Karaethon

Yeah this was early testing, the final code doesnt have most of that. The $query is used as a mysql query, I just hadnt added that yet (this was testing to make sure foreach output was correct) the foreach is working fine now.

Argh! I see it now. i forgot = assigns and == compares!

I looked at everthing settings related and I cant find the setting for it. But I decided it's not hard to change the file to standard php extension so thats better, especially since I may not be able to edit settings on final server.

I have the following function: public function getData($criteria){ $query = "SELECT * FROM {$this->table} WHERE "; $crit = ""; foreach($criteria as $column => $value){ if($column = 'bind'){ $crit .= "{$value} "; }else{ $crit .= "{$column} = {$value} "; } } echo $crit; } I'm testing it with getData(['test1'=>'test2', 'bind'=>'AND', 'test3'=>'test4']); But instead of getting "test1 = test2 AND test3 = test4" the echo output is "test2 AND test4". I'm probably too close to see whats wrong, what do you see?

Ok, i remember Mod_php by name but I still dont remember how to set it to parse my files. is it something I can do in .htaccess? or should I rename all my fules and adjust all my pages?

Yup, I kinda remembered something about that when I was learning how to install Apachee/php/mysql but I don't remember how/where it is or how to set it.

How/where is the setting that tells PHP which pages to parse? Does Apache have it and sends the file to the PHP engine? I have a custom extension that I am using and the server isnt parsing it because its not php extension.

AHHHHHH! I see now! Thank you for the explanation, I was getting confuddled on why sometimes it works and others dont... ok, gonna have to get rid of the (dot) habit.

Ok, that worked? So why does the period need to be in the inline but not the external?

Ok, tried that, it didn't change anything... So why not use relative URLs? I was always told that relatives are best when they're URLs... it makes for a whole lot of extra typing to type the full url in every call and if I change domains... yikes!

I have a bakground-image problem, If I put the image info in my external style sheet nothing will appear in the browser but if I cut&paste it into the body tag it works perfectly. NO CHANGE IN CODE! <body class='startup body' style='background-image: url("./img/coins.png"), url("./img/coins.png"); background-attatchment: scroll; background-position: left, right; background-size: 10vw; background-repeat: repeat-y; background-color: black;'> Works perfectly but.. body{ background-image: url("./img/coins.png"), url("./img/coins.png"); background-attatchment: scroll; background-position: left, right; background-size: 10vw; background-repeat: repeat-y; background-color: black; } Does not. WHY?!? ARGHHH Can anyone explain or figure out if I'm doing something wrong?

Ok, so it's not like they could get a file onto the server then goto http://www.site.com/badfile.txt.php and have everything go kablooey for you. the file must be specifically include or rewured for it to execute, right?

ok, so if the directory doesnt have execute permisions (chmod?) then it wouldnt proccess the file?

I ws just reading the PHP Documentation and I accidently found something that scares me a little. There are two commands which (I believe) would allow a potential hacker scary power. Everything I've read always tells me to use/pass variables for the arguments when connecting to a database (i.e. mysqli_connect) instead of hard coding the arguments into the mysqli_connect directly. The reason that is given is security, the data can be stored somewhere secure where a malicious user cannot access it. Sounds great and I use it, as the values dont change during execution I use constants, and that's where I found the scary. There are two commands which would dump all that info straight to a user... PLEASE tell me this cant be done. the commands are: get_defined_constants() get_defined_vars() Couldn't a malicious user trick the server into running echo get_defined_vars(); echo get_defined_constants(); and then become omnipotent? I can see it, somehow a user uploads a file to a server, pretending it's innocuous, but really it's a .php (say myfile.txt.php) snd then said user requests that file from the server...

I wasn't debugging so much as trying to verify that the app code was sending valid $_GET parameters. The app does all the data valiation, and I verified that side, I just needed to double check that what I 'thought' was being transmitted was what was actually being recieved. I don't have access to the recieving server so I was submitting to localhost to verify before actually submitting to server.

Ok, I was almost right on. I got it right except my foreach order was wrong. <?php foreach($_GET as $key => $value){ echo $key." = ".$value; } ?> is the correct way. sorry for wasting space on the forum.

I am testing my app to server transport to verify everything is working, I need to write a loop that takes each value sent via GET and/or POST and then echo each key:value back, how do I step through the $_GET or $_POST and extract each to echo? Something like this, but what? <?php /*I know this is not valid, is psedocoded*/ foreach($key in $_GET as $value){ echo $key." = ".$value; } ?>

That is a fundamental difference in the abilities of the programmer. Some people can program well in a language but cannot think outside the box of their language, then there are those who can program INTO a language and do things that otherwise could not be done in that language. As an example (a poor one maybe) I have a Texas Instruments TI-NSpire CX CAS calculator, the TI-Basic has no class or includes capabilities so I took the time to write wrappers that allow me to mimic these abilities in the calculator. Thinking outside the box is what separates the programmer from the person who just plays around.