phreak3r

@requinix I'm going to use as many tags as I need to. When I figure out a way to not have to use more than one I will eliminate one of the two. I didn't know inline event handlers were already outdated, I don't follow the corporation or industry standards. I guess I'll just figure it out. Thanks for the response though.

I am trying to delete some videos. The videos are echo'd out individually with their own 'delete' input. The input value takes the id of the video, I didn't know of any other work around for that. I'd like to delete the video that corresponds with the button pressed, if that makes sense. Anyways, I would like to delete the video where the video id is equal to the video id of the input or the value of the input pressed. I am positive the way I am carrying this out is not correct, as I am thrown an 'index undefined error'. Here is the disgusting code at hand. Recommendations are appreciated, but please try and keep answers in line with the relevant information given. Thank You. <?php error_reporting(-1); ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); require('dbcon/dbcon.php'); include('header.php'); include('user.php'); $channel_id = $_SESSION['channel_id']; $query = $pdo->prepare("SELECT * FROM videos001 WHERE uploader = :channel_id"); $query->bindValue('channel_id', $_SESSION['channel_id']); $query->execute(); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $title = $row['video_title']; $video_path = $row['video_path']; $video_id = $row['video_id']; /* - get videos of user - display videos out onto page */ ?> <html> <body> <div class="content"> <form method="post"> <h3><?php echo $title; ?></h3> <input type="button" name="delete" id="delete" value="<?php echo $video_id;?>" onclick="deleteVideo()"> </form> </div> </body> </html> <?php } function removeVideoFromFilesystem(PDO $pdo, $video_path, $video_id) { //chdir($video_path); //unlink($video_id . ".mp3"); $query = $pdo->prepare("DELETE from videos001 where video_id = :video_id"); $query->bindValue(':video_id', $_POST['delete']); $query->execute(); } if (isset($_POST['call_func'])) { removeVideoFromFileSystem($pdo, $video_path, $_POST['delete']); } ?> <html> <head> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script> <script> function deleteVideo() { $.ajax({ url: 'dashboard.php', type: 'post', data: {"call_func":"1"}, success: function(response) { console.log(response); } }); } </script> </head> <body><?php print_r($_POST['delete']); ?></body> </html>

I ended up copying the function from a StackOverflow answer. I am not familiar with some of the operations used in this function, but I will make an attempt to re-write it.

@gw1500se When you upload a video to YouTube it tells you 'uploaded x seconds ago' 'uploaded x minutes ago'. I am trying to implement that feature to display the elapsed time, since each file upload if that makes sense.

I wrote a function that grabs the elapsed time of a recently uploaded video. However, the time does not seem to increment. For example, if I upload a video, the time will display as '1 second'. However, if I continuously refresh the page, the time does not increment or increase. Any way to fix this? I figured I'd have to put it in some kind of loop (I do call the function in another class). function getElapsedTime($time) { $time = time() - $time; // get time since video upload date $time = ($time < 1) ? 1 : $time; $tokens = array( 31536000 => 'year', 2592000 => 'month', 604800 => 'week', 86400 => 'day', 3600 => 'hour', 60 => 'minute', 1 => 'second' ); foreach ($tokens as $unit => $text) { if ($time < $unit) continue; $numberOfUnits = floor($time / $unit); return $numberOfUnits . ' ' . $text . (($numberOfUnits > 1) ? 's' : ''); } }

How would you sanitize input without changing or mangling it?

Never sanitize input, correct? I had asked the folks over at #php@freenode about that and they suggested I not sanitize input data.

How can I go about validating a form in PHP? I am trying to do so, but I am clueless as to how to structure it.

Do I only have to use Dependency Injection and pass in the instance of the helper class when the function I want to call contains a parameter? I did something similar, but the other function did not contain a parameter. Yet, the call to the function without the parameter went through and the function with the parameter gives me an error. Just trying to make sense of this.

I am having an error here with my code/script. I try and call sanitizeData($data) from functions.php class in createUser.php class. I end up with an expected 'new' T_NEW error. createUser.php file <?php require('dbcon/dbcon.php'); include('fileUpload.php'); include('functions.php'); class createUser { public $functionsClassInstance = new helperFunctions(); public $avatar; public $bio; public $video_count; public $c_status; public $usernameI; public $username; public $password; public $email; public $doc; public $last_logged_in; public function addUser(PDO $pdo) { // add user info to db $avatar = "/soapbox/assets/soap.jpg"; $usernameI = $_POST['username']; $username = $functionsClassInstance->sanitizeData($usernameI); //$username = strip_tags(trim($_POST['username'];)) $password = password_hash($_POST['password'], PASSWORD_DEFAULT); $bio = $_POST['bio']; $email = $_POST['email']; $c_status = 0; date_default_timezone_set('UTC'); $doc = date("Y-m-d h:i:s"); // account date last seen/logged in // add account age $query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio, doc, avatar) VALUES (:username, :password, :email, :cstat, :bio, :doc, :avatar)"); $query->bindValue(':username', $username); $query->bindValue(':password', $password); $query->bindValue(':email', $email); $query->bindValue(':doc', $doc); $query->bindValue(':bio', $bio); $query->bindValue(':cstat', $c_status); $query->bindValue(':avatar', $avatar); // if user uploads file, add path and file to database and server, if not revert to default. if ($_FILES["avatar"]["error"] == 4) { $query->execute(); } elseif ($_FILES["avatar"]["error"] != 4) { $file = new fileUpload(); $file->processFile(); $avatar = "/soapbox/uploads/" . $_FILES["avatar"]["name"]; $query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio, doc, avatar) VALUES (:username, :password, :email, :cstat, :bio, :doc, :avatar)"); $query->bindValue(':username', $username); $query->bindValue(':password', $password); $query->bindValue(':email', $email); $query->bindValue(':doc', $doc); $query->bindValue(':bio', $bio); $query->bindValue(':cstat', $c_status); $query->bindValue(':avatar', $avatar); $query->execute(); } // create variables // initialize variables // bind values of variables being entered into database } } // this file is responsible for creating the users ?> functions.php class <?php // Functions are stored here // Any code that is repeated more than once is put into a function to make my life easier // The start of going from procedural to OOP // checks if user is logged in or not, limits access to certain pages in/on site. class helperFunctions { function sanitizeData($data) { strip_tags($data); trim($data); return $data; } } ?>

Yeah, it is loading the /etc/php.ini file.

kicken, sqlite and odbc only show up for the enabled drivers. Well, I can take back my earlier claim of being sure that the extensions were enabled. I do have them installed to my knowledge when taking a look at /etc/php.ini, I see among the many extensions: mysql.so, mysqli.so, pdo.so, pdo_mysql.so, pdo_sqlite.so and pdo_odbc.so

I chose this category as I thought my topic would best fit here. I am running 14.2 Slackware Linux with the latest version of PHP. In the error log, I receive the error: Uncaught PDOException: could not find driver in 'x file path'. I am positive that I have the required extensions and modules installed and enabled. Here is my code for the user.php class where I take the user information and add it to the database: <?php require('dbcon/dbcon.php'); class User { public $avatar; public $bio; public $video_count; public $c_status; public $username; public $password; public $email; public $doc; public $last_logged_in; //if ($_SERVER['REQUEST_METHOD'] == 'POST') { public function addUser(PDO $pdo) { // add user info to db $username = $_POST['username']; $password = password_hash($_POST['password'], PASSWORD_DEFAULT); $bio = $_POST['bio']; $email = $_POST['email']; $c_status = 0; $doc = date("Y-m-d h:i:s"); // account date last seen/logged in // add account age $query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio, doc) VALUES (:username, :password, :email, :cstat, :bio, :doc)"); $query->bindValue(':username', $username); $query->bindValue(':password', $password); $query->bindValue(':email', $email_address); $query->bindValue(':doc', $doc); $query->bindValue(':bio', $bio); $query->bindValue(':cstat', $c_status); $query->execute(); // create variables // initialize variables // bind values of variables being entered into database } // addUser($pdo); //} // isLoggedIn - checks if user is logged in or not // getUser - returns/gets user??? // avatar // bio // registration date // video count // last logged in // username // email address } ?> Here is my code for the dbcon.php class where the database connection is made: <?php $host = "localhost"; $database = "soapbox"; $username = "drb"; $password = "m1n3craft"; // Create connection try { $pdo = new PDO('mysql:host=localhost;dbname=soapbox;', $username, $password); } catch (PDOExcpetion $e) { print "Error!: " . $e.getMessage() . "<br/>"; die(); } /* Print error message and or code to the screen if there is an error. */ ?> and the code for the confirmation.php class where the data is displayed temporarily: <?php include('header.php'); include('user.php'); require('dbcon/dbcon.php'); //include('functions.php'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $user = new User(); $user->addUser(); // if username exists do not continue... } ?> <!DOCTYPE html> <html> <head> <title>soapbox - confirmation</title> </head> <br> <?php $username = $_POST['username']; $email = $_POST['email']; $format = "The data provided has been sent to the server and is being inserted into the database. In order to complete the process, %s, we need you to confirm your account. If not confirmed, your account will be deleted a month from the marked registration date. We have sent you an email at %s, the provided email upon registration. Thank you and cheers! - The Staff at Soapbox"; echo sprintf($format, $username, $email); session_destroy(); ?> </body> </html>

An example? Please and thank you!

Sarcastic and cynical. Mmmm...my favorite flavor! What is the difference between my canned messages and using an array to 'save' generated messages? I am the kind of person that needs things further simplified sometimes.

So it is not the same as my array holding defined error messages? I might have an idea of what you mean, but for the most part I do not. How would this help? In my mind, PHP is a language where you are simply manipulating arrays, that's all. At least that is how I interpret it.

mac_gyver, that worked, I am still getting an error, but at least there isn't any of the null business.

The Loaded Configuration File is /etc/php/7.2/apache2/php.ini. Both master and local are 8M. I modified the drb@z10n:/etc/php/7.2/cli path. ?

ginerjm, I think the form is valid. I will scour the Internet for some similar problems.

Yes, it does. I made a simple mistake and added a semicolon after the variable. For example : echo $a; "<br>";

Okay, well I tried using "." but that did not really seem to work. Thank you for your contribution. I know many of my previous posts may display the behavior "IT'S BROKEN! HELP!", but I am genuinely trying to understand this all.

Apparently there is nothing in the array. Array ( ) And why is a comma used instead of a period in reference to the echo "<pre>",print_r($_POST, true),"</pre>"; line?

If you really want to see the whole code, here it goes. I could do with some better erm...organization/structure? It is such a big script, so I tried to refrain from including it. <?php include('header.php'); require('dbcon/dbcon.php'); include('functions.php'); isLoggedIn(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Error declaration $error = ["Your file is too big!", "There was an error uploading your file!", "Cannot upload file of this type!", "Empty fields!"]; // Process POST variables $videoTitle = $_POST['video_title']; $videoDesc = $_POST['textarea-videoDesc']; // Process session variable $username = $_SESSION['username']; // file upload stuff... $file = $_FILES['videoFile']; $fileName = $file['name']; $fileTmpName = $file['tmp_name']; $fileSize = $file['size']; $fileError = $file['error']; $fileType = $file['type']; $fileExt = explode('.', $fileName); $fileActualExt = strtolower(end($fileExt)); $allowed = array('mp4', 'mov', 'mkv'); if (in_array($fileActualExt, $allowed)) { if ($fileError === 0) { if ($fileSize < 2000000) { $fileNameNew = $username . "." . $fileActualExt; $fileDestination = "channel/" . $username . "/videos/" . $fileNameNew; move_uploaded_file($fileTmpName, $fileDestination); } else { echo $error[0]; } } else { echo $error[1]; } } else if (!$allowed) { echo $error[2]; } //////////////////////////////////////////////////////////////////// $thumbnailImageFile = $_FILES['thumbnailImage']; $thumbnailImageName = $_FILES['thumbnailImage']['name']; $thumbnailImageTmpName = $_FILES['thumbnailImage']['tmp_name']; $thumbnailImageSize = $_FILES['thumbnailImage']['size']; $thumbnailImageError = $_FILES['thumbnailImage']['error']; $thumbnailImageType = $_FILES['thumbnailImage']['type']; $thumbnailImageExt = explode('.', $thumbnailImageName); $thumbnailImageActualExt = strtolower(end($thumbnailImageExt)); $allowedThumbnailFileExts = array('png', 'jpg', 'jpeg'); if (in_array($thumbnailImageActualExt, $allowedThumbnailFileExts)) { if ($thumbnailImageError === 0) { if ($thumbnailImageSize < 200000000) { $thumbnailImageNameNew = $username . "thumbnailImage" . uniqid('', true). "." . $thumbnailImageActualExt; $thumbnailImageDestination = 'uploads/thumbnails/' . $thumbnailImageNameNew; move_uploaded_file($thumbnailImageTmpName, $thumbnailImageDestination); } else { echo $error[0]; } } else { echo $error[1]; } } else if (!$allowed) { echo $error[2]; } if (isset($file) && $fileSize != 0 /*&& $thumbnailImageSize != 0*/ && !empty($videoTitle)) { $sql = $pdo->prepare("INSERT into videos001 (uploader, video, thumbnail, video_title, video_desc) VALUES (:username, :fileDestination, :thumbnailImageDestination, :videoTitle, :videoDesc)"); $sql->bindValue(':username', $username); $sql->bindValue(':fileDestination', $fileDestination); $sql->bindValue(':thumbnailImageDestination', $thumbnailImageDestination); $sql->bindValue(':videoTitle', $videoTitle); $sql->bindValue(':videoDesc', $videoDesc); $sql->execute(); header('Location: /soapbox/upload.php?success'); } else { echo $error[3]; var_dump($file, $videoTitle, $videoDesc); } } // end of if server method... // TODO: if there's no thumbnail, do not upload video, let user know to put in a thumbnail ?> <!DOCTYPE html> <html> <head> <title>soapbox - upload</title> </head> <body> <form action="upload.php" method="POST" enctype="multipart/form-data" multiple><br> <p>Video File:</p><input type="file" name="videoFile" id="fileToUpload"><br> <p>Thumbnail Image File: </p><input type="file" name="thumbnailImage"><br> <p>Video Title: </p><input type="text" name="video_title" id="videoTitle" placeholder="Video title"><br> <p>Video Description</p><textarea name="textarea-videoDesc" placeholder="Video description..." rows="7" style="resize: none;"></textarea><br> <br><input type="submit" name="uploadBtn" value="Upload"> </form> </body> </html>

I restarted the Apache2 service. Oh! I am so sorry, I forgot to add in the script, here you go. if (isset($file) && $fileSize != 0 /*&& $thumbnailImageSize != 0*/ && !empty($videoTitle)) { $sql = $pdo->prepare("INSERT into videos001 (uploader, video, thumbnail, video_title, video_desc) VALUES (:username, :fileDestination, :thumbnailImageDestination, :videoTitle, :videoDesc)"); $sql->bindValue(':username', $username); $sql->bindValue(':fileDestination', $fileDestination); $sql->bindValue(':thumbnailImageDestination', $thumbnailImageDestination); $sql->bindValue(':videoTitle', $videoTitle); $sql->bindValue(':videoDesc', $videoDesc); $sql->execute(); header('Location: /soapbox/upload.php?success'); } else { echo $error[3]; var_dump($file, $videoTitle, $videoDesc); }

I am working on a video-hosting site, something akin to YouTube. I converted whatever MySQLi I had to PDO. This piece of particular code is responsible for checking if the fields are filled in; then proceeds to upload the files and inserts data into the database. The code jumps straight to the error I created which is "empty fields". The var_dump prints out as null all the way. I cannot seem to figure out where the problem lies. I would say it could be that the file is not set? I am not quite sure. Here is what the log gives me: [Sat Feb 16 00:19:35.575770 2019] [php7:warn] [pid 16239] [client 127.0.0.1:42504] PHP Warning: POST Content-Length of 12263648 bytes exceeds the limit of 8388608 bytes in Unknown on line 0, referer: http://localhost/soapbox/upload.php [Sat Feb 16 00:19:35.576769 2019] [php7:notice] [pid 16239] [client 127.0.0.1:42504] PHP Notice: Undefined index: video_title in /var/www/html/soapbox/upload.php on line 15, referer: http://localhost/soapbox/upload.php [Sat Feb 16 00:19:35.576805 2019] [php7:notice] [pid 16239] [client 127.0.0.1:42504] PHP Notice: Undefined index: textarea-videoDesc in /var/www/html/soapbox/upload.php on line 16, referer: http://localhost/soapbox/upload.php [Sat Feb 16 00:19:35.576811 2019] [php7:notice] [pid 16239] [client 127.0.0.1:42504] PHP Notice: Undefined index: videoFile in /var/www/html/soapbox/upload.php on line 22, referer: http://localhost/soapbox/upload.php [Sat Feb 16 00:19:35.576829 2019] [php7:notice] [pid 16239] [client 127.0.0.1:42504] PHP Notice: Undefined index: thumbnailImage in /var/www/html/soapbox/upload.php on line 51, referer: http://localhost/soapbox/upload.php [Sat Feb 16 00:19:35.576845 2019] [php7:notice] [pid 16239] [client 127.0.0.1:42504] PHP Notice: Undefined index: thumbnailImage in /var/www/html/soapbox/upload.php on line 52, referer: http://localhost/soapbox/upload.php [Sat Feb 16 00:19:35.576849 2019] [php7:notice] [pid 16239] [client 127.0.0.1:42504] PHP Notice: Undefined index: thumbnailImage in /var/www/html/soapbox/upload.php on line 53, referer: http://localhost/soapbox/upload.php [Sat Feb 16 00:19:35.576854 2019] [php7:notice] [pid 16239] [client 127.0.0.1:42504] PHP Notice: Undefined index: thumbnailImage in /var/www/html/soapbox/upload.php on line 54, referer: http://localhost/soapbox/upload.php [Sat Feb 16 00:19:35.576858 2019] [php7:notice] [pid 16239] [client 127.0.0.1:42504] PHP Notice: Undefined index: thumbnailImage in /var/www/html/soapbox/upload.php on line 55, referer: http://localhost/soapbox/upload.php [Sat Feb 16 00:19:35.576862 2019] [php7:notice] [pid 16239] [client 127.0.0.1:42504] PHP Notice: Undefined index: thumbnailImage in /var/www/html/soapbox/upload.php on line 56, referer: http://localhost/soapbox/upload.php I have changed the allotted sizes in the php.ini file, so that rules out the POST Content-Length problem, I think. Here are the "undefined indexes": $videoTitle = $_POST['video_title']; $videoDesc = $_POST['textarea-videoDesc']; $file = $_FILES['videoFile']; $thumbnailImageName = $_FILES['thumbnailImage']['name']; $thumbnailImageTmpName = $_FILES['thumbnailImage']['tmp_name']; $thumbnailImageSize = $_FILES['thumbnailImage']['size']; $thumbnailImageError = $_FILES['thumbnailImage']['error']; $thumbnailImageType = $_FILES['thumbnailImage']['type']; $thumbnailImageExt = explode('.', $thumbnailImageName); And the corresponding form names to go with them: <form action="upload.php" method="POST" enctype="multipart/form-data" multiple><br> <p>Video File:</p><input type="file" name="videoFile" id="fileToUpload"><br> <p>Thumbnail Image File: </p><input type="file" name="thumbnailImage"><br> <p>Video Title: </p><input type="text" name="video_title" id="videoTitle" placeholder="Video title"><br> <p>Video Description</p><textarea name="textarea-videoDesc" placeholder="Video description..." rows="7" style="resize: none;"></textarea><br> <br><input type="submit" name="uploadBtn" value="Upload"> </form>