Jump to content

phreak3r

Members
  • Content Count

    105
  • Joined

  • Last visited

Community Reputation

1 Neutral

About phreak3r

  • Rank
    Advanced Member

Recent Profile Visitors

389 profile views
  1. How would you sanitize input without changing or mangling it?
  2. Never sanitize input, correct? I had asked the folks over at #php@freenode about that and they suggested I not sanitize input data.
  3. How can I go about validating a form in PHP? I am trying to do so, but I am clueless as to how to structure it.
  4. Do I only have to use Dependency Injection and pass in the instance of the helper class when the function I want to call contains a parameter? I did something similar, but the other function did not contain a parameter. Yet, the call to the function without the parameter went through and the function with the parameter gives me an error. Just trying to make sense of this.
  5. I am having an error here with my code/script. I try and call sanitizeData($data) from functions.php class in createUser.php class. I end up with an expected 'new' T_NEW error. createUser.php file <?php require('dbcon/dbcon.php'); include('fileUpload.php'); include('functions.php'); class createUser { public $functionsClassInstance = new helperFunctions(); public $avatar; public $bio; public $video_count; public $c_status; public $usernameI; public $username; public $password; public $email; public $doc; public $last_logged_in; public function addUser(PDO $pdo) { // add user info to db $avatar = "/soapbox/assets/soap.jpg"; $usernameI = $_POST['username']; $username = $functionsClassInstance->sanitizeData($usernameI); //$username = strip_tags(trim($_POST['username'];)) $password = password_hash($_POST['password'], PASSWORD_DEFAULT); $bio = $_POST['bio']; $email = $_POST['email']; $c_status = 0; date_default_timezone_set('UTC'); $doc = date("Y-m-d h:i:s"); // account date last seen/logged in // add account age $query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio, doc, avatar) VALUES (:username, :password, :email, :cstat, :bio, :doc, :avatar)"); $query->bindValue(':username', $username); $query->bindValue(':password', $password); $query->bindValue(':email', $email); $query->bindValue(':doc', $doc); $query->bindValue(':bio', $bio); $query->bindValue(':cstat', $c_status); $query->bindValue(':avatar', $avatar); // if user uploads file, add path and file to database and server, if not revert to default. if ($_FILES["avatar"]["error"] == 4) { $query->execute(); } elseif ($_FILES["avatar"]["error"] != 4) { $file = new fileUpload(); $file->processFile(); $avatar = "/soapbox/uploads/" . $_FILES["avatar"]["name"]; $query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio, doc, avatar) VALUES (:username, :password, :email, :cstat, :bio, :doc, :avatar)"); $query->bindValue(':username', $username); $query->bindValue(':password', $password); $query->bindValue(':email', $email); $query->bindValue(':doc', $doc); $query->bindValue(':bio', $bio); $query->bindValue(':cstat', $c_status); $query->bindValue(':avatar', $avatar); $query->execute(); } // create variables // initialize variables // bind values of variables being entered into database } } // this file is responsible for creating the users ?> functions.php class <?php // Functions are stored here // Any code that is repeated more than once is put into a function to make my life easier // The start of going from procedural to OOP // checks if user is logged in or not, limits access to certain pages in/on site. class helperFunctions { function sanitizeData($data) { strip_tags($data); trim($data); return $data; } } ?>
  6. Yeah, it is loading the /etc/php.ini file.
  7. kicken, sqlite and odbc only show up for the enabled drivers. Well, I can take back my earlier claim of being sure that the extensions were enabled. I do have them installed to my knowledge when taking a look at /etc/php.ini, I see among the many extensions: mysql.so, mysqli.so, pdo.so, pdo_mysql.so, pdo_sqlite.so and pdo_odbc.so
  8. I chose this category as I thought my topic would best fit here. I am running 14.2 Slackware Linux with the latest version of PHP. In the error log, I receive the error: Uncaught PDOException: could not find driver in 'x file path'. I am positive that I have the required extensions and modules installed and enabled. Here is my code for the user.php class where I take the user information and add it to the database: <?php require('dbcon/dbcon.php'); class User { public $avatar; public $bio; public $video_count; public $c_status; public $username; public $password; public $email; public $doc; public $last_logged_in; //if ($_SERVER['REQUEST_METHOD'] == 'POST') { public function addUser(PDO $pdo) { // add user info to db $username = $_POST['username']; $password = password_hash($_POST['password'], PASSWORD_DEFAULT); $bio = $_POST['bio']; $email = $_POST['email']; $c_status = 0; $doc = date("Y-m-d h:i:s"); // account date last seen/logged in // add account age $query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio, doc) VALUES (:username, :password, :email, :cstat, :bio, :doc)"); $query->bindValue(':username', $username); $query->bindValue(':password', $password); $query->bindValue(':email', $email_address); $query->bindValue(':doc', $doc); $query->bindValue(':bio', $bio); $query->bindValue(':cstat', $c_status); $query->execute(); // create variables // initialize variables // bind values of variables being entered into database } // addUser($pdo); //} // isLoggedIn - checks if user is logged in or not // getUser - returns/gets user??? // avatar // bio // registration date // video count // last logged in // username // email address } ?> Here is my code for the dbcon.php class where the database connection is made: <?php $host = "localhost"; $database = "soapbox"; $username = "drb"; $password = "m1n3craft"; // Create connection try { $pdo = new PDO('mysql:host=localhost;dbname=soapbox;', $username, $password); } catch (PDOExcpetion $e) { print "Error!: " . $e.getMessage() . "<br/>"; die(); } /* Print error message and or code to the screen if there is an error. */ ?> and the code for the confirmation.php class where the data is displayed temporarily: <?php include('header.php'); include('user.php'); require('dbcon/dbcon.php'); //include('functions.php'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $user = new User(); $user->addUser(); // if username exists do not continue... } ?> <!DOCTYPE html> <html> <head> <title>soapbox - confirmation</title> </head> <br> <?php $username = $_POST['username']; $email = $_POST['email']; $format = "The data provided has been sent to the server and is being inserted into the database. In order to complete the process, %s, we need you to confirm your account. If not confirmed, your account will be deleted a month from the marked registration date. We have sent you an email at %s, the provided email upon registration. Thank you and cheers! - The Staff at Soapbox"; echo sprintf($format, $username, $email); session_destroy(); ?> </body> </html>
  9. An example? Please and thank you!
  10. Sarcastic and cynical. Mmmm...my favorite flavor! What is the difference between my canned messages and using an array to 'save' generated messages? I am the kind of person that needs things further simplified sometimes.
  11. So it is not the same as my array holding defined error messages? I might have an idea of what you mean, but for the most part I do not. How would this help? In my mind, PHP is a language where you are simply manipulating arrays, that's all. At least that is how I interpret it.
  12. mac_gyver, that worked, I am still getting an error, but at least there isn't any of the null business.
  13. The Loaded Configuration File is /etc/php/7.2/apache2/php.ini. Both master and local are 8M. I modified the drb@z10n:/etc/php/7.2/cli path. 😕
  14. ginerjm, I think the form is valid. I will scour the Internet for some similar problems.
  15. Yes, it does. I made a simple mistake and added a semicolon after the variable. For example : echo $a; "<br>";
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.