mattspriggs28

Managed to sort it. It was a case of simply swapping the message and attachment code blocks around, and all works fine!

I tend to use single quotes, especially if I'm storing any html code in a variable as it means I don't have to escape every double quote. I'm not aware that one is any more secure than the other though, maybe someone else has an insight into this.

Hi, I have a script that generates a password protected zip file, attaches to an email and sends. The email is sent successfully and received. However, the zip file is not attached. The weird thing is that the size of the email implies that there is an attachment. I've tried in a few different mail clients to see if it was my own that was blocking the zip attachment, but the others are exactly the same. I've also tried generating the zip file without a password and attaching, but again with no luck. Just to further explain, the file needs to be stored within a password protected zip as it will contain confidential information. Here's my code: // a random hash will be necessary to send mixed content $separator = md5(time()); // carriage return type (we use a PHP end of line constant) $eol = PHP_EOL; $subject = $myForm['surveyType'] . ' : ' . REFERRAL_SUBJ; // generate the zip file and attach $password = REFERRAL_PWD; $outfile = 'referral.zip'; // create file with body inside it $refFile = time().".html"; $fh = fopen($refFile, 'w') or die("can't open file"); $refData = $smarty->fetch(REFERRAL_BODY_TPL); fwrite($fh, $refData); fclose($fh); system("zip -P $password $outfile $refFile"); // Read ZIP file into string $zipDoc = file_get_contents($outfile); $attachment = chunk_split(base64_encode($zipDoc)); // main header (multipart mandatory) $headers = "From: " . REFERRAL_MAIL_FROM . $eol; $headers .= "Reply-To: " . REFERRAL_MAIL_REPLY . $eol; $headers .= "MIME-Version: 1.0" . $eol; $headers .= "Content-Type: multipart/mixed; boundary=\"" . $separator . "\"" . $eol . $eol; $headers .= "Content-Transfer-Encoding: 7bit" . $eol; $headers .= "This is a MIME encoded message." . $eol . $eol; // message $headers .= "--" . $separator . $eol; $headers .= "Content-Type: text/html; charset=\"iso-8859-1\"" . $eol; $headers .= "Content-Transfer-Encoding: 8bit" . $eol . $eol; $headers .= $body . $eol . $eol; $headers .= "--" . $separator . "--" . $eol . $eol; // attachment $headers .= "--" . $separator . $eol; $headers .= "Content-Type: application/zip; name=\"" . $outfile . "\"" . $eol; $headers .= "Content-Transfer-Encoding: base64" . $eol; $headers .= "Content-Disposition: attachment; filename=\"" . $outfile . "\"" . '\r\n\r\n'; $headers .= $attachment . '\r\n\r\n'; $headers .= "--" . $separator . "--"; // send message $res = mail(REFERRAL_EMAIL_ADDRESS, $subject, "", $headers); unlink('referral.zip'); unlink($refFile); Any help is much appreciated.

Hi, I'm working on a project that requires some interaction from some input devices for processing orders coming through a warehouse. I've done some research into Barcode Scanners and it appears quite clear that you can purchase USB compatible barcode scanners, so this appears pretty straight forward for getting it to interact with a web-based PHP application. The other input device that needs consideration is weighing machines for weighing products as they are processed. In the same way as the barcode scanner, when something is weighed the value needs to be fed to the web application. Does anyone have any experience of this? And are there weighing machines that are USB plug and play compatible in the same way as a barcode scanner? I've done some research but the information is not very forthcoming. Thanks for your help.

Hi all, I have an array of data. I am looping through this data to generate a CSV file. However, if there are commas in any of the elements then this will throw out the structure of the CSV file. My question is, how do I loop through the array before I use it to strip out any commas and replace with a space? Thanks for your help.

<rss version="2.0" xmlns:g="http://base.google.com/ns/1.0">

Hi, Im extracting my product data from the database to store in an XML file for the Google Product Listings. The problem I'm having is that there are a number of incompatible characters in some of the data that is causing the XML file, once generated to be invalid. There are a huge number of products in the database (60,000+) so it would take an age to go through each product and remove any rogue characters, so I am using preg_replace. I've managed to find the rogue characters that occur in the data and used the preg_replace function to strip out these characters. Below is a code sample: $narrLong = strip_tags(nl2br($productArr['narrLong'])); $narrLong = htmlentities(html_entity_decode(preg_replace("/\t/"," ",$narrLong)),ENT_QUOTES,UTF-; $narrLong = preg_replace("/£/","�",$narrLong); $narrLong = preg_replace("/Â/","",$narrLong); $narrLong = preg_replace("/ /"," ",$narrLong); $narrLong = html_entity_decode($narrLong); $narrLong = preg_replace("/ & /"," & ",$narrLong); $narrLong = preg_replace("/(\w)&(\w)/","$1&$2",$narrLong); $narrLong = preg_replace("/\"/",""",$narrLong); $narrLong = preg_replace("/'|`/","'",$narrLong); $narrLong = preg_replace("/</","<",$narrLong); $narrLong = preg_replace("/>/",">",$narrLong); $narrLong = preg_replace("/“/","'",$narrLong); $narrLong = preg_replace("/”/","'",$narrLong); $narrLong = preg_replace("/’/","'",$narrLong); $narrLong = preg_replace("/½/"," 1/2",$narrLong); $narrLong = preg_replace("/®/","",$narrLong); $narrLong = preg_replace("/£/","",$narrLong); $narrLong = preg_replace("/µ/", "u",$narrLong); $narrLong = preg_replace("/é/", "e",$narrLong); $narrLong = preg_replace("/è/", "e",$narrLong); $narrLong = preg_replace("/’/", "'",$narrLong); $narrLong = preg_replace("/…/", "...",$narrLong); $narrLong = preg_replace("/°/", "",$narrLong); $narrLong = preg_replace("/™/", "",$narrLong); $narrLong = preg_replace("/—/", "-",$narrLong); $narrLong = preg_replace("/Ã/", "",$narrLong); $narrLong = preg_replace("/ƒ/", "",$narrLong); $narrLong = preg_replace("/¨/", "",$narrLong); $narrLong = preg_replace("/©/","",$narrLong); $narrLong = preg_replace("/¤/", "",$narrLong); $narrLong = str_replace("·", "",$narrLong); $narrLong = preg_replace("/‰/", "",$narrLong); $narrLong = preg_replace("/¹/", "",$narrLong); I then plug my xml open and close tags onto either end etc... However, once the xml file is generated and saved, none of the characters that I've asked to replace have not been replaced and remain in the XML file. Is there something I'm doing wrong? Are some of the characters not being recognised in my script in the first place? Thanks for your help.

I may be able to help you. I recently built a website that needed to display in Russian and therefore required UTF-8 encoding. What I did was opened up in Notepad++ the various scripts that weren't displaying the characters correctly and encoded them as UTF-8 WITHOUT BOM. I'm not sure whether this would work for you but worked a treat for me.

I have converted xml into an array with no problems, however I'm having difficulty outputting the various attributes. Here is a sample: [0] => Array ( [@attributes] => Array ( [YourId] => 1082-1 [Name] => Woodwards Metals [Description] => ) ) The bit that is confusing me is the @attributes part. How would I output the 'Name' element for example?

Hi, I have the following regular expression check to check for a valid URL: preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $_prodLink) This works great, except when a URL contains rounded brackets. Does anyone know how I can amend the above to allow the rounded brackets ( ) in the URL?

Sorry if this is posted in the wrong forum. I'm looking to build a pre-pay based e-commerce website, where users can add money to their 'account' using PayPal or something similar. When they then purchase something on the website, this deducts an amount from their pre-paid account. There are reasons for doing it this way which I will not go in to, but has anyone had any experience with anything similar, and if so, are there any security/ functionality issues to consider or did you encounter anything unexpected that is different from regular e-commerce?

Not quite, I have the strpos of the string 'http://www.mysite.com/images/' which may be 42, so I want to start from strpos() + length (which in the example URL I guess would be 71) of my substring up to when the next double quote appears to get the remainder of the image URL. So basically I want to get from strpos 71 up to (but not including) the next occurence of a double quote to give me the remainder of the URL.

Hi, I have an html page with multiple image tags inside it. I'm wanting to get the full URL of a specific image within that file. The specific image I'm looking for must start with 'http://www.mysite.com/images/' in the src part of the tag to make sure I'm getting the correct image. To find the occurence, I'm using strpos() to find the character position of the string match. What I then need to do is complete the rest of the URL to get the image name and then output this. So basically I need to get the string that comes after 'http://www.mysite.com/images/' and end when the speech mark occurs to close the src part of the image tag. This will then give me the full URL of my image. How do I do this? Or is there a better way to do this? Thanks.

OK, so I've now worked out how to extract the HTML from an external website. Now what I want to do is find a specific string or part of the URL in the page: 1. I want to find a string in the code that contains 'http://www.mysite.com/products/images/' 2. My code has found <img src="http://www.mysite.com/products/images/123.jpg" alt=""> So now what I want to do is grab the whole URL of the image, so everything after 'src="' and before '" alt="">'. Can someone please advise the easiest way to do this? Thanks.

That was going to be my next question, but I guess I could look for a specific string pattern in the img src to ensure I'm grabbing the correct image?

I'm wanting to extract an image from an external website and save to a location on my web server automatically. The scenario: 1. A user has an order form on our website with a field to paste the URL of a website in; 2. The user visits an external website page, which includes an image; 3. The user copies the URL out of the address bar, goes back to our website and pastes the link into the order form; 4. The user clicks next, and this extracts the image from the external website and uploads it to our website so the image can be seen alongside the order. My questions are: a. Can this be done? b. If it can't physically download the image and copy to my web server, can I read the html source of the external website and grab the full URL to use to show the image on my website? Thanks for your help.

Hi, I am creating a date string using the following: $curDate = date("Y-m-d H:i:s"); However, what I want to do is take one hour off this so that $curDate now becomes the current date and time minus one hour. Thanks for your help.

I've sorted it. It was one of those errors that takes ages to find and when you find it you realise it was so simple. I was populating the value of each drop down element with the id of the database record. The only problem was that I wasn't selecting the id field in my query so it wasn't recognising a value. Thanks for your help anyway.

Hi, I've created a couple of dropdown boxes. The user selects their option from the first box and this activates an ajax call to populate the second box. If the form doesn't validate and the page and form is reloaded, it remembers my selections. However, it doesn't recognise that I have made a selection and the post data for that drop down is empty, which leads me to be believe that the page is not posting the data from the ajax generated drop down list. I've checked my code and this is sound. Any help is much appreciated. Here's the html: <select name="hotel_name_1" onchange="getLocations('1', this.value)"> <option>Select Hotel</option> <!--LIST OF OPTIONS--> </select> <span id="locations1"> <select name="hotel_selection_1"> <option></option> </select> </span> And here's the javascript: <script type="text/javascript"> function getXMLHTTP() { //fuction to return the xml http object var xmlhttp=false; try{ xmlhttp=new XMLHttpRequest(); } catch(e) { try{ xmlhttp= new ActiveXObject("Microsoft.XMLHTTP"); } catch(e){ try{ xmlhttp = new ActiveXObject("Msxml2.XMLHTTP"); } catch(e1){ xmlhttp=false; } } } return xmlhttp; } function getLocations(selectid, hotelId) { var strURL="_getLocations.php?id="+hotelId+"&section="+selectid; var req = getXMLHTTP(); if (req) { req.onreadystatechange = function() { if (req.readyState == 4) { // only if "OK" if (req.status == 200) { document.getElementById('locations'+selectid).innerHTML=req.responseText; } else { alert("There was a problem while using XMLHTTP:\n" + req.statusText); } } } req.open("GET", strURL, true); req.send(null); } } </script>

I had a feeling it may have been something to do with the version I'm using. And yes, it's version 4. Is there a workaround for this within version 4?

I have the following code: class paypal_class { private $ipn_status; // holds the last status public $admin_mail; // receive the ipn status report pre transaction public $paypal_mail; // paypal account, if set, class need to verify receiver public $txn_id; // array: if the txn_id array existed, class need to verified the txn_id duplicate public $ipn_log; // bool: log IPN results to text file? private $ipn_response; // holds the IPN response from paypal public $ipn_data = array(); // array contains the POST values for IPN private $fields = array(); // array holds the fields to submit to paypal private $ipn_debug; // ipn_debug // initialization constructor. Called when class is created. function __construct() { etc... Howerver, I'm getting the error Parse error: syntax error, unexpected T_STRING, expecting T_OLD_FUNCTION or T_FUNCTION or T_VAR or '}' on Line 3 Any ideas as to why this may be? It's a Paypal IPN script that I downloaded and looking at the responses it received seemed to work fine for everyone else. Thanks for your help.

That was going to be my next question regarding downloading problems, but what you say seems to get around that. Thanks for your help.

One thing you could do is to use mysql_real_escape_string in your database queries to prevent any injection attacks. For example, instead of: $qry = "Select * from table where id = " . $id . " and status = '" . $status . "'"; $res = mysql_query($qry); You could use: $qry = sprintf("Select * from table where id = %s and status = '%s'", mysql_real_escape_string($id), mysql_real_escape_string($status)); $res = mysql_query($qry); This will strip out any special characters that may be used to try an injection attack such as apostrophe, minus etc.

Hi, I'm building an e-commerce site that is product downloads only. I'm trying to get my head around the best way to approach this from a process point of view. The site will be using PayPal. This is how I would envisage it: 1. User adds product to basket. This is then stored in a database table and a random code is generated and stored along with it. 2. The user pays via PayPal 3. IPN then sends message back to the basket to say that the customer has paid, and sends an email with links to the documents, using the randomly generated codes as security and to monitor the status of the download. (i.e. whether it has been downloaded or not) 4. The customer then downloads the document and the status of the download is set to 'COMPLETE' to prevent them using the link again. Is this the best way to apprach this or does anyone else have any other suggestions? Thanks

I've read somewhere as well that you can call a PHP script within an <img> tag to record statistics. Can it be done this way?