdk\oracle\instantclient10\sdk,shared" "--with-oci8=C:\php-sdk\oracle\instantclient10\sdk,shared" "--with-oci8-11g=C:\php-sdk\oracle\instantclient11\sdk,shared" "--with-enchant=shared" "--enable-object-out-dir=../obj/" "--enable-com-dotnet=shared" "--with-mcrypt=static" "--disable-static-analyze" "--with-pgo" Server API CGI/FastCGI SAPI Modules Contribution: Authors CGI / FastCGI: Rasmus Lerdorf, Stig Bakken, Shane Caraveo, Dmitry Stogov FastCGI Process Manager: Andrei Nigmatulin, dreamcat4, Antony Dovgal, Jerome Loyet ISAPI: Andi Gutmans, Zeev Suraski NSAPI: Jayakumar Muthukumarasamy, Uwe Schindler I notice how the configure disables isapi and nsapi, yet the modules are still listed in the credits. That leads me to believe that even though FPM is listed in the credits, that is not to assume the module is compiled in. Also, there is no distinct section for FPM, like 'filter', 'ftp', and 'gd'. I have a file called 'snapshot.txt' (came with the PHP package) that lists all the built-in extensions. FPM isn't listed. So, I appreciate the replies, but they are not an answer to the request.
  19. Nope. For Windows, with FPM compiled in it. I've been to windows.php.net/download/ numerous times (see http://forums.phpfreaks.com/topic/288497-release-variants-of-php/), tried a large number of packages. I need the FPM compiled in it. I've not found a repository that explicitly or implicitly hints that FPM is compiled in the binary -- or however it comes.
  20. I need a location where I can download a build of PHP 5.4 or 5.5 for Windows (Server 2008) with FPM compiled within it.
  21. "I can't set my php environment variable." I don't run Win7, so however you get to add/edit Environment Variables. There should be a button that says New for System Variables. Click it. In my XP system, the Variable name is PHPRC, and the Variable value would be E:\Program Files\EasyPHP-12.1\php\php546x121019214357 From what little I know of EasyPHP, I would have thought the installer would have made this variable during installation.
  22. I have experience with this issue. For me, the cause is due to my mailing list, while having unique email addresses (I make sure to de-dupe), there are instances where more than one email address belongs to one person - a main address and any number of alternate addresses. The customer, knowingly or absent-mindedly, forwards all the alternate addresses to the main address. In forwarding, some email managers happen to mangle the headers so that the original address is replaced with the main address - thus no way to trace back the To: or Envelope For: headers - if the recipient knows how to get at that info. I had to add boilerplate at the end of the email body to positively identify the email address that the customer wanted to have removed. (That said, a professional mailer service, such as Constant Contact, will have all the auto-unsubscribe data in the email.)
  23. "You should be specifying the columns that you want." With a general solution, the desired approach would accommodate most situations. I do want all fields. And I may not know what they are in every situation. "All the columns you have selected are actually in the result set sent to php." I concur. That's why I am blaming the database class (which I am not going to change). "You would need to dynamically produce the query statement using php, defining lists of what you want." Fortunately, the database class has a showColumns($table) method. It's a step that, while not onerous, I did not want to complicate the general algorithm. But then, to make it general, perhaps it is necessary. I will try make the construction of a dynamic column list in PHP.
  24. I have an existing two table structure where sub-data is related to main data in a many-to-one relationship. There are several identically named columns in both tables. (The PHP database class will return an associative array that did not deal with identical keys in the row.) I'm LEFT JOINing the sub-data to the main-data tables. When using a stand-alone query browser (to experiment), the display shows all columns, even those column names that appear more than once in the row. Is there a general approach to making keys (column names) unique strictly using a MySQL SELECT statement? Perhaps using table aliases, how can I concat the alias to the columns that come from each table? What I am trying to avoid is giving an alias to each column in a list of column names, such as: SELECT C.name AS C_name C.numb AS C_numb D.name AS D_name D.numb AS D_numb etc. I am wanting more like the result one could guess would be from: C.* AS C_* D.* AS D_* Or better: * AS CONCAT(__TABLE__, '_', *) if __TABLE was a magic constant (like PHP's __LINE__, __FILE__, etc).
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.