jodunno
-
Posts
222 -
Joined
-
Last visited
-
Days Won
2
Everything posted by jodunno
-
I think that local development using xampp is the best route for you, Paul-D. Alot of php specialists have tried to help you but you must help yourself along the way. Go back over all of the tips and advice that you have received, maybe you will find a way to get your code working.
-
Hello php Freaks and Freakazoids I'm still working on a file upload script and i'm at the point of code scanning. I have opened the temp file using fopen and i am using a generator to yield each line of code (save on memory). Imperative is to yield the lines, yet i am trying to accomplish two concepts with one open file. I am trying to check if each line (string) contains php code or javascript code (string contains and foreach loop.) I have no prblem with this code. It is working and i am able to catch all of those weak filtering bypass images with php code (i have tested with 12 code injected images.) What i want to do is scan the jpeg (since it is already opened) and verify the image as having valid jpeg components. So i managed to get the markers of the Huffman table, which helps me stop those weak code injection bypass images since they lack the Huffman table data. However, it seems as though i will need to use if blocks in the lines loop, which is counter productive (they are evaluated on each loop.) I can easily change the bytes progressively as i verify them with a variable but i will still need to use an if block. Also, i could only think to check for the null bytes in order to stop the inner loop at the position that i am seeking. so for the header, i need the 74 70 73 70 JFIF bytes, then i can verify that the header exists. Now i can jump to FF C4 to get the Huffman table if it present. et cetera. I have added a passes variable to count the array and the second null byte seems to be at array index 11. I suppose that i could just use the passes variable to cut off the byte scan. However, i would like to know a better way to read bytes x to y only. How could i accomplish the scan of the bytes containing JFIF only and move on? Is there a better way to code this image scanner? I am not a programmer and i this project is the first time that i have used fopen. here is the code that i am referring to: $SID_fileLines = function (): Generator { $SID_openFile = fopen('image.jpg', 'rb'); while (!feof($SID_openFile)/*.*/) { yield trim(fgets($SID_openFile)); } fclose($SID_openFile); return; }; foreach ($SID_fileLines() as $SID_currentLine) { $SID_pos = strpos($SID_currentLine, "\xFF\xDB", 0); $SID_header = []; $nullByte = 0; $passes = 0; if ($SID_pos) { foreach(str_split($SID_currentLine) as $byte) { array_push($SID_header, ord($byte)); $passes += 1; /* passes = 11 (non-zero 12) seems to work as 2nd nullbyte. */ if (ord($byte) === 0) { $nullByte += 1; } if ($nullByte === 2) { unset($byte); break; } } } I hate to have an if block but i have no idea how i can scan the image for code injection and check the metadata at the same time. I don't want to open the image multiple times and i only want to yield each line to spare memory. Any tips?
-
yes! that is a fantastic idea. I am sometimes stupid and miss the obvious. Thank you for the wondeful suggestion. you know, i have been trying to find ways to stop my website programming from having memory problems. Thus i have recently searched for ways to limit my php code memory usage. I discovered generators but i see no way to yield array values. I found a way to use a generator to yield arrays but then i realize that it doesn't prevent the array from being loaded into memory. Now i think about the keys on a keyboard and character mapping. aha! it is possible to map numbers to names, thus it is possible to use a generator of numbers to loop over a nonexistent array (names are now mathematical numbers). Yet the problem of number naming for a loop is a problem. The dewey decimal system plus character mapping might be the answer! Thank you, Barand. You are brilliant! I'm off to look at this system and work on some ideas... very exciting ...
-
Hello everyone, i recently played with some code which uses a number delimited hyperlink reference to traverse the weeks of a year. Please see this thread to follow along with my question. Honestly, run my code in xampp to make the picture clearer if it isn't clear enough. link to my code example: imagine that clicking through the numbers 1 to 52 loaded 52 different webpages from a site. One could traverse the content of an entire website with one navigation system. Then i realize that we already play this numbers game: zipcode, street address (also has a string name). So when i imagine php pages named using numbers instead of words, such as 110 for index page of the domain, i realize how easily we could use math formulas and statistics to quickly add power to our web apps. I started jotting down some ideas but i wonder if this concept is already being used behind the scenes. I really wonder if it is the engine to sites like Google. The url string names are just string representations of the actual number system used to design the app and its pages. As it stands, i've always been influenced to name my pages with language strings (index.php, news.php, shinynewproducts.php, et cetera) i hate the idea of trying to develop my own system when one may already exist. I just cannot find examples of such a system. I imagine that math could be used to traverse a category by range with previous and next buttons et cetera. random pages would be easier to load. The ideas are endless when we switch from language and strings to numbers. I wonder if anyone has some links to material covering this subject? i cannot find the right search words in Google...
-
what are you talking about? noone here is being nasty or has been nasty to you. I think that you are overreacting. I read parts of this thread and i saw a suggestion by Barand to add a parameter to your function named pdo and that you have failed to pass the connection to the function which requires it. How is pointing it out to you equate to a 'bloddy nose'? well, I am not a professional programmer (hobby for me) and i am not secretly pals with anyone here. However, you are wrong about finding a better forum. This forum has some of the nicest and most experienced pros. You will be missing out on pro help. You should give your pride a bloody nose and learn how to play nice with others. I do not see a reason for you to be nasty. you may not thank Barand for his time and expertise, so i will do it for you: Thanks, Barand. Meantime, i hope that your code is working and i wish you good luck in your lesser forum.
-
hey that is an excellent and time saving tip! I also did not know that php has this old friend from cpp. php is just a hobby for me. I don't have alot of time to invest. Now i have a new tool in my toolbox. I will play this over the weekend., haha. so you could drop the padding in my example and replace it with a better idea: <?php /* php 8.2 compatible */ $delimiter = 2; /* tens (01-99) */ if (empty($_GET['selectWeek']) || preg_match("/^[0-9]{1,$delimiter}+$/", $_GET['selectWeek']) === 0) { $gwetWK = '1'; } else { $gwetWK = intval($_GET['selectWeek']); } /* ltrim as a zero stripper: $gwetWK = ltrim($_GET['selectWeek'], '0'); */ $leapYear = false; /* set to true for 53 weeks */ $weeks = ['Weeks', $leapYear ? '53' : '52']; /* arrays are only used to store a label, title, caption text et cetera plus number. can be dynamic with db names */ $thisWeek = ['This Week', $gwetWK > $weeks[1] ? $gwetWK = $weeks[1] : $gwetWK]; $lastWeek = ['Previous Week', $thisWeek[1] - 1 < 1 ? '1' : $thisWeek[1] - 1]; $nextWeek = ['Next Week', $thisWeek[1] + 1 > $weeks[1] ? $weeks[1] : $thisWeek[1] + 1]; echo '<html>' . "\r\n"; echo '<head>' . "\r\n"; echo ' <title>' . $thisWeek[0] . ' = w' . $thisWeek[1] . '</title>' . "\r\n"; echo ' <style>' . "\r\n"; echo ' body { font-family: "Arial", "Helvetica", "Chicago", sans-serif; font-size: 16px; }' . "\r\n"; echo ' .centered { text-align: center; }' . "\r\n"; echo ' ul { margin: 0px 0px; padding: 0px 0px; }' . "\r\n"; echo ' li { list-style-type: none; }' . "\r\n"; echo ' .wbuttons { background: #a0a0ac; border-radius: 4px; border: solid 1px #808080; color: #f8f8f8; }' . "\r\n"; echo ' .nounderline { text-decoration: none; }' . "\r\n"; echo ' .inlineblock { display: inline-block; }' . "\r\n"; echo ' .padding8 { padding: 8px 8px; }' . "\r\n"; echo ' .border1 { border: solid 1px #ccccff; }' . "\r\n"; echo ' .bgsnow { background: #f8f8f8; }' . "\r\n"; echo ' .embolden { font-weight: bold; }' . "\r\n"; echo ' </style>' . "\r\n"; echo '</head>' . "\r\n"; echo '<body>' . "\r\n"; echo "\r\n"; echo ' <div class="centered"><ul class="inlineblock">' . "\r\n"; echo ' <li class="inlineblock padding8 embolden"><a class="nounderline" title="Week 01" href="http://localhost/test/int/?selectWeek=01"><<</a></li>' . "\r\n"; echo ' <li class="inlineblock padding8 embolden"><a class="wbuttons nounderline padding8" title="' . $lastWeek[0] . '" href="http://localhost/test/int/?selectWeek=' . $lastWeek[1] . '">' . sprintf('w%02d', $lastWeek[1]) . '</a></li>' . "\r\n"; echo ' <li class="inlineblock padding8 embolden"><span title="' . $thisWeek[0] . '" class="padding8 border1 bgsnow">' . sprintf('w%02d', $thisWeek[1]) . '</span></li>' . "\r\n"; echo ' <li class="inlineblock padding8 embolden"><a class="wbuttons nounderline padding8" title="' . $nextWeek[0] . '" href="http://localhost/test/int/?selectWeek=' . $nextWeek[1] . '">' . sprintf('w%02d', $nextWeek[1]) . '</a></li>' . "\r\n"; echo ' <li class="inlineblock padding8 embolden"><a class="nounderline" title="Week ' . $weeks[1] . '" href="http://localhost/test/int/?selectWeek=' . $weeks[1] . '">>></a></li>' . "\r\n"; echo ' </ul></div>' . "\r\n"; /* why add a w to the number? week is implied: 'selectWeek' */ echo '</body>' . "\r\n"; echo '</html> be sure to Thank Kicken for the tip. I hope that you can get your code working. Let usknow how it goes...
-
that is what ltrim(, 'w0') will do: trim the w0 from the string. I'm confused reading this post. What are you trying to do with w? PHP should not be used to format an output string anywhere other than the point of output. I recommend dropping any w (which, i guess represents week. And week is implied so no need to insult a users intelligence by adding a w to the number.) I have spent some time to code an example of previous and next query string based pages using only php. I also added a 'w' at the point of output. Perhaps you can find the problem in your code by analyzing my code. If you want numbers to be padded, then pad them. If you want to work with annual data, then try to remember leap years. Also, writing scalable code is better, so we add a decimal places variable (tens, hundreds, thousands, etc.), then the code can be changed accordingly. Maybe my script will be of use to you. <?php /* php 8.2 compatible */ $delimiter = 2; /* tens (01-09) */ if (empty($_GET['selectWeek']) || preg_match("/^[0-9]{1,$delimiter}+$/", $_GET['selectWeek']) === 0) { $gwetWK = '1'; } else { $gwetWK = intval($_GET['selectWeek']); } /* ltrim as a zero stripper: $gwetWK = ltrim($_GET['selectWeek'], '0'); */ $leapYear = false; /* set to true for 53 weeks */ $weeks = ['Weeks', $leapYear ? '53' : '52']; $thisWeek = ['This Week', $gwetWK]; $thisWeek[1] = $thisWeek[1] > $weeks[1] ? $thisWeek[1] = $weeks[1] : $thisWeek[1]; $lastWeek = ['Previous Week', $thisWeek[1] - 1 < 1 ? '1' : $thisWeek[1] - 1]; $nextWeek = ['Next Week', $thisWeek[1] + 1 > $weeks[1] ? $weeks[1] : $thisWeek[1] + 1]; $thisWeek[1] = str_pad(strval($thisWeek[1]), $delimiter, '0', STR_PAD_LEFT); $lastWeek[1] = str_pad(strval($lastWeek[1]), $delimiter, '0', STR_PAD_LEFT); $nextWeek[1] = str_pad(strval($nextWeek[1]), $delimiter, '0', STR_PAD_LEFT); echo '<html>' . "\r\n"; echo '<head>' . "\r\n"; echo ' <title>' . $thisWeek[0] . ' = w' . $thisWeek[1] . '</title>' . "\r\n"; echo ' <style>' . "\r\n"; echo ' body { font-family: "Arial", "Helvetica", "Chicago", sans-serif; font-size: 16px; }' . "\r\n"; echo ' .centered { text-align: center; }' . "\r\n"; echo ' ul { margin: 0px 0px; padding: 0px 0px; }' . "\r\n"; echo ' li { list-style-type: none; }' . "\r\n"; echo ' .wbuttons { background: #a0a0ac; border-radius: 4px; border: solid 1px #808080; color: #f8f8f8; }' . "\r\n"; echo ' .nounderline { text-decoration: none; }' . "\r\n"; echo ' .inlineblock { display: inline-block; }' . "\r\n"; echo ' .padding8 { padding: 8px 8px; }' . "\r\n"; echo ' .border1 { border: solid 1px #ccccff; }' . "\r\n"; echo ' .bgsnow { background: #f8f8f8; }' . "\r\n"; echo ' .embolden { font-weight: bold; }' . "\r\n"; echo ' </style>' . "\r\n"; echo '</head>' . "\r\n"; echo '<body>' . "\r\n"; echo "\r\n"; echo ' <div class="centered"><ul class="inlineblock">' . "\r\n"; echo ' <li class="inlineblock padding8 embolden"><a class="nounderline" title="Week 01" href="http://localhost/test/int/?selectWeek=01"><<</a></li>' . "\r\n"; echo ' <li class="inlineblock padding8 embolden"><a class="wbuttons nounderline padding8" title="' . $lastWeek[0] . '" href="http://localhost/test/int/?selectWeek=' . $lastWeek[1] . '">w' . $lastWeek[1] . '</a></li>' . "\r\n"; echo ' <li class="inlineblock padding8 embolden"><span title="' . $thisWeek[0] . '" class="padding8 border1 bgsnow">w' . $thisWeek[1] . '</span></li>' . "\r\n"; echo ' <li class="inlineblock padding8 embolden"><a class="wbuttons nounderline padding8" title="' . $nextWeek[0] . '" href="http://localhost/test/int/?selectWeek=' . $nextWeek[1] . '">w' . $nextWeek[1] . '</a></li>' . "\r\n"; echo ' <li class="inlineblock padding8 embolden"><a class="nounderline" title="Week ' . $weeks[1] . '" href="http://localhost/test/int/?selectWeek=' . $weeks[1] . '">>></a></li>' . "\r\n"; echo ' </ul></div>' . "\r\n"; /* why add a w to the number? week is implied: 'selectWeek' */ echo '</body>' . "\r\n"; echo '</html>
-
$Result = Contracts($conn); $MyRow = $Result->fetch(); echo "Value = " . $MyRow['Venue']; function Contracts($conn) { $qList = $conn->query("SELECT * FROM EC_event WHERE ID = 2"); return $qList; } ?> Yet, you declare the function after it is called (!). $pdo, as implemented and mentioned by Barand, is just the name of the parameter (local scope) in his example. He obviously means pass the approprate $conn data to the function where the segregated database code resides. Which reminds me, i do not see a need to use a function at all. Functions should only be used for mathematics, algorithms and subroutines (but php devs stupidly ignore subroutines as a built-in programmatc validity subroutine() {}. cube a number in a function is good. echo the string from my class file is horrible, use echo.) I propose that you remove the unnecessary function. I see no parameters that are used to dynamiclly change the query for different needs or requirements (subroutine like usage). I do not think that the php version number is a problem here. It seems like functions, function parameters and the proper usage of functions is a problem. Please stop trying to blame Barand for your problems. He is trying to help you.
-
Hello, i am just wondering why you do not experiment with pdo, a better database design and modern html/css concepts? I see a table and i wonder why you think that you need to use a table at all. I have attached a code example of a similar 'table' using div tags and a second one using a list. I recommend dropping the tables and moving to css. Also, try to learn reusable css design. <!DOCTYPE html> <html> <head> <title></title> <style> div { position: relative; margin: 0px 0px; padding: 0px 0px; box-sizing: content-box; } ul { position: relative; margin: 0px 0px; padding: 0px 0px; } li { list-style-type: none; position: relative; margin: 0px 0px; padding: 0px 0px; } .inlineBlock { display: inline-block; } .centered { text-align: center; } .valignmiddle { vertical-align: middle; } .pad10 { padding: 10px 10px; } .border2dc { border: solid 2px #dcdcdc; } .sans-serif { font-family: "Verdana", "Arial", "Helvetica", sans-serif; } .ccccff { color: #ccccff; } .000000 { color: #000000; } .embolden { font-weight: bold; } img.cellImage { display: inline-block; width: 50px; height: 50px; } </style> </head> <body> <div class="centered"> <div class="inlineBlock border2dc valignmiddle"> <div class="inlineBlock pad10 valignmiddle border2dc"><img class="cellImage" src="'.$imglink.'"></div> <div class="inlineBlock pad10 valignmiddle border2dc sans-serif embolden ccccff">$row["comment"]</div> </div> </div> <br> <ul class="centered"> <li class="inlineBlock pad10 valignmiddle border2dc"><img class="cellImage" src="'.$imglink.'"></li> <li class="inlineBlock pad10 valignmiddle border2dc sans-serif embolden ccccff">$row["comment"]</li> </ul> </body> </html>
-
functional programming wih a few special terms that only work in classes, id est, this. Have a closer look. If you cannot see it then you are an idiot and an idiot trying to convince others to be an idiot in your likeness. Functional programming. And it is not my problem you cannot remember to include or require a file. LOL. <?php declare (strict_types = 1); Namespace SpyderEyes; // because Reflection Class exists. function Reflection($My_Class) { if (!is_array($My_Class) || count($My_Class) !== 2) { return 'error'; } $My_Constructor = $My_Class[0]; $Private_Function = $My_Class[1]; if (!is_string($My_Constructor) || !is_string($Private_Function)/*.*/) { return 'error'; } if (!in_array($Private_Function, ['TEST_shine','TEST_dust'], true)/*.*/) { return 'error'; } $TEST_shine = function(string $TEST_mirror = '') { //if (empty($_SESSION['SpyderEyes']['PrivateFunctionKey'])/*.*/) { return 'private function is inaccessible'; } return $TEST_mirror ? $TEST_mirror : 'empty'; }; //function TEST_dust(string $TEST_mirror = '') { $TEST_dust = function(string $TEST_mirror = '') { //if (empty($_SESSION['SpyderEyes']['PrivateFunctionKey'])/*.*/) { return 'private function is inaccessible'; } return $TEST_mirror ? bin2hex(base64_encode($TEST_mirror)) : 'undusted'; }; return (${$Private_Function})($My_Constructor); } $New_Reflection1 = Reflection(['Mirror, Mirror, on the wall', 'TEST_shine']); $New_Reflection2 = Reflection(['Mirror, Mirror, on the wall', 'TEST_dust']); echo '<p>' . $New_Reflection1 . '</p>' . PHP_EOL; echo '<p>' . $New_Reflection2 . '</p>' . PHP_EOL; ?> by the way, stop worrying about the 99percent, of which you are included. The 1percent hacks top Tech companies and kicken, requinix and jodunno combined are not a threat to the 1percent. You know doggone well that you cannot change my session code from the client, so stop leaking noetic venom. You only influence others to learn poor coding skills. Have a look at old php books (4 and 5) and see why hacking has wreaked havoc. You must have written one of those books 0.0 In any event, i always appreciate the tips, opinions, and any help. Thanks for taking time to read and reply. I am not on the class bandwagon at this time. I am going to continue with my spaghetti code. Also, Kicken, your 'cleaned up code' looks good actually but does nothing to control php devs wild lets throw errors for every reason approach to a language. I'd rather make functions and control the code myself. Best wishes, John.
-
where is the code examples? kicken up dust. I'm happy with my current code. But it all seems like functional programming in a wrapper called a class that just reinvents the wheel imo. Not seeing the benefits yet on the server-side scripting aspect of the www. Meantime, i'll try to find new ways to keep the code in my control without throwing exceptions for a minor nuisance. <?php declare (strict_types = 1); Namespace SpyderEyes; // because Reflection Class exists. class Reflection { protected $TEST_mirror; function __construct($TEST_shine) { //notice the word <i>function</i>. a <i>return</i> is valid within a function. $this->TEST_mirror = $TEST_shine; } function TEST_shine() { if (empty($_SESSION['SpyderEyes']['PrivateFunctionKey'])/*.*/) { return 'private function is inaccessible'; } if (!is_string($this->TEST_mirror)) { return 'error'; } return $this->TEST_mirror ? $this->TEST_mirror : 'empty'; } function TEST_dust() { if (empty($_SESSION['SpyderEyes']['PrivateFunctionKey'])/*.*/) { return 'private function is inaccessible'; } if (!is_string($this->TEST_mirror)) { return 'error'; } return $this->TEST_mirror ? bin2hex(base64_encode($this->TEST_mirror)) : 'undusted'; } } $TEST_reflector = new Reflection('Mirror, Mirror, on the wall'); echo '<p>' . $TEST_reflector->TEST_shine() . '</p>' . PHP_EOL; echo '<p>' . $TEST_reflector->TEST_dust() . '</p>' . PHP_EOL; ?> i also created a private function without specifying it within the class. no key, no code. unset when finished. i go to bed now and play more tomorrow. Best wishes, from John.
-
seeking Class error handling examples not more whining. I'm fed up and seeking examples. Newbie tutorials are offensive. I am currently taking my first (baby) steps into PHP OOP. I have a read about classes and i've tested a class file with a construct and functions. Once again, php devs make interject like whining babies over minor problems that a dev can handle with code. Agressive error handling within classes is the scope of my aim here. I have to ask what are pro(fessional) php coders doing about errors in classes? do you not notice how php lays an egg and just shuts down your website to show an error that a developer can handle with proper coding. Hey, php devs: if !is_string(). I can do it myself. No need for an exaggerated bsod. Anyway, i have found a few tricks that stop this from happening. 1. return false from an if statement in the construct but a property declaration is necessary. 2. return error in the functions when data is a mismatch and return a null coalesce jic (Just incase) php forgets its place. so far, i am happy with the results. I want to know what others are doing to prevent all errors other than fatal. I cannot find examples of error handling in classes. I am amazed that i cannot find anything to guide me along. Maybe i am not typing the right phrase. Anyone have examples of stopping baby whining about minor errros? Have a look at my error thwarting attempts. Have better code? a link to better examples? <?php declare (strict_types = 1); Namespace SpyderEyes; // because Reflection Class exists. class Reflection { protected $TEST_mirror; public function __construct($TEST_shine) { if (!is_string($TEST_shine)/*.*/) { return false; } $this->TEST_mirror = $TEST_shine; } public function TEST_shine(): string { if (!is_string($this->TEST_mirror)) { return 'error'; } return $this->TEST_mirror ? $this->TEST_mirror : 'empty'; } public function TEST_dust(): string { if (!is_string($this->TEST_mirror)) { return 'error'; } return $this->TEST_mirror ? bin2hex(base64_encode($this->TEST_mirror)) : 'undusted'; } } $TEST_reflector = new Reflection(['Mirror, Mirror on the Wall', 'exit']); echo '<p>' . $TEST_reflector->TEST_shine() . '</p>' . PHP_EOL; echo '<p>' . $TEST_reflector->TEST_dust() . '</p>' . PHP_EOL; ?> I wonder if php devs forgot about if !is_string. LOL Best wishes, John
-
<?php session_start(); include_once "configure.php"; if (!isset($_SESSION['id'])){ header("location: login.php"); }else{ so why include the db config file if the user is a visitor? why use an else clause when the page is by now redirected (if exit is used)? and again, what kicken typed to you regarding the use of exit. i recommend installing xampp on a personal computer and recoding your website and database to version 2.0. You have alot to learn, young Jedi. Best wishes, John
-
Hello again, I have tried to help you for a few hours yesterday. I am not a php specialist and my database skills are kindergarten level, so i advise you to follow the lead of the specialists in the forum, such as gizmola. Barand is also a db wizard. Requinix is just awesome in my opinion. Not trying to leave anyone out because we have access to many skilled coders here that post tips and code regularly. You don't have to build your program with someone elses design but you should definitely follow leads and correct code that isn't working or is insecure et cetera. Obviously, the session variables are not set. You know that because a simple isset check redirection always redirects you (the 'is not set' is true). I cannot see how you are associating a switch with a user in the first place. When a user logs in, how do you handle this action? you check the db for a password where username/email matches a form post named username/email. Password verify the password, then a user is logged in. Now what do you do? If you need user associated data then you must associate this data with the user at login. An id column is usually how coders IDentify a user. So the session should have a $_SESSION['id'] set at login (identify the logged in user). Then your switch query would be 'SELECT switch FROM sale WHERE id ='. you have to complete the WHERE id = part. An example using pdo with a session variable loaded into the session at user login verification: $varSESSIONid = $_SESSION['id']; $servername = '127.0.0.1'; $username = ''; $password = ''; $dbname = ''; $att = array( PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC ); // adjust the charset to whatever you have implemented $conn = new PDO("mysql:host=$servername; dbname=$dbname; charset=utf8mb4", $username, $password, $att); $sql = 'SELECT switch FROM sale WHERE id = :sessionID'; $req = $conn->prepare($sql); $req->execute(array(':sessionID' => $varSESSIONid)); $row = $req->fetch(); $_SESSION['salecheck'] = $row['switch']; then you would have the switch associated with the logged in user ($_SESSION['id'], if this is what you are doing with id). once you fix your database problems, your switch will be working. You can see that the following code works by simply uncommenting/commenting the various arrays in a development server such as xampp. <?php declare (strict_types = 1); // this is a switch.php page example // you also need a nosale.php file and a sale.php to test this code (array) $_FakeSESSION = ['id' => 1, 'salecheck'=> 1]; //(array) $_FakeSESSION = ['id' => 1, 'salecheck'=> 0]; //(array) $_FakeSESSION = ['id' => 1, 'salecheck'=> true]; //(array) $_FakeSESSION = ['id' => 1, 'salecheck'=> false]; if (!isset($_FakeSESSION['id'])/*.*/) { // change the isset variable to $_SESSION['id'] when you fix your db/session issues echo 'visitor page view'; exit; } require_once empty($_FakeSESSION['salecheck']) ? 'nosale.php' : 'sale.php'; // change the empty variable to $_SESSION['salecheck'] when you fix your db/session issues // the switch will work when the database code is adjusted. I suggest that you repair your database and the code that is associated with the login script. You need a user id and you need to use that id to query id specific data from the db. Best wishes.
-
as long as you are getting values from the db and assigning those values to the session, then this shouldn't be a problem. session_start is used and the data in the session should be accessible. Try to change the logic. By testing for a user id, we have to separate a visitor from a user, which we are not doing. We also have to separate a user into sale and nosale page, so more than one condition is required (especially to separate visitors from users.) <?php session_start(); include_once "config.php"; //and be certain that the session variables are set in this file if (!isset($_SESSION['id'])/*.*/) { //then we have a vistor, which should not see a yes or no page? header('Location: /'); //go to root page or wherever they should be in your design exit; } if (empty($_SESSION['salecheck'])/*.*/) { //then we have a user, which should see a nosale page header('Location: nosale.php'); //go to root page or wherever they should be in your design exit; } //then we have a user, which should not see a yes page echo 'this is the YES page view.'; ?> if this is not working then something else is breaking. Try to echo session variables to see that they exist and what are their values if they exist. How are you checking these values as they are assigned to a user? $sql = "SELECT id, switch FROM sale" where username = what? i do not see this information. Therefore, i assume that the session variables do not exist. where is this login code? are you certain that you have set ALL of the necessary data before you present to us this problem? look it over. think about it.
-
gizmola has mentioned a better method for you to follow. using an empty value for a no is complicating the matter. true or false would be a better road. In the meantime, based upon your last post, then we need to change the logic to accomodate a not yes value (as long as the session salecheck exists.) if (!isset($_SESSION['id']) || isset($_SESSION['salecheck']) && $_SESSION['salecheck'] !== 'yes') { header('Location: nosale.php'); exit; }
-
we started with on.php and off.php then we got to nosale.php. we started with off or on values, switched to yes or no values and now true or false. we need consistency to find the problem. select a value for salecheck session variable and maintain it until you resolve the issue. we should check the value of the session variable to learn more. Perhaps the variable is not being set in your db code. Somewhere you need to set the value in the session from the db. Let's revisit your db code and the row to the session variable: <?php $servername = "localhost"; $username = "removed for posting"; $password = "removed for posting"; $dbname = "removed for posting"; // Create connection $conn = new mysqli($servername, $username, $password, $dbname); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "SELECT id, switch FROM sale"; $result = $conn->query($sql); $row = $result->fetch_assoc(); $_SESSION['salecheck'] = $row['switch']; $conn->close(); ?> now try the following code to test the session variable <?php session_start(); include_once "config.php"; if (isset($_SESSION['id'])){ if (!empty($_SESSION['salecheck'])/*.*/) { echo $_SESSION['salecheck']; } echo '<p>this is the yes page.</p>'; } else { header("location: nosale.php"); exit; } ?> once you have the session variable working and settle on a value, then my earlier code should work. <?php session_start(); if (!isset($_SESSION['id']) || !empty($_SESSION['salecheck']) && $_SESSION['salecheck'] === 'no') { header('Location: nosale.php'); exit; } echo 'this is the YES page view.'; ?> let us know...
-
check my last post for that code. if !isset OR !empty AND no
-
And if you want to check if a logged in user has a no too then use the following code model <?php declare (strict_types = 1); (array) $_FakeSESSION = ['id' => 1, 'salecheck'=> 'yes']; if (!isset($_FakeSESSION['id']) || !empty($_FakeSESSION['salecheck']) && $_FakeSESSION['salecheck'] === 'no') { header('Location: nosale.php'); exit; } echo 'this is the YES page view.'; ?> what we are doing is better if we read it to ourselves. if session id is not set OR a session salecheck is not empty AND its value equates to no, then nosale.php otherwise, load the sales page data because user is logged in and the salecheck is yes. does this solve your problem?
-
okay, so i was confused about what you are doing (since i cannot see your complete page and i am obviously failing to listen to your problem carefully.) I apologize for misunderstanding your goals. Simply check for the lack of a session id and redirect. <?php session_start(); include_once "config.php"; if (!isset($_SESSION['id'])/*.*/){ header("location: nosale.php"); exit; } ?> also, i always add a small comment between parentheses because if statements with too many parentheses can be confusing. I often miss one somewhere and it drives me nuts. redirecting a user that does not have an id (logged in?). The sales page will be viewable now if the session id is set, otherwise the redirection will take you to nosale.php. edit: the salecheck session variable should be an error if the user is not logged in, so the header redirect does not happen. You would have to check if both session variables are set to escape this problem. But then it begs the question 'why use a yes switch if it isn't really used?'
-
!isset($_SESSION['id']) if NOT isset $_SESSION['id'] AND $_SESSION['salecheck'] == "yes" session id is not set and session salecheck is yes if yes means that a user is supposed to view the page and the user should have a session id, then this code is failing because session id is set. you are simply misunderstanding the logic. if IS set Session ID AND session salecheck === yes should allow the logged in user with yes permission to view the page if (isset($_SESSION['id']) && $_SESSION['salecheck'] === 'yes') you still need to exit after a header.
-
I see that my advice is a bit much, so let me just work off of your data. Add an exit immediately after the header redirection and try the script again. so: <?php session_start(); include_once "config.php"; if(!isset($_SESSION['id']) && $_SESSION['salecheck'] == "yes"){ header("location: nosale.php"); exit; } ?>
-
client side versus server side should not be a foreign concept to you. So what do you do when i disable JavaScript in my web browser? or what do you do if i use fiddler to fiddle with the request? Imagine if your bank used Javascript to control access to a page. If i could use a shaking my head while holding it in my hands in a downward shamed posiion, then i would use such an emoji here and now.
-
Please do not implement a script (client side technology) in place of server-side control. I hope that you are really not using such code on a live website. I hope that you understand why this is a bad suggestion. Thanks for trying to be helpful but this is really hurtful advice. I hope that you do not think that i am being rude. I'm just shocked that you would make such a suggestion. 🤯
-
okay but Linux is an Operating System. In your code you are using a header for redirection but you have failed to exit the php script, thus it continues execution of the script (which ends up at on.php !). However, you shouldn't redirect here because it is not really a legitimate reason to do so. Simply store the db switch in a session variable instead. ALSO use one page and change the view based upon the switch. Like so: then in the on_or_off_single_switch_page.php page: if (!empty($_SESSION['MyPagePermissionSwitch']) && $_SESSION['MyPagePermissionSwitch'] === 'on') { echo 'the page is really turned on, LOL'; require_once on.php; /* require_once dirname(__FILE__) . '/../outofrootfolder/on.php'; /* } else { echo 'you are not permitted to view this file. The page is a big turn off!'; require_once off.php; /* or whatever action/consequence that you desire is to be enacted in this condition block */ /* we want off to be the default, right? } the above code is just an example. Handle the condition according to your code. I am not a php specialist, so you should wait for the specialists to reply. Is this helpful to you? Best wishes, John
