Jump to content

Psycho

Moderators
  • Posts

    12,157
  • Joined

  • Last visited

  • Days Won

    129

Everything posted by Psycho

  1. It's been at least a decade since I played around with the getid3 library. I'll be honest, I have no idea what ETCO tag data is. But, I have a possible solution. Do you have a file with existing ETCO tags or is there a tag editing application that you can use to set such tags? If you have a file with example tag data that you know what it represents, then instead of using getid3 to set the data, use it to get the data. You can then see what the format of the data is that it expects. I remember doing something similar for some other tag information at the time.
  2. while($cash_on_hand <= 35) Well, that loop is not set up per your instructions. You declared $cash_on_hand twice then in the while condition you hard coded the value (35) instead of using the variable. That loop will run infinitely because $cash_on_hand will always equal 35. You need to calculate $cost on each iteration of the loop and compare that to $cash_on_hand. To be honest, I don't like the instructions given because they require you to define the calculation for $cost at least twice (you should never write code twice - write it once and call it many times). $cash_on_hand = 35; $meal = 25; $tip_percent = 10 $cost = $meal + $meal * ($tip_percent / 100); $cash_on_hand = 35; //Remove this while($cash_on_hand <= 35) { //Fix this to test the condition in the instructions echo "I can afford a tip of $tip_percent%, for Total Cost: $cost <br/>"; $tip_percent++; //Add a recalculation of $cost here }
  3. No way to tell from the code provided as to why you are getting a blank page. That code produces no output. It attempts to set a header value and then redirects to another page. I say "attempts" because I don't see any code where you actually start a session before trying to save a session value. Part of coding is learning to debug. Rather than assuming your code works and redirecting to another page, try outputting to the page for BOTH the success condition and the error conditions. Then, based on those results you can then ad the additional code to redirect or whatever you want. What does the following output? if ($result) { //$_SESSION['messages'][] = 'Thanks for registering. Check your email to confirm your email'; //header('Location: register.php'); //exit; echo "Success saving record with the following values:<br>\n"; echo "usernamebox: '{$data['usernamebox']}'<br>\n"; echo "emailbox: '{$data['emailbox']}'<br>\n"; echo "passwordbox: '{$data['passwordbox']}'<br>\n"; } else { echo "Error attempting to save record with the following values:<br>\n"; echo "usernamebox: '{$data['usernamebox']}'<br>\n"; echo "emailbox: '{$data['emailbox']}'<br>\n"; echo "passwordbox: '{$data['passwordbox']}'<br>\n"; }
  4. I would also highly recommend not referencing database results based on the numeric index and instead referencing results based on an associative array (i.e. named indexes based on the field names). It makes for more readable code and is much, much easier to maintain. The sample code by Barand uses such an implementation.
  5. Not sure if this is the cause of your problem, but your UPDATE query is using the email address in the WHERE calus to determine which record to update AND it is attempting to overwrite the email address. I see no reason why that wouldn't work, but why would you do that? In any event, MySQL has you covered with the INSERT ... ON DUPLICATE KEY UPDATE Statement. Such a statement will attempt to insert a new record But, if the insert would fail because of a duplicate key (e.g. $stdEmail) then the statement will update the current record based on the conditions provided. No need for an initial query to see if the record exists - just run the ONE query. INSERT INTO semakan_dokumen (email, surat_tawaran, ic, sijil_lahir, sijil_spm, sijil_sekolah, sijil_dip, sej_julai, bm_julai, muet, mid1, yuran, umpa_bend1, umpa_bend2, bpkp, penaja, kesihatan, jhepa) VALUES ('$stdEmail', '$fileName', '$fileName1', '$fileName2', '$fileName3', '$fileName4', '$fileName5', '$fileName6', '$fileName7', '$fileName8', '$fileName9', '$fileName10', '$fileName11', '$fileName12', '$fileName13', '$fileName14', '$fileName15', '$fileName16') ON DUPLICATE KEY UPDATE student_id = '$noMatrik' surat_tawaran = VALUES(surat_tawaran), ic = VALUES(ic), sijil_lahir = VALUES(sijil_lahir), sijil_spm = VALUES(sijil_spm), sijil_sekolah = VALUES(sijil_sekolah), sijil_dip = VALUES(sijil_dip), sej_julai = VALUES(sej_julai), bm_julai = VALUES(bm_julai), muet = VALUES(muet), mid1 = VALUES(mid1), yuran = VALUES(yuran), umpa_bend1 = VALUES(umpa_bend1), umpa_bend2 = VALUES(umpa_bend2), bpkp = VALUES(bpkp), penaja = VALUES(penaja), kesihatan = VALUES(kesihatan), jhepa = VALUES(jhepa)
  6. You forgot the next line. The full bit of code you had is if (isset($_POST['submit'])){ //if form submitted $ppp=$_POST['ppp']; //assign value from select box }else{ $ppp=15; //default number of posts-per-page } $_SESSION['ppp']=$ppp; //session index created with new number of posts-per-page If there is no POST submit, then $ppp is set to the default of 15. Then, the last line, is setting the session value to that same default of 15. It NEVER checks to see if there is an existing session value. It will simply overwrite any previous session value. The code needs to work in this manner: Check if the user submitted a new ppp value. If so, set the 'working' value in the script and set the session value If not #1, check if there is a saved session value. If so, set the 'working' value in the script If not #1 or #2, use a default. In the code I provided, I set the default first and let the logic for #1 and #2 overwrite the default. I don't know why the code is not working for you. There is obviously something in the code that you have not provided. But, here are some other comments: Why are you checking for $_POST['submit']? You only need to check for $_POST['ppp'], since that is the value you would be working with As Barand stated, and I alluded to, NEVER trust data from the user. It is a trivial matter to pass a value that is not in a select list for a form field, to add other field value in a form request, remove others, pass values that would have been validated on the client-side, etc. For a select list, I suggest having a defined list (such as an array in a config file) and use that list to a) Create the select list and b) validate that the user passed an approved value. So, put the code to check for a POST ppp value, or a session ppp value or to use a default at the top of the script before you need the ppp value. Not sure why this is a question.
  7. @dunno You start by referring to page1 (the form page) and page2 (the page to shows the posts per page). But, in response to Barand's reply you show the code where the session value is set, but don't explain where that code is run. Is that code on page1, page2, or some other page? If that code is executed on every execution of page2, then it will reset the ppp value to 15 whenever the user doesn't select a new ppp value since you are ALWAYS resetting the session value - even when the user did not submit a change. If that code is on an intermediary page (a third script) - is session_start() initiated on that page? EDIT: I'm going to assume that the code to set the ppp session value based on the user's submission is at the top of the script that displays the posts. In that case, you should change the logic like this: //Set list of APPROVED ppp values (prevents users from submitting arbitrary vaues) $pppValues = array(10, 15, 20, 50, 100); //This array should be in a config file and ALSO used to create the select list options //Set default value of $ppp value $ppp = 15; //Check if user submitted new ppp value (that is in approved list) if (isset($_POST['ppp']) && in_array($_POST['ppp'], $pppValues)) { $ppp = $_POST['ppp']; //Assign value from POST submission $_SESSION['ppp']=$ppp; //Set value in session (only set if user submitted new value) } //If user did not submit new ppp value, check if ppp value already set in session elseif (isset($_SESSION['ppp']) { $ppp = $_SESSION['ppp']; //Assign value from session } //Rest of script can use $ppp to display correct number of posts @Strider64 Not sure what you mean. Session values are a common process of keeping values static between page loads. No need to store the value in a config value.
  8. I'm assuming the issue is within the class "BaseController". Is that where the methods load and library are defined? It would seem to me that the call to 'load' is returning null instead of an object, which causes the error when the 'library' method is called.
  9. So, as I understand it, the user is adding multiple line items for an invoice and THEN you redirect at the end. Why? Here is what I suggest you do. User navigates to a CREATE_INVOICE page On first entry there will be no GET value for the invoice ID, so display whatever initial instructions/content to be displayed to the user. E.g. it could provide a form for vendor name/address, PO number, etc. User submits the form using POST The receiving page identifies that this is a new invoice and add the applicable header records to the DB and generates an invoice ID The receiving page then performs a redirect to the CREATE_INVOICE page with a GET value for the invoice ID The CREATE_INVOICE page detects the invoice ID and displays the current invoice data (including any line items already added), The page also displays a form to add a new line item. The user will have two options. 1) Enter data into the fields for a new line item or 2) Complete the invoice If the user enters a new line item, it sends the form data (using POST) to the processing page which adds the new line item and then performs a redirect using the invoice ID as a GET value. This takes the logic back to step 6 and will repeat indefinitely until the user decides to complete the invoice
  10. 1. Create a function that takes the excel file as an input and performs all the operations you want to do to the excel files 2. Use a process to loop through all the excel files: scandir(), readdir(), . . . ??? 3. Upon each iteration of the loop call the function in step #1 passing the current file as a parameter
  11. Try putting this bit of debugging code in your script right before your if() statement. What does it produce when you run the script? if(!isset($_SESSION)) { echo "Session was not started yet"; } else { echo "Session data:<br>"; echo "<pre>".print_r($_SESSION, true)."</pre>"; }
  12. You really need to analyze the source data to identify the different data and types of issues that can exist in order to determine the appropriate solution. For example, the solution @Barand provided would be acceptable if: 1) The only issues are missing closing tags 2) None of the "data" contains a greater than sign If there are other types of issues or if data can contain the < symbol then a different solution is in order.
  13. To add to @requinix's response, the communication to the database would be between the PHP server and the database server. The client should have no idea about how the connection is made. However, if you have "holes" in your application that allows the users to infiltrate your server-side code, then all bets are off. Unfortunately, the guidance on not creating those holes is an expansive subject. A forum is great for asking abut specific aspects, but for the big picture I would suggest looking for training and/or guides on the subject.
  14. If you are submitting your form to the same page that form is on, it is typically good practice to put the form processing logic at the top of the page. That way if you need to show the results of the new data or show form processing errors you can generate that within the content of the page. I have not run your code, but I notice that the JavaScript that is called from within the action parameter of the form returns false at the end of the script. If you return false within the action parameter of a firm, then the form is never submitted. That may be your problem.
  15. To expand on @Barand's response, how you implement it depends on "how" you want the result to be returned. Are you just wanting a True/False based whether it is a multi-dimensional array, do you want the number of sub-arrays, or what?
  16. Taking a quick look at the source page to be scraped, the page appears to be specifically built to prevent scraping. Specifically, the content (i.e. the winning numbers) is loaded externally and populated on the page dynamically. It doesn't mean it can't be done, but it certainly won't be as trivial as it would seem.
  17. One significant problem with your request is you started out by saying it was a multi-dimensional array when it is , in fact, a flat array. But, your responses have been far from illustrative. Understand that you are very close to the problem and KNOW what is in your head. So, while you think a statement is perfectly obvious, to others it is greek. In any case, if you have an array that you want to "split" into "chunks" of an arbitrary size, PHP has a built-in function to do that: array_chunk() //Input data $outputFile = "output.csv"; $itemsPerLine = 3; $hexCodes = array("ff00ff", "ff00cc", "ff0099", "ff0066", "ff0033", "ff0000", "ff3300", "ff6600", "ff9900", "ffcc00", "ffff00", "ccff00", "99ff00", "66ff00", "33ff00", "00ff00", "00ff33", "00ff66", "00ff99", "00ffcc", "00ffff", "00ccff", "0099ff", "0066ff", "0033ff", "0000ff", "3300ff", "6600ff", "9900ff", "cc00ff", "9900ff", "6600ff", "3300ff", "0000ff", "0033ff", "0066ff", "0099ff", "00ccff", "00ffff", "00ffcc", "00ff99", "00ff66", "00ff33", "00ff00", "33ff00", "66ff00", "99ff00", "ccff00", "ffff00", "ffcc00", "ff9900", "ff6600", "ff3300", "ff0000", "ff0033", "ff0066", "ff0099", "ff00cc", "ff00ff"); //Open file for writing $fileHandle = fopen($outputFile, 'w'); //Split the array into chunks and write each chunk to the file //with a comma separator and a line feed character foreach (array_chunk($hexCodes, $itemsPerLine) as $line) { fwrite($fileHandle, implode(',', $line) . "\n"); } //Close the file fclose($fileHandle); Here is the output ff00ff,ff00cc,ff0099 ff0066,ff0033,ff0000 ff3300,ff6600,ff9900 ffcc00,ffff00,ccff00 99ff00,66ff00,33ff00 00ff00,00ff33,00ff66 00ff99,00ffcc,00ffff 00ccff,0099ff,0066ff 0033ff,0000ff,3300ff 6600ff,9900ff,cc00ff 9900ff,6600ff,3300ff 0000ff,0033ff,0066ff 0099ff,00ccff,00ffff 00ffcc,00ff99,00ff66 00ff33,00ff00,33ff00 66ff00,99ff00,ccff00 ffff00,ffcc00,ff9900 ff6600,ff3300,ff0000 ff0033,ff0066,ff0099 ff00cc,ff00ff EDIT: Or if you want the quote marks and spacing, replace with this line fwrite($fileHandle, '"' . implode('", "', $line) . "\"\n");
  18. 5.5 (i.e. 5:30) * 60 (minutes) * 60 (seconds) = 19800 I assume the 0 represent the first element of the array of timezone within the +5:30 UTC offset - 'Asia/Colombo'. Further, I expect you will ALWAYS get the first timezone corresponding to the UTC offset (as a default) because there is no way that an actual timezone can be specified in the string value you are using. '+05:30' => array ( 0 => 'Asia/Colombo', 1 => 'Asia/Kolkata', ),
  19. Look at the code examples on that page. The examples first create a datetime object with a specific timezone and then use gettimezone to retrieve the timezone that was previously set. A string such as "2021-05-06T13:48:19.2064951+05:30" has only the offset from UTC time - there is no timezone identifier. So, there is no way to programmatically determine the correct timezone out of the ones that share that offset.
  20. No clue. I think this is a JavaScript problem, not a PHP problem. I see the following code with references to "toggle" <a style="text-decoration: none;color: #000;" title="View Details" data-toggle="collapse" data-target="#products-details<?php echo $drow['order_id']; ?>"> <i class="nc-icon nc-minimal-down" onclick="changeToggleIcon(this)"></i> </a> But, those are tags within nothing in them to be displayed to the user. Further the actual javascript functions are not in the above code. If this is indeed a javascript problem, then you shoudl post the HTML that is generated by the PHP code and be sure to include any javascript functions that are called by that code.
  21. Here is my suggestion: Limit the size of the images you will accept Do an initial check on the extension and MIME type of the file and refuse anything that is not what you expect Use getimagesize() to verify it is an image. Resize/recreate the image. This will remove some/most malicious code. Change the name of the image Set the folder(s) where you store the images so files cannot be executed Don't allow direct access to images. E.g. when displaying the images on a page use something like <image src="getimage.php?id=5"> and create the script getimage.php to find the image based on the id (or whatever parameters you define) and pass the image contents back to the browser to be displayed. This way the malicious user won't even know how to access the file he uploaded.
  22. No. There are lossless and lossy image compression formats. Both use different methods of storing the data. A RAW image format is one form of lossless image format that has distinct data for every single pixel along with it's color. That is why they are huge in storage space. A gif and jpg (typically) are lossy formats (substitute some fidelity to create small file sizes) but work very differently. A gif has a color palet that can only hold 256 colors. It then defines each pixel in the gif by those colors. I suspect it does some other calculations such as define the pixel at index 1, 1 then also sets a repeat number. E.g. if the first 20 pixels are all the same color, it only has to define the color of the first pixel and then another value for the repeater. A JPG allows for 16 million colors but it does it's compression using more mathematical processes. For example, it may shift the color of a pixel slightly in order to make the compression more efficient. What that really means is to verify the image before saving/using it. You can only do so much validation of the image before uploading it. Once it is initially uploaded to the $_FILES array, you an run whatever validations, modifications on them and THEN save them however you choose. I think the problem you are running into is that you are reading different bits and pieces of information, but not understanding the info or WHY you should do those things. It is possible to have a legitimate image that contains malicious code. And, depending on how you use the images on your site, you could potentially risk exposing your users. So, while you should be doing things to ensure what the user provided has a legitimate image extension and PHP can tell it is an image file, a best practice is to recreate the image to remove any potentially malicious content in the image. Here is an article that explains how these vulnerabilities exist: https://asdqwedev.medium.com/remote-image-upload-leads-to-rce-inject-malicious-code-to-php-gd-image-90e1e8b2aada
  23. Your table with events has a start and end date. How are you wanting the data displayed in the calendar - only an entry on the start date? Also, can there be multiple events on the same date? The answer to those questions will probably dictate how I would do it. I think the easiest approach would be to query all the events for the given month at the beginning of the function and put them into an array. Then when outputting the TD for any given day, check if there are any events for the day - if so, include them in the output. I thought your code was hard to read/work with, so I modified it quite a bit <?php /*MAKES THE CONNECTION*/ include 'config.php'; $conn = mysqli_connect($servername, $username, $password, $dbname); // CHECK CONNECTION if (!$conn) { die("Connection failed: " . mysqli_connect_error()); } /*DRAWS CALENDAR*/ function draw_calendar($month, $year, $conn) { //Create timestamp for the 1st of the month $firstDayTimestamp = mktime(0,0,0,$month,1,$year); //Offset the starting date number to add empty days before the 1st of month $dayNo = -1 * date('w', $firstDayTimestamp) +1; $daysInMonth = date('t', $firstDayTimestamp); //Get the events for the current month $sql = "SELECT DAY(start_day) as day, id, name, phone, item, start_day, end_day, start_time, end_time FROM $tablename WHERE YEAR(start_day) = $year AND MONTH(start_day) = $month"; $result = $conn->query($sql); //Put results into an array $events = array(); if ($result->num_rows > 0) { // output data of each row while($row = $result->fetch_assoc()) { $events[$row["day"]][] = $row; } } //Start the calendar table $calendar = '<table cellpadding="0" cellspacing="0" class="calendar" border="1">'; //Create the calendar headings $headings = array('Sunday','Monday','Tuesday','Wednesday','Thursday','Friday','Saturday'); $calendar.= "<tr class=\"calendar-row\">\n"; foreach($headings as $heading) { $calendar.= "\t<td class=\"calendar-day-head\">{$heading}</td>\n"; } $calendar.= "</tr>\n\n"; //Create each week in the calendar while($dayNo <= $daysInMonth) { $calendar.= "<tr class=\"calendar-row\">\n"; //Create each date for the week for($dow=0; $dow<7; $dow++) { //Check if the $dayNo is within the selected month if($dayNo<1 or $dayNo>$daysInMonth) { $calendar .= "\t<td class=\"calendar-day-np\"> </td>\n"; } else { //Code to create content for the given day $calendar .= "\t<td class=\"calendar-day\">"; $calendar .= "{$dayNo}"; //Add any events here if(isset($events[$dayNo])) { //Create outpout for each event on the current day foreach($events[$dayNo] as $eventAry) { $calendar .= "<div>{$eventAry['name']}</div>"; } } $calendar .= "</td>\n"; } //Increment the date $dayNo++; } $calendar.= "</tr>\n"; } //Close the calendar table $calendar.= '</table>'; return $calendar; } ?> <html> <body> <?php echo draw_calendar(1, 2021, $conn); ?> </body> </html>
  24. I guess I'm still missing something. A user is on the "backoffice" page and they perform some action where you want to display a set of results in a new page "frontoffice" - is that correct? If the "frontoffice" page is opened from the "backoffice" page, then you can set a target on the "frontoffice" page. Then whenever the page is opened from "backoffice" it will replace the contents in the window that "frontoffice" was loaded in. FYI: You can use javascript in one window/tab to control another window/tab, but there has to be something to identify that other window/tab. It's typically done when the 2nd window is opened from the first. If the two urls are opened independently of each other, I don't know how you can reference one from the other. But, if you are wanting to just refresh the contents, I think the approach I provided above is easier.
  25. Your question is unclear. Are these "pages" both currently open by the same user? I.e. the user clicks a button in one browser window that refreshes the content in another window? Or, is the page with a button something that User A clicks to initiate a refresh in a different page being viewed by User B? Better yet, why don't you explain the problem you are trying to solve that you think that creating such a scenario would solve? It's also important to know if these pages are hosted under the same domain. Do you have control over the content in both pages?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.