phreak3r
-
Posts
110 -
Joined
-
Last visited
Posts posted by phreak3r
-
-
I am trying to delete some videos. The videos are echo'd out individually with their own 'delete' input. The input value takes the id of the video, I didn't know of any other work around for that.
I'd like to delete the video that corresponds with the button pressed, if that makes sense. Anyways, I would like to delete the video where the video id is equal to the video id of the input or the value of the input pressed.
I am positive the way I am carrying this out is not correct, as I am thrown an 'index undefined error'.
Here is the disgusting code at hand. Recommendations are appreciated, but please try and keep answers in line with the relevant information given. Thank You.
<?php error_reporting(-1); ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); require('dbcon/dbcon.php'); include('header.php'); include('user.php'); $channel_id = $_SESSION['channel_id']; $query = $pdo->prepare("SELECT * FROM videos001 WHERE uploader = :channel_id"); $query->bindValue('channel_id', $_SESSION['channel_id']); $query->execute(); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $title = $row['video_title']; $video_path = $row['video_path']; $video_id = $row['video_id']; /* - get videos of user - display videos out onto page */ ?> <html> <body> <div class="content"> <form method="post"> <h3><?php echo $title; ?></h3> <input type="button" name="delete" id="delete" value="<?php echo $video_id;?>" onclick="deleteVideo()"> </form> </div> </body> </html> <?php } function removeVideoFromFilesystem(PDO $pdo, $video_path, $video_id) { //chdir($video_path); //unlink($video_id . ".mp3"); $query = $pdo->prepare("DELETE from videos001 where video_id = :video_id"); $query->bindValue(':video_id', $_POST['delete']); $query->execute(); } if (isset($_POST['call_func'])) { removeVideoFromFileSystem($pdo, $video_path, $_POST['delete']); } ?> <html> <head> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script> <script> function deleteVideo() { $.ajax({ url: 'dashboard.php', type: 'post', data: {"call_func":"1"}, success: function(response) { console.log(response); } }); } </script> </head> <body><?php print_r($_POST['delete']); ?></body> </html>
-
1 hour ago, requinix said:
You're return;ing inside the loop.
The whole function is actually kinda wrong. Try again. Without a loop.
I ended up copying the function from a StackOverflow answer. I am not familiar with some of the operations used in this function, but I will make an attempt to re-write it.
-
@gw1500se When you upload a video to YouTube it tells you 'uploaded x seconds ago' 'uploaded x minutes ago'. I am trying to implement that feature to display the elapsed time, since each file upload if that makes sense.
-
I wrote a function that grabs the elapsed time of a recently uploaded video. However, the time does not seem to increment. For example, if I upload a video, the time will display as '1 second'.
However, if I continuously refresh the page, the time does not increment or increase. Any way to fix this? I figured I'd have to put it in some kind of loop (I do call the function in another class).
function getElapsedTime($time) { $time = time() - $time; // get time since video upload date $time = ($time < 1) ? 1 : $time; $tokens = array( 31536000 => 'year', 2592000 => 'month', 604800 => 'week', 86400 => 'day', 3600 => 'hour', 60 => 'minute', 1 => 'second' ); foreach ($tokens as $unit => $text) { if ($time < $unit) continue; $numberOfUnits = floor($time / $unit); return $numberOfUnits . ' ' . $text . (($numberOfUnits > 1) ? 's' : ''); } }
-
On 7/29/2019 at 1:41 PM, ginerjm said:
Never sanitize input data? Why on earth would you NOT do that? Hackers can put anything into an input field and your script has to be prepared to handle it or face the consequences. The rule might be 'never alter input'. But for sure you have to sanitize it to avoid damage to your database or whatever your script is doing with the data.
How would you sanitize input without changing or mangling it?
-
Never sanitize input, correct? I had asked the folks over at #php@freenode about that and they suggested I not sanitize input data.
-
How can I go about validating a form in PHP? I am trying to do so, but I am clueless as to how to structure it.
-
Do I only have to use Dependency Injection and pass in the instance of the helper class when the function I want to call contains a parameter? I did something similar, but the other function did not contain a parameter. Yet, the call to the function without the parameter went through and the function with the parameter gives me an error. Just trying to make sense of this.
-
I am having an error here with my code/script. I try and call sanitizeData($data) from functions.php class in createUser.php class. I end up with an expected 'new' T_NEW error.
createUser.php file
<?php require('dbcon/dbcon.php'); include('fileUpload.php'); include('functions.php'); class createUser { public $functionsClassInstance = new helperFunctions(); public $avatar; public $bio; public $video_count; public $c_status; public $usernameI; public $username; public $password; public $email; public $doc; public $last_logged_in; public function addUser(PDO $pdo) { // add user info to db $avatar = "/soapbox/assets/soap.jpg"; $usernameI = $_POST['username']; $username = $functionsClassInstance->sanitizeData($usernameI); //$username = strip_tags(trim($_POST['username'];)) $password = password_hash($_POST['password'], PASSWORD_DEFAULT); $bio = $_POST['bio']; $email = $_POST['email']; $c_status = 0; date_default_timezone_set('UTC'); $doc = date("Y-m-d h:i:s"); // account date last seen/logged in // add account age $query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio, doc, avatar) VALUES (:username, :password, :email, :cstat, :bio, :doc, :avatar)"); $query->bindValue(':username', $username); $query->bindValue(':password', $password); $query->bindValue(':email', $email); $query->bindValue(':doc', $doc); $query->bindValue(':bio', $bio); $query->bindValue(':cstat', $c_status); $query->bindValue(':avatar', $avatar); // if user uploads file, add path and file to database and server, if not revert to default. if ($_FILES["avatar"]["error"] == 4) { $query->execute(); } elseif ($_FILES["avatar"]["error"] != 4) { $file = new fileUpload(); $file->processFile(); $avatar = "/soapbox/uploads/" . $_FILES["avatar"]["name"]; $query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio, doc, avatar) VALUES (:username, :password, :email, :cstat, :bio, :doc, :avatar)"); $query->bindValue(':username', $username); $query->bindValue(':password', $password); $query->bindValue(':email', $email); $query->bindValue(':doc', $doc); $query->bindValue(':bio', $bio); $query->bindValue(':cstat', $c_status); $query->bindValue(':avatar', $avatar); $query->execute(); } // create variables // initialize variables // bind values of variables being entered into database } } // this file is responsible for creating the users ?>
functions.php class
<?php // Functions are stored here // Any code that is repeated more than once is put into a function to make my life easier // The start of going from procedural to OOP // checks if user is logged in or not, limits access to certain pages in/on site. class helperFunctions { function sanitizeData($data) { strip_tags($data); trim($data); return $data; } } ?>
-
Yeah, it is loading the /etc/php.ini file.
-
kicken, sqlite and odbc only show up for the enabled drivers. Well, I can take back my earlier claim of being sure that the extensions were enabled. I do have them installed to my knowledge when taking a look at /etc/php.ini, I see among the many extensions: mysql.so, mysqli.so, pdo.so, pdo_mysql.so, pdo_sqlite.so and pdo_odbc.so
-
I chose this category as I thought my topic would best fit here. I am running 14.2 Slackware Linux with the latest version of PHP. In the error log, I receive the error: Uncaught PDOException: could not find driver in 'x file path'. I am positive that I have the required extensions and modules installed and enabled.
Here is my code for the user.php class where I take the user information and add it to the database:
<?php require('dbcon/dbcon.php'); class User { public $avatar; public $bio; public $video_count; public $c_status; public $username; public $password; public $email; public $doc; public $last_logged_in; //if ($_SERVER['REQUEST_METHOD'] == 'POST') { public function addUser(PDO $pdo) { // add user info to db $username = $_POST['username']; $password = password_hash($_POST['password'], PASSWORD_DEFAULT); $bio = $_POST['bio']; $email = $_POST['email']; $c_status = 0; $doc = date("Y-m-d h:i:s"); // account date last seen/logged in // add account age $query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio, doc) VALUES (:username, :password, :email, :cstat, :bio, :doc)"); $query->bindValue(':username', $username); $query->bindValue(':password', $password); $query->bindValue(':email', $email_address); $query->bindValue(':doc', $doc); $query->bindValue(':bio', $bio); $query->bindValue(':cstat', $c_status); $query->execute(); // create variables // initialize variables // bind values of variables being entered into database } // addUser($pdo); //} // isLoggedIn - checks if user is logged in or not // getUser - returns/gets user??? // avatar // bio // registration date // video count // last logged in // username // email address } ?>
Here is my code for the dbcon.php class where the database connection is made:
<?php $host = "localhost"; $database = "soapbox"; $username = "drb"; $password = "m1n3craft"; // Create connection try { $pdo = new PDO('mysql:host=localhost;dbname=soapbox;', $username, $password); } catch (PDOExcpetion $e) { print "Error!: " . $e.getMessage() . "<br/>"; die(); } /* Print error message and or code to the screen if there is an error. */ ?>
and the code for the confirmation.php class where the data is displayed temporarily:
<?php include('header.php'); include('user.php'); require('dbcon/dbcon.php'); //include('functions.php'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $user = new User(); $user->addUser(); // if username exists do not continue... } ?> <!DOCTYPE html> <html> <head> <title>soapbox - confirmation</title> </head> <br> <?php $username = $_POST['username']; $email = $_POST['email']; $format = "The data provided has been sent to the server and is being inserted into the database. In order to complete the process, %s, we need you to confirm your account. If not confirmed, your account will be deleted a month from the marked registration date. We have sent you an email at %s, the provided email upon registration. Thank you and cheers! - The Staff at Soapbox"; echo sprintf($format, $username, $email); session_destroy(); ?> </body> </html>
Undefined Index Error
in PHP Coding Help
Posted
@requinix I'm going to use as many tags as I need to. When I figure out a way to not have to use more than one I will eliminate one of the two.
I didn't know inline event handlers were already outdated, I don't follow the corporation or industry standards.
I guess I'll just figure it out. Thanks for the response though.