Pezzoni

The actual output is designed to be either output by caching it to a executable PHP file, or calling eval() on the variable, so given that it appears that this is actually the browsers doing, and the actual PHP is present in the source, things are good again Thanks for the help.

Hi, I'm currently in the process of writing myself a PHP Framework, a part of which is a template engine. The exact details aren't important, but one of the things I need to be able to do is to have variables which contain PHP - specifically the opening and closing <?php ?> tags. At the moment, if I have a variable containing these, then the whole section encapsulated by them does not appear - adding a backslash to break the tags (i.e. changing to <\?php ?>) fixes the problem, but is obviously no good for me. As an example, this does not work: <?php error_reporting(E_ALL); $test = 'Hey {$user}, how are {$things[$and]}?'; echo 'Before:<br />'; echo $test; echo '<br /><br />'; $test = preg_replace('/\{\$([A-Za-z0-9]+|[A-Za-z0-9]+\[\'[A-Za-z0-9]+\'\]|[A-Za-z0-9]+\[\$[A-Za-z0-9]+\])\}/', '<?php echo $$1; ?>', $test); echo 'After:<br />'; print_r($test); ?> Wheras this does: <?php error_reporting(E_ALL); $test = 'Hey {$user}, how are {$things[$and]}?'; echo 'Before:<br />'; echo $test; echo '<br /><br />'; $test = preg_replace('/\{\$([A-Za-z0-9]+|[A-Za-z0-9]+\[\'[A-Za-z0-9]+\'\]|[A-Za-z0-9]+\[\$[A-Za-z0-9]+\])\}/', '<\?php echo $$1; ?>', $test); echo 'After:<br />'; print_r($test); ?> I know the regex isn't quite a perfect description of the PHP variable grammar, but it's good enough for now. Thanks for any help,

On further investigation, I've discovered a MySQL database on the network containing the details I need, so I don't actually need to use the LDAP stuff. Thanks anyway.

Hi, I'm working on an script to get the details of users from their 'mailNickname', and I can't get it to function correctly. Looking up someone on their 'sn' works fine, and if I go into my exchange mailbox, I can look someone up using their 'alias' (which is, I think, equivilent to mailNickname) with no problems. The code I have: echo 'Connecting: <br />'; $ds=ldap_connect("ldaphost.whereever.uk"); echo "Connect result is $ds <br />"; $r = ldap_bind($ds); echo "Bind result is $r <br />"; $sr = ldap_search($ds, "o=Whatever, c=GB", "mailNickname=blah"); echo "Search result is " . $sr . "<br />"; echo "Number of entires returned is " . ldap_count_entries($ds, $sr) . "<br />"; echo "Getting entries...<p>"; $info = ldap_get_entries($ds, $sr); echo "Data for " . $info["count"] . " items returned:<p>"; echo '<pre>'; print_r($info); echo '</pre>'; echo "Closing connection"; ldap_close($ds); Am I searching on the wrong attribute, or doing something else totally wrong? Thanks,

Not quite a logic error, but a bit of copy&paste related stupidity on my behalf. I had a mysql_fetch_array() on it's own, in addition to the one I used to build an index of the results. Which shouldn't have been there. Thanks for the help, and sorry for the dumb-ass mistake... There goes another 3 hours of my life! :D

Like the title says. For example, if I have n rows in a database, then run 'SELECT *' on it, then n-1 rows are always returned (the newest one is left off). This is happening at the most basic level of the result returned by mysql_query, so I really have no idea what is wrong. Does anyone have any suggestions? Thanks, Dan

Would it not be simpler to just set a variable for each page? So for example, at the top of index.php, you have a line saying: [code]$page = 'index';[/code] And at the top of product .php, you have a line that says: [code]$page = 'product';[/code] You could do it in the way you are suggesting, but it would be needlessly complex.

Fixed this one with: [code]         $pieces = preg_split('/(\{loop \$.+ as \$.+\}(?s:.+?)\{endloop\})/', $this->template_file, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE);[/code]

Any ideas? Thanks.

Try: [code]<table width="100%" height="116" border="0" id="head">     <tr> <tr class="mTr"><td><p> </p>     <p>Web site</p></td><td>       <textarea rows="10" name="S1" cols="20"><? echo $profile->web; ?></textarea></td></tr>         </tr> </table>[/code] Also don't forget to do the normal processing you would do on the data for display (stripslashes etc), or things might start getting strange.

I have the following preg_split command at the moment: [code]preg_split('/(\{loop \$.+ as \$.+\}.+?\{endloop\})/', $this->template_file, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE);[/code] Now this works great, so long as the text to be matched is all on the same line. For example: [code]{loop $waa as $wai}{$wai[one]}{$wai[two]}{endloop}[/code] All works fine. However, unfortunately, if the contained statements are split onto different lines, the preg_split statement stops working properly, so this will not work for example: [code]{loop $waa as $wai}     {$wai[one]}     {$wai[two]} {endloop}[/code] All of which is a little annoying! Any help would be gratefully recieved! Thanks.

Seems like it definately is the source of the problem: [a href=\"http://www.htmlhelp.com/tools/validator/problems.html#amp\" target=\"_blank\"]http://www.htmlhelp.com/tools/validator/problems.html#amp[/a]

Anyone got any ideas on this one? Thanks again. Dan

WYSIWYG - Maybe - it seems a little excessive for a forum system (the idea is to communicate content primerially, with the layout of that for individual posts seeming a little insignificant). URL Rewriting - As in modifiying the URL for SEO purposes? It's a possibility, although from what I've read, if redundant data is stripped from URL's from search engines, it doesn't really offer much in the way of SEO benefits. PNG - As far as I know, IE6 is the only vaugely modern browser that doesn't support it properly, and when I started, I was in a 'sod IE' phase. If the project continues to move on, I imagine that a backwards leap to GIF/JPEG is inevitable to ensure proper transparancy compatibility. As for standards, it seems to be largely the use of actual & (and maybe = ?) signs which is causing problems - only one error is caused by somthing else! Definately somthing which needs sorting.

I agree that the templates need a fair bit of work (they don't look as they should outside of Firefox for example), and the majority of what you said was sensible - It is also a problem I hope to alleviate in the future by getting dedicated people to work on the design, it was somthing that felt a bit rushed throughout, with it being knocked together to fit around the functionality, rather than the other way round. One thing that really does need addressing in the codebase is the use of & insted of &amp; in URL's - which is responsible for the vast majority of validation errors. Thankyou - your comments have been taken upon board and will be acted upon in the future :)

As a side note, this is something which I seriously want to continue the development of. However, this is something which I’m not going to be also to achieve on my own: If the project is to go anywhere significant, then it is going to have to be developed with a team of people. As such, I’m looking for people with any of the following skills: PHP and JavaScript Coders If you are interested in developing the PHP side of things, then you need to be a competent coder, comfortable with OOP programming, MySQL (any additional database types would be a bonus), and be willing to adapt to a specific coding style, and contribute as part of a team. People who are competent with JavaScript are also needed – especially those who can combine their knowledge with PHP in an AJAX related situations. Designers Someone with good HTML and CSS skills is required, who is able to create inventive, good looking, standards compliant, easy to use designs – It is very likely that we will be looking to move in a direction in which tables are likely to be unwanted for the majority of situations. Graphics People who are able to create images in a similar style to those already displayed to compliment a design. This role could also be combined with the above. For all the roles, it is important that you are able to work in a team and get on with other people, as well as being able to work independently if this is necessary. You should have the time to be able to work on the project to a reasonable degree, although it will certainly be something which can be carried out in your ‘spare time’; if you can contribute maybe 5 hours a week (or more) of decent coding time, then that would probably be enough. Some experience with Linux and more specifically CVS would be helpful, although is definitely not requisite. If you’re interested, or want more details, then feel free to contact me via by Private Message on the forums. Thanks! Dan [b][i]edit: removed email from post[/i][/b]

I finally completed the front end to this over the weekend (admin pannel still needs work), and I'm now attempting to perform a degree of public testing on it (which has thrown up some things I'd never even noticed!) Just as a note, it is best viewed in Firefox - I've yet to spend time getting it working compeltely as it should be in IE or Opera. I would be interested to see what the people here thought of it - Thanks! Edit: Forgot the link! It lives here: [a href=\"http://www.generation-designs.co.uk/osf/index.php\" target=\"_blank\"]http://www.generation-designs.co.uk/osf/index.php[/a] Thanks for your time, Dan

I've written a script for users to upload images to use as avatars as part of a project I'm working on. This works absolutely fine on my testing server, but on my live one, it doesn't - allowing users to upload any file type of any size, which is obviously not a good thing. Can anyone see anything wrong with the below? [code]    if (isset($_FILES['avatar_img']['name']) && !empty($_FILES['avatar_img']['name'])){         $filename = $_FILES['avatar_img']['name'];     } else {         header("Location: profile.php?action=avatar&error=1&$session");     }     //Turn the filename into an array, and check the file is a JPEG     $file_peices = explode(".", $filename);     $size = sizeof($file_peices);     if(($file_peices[$size -1] != 'jpg') && ($file_peices[$size -1] != 'jpeg') && ($file_peices[$size -1] != 'gif') && ($file_peices[$size -1] != 'png')){         header("Location: profile.php?action=avatar&error=2&$session");     }     //If the file is too big, stop script execution.     if($_FILES['avatar_img']['size'] > $config['av_max_size']) {         header("Location: profile.php?action=avatar&error=3&$session");     }     //Check physical image dimensions     $img_size = getimagesize($_FILES['avatar_img']['tmp_name']);     if(($img_size[0] > $config['av_max_dimensions']) || ($img_size[1] > $config['av_max_dimensions'])){         header("Location: profile.php?action=avatar&error=4&$session");     }     $filename_store = md5($filename).'.'.$file_peices[$size -1];     while(file_exists('images/avatars/'.$filename_store)){         $filename_store = md5(uniqid(rand(), true)).'.'.$file_peices[$size -1];     }     if(move_uploaded_file($_FILES['avatar_img']['tmp_name'], 'images/avatars/'.$filename_store)){         $sql = 'UPDATE '.USERS_TABLE.'                     SET user_avatar = "'.$filename_store.'"                     WHERE user_id = '.$auth->userdata['user_id'];         $db->db_action($sql);         header("Location: profile.php?action=avatar&$session");     }     else{         header("Location: profile.php?action=avatar&error=4&$session");     }[/code]

I'm not using MySQLi unfortunately, so it looks like I may have to stick with the loop. Fortunately it's not a frequently accessed part of the project. Thanks.

With code tags, do you not need to think about not parsing BBCode contained within them, as well?

Validatation. Any bit of data which a user could potentially fiddle with (don't forget hidden form fields etc as well, just because they can't be seen, it doesn't mean they can't be played with), so essentially and GET or POST data should be heavily validated. If it should just be an integer, then validate it as such. Kill the script if anything else gets in there. If the input is text, then addslashes, strip HTML... Whatver. Just make sure nothing can be entered that you don't want in there!

I've just written a PHP/MySQL script which updates various (and potentially numerous) database rows. The only way I can think of doing this is through a looping query, but as we all know, this is a Bad Thing™, so I'd like an alternate way to work this, preferably with a minimum number of queries! Unfortunately, I'm a bit stuck as to how to do this. The script as it is: [code]    $sql = 'SELECT '.PROFILE_FIELDS_TABLE.'.profile_id, '.PROFILE_FIELDS_TABLE.'.profile_name, '.PROFILE_FIELDS_TABLE.'.profile_description             FROM '.PROFILE_FIELDS_TABLE.'';     $fields = $db->db_query($sql);     $profile_fields_user = array();     foreach ($fields as $field){         if(!empty($_POST[$field['profile_id']])){             $field['value'] = $_POST[$field['profile_id']];         }         else {             $field['value'] = '';         }         $sql2 = 'UPDATE '.USER_PROFILE_FIELDS_TABLE.'                 SET profile_value = "'.$field['value'].'"                 WHERE user_id = "'.$auth->userdata['user_id'].'" AND profile_id = "'.$field['profile_id'].'"';         $db->db_action($sql2);     }     [/code] Thanks. Dan