-
Posts
5,966 -
Joined
-
Last visited
-
Days Won
146
Everything posted by gizmola
-
The simple answer is that you de-couple the front end and the back end. The typical way to do this is to create an API for your backend code. Most frequently people choose a REST api. This is where the major frameworks (symfony, laravel, api platform) are extremely helpful and productive. There are some people who have a lot of negative things to say about Api platform, but it's purpose built for creating a backend api. From there you build your clients (javascript/native app or mobile framework app) against the api. This is really how large scale applications work.
-
I'm not entirely sure what you are asking here, but PHP has arrays that are extremely flexible. An array element can contain a nested array, and you can also have multi-dimensional arrays. You can also mix arrays and class objects together, as in having a class, creating an object of that class and assigning it to an array, such that you have an array of objects. Either of these ideas could help you represent the data you have in your table. Arrays can be easily traversed using for loops or foreach.
-
@Olumide Just a suggestion for you -- using var in javascript is frowned upon now when you have const and let.
-
I don't see the issue. Can you clarify what you mean? When I look at the calendar on your site, as an example, Dec. 3, 2023 is a Sunday, which is correct.
-
Using .env files is best practice, but probably not for the reasons you think. The main reason for those, is that previously people had a bad practice of actually putting credentials into files, and then they would get stored in source code repositories. What I would do with your project is to move all the files that can be directly called or referenced from "web space" ie. within or below the "web root" directory for the web server. What I'm going to describe to you is what pretty much all web projects do these days. So what I would do here, is create a public folder in your project. I would then move all the web directories (css, img, js) into it, as well as index.html, leaderboardtable.php and word-comparison.php into that directory. The .htaccess should also be in /public Note that these changes will break the application, and you will need corresponding changes, including regeneration of the autoload file with composer (assuming that is being used). The web configuration should then set the webroot to this projectname/public directory. At that point, you should notice what is no longer in web space: any project files the .env file dot files in the root the /vendor directory Depending on your web stack, there are additional tweaks you can make that might have some additional security benefits, if for example you are using fcgi/php-fpm or nginx with those etc. In those cases, you can utilize separate users for the php code and the web server, but at very least, moving anything out of "web space" means that you no longer have to try and knock down holes in a .htaccess, as users will only be able to directly reference the things you want them to, and there is no way they will be able to explore web space with the web browser, and potentially access a file that is used in your project.
-
Consider the name of the feature. "Auto Loading" is a long standing feature of php that "automatically loads" a class simply by using it in your code. <?php $newObj = new MyClass(); By default, PHP has had a feature going all the way back to early versions, that would search particular directories you specified in the php.ini configuration file, looking to find a file that contains the definition for the file MyClass. Of course this had problems, including the fact that you could only have one "MyClass" defined. Any sophisticated PHP project, whether that be a forum, framework, cms etc., would need to keep its classes separate and distinct, and the potential for naming conflicts was significant. This is one of the reasons PHP added namespace support, so that a component library was free to name and structure its classes in whichever way was best for the developer, and still allow its classes to be used by other developers without conflict. Some of the leading framework and library project developers got together and formed FIG, in order to create standards documents, which they did for autoloaders in PSR-0 and then PSR-4. You should read those PSR's, or at least PSR-4 which is the current standard for how an autoloader should work, and how classes should be namespaced. At this point, because people should be using composer to manage the libraries and dependencies of their projects, and composer will generate the autoloading code, to include. If you follow the chain of code that is generated by composer, you'll see where it calls spl_autoload to register the custom autoloader code.
-
Most discussion is in the PHP coding help, and at times the Client Side sub forums.
-
Redirect to installer if database is empty - Codeigniter 3
gizmola replied to Moorcam's topic in Frameworks
This is not a panacea, but you could change the all_setting function to this: public function all_setting() { $query = $this->db->query("SELECT * from tbl_settings WHERE id=1 ORDER BY id"); if ($query) { return $query->first_row('array'); } else { return array(); } } Then your modification would work. -
Count links on a page, sort them and grade them.
gizmola replied to guymclarenza's topic in PHP Coding Help
What function are you talking about? -
Why does it yield empty string in the database?
gizmola replied to watsonjohn's topic in PHP Coding Help
100% what Mac advised. $firstname = mysqli_real_escape_string($con, $_POST['firstname']); $lastname = mysqli_real_escape_string($con, $_POST['lastname']); $datereg = mysqli_real_escape_string($con, $_POST['datereg']); This is like something from an antiquated tutorial. Nobody does this now. PDO is much better -- so much so, that I don't think there's a staff member or veteran/pro developer on this site that uses mysqli unless they are working on a project that was already using it. With that said, if changing to PDO is too much of an issue for you now (although it probably could be converted in less time than you think). then here's a good tutorial to look at. It's also painful to look at code that uses the procedural interface, when the oop interface is cleaner and easier to understand. Since you used it, I provide the procedural interface example below. Your code will be something like this: $query = "INSERT INTO persondetails (firstname, lastname, datereg, address, phone, email) VALUES (?, ?, ?, ?, ?, ?)"; $stmt = mysqli_prepare($con, $query); mysqli_stmt_bind_param($stmt, 'ssssss', $_POST['firstname'], $_POST['lastname'], $_POST['datereg'], $_POST['address'], $_POST['phone'],$_POST['email']); mysqli_stmt_execute($stmt); if (mysqli_stmt_affected_rows($stmt) === 1) { $_SESSION['message'] = "Info Added"; } else { $_SESSION['message'] = "Failed to Add"; } header("Location: personcreate.php"); exit(0); One other comment: use the proper database types and your application will be better. $_POST['datereg'] Should be a DATE/DATETIME/TIMESTAMP value. Using any of these is better than storing a CHAR/VARCHAR in the database, from a data integrity/storage size and usability standpoint. Using a string to store a date is just bad/lazy design. -
I want to setup a manual payment confirmation page
gizmola replied to Olumide's topic in PHP Coding Help
The best way to debug ajax calls like this is to use your browser developer tools. I typically use Chrome. You should open the network tab, and look at the request and response data, in order to figure out where your problems might be. -
I want to setup a manual payment confirmation page
gizmola replied to Olumide's topic in PHP Coding Help
Yes he literally told you that it is wrong. It's the query in get_student_details.php. WHERE sc.semesterid = :semesterId Should be WHERE s.id = :studentId And your bind parameter needs to be changed. This is wrong. // Bind parameters $stmt->bindParam(':semesterId', $studentId, PDO::PARAM_INT); Should be: // Bind parameters $stmt->bindParam(':studentId', $studentId, PDO::PARAM_INT); -
Mail was designed to inject outgoing mail into the system MTA (mail transfer agent). Thus it has no visibility into deliverability. SMTP (the mail transfer protocol) has no insight into this either, unless the smtp connection is rejected, or the mail server returns an error message. From the php application standpoint, it just knows it dropped off mail at the post office. This is why libraries like phpmailer and symfony mailer were created, as they are designed to handle more of the process. Sending email with even a modicum of deliverability is a non-trivial task, which is one of many reasons why there are companies that take care of a lot of the problem. The mail libraries listed are also suited to integration with many of the popular remailing services (mailchimp, mailgun, sendgrid etc.)
-
Software tool available to manage php website?
gizmola replied to Webster_too's topic in PHP Coding Help
Indeed, typically there will be variables, and images and other assets will be referred to using variables, that might even be read from the database. There's a lot of different possibilities. Without specifics, people are just guessing. -
In general, this would be called provisioning. For the most part, this requires that your application have an underlying architecture that supports this. In terms of DNS, you can set up a wildcard DNS entry for *.myapp.com. Internally, your application needs code that accepts a request, examines the requested url, extracts the subdomain, and executes the routing accordingly, or you can also have a rewrite that will look for subdomains other than 'www' and rewrite those to https://myapp.com/shop1. When a new user creates a store, you will run provisioning code in your application that does any required setup (make new database user, create database with new user assigned rights, save credentials in user profile configuration file or in database.) There are strengths and weaknesses to each approach so you have to consider the tradeoffs and security implications of each approach. For example, you could just use the primary database access user, and not create a separate database user for each customer database. There isn't one right answer for each application.
-
In general, functional testing of web apps involves some sort of tool that can either simulate a browser (Codeception, Testing Library) or integrate with one (Selenium, Watir). They are specifically built to deal with browser clients. For testing of CLI programs, there aren't a lot of options out there that I'm familiar with, but one that you can look at is cli-testing-library Confusingly there is another library worth looking at with the same name. Either library should allow you to write and run functional tests for the outcomes you described, but also provide ways for providing input, options and interaction. Let us know if one or the other worked out for you.
-
100%. I'm not sure that people will help you hack your custom plugin, but it's not like it's never happened here previously. There' s no guarantees, but what I can tell you, is that you need to: Explain what the current plugin does (with relevant examples). Explain what you want to have changed Provide relevant code snippets based on your examination of the code Explain specifically what "did not work" in your attempt to modify it yourself, with any errors or debugging
-
In general, people with a substantial investment in microsoft server infrastructure will use a product built to run on the microsoft stack you mentioned. The only oddity in the ERP you found is that it was built for Oracle. I know I'm glossing over Postgresql, but in general, when you see this as an alternative, it's because Postgressql has a high degree of architectural and syntactic similarity to Oracle, so that it is often used as a substitute, to save on licensing costs. Here are the stack combinations I see most frequently: Java/Tomcat/Glassfish/etc/Oracle(Postgresql) Nodejs/MySQL/Postgresql/Document DB's Apache/Nginx/php-fpm/MySQL/Postgresql IIS/.NET/Sql Server You began this thread with the claim you wanted to find a PHP based solution. PHP has no relationship to .NET/ASP etc. and vice-versa. ASP is microsoft's framework for building web applications. PHP is not related or an option. With that said, in general ERP's are closed systems, that will provide configuration options, and some sort of api for integrating with other systems. Sometimes integration options are driven by the underlying platform, but usually people are more interested in the features of the ERP and how it will meet the needs of their existing business.
-
It's a great question. I have to think that it was extra work to create the associative array version, so it never really made a lot of sense why having two versions of the same data returned in the same array, would be the default.
-
Barand as usual offers an expert solution. Looking at your original schema model, please don't include a prefix for the table name like q_column etc. Also don't use Enums. They violate a basic tenet of relational database theory (any field/attribute in a row should contain a single value). If you really want category and type, those are foreign keys to separate tables. In cases where the PK is a char, I will tend to name that column "code", just to be clear that it's not a sequential key. For example, I often have fairly static type tables, like "status" where the allowable values are things like "new", "active", "deleted", and I'll use a char(1) and 'N', 'A', 'D' for those values in a status table with "code" and "description" as the only fields. I personally have done what Barand did (using table_id) many times, primarily to make it easier for the design tool(s) I typically used, but most ORM's like it if you just name your table pk "id". When you add a foreign key, then make that "tablename_id". A lot of ORM's will pick up on naming conventions for keys, so it makes things easier, as the ones I've used will default to the assumption that the "id" field is the primary key for the table. Not a huge fan of these types of columns, but created_at, and updated_at are good for timestamps like your "q_added".
-
Just a quick comment on this. A user does not need to see a button to call Ajax in order to exploit the Ajax. All they need is to know that it is there, and they can use whatever technique or tool that they want to, to post to the Ajax url. Anything that needs to be secured should have a separate permissions check. A simple common solution would be to check something stored in the session that indicates someone is an admin, or some other user level. Then your Ajax code should check that and only execute the actual deletion code when their status is affirmed.
-
This is the mod_rewrite rules of a typical current wordpress: RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] What this shows, is that Wordpress implements a front controller. I don't know exactly what the issue is, because my example was: user's url -> rewritten to And it appears to me that you presented: rewritten to -> user's url Requinix has tried to steer you towards this, so I'm going back somewhat to the start, and suggesting you add this to the bottom of your rules: RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)/ page.php?slug=$1 [L,QSA]