NotionCommotion

URLs populate the $_GET supervariable, not the $_POST. Mess around with the following script to see what is going on. <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>get and post</title> </head> <body> <a href="?id=Honda">Honda</a> <a href="?id=Ford&model=Mustang">Ford</a> <a href="?id=123">Another car, and you might want to consider using a PK instead of model</a> <form method="post"> <input type="text" name="my_post"> <input type="submit" value="submit"> </form> <h1>$_GET</h1> <?php echo('<pre>'.print_r($_GET,1).'</pre>'); ?> <h1>$_POST</h1> <?php echo('<pre>'.print_r($_POST,1).'</pre>'); ?> </body> </html>

Thanks Kicken. You saved me a new post! I read (http://www.searchenginejournal.com/when-not-to-use-target_blank-link-attribute/19924/) how when downloading pdf/etc files, the target could improve the ux. Caused issues for some circumstances, so not sure it was good advise and don't plan on following.

I didn't even contemplate those scenarios. Thank you for pointing them out. I haven't yet reviewed your solution in detail, however, the concept makes sense. I will spend some time and post addition questions if needed. On a side note, I see how you assigned "_blank" as the target attribute for the download file link. I've been pondering doing so for a while, and recently updated my code to do so. I, however, experienced some negative results when the links were presented in a JavaScript generated dialog, and reverted to not doing so. The only reason I bring it up is that I will post a more on-target new thread on this subject and hope to get your advise (however, if you have some immediate advice, please don't hesitate to voice it!). Thanks again

Thanks iarp, Went with the session idea. Why do you think a headache for legitimate users? Page is displayed in one window, user opens another page in another window, and then clicks link on first page?

I have an application where the user can upload and download files. To do either, the user needs to be logged on with their username credentials. For downloads, I include a link such as the following, and use PHP to first authenticate and then use either PHP's readfile() or Apache's X-Sendfile to download. <a target="_blank" href="index.php?task=dispDoc&id=516789792">myfile.xlsx</a> Now, I have a certain page where I display the user's deleted documents. The documents are not really deleted, but just have deleted status as stored in the database. For these, I could easily include a link such as the following, and make displayDeletedDoc do what needs to be done. <a target="_blank" href="index.php?task=dispDeletedDoc&id=516789792">myfile.xlsx</a> The problem with approach is I don't want them to be able to be downloaded from anywhere but this single page. Any recommendations?

Yea, learned early 'bot docx and cousin, but msg took me for a loop.

Thanks Requinix, This is getting a bit more complicated than I want it to be. My main purpose for doing this is to ensure that uploaded files have extensions which match the file type so that that I could restrict files based on extension and be assured that I am really restricting that real file. What I will probably do is if the file extension is msg, then manually check it, but if doc, then use finfo.

I had some problems detecting file type for a Microsoft Outlook document, and requinix recommended using doing the MIME magic manually instead of using finfo (reference http://forums.phpfreaks.com/topic/294730-mime-type-for-outlook-msg-file/). Seemed to work fine, but recently found that more than one file type (i.e. an old Microsoft document file) has the same magic constant as an Outlook file. How can I find the correct "magic" strings that represent different file types? <?php function test($file) { $h = fopen($file, 'rb'); $magic = "\xD0\xCF\x11\xE0\xA1\xB1\x1A\xE1\x00"; //How do I determine the correct string for different file types? $bytes = fread($h, strlen($magic)); fclose($h); echo($file.' '.($magic==$bytes?'equal':'not equal').'<br>'); } test('test.msg'); //echos equal test('test.DOC'); //echos equal test('test.doc'); //echos equal test('magic.php'); //echos not equal ?>

Thanks Kicken, Have a good weekend!

Obviously, http://www....com/somedirectory/NoInfoAvailable1.png needs to be an accessible resource. Maybe I misunderstand.

Change if(!isset($error)){ $uploadedFile = $_FILES['file']['tmp_name']; $thumbnail = $_SESSION['user_id'] . '-' . $randomString . "." . $extension; move_uploaded_file($uploadedFile, "upload/" . $thumbnail); }else{ //Make sure NoInfo image has png extension $thumbnail = $_SESSION['user_id'] . '-' . $randomString . ".png"; copy("upload/NoInfoAvailable1.png", "upload/" . $thumbnail); } $_SESSION['thumbnail'] = $thumbnail; $file_location = '<a href="http://www....com/upload/' . $thumbnail . '">' . $thumbnail . '</a>'; to if(!isset($error)){ $uploadedFile = $_FILES['file']['tmp_name']; $thumbnail = $_SESSION['user_id'] . '-' . $randomString . "." . $extension; move_uploaded_file($uploadedFile, "upload/" . $thumbnail); $_SESSION['thumbnail'] = $thumbnail; $file_location = '<a href="http://www....com/upload/' . $thumbnail . '">' . $thumbnail . '</a>'; }else{ //Make sure NoInfo image has png extension $file_location = '<a href="http://www....com/somedirectory/NoInfoAvailable1.png/">missing</a>'; }

It uploads a file. Which parts are you having problems with?

Do you use a different library or have you created your own similar script? Upon your very brief review of this library, do you have any opinions? Ah, I get you. Yea, the URL is rather absurd at about 1,000 characters. One concern about this approach is that every page requires different resources. I suppose I could use /min/common1.php, /min/common2.php, /min/common2.php..., or /min/common.php?pg=1, /min/common.php?pg=2, /min/common.php?pg=3..., but this will require moving the selection of the resources from my template to some other file which is not as intuitive. Furthermore, my pages are not called 1, 2, and 3, but page=users&controller=list, page=shop&controller=detail, etc, however, I suppose I could deal with this.

Not sure I understand. It is my understanding that Minify allows me to use some crazy URI such as the following, and retrieve all of the files as one minified file, and uses a cached version if it was ever accessed by anyone. Correct? My desire is to just add some more dynamically created JS (which will rarely or never change) to the content returned by this URI. I would have expected I could add /lib/getsomeconstants.php?x=123 to the URL, however, this results in a 400 error. How would I know what "include whatever the appropriate URL is for that source in your HTML files." is to include it? <script src="/min/?f=/lib/plugins_3rd/jquery/jquery-1.11.2.js,/lib/plugins_3rd/jquery-ui/jquery-ui-1.11.2.custom/jquery-ui.js,/lib/js/general.js,/lib/components/back/common/js/common.js,/lib/components/back/common/js/help.js,/lib/plugins/printIt/jquery.printIt.js,/lib/plugins_3rd/handlebars-v2.0.0.js,/lib/plugins/ajaxTip/jquery.ajaxTip.js,/lib/components/back/common/js/linkPreview.js,/lib/plugins/toolTip/jquery.toolTip.js,/lib/plugins_3rd/moment.js,/lib/plugins/deleteRecord/jquery.deleteRecord.js,/lib/plugins_3rd/jquery-validation/dist/jquery.validate.js,/lib/plugins_3rd/jquery-validation/dist/additional-methods.js,/lib/js/my-validation-methods.js,/lib/plugins/populateAddress/jquery.populateAddress.js,/lib/components/back/common/js/address_detail.js,/lib/plugins_3rd/jquery.maskedinput-1.3.1.js,/lib/plugins_3rd/fineuploader-3.1/fineuploader-3.1.js,/lib/components/back/common/js/notes.js,/lib/components/back/common/js/private_documents.js,/lib/plugins/sortfixedtable/jquery.sortfixedtable.js,/lib/plugins/addBid/jquery.addBid.js,/lib/components/back/com_projects/js/detail.js" type="text/javascript"></script>

Consider keeping the HTML intact and just using CSS (not positive it is possible, but expect it is).

Make sure you understand the difference between server code (i.e. PHP) and client code (i.e. JavaScript) . Consider just making a link on the page to the next server page. Or if you want to use an include statement, use the path to the file and not a URI.

Classes just define the methods and properties to make an object. They do nothing by themselves. First you need to make an object from the class using something like $myTreeClass=new treeClass(), and then evoke a method using something like $myTreeClass->fillpoolLrg() (unless you are using a constructor, but don't worry about that for now).

The stuff you put in an echo is just a string. Look at http://php.net/manual/en/language.types.string.php.

Playing around with https://code.google.com/p/minify/. I would like to add an PHP generated JavaScript file to it such as /somedirectory/getsomeconstants.php?x=123. How do I do so? The file will rarely change, but sometimes it will. How does minify know whether it needs to pull a new copy instead of using a cached copy? Thank you

$("#dialog-help input.searchHelp").autocomplete({source: ['one','two','three'], minLength: 1,select: function(event, ui){ $(this).val('').blur(); $('#dialog-help div').text(ui.item.value); return false; }});

Why not just used a prepared statement? It will either match a record or will not regardless of data type.

The second $msisdn isn't defined. Even if it were, this looks a bit odd. $msisdn = !empty($msisdn1 . " " .$msisdn2 . " " . $msisdn3) ? "'$msisdn'" : NULL; The number of values you are binding doesn't match the number of placeholders.

You only want to use placeholders for the values, not SQL commands. Try the following: require($_SERVER["DOCUMENT_ROOT"] . "/connect.php"); $pos_x = 25; $id = "1"; $sql = "UPDATE movement SET pos_x=pos_x+? WHERE id=?"; $statement = $dbh->prepare($sql); $statement->execute(array($pos_x,$id));

Ah, that makes sense now. So, it appears that finfo is not always accurate. Odd that an Outlook msg file would be in that list. How did you come up with "\xD0\xCF\x11\xE0\xA1\xB1\x1A\xE1\x00" as the magic string? Guess if there were several file types that finfo doesn't get right (this is the first I found, however), I could check each of them before using finfo easily enough. Also, did you have a chance to use finfo on a Outlook msg file? Wondering if is just my distribution/library.

Thanks Requinix, Don't know if I understand the purpose. When using your script on the file in question, $bytes==$magic, so I shouldn't use finfo? But finfo provides the same results (i.e. application/CDFV2-corrupt). My question is what is a application/CDFV2-corrupt mime in the first place? It shouldn't be as far as I know. On a side note, what does the following script do? $bytes = fread($h, strlen("\xD0\xCF\x11\xE0\xA1\xB1\x1A\xE1\x00"));