-
Posts
960 -
Joined
-
Last visited
Everything posted by Destramic
-
You need to check $_GET['id'] exists...also your code is vulnerable to Cross-Site Request Forgery Atacks (CSRF) and SQL Injection I'd suggest to use PHP PDO instead of the mysqli extension.
-
PHP help mysqli_query ()expects at least 2 parameters, 1 given
Destramic replied to akhilkumar332's topic in PHP Coding Help
try what jacques1 said -
PHP help mysqli_query ()expects at least 2 parameters, 1 given
Destramic replied to akhilkumar332's topic in PHP Coding Help
what i also i should of mentioned is that you need to escape all user data using mysqli_escape_string() failure to do so can result in SQL injection $username = mysql_escape_string($_POST['username']); this wouldn't be a problem if you used PDO and prepared queries. -
PHP help mysqli_query ()expects at least 2 parameters, 1 given
Destramic replied to akhilkumar332's topic in PHP Coding Help
seriously?...i just gave you the documentation referring to mysqli_query as well as the code for your first mysql insert $data = mysqli_query ($query)or die(mysqli_error()); should be $data = mysqli_query($con, $query) or die(mysqli_error($con)); i'm more than sure you can work out the other...if not, give up but i would suggest to use PDO http://php.net/manual/en/book.pdo.php -
PHP help mysqli_query ()expects at least 2 parameters, 1 given
Destramic replied to akhilkumar332's topic in PHP Coding Help
mysqli_query($con, $query); as seen here http://php.net/manual/en/mysqli.query.php -
hey guys i wish to make a simple form for users/guest to share my wesbite to friends etc. i'm mostly concerned that this will allow people to spam address from my site...should i be concerned?...if so what is the best approach please? i was thinking about collecting the shared email's to a db? ensuring only 1 ever gets sent...is this enough thank you
-
please use the code tags so it makes things easier for people to read. i can see an error here: if (isset($_REQUEST ["flavour"]) ) { //<input name = "flavor" type = "text"> which should be if (isset($_REQUEST["flavour"])) { //<input name = "flavour" type = "text"> why don't you try something like this? <html> <head> <title> using one page to accept and process data. </title> </head> <body> <h1> using one page to accept and process data. </h1> <?php if ($_SERVER['REQUEST_METHOD'] === 'POST') { print_r($_POST); } else { ?> <form method="post"> what is your favourite ice cream flavor? <input name = "flavor" type = "text"> <br> <br> what is your name? <input type = "text" name = "name" > <br> <br> <input type = submit value = submit > </form> <?php } ?> </body> </html>
-
opencart checkout, select store branch and pick-up date
Destramic replied to Yohanne's topic in Applications
what errors have you got?...also if your storing in the database you want to be using DATE field type -
sorry i after a second glance i saw this...sorry! (no0b) embarrassing
-
my age is displaying as 29 although i'm 30...not complaining but something isn't right. also my dob is correct on my profile thank you
-
the script isn't fully functional but something like this...i guess you have a list of news or whatever it is your listing form the database, which you want to be able to delete but also keep the list in view with successful/error messages. jquery $(document).ready(function(){ $('span[data-delete-news-id]').click(function(event) { var data = { id: $(this).data('delete-news-id') csfr: 'token here' }; $.ajax({ url: 'http://domain/delete', type: 'POST', data: data, dataType: 'text', success: function(result) { //check result and remove for list }, error: function(jqXHR, satus, error){ console.log(status, error); } }); }); }); html news article - php is the best - <span data-delete-news-id="5">delete</span> no need for a form or to reload page...hope this helps...also you going to want to look at stopping cross site forgery attacks hence the csfr: 'token here' parameter
-
There is probably a much easier way but why don't you check the phone make is apple and image is portrait then just rotate? Wouldn't be a bad solution if the script is only for your personal use...although would be nice to make the script universal
-
i'd check the orginal image orientation before uploading...as i can't see anything obvious that would rotate the image before saving the image may have embedded image rotation infomation set by your phone. check for orientation key print_r(exif_read_data($filename)); i come across this function also which may help. function image_fix_orientation(&$image, $filename) { $exif = exif_read_data($filename); if (!empty($exif['Orientation'])) { switch ($exif['Orientation']) { case 3: $image = imagerotate($image, 180, 0); break; case 6: $image = imagerotate($image, -90, 0); break; case 8: $image = imagerotate($image, 90, 0); break; } } }
-
Module name changing causes broken link in phreebook
Destramic replied to dishadcruze's topic in Applications
Check $_GET['xmax'] value as i would say it's empty -
Quotes driving me nuts even after reading manual.
Destramic replied to Jwest100's topic in PHP Coding Help
also what i forgot to mention is that if your using user inputted data ie. $_POST then you need to escape it using $_POST['email'] = htmlspecialchars($_POST['email'], ENT_QUOTES, 'UTF-8'); your code is vulnerable to cross site scripting attacks (XXS) -
Quotes driving me nuts even after reading manual.
Destramic replied to Jwest100's topic in PHP Coding Help
you should be able to read this better...also using the echo where it is, is incorrect. $form_output = '<p><label for="email">Notification email (IMPORTANT!) <span>*</span><br><input type="text" name="email" value="' . $_POST["email"] . '"></label></p>'; this should do the trick -
i had a brain storm last night and sent the email via phpmailer and viewed what was actually being sent to the server...this format works perfectly now for alternative mail with embedded images. Content-Type: multipart/alternative; boundary="fae15ab6820aee7cab838cf3b8f5ef37" Content-Transfer-Encoding: 8bit This is a multi-part message in MIME format. --fae15ab6820aee7cab838cf3b8f5ef37 Content-Type: text/plain; charset="utf-8" plain email here --fae15ab6820aee7cab838cf3b8f5ef37 Content-Type: multipart/related; boundary="aaf2651d4917027cd4c6a335082910a5" --aaf2651d4917027cd4c6a335082910a5 Content-Type: text/html; charset="utf-8" Sever: <span>here is our logo</span> <img src="cid:logo.png@domain.co.uk" width=" 192" height="50" title="Logo" alt="Logo"> --aaf2651d4917027cd4c6a335082910a5 Content-Type: image/png; name="logo8.png" Content-Transfer-Encoding: base64 Content-ID: <logo.png@domain.co.uk> Content-Disposition: inline; name="logo8.png" iVBORw0KGgoAAAANSUhEU.........b0vX7fAAAAAElFTkSuQmCC --aaf2651d4917027cd4c6a335082910a5-- --fae15ab6820aee7cab838cf3b8f5ef37-- i hope this can help other people out...thank you
-
i tried what you said kicken and still have no joy...i also tried cid:logo@mydomain.co.uk here is my altered code [7] => SUBJECT: test email [8] => FROM: mydomain.co.uk<****> [9] => TO: ***** [10] => MIME-Version: 1.0 [11] => Organization: mydomain.co.uk [12] => X-Priority: 3 [13] => X-Mailer: PHP7.0.10 [14] => Message-ID: <6af3b38673bc078a1bf662e27843477b@mydomain.co.uk> [15] => Date: Wed, 04 Jan 2017 17:39:27 +0000 [16] => Return-Path: ****@mydomain.co.uk [17] => Content-Type: multipart/related; boundary="f81c1c99aa6cb085a26b84813c0a2fd6" [18] => This is a multi-part message in MIME format. [19] => --f81c1c99aa6cb085a26b84813c0a2fd6 [20] => Content-Type: multipart/alternative; boundary="1f04e7b81c18373984b26f1e64f9b83e" [21] => --1f04e7b81c18373984b26f1e64f9b83e [22] => Content-Type: text/plain; charset="utf-8" [23] => Content-Transfer-Encoding: quoted-printable [24] => Content-Transfer-Encoding: 7bit [25] => plain email here [26] => --1f04e7b81c18373984b26f1e64f9b83e [27] => Content-Type: text/html; charset="utf-8" [28] => Content-Transfer-Encoding: quoted-printable [29] => Content-Transfer-Encoding: 7bit [30] => <!DOCTYPE html> <head> <title>Account</title> </head> <body> <span>here is our logo</span> <img src="cid:logo.png@mydomain.co.uk" width="192" heigh t="50" title="Logo" alt="Logo"> </body> </html> [31] => --1f04e7b81c18373984b26f1e64f9b83e-- [32] => --f81c1c99aa6cb085a26b84813c0a2fd6 [33] => Content-Type: image/png; name="logo8.png" [34] => Content-Transfer-Encoding: base64 [35] => Content-ID: <logo.png@mydomain.co.uk> [36] => X-Attachment-Id: logo.png@mydoamin.co.uk [37] => Content-Disposition: inline; filename="logo8.png" [38] => iVBORw0KGgoA....gABI1QMAACD1AZpW [39] => --f81c1c99aa6cb085a26b84813c0a2fd6-- any other suggestion would be great...i've looked a so much regarding embedded inline images and i can't see nothing else that i may be missing...i'm feeling there's something else that needs to be added to my headers though. i even sent myself an email from my gmail account with an embedded image and tried to cross reference but all formats i saved we're barely readable. thank you
-
Thank you...first time I've seen that...also I've seen examples without the content-disposition in line header. I'll give it whirl when I'm home and post my results Thanks again
-
sorry i couldn't edit the message above here is the correct headers etc from my debug array [17] => Content-Type: multipart/related; boundary="60a7083d603d0f8a9d35a0776030d8e5" [18] => This is a multi-part message in MIME format. [19] => --60a7083d603d0f8a9d35a0776030d8e5 [20] => Content-Type: multipart/alternative; boundary="acabb8838a7d2b2a9ec0661d699c96bc" [21] => --acabb8838a7d2b2a9ec0661d699c96bc [22] => Content-Type: text/plain; charset="utf-8" [23] => Content-Transfer-Encoding: quoted-printable [24] => Content-Transfer-Encoding: 7bit [25] => plain email here [26] => --acabb8838a7d2b2a9ec0661d699c96bc [27] => Content-Type: text/html; charset="utf-8" [28] => Content-Transfer-Encoding: quoted-printable [29] => Content-Transfer-Encoding: 7bit [30] => <!DOCTYPE html> <head> <title>Account</title> </head> <body> <span>here is our logo</span> <img src="cid:logo" width="192" title="Logo" alt="Logo" > </body> </html> [31] => --acabb8838a7d2b2a9ec0661d699c96bc-- [32] => --60a7083d603d0f8a9d35a0776030d8e5 [33] => Content-Type: image/png; name="logo8.png" [34] => Content-Transfer-Encoding: base64 [35] => Content-ID: <logo> [36] => X-Attachment-Id: logo [37] => Content-Disposition: inline; filename="logo8.png" [38] => iVBORw0KGgoAAAANSUhEUgAAArUAAAC7CAYAAAB7NWYYAAAACXBIWXMAAAsSAAALEgHS3X78AAA.....Zb0vX7fAAAAAElFTkSuQmCC [39] => --60a7083d603d0f8a9d35a0776030d8e5-- [40] => Array ( [command] => . [response] => 250 Queued (0.192 seconds) )
-
hey guys i'm having problems with gmail showing inline images when sending a email from my server...for some strange reason it shows as an attachment, but works prefectly for hotmail. here is what i'm getting.. hotmail gmail i can't find nothing obvious about inline image problems with gmail so i wondered if any of you guys have come across this problem and what i could do to solve it. here is my headers and boundarys set for the email... Content-Type: multipart/related; boundary="e3b811c438657c9d0f9ae45330038d29" This is a multi-part message in MIME format. --e3b811c438657c9d0f9ae45330038d29 Content-Type: multipart/alternative; boundary="23d529da6bbc0c660362bf9a39c6b994" --23d529da6bbc0c660362bf9a39c6b994 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Transfer-Encoding: 7bit plain email here --23d529da6bbc0c660362bf9a39c6b994 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Transfer-Encoding: 7bit <!DOCTYPE html> <head> <title>Account</title> </head> <body> <span>here is our logo</span> <img src="cid:logo" width="192" title="Logo" alt="Logo"> </body> </html> --23d529da6bbc0c660362bf9a39c6b994-- Content-Type: image/png; name="logo8.png" Content-Transfer-Encoding: base64 Content-ID: <logo> X-Attachment-Id: logo Content-Disposition: inline; filename="logo8.png" iVBORw0KGgoAAAANSUhEUgAAArUAA...AgFQ9AAAAUvUAAABI1QMAACD1AZpW uZb0vX7fAAAAAElFTkSuQmCC --e3b811c438657c9d0f9ae45330038d29-- any help would be great,,,thank you
-
ok thank you i made the changes that you said could you elaborate on this a little please jacques? thank you for your help
-
the reason i have the extra user_permissions table was so that i was able to give extra permissions out of the given role...but after thinking on what you said i deleted the table...in fact i'm going to role with all you suggestions. note i changed names on some tables to make more sense. here is how i'm getting my permissions SELECT p.permission FROM permissions p LEFT JOIN role_permission_mappings rpm ON rpm.permission_id = p.permission_id LEFT JOIN roles r ON r.role_id = rpm.role_id LEFT JOIN user_role_mappings urm ON urm.role_id = r.role_id AND urm.user_id = 3 and my roles SELECT role FROM roles r LEFT JOIN user_role_mappings urm ON urm.role_id = r.role_id WHERE urm.user_id = 3 say when checking if a user has permission to edit news is checking permission for edit_news enough? or should i be checking if the user is admin too? if ($user->has_role('admin') && $user->has_permission_to('edit news')) { // yes! } vs if ($user->has_permission_to('edit news')) { // yes! } thank you for your help