kool_samule

Hi Chaps, I've got something of a mixed bag, in which I need some help with a MySQL query and PHP to display the results correctly. I'm basically after the following: Query to produce results of; invoice_item_price of all jobs that include a Typesetting task and all of those that don't. The problem I'm having is that I can't figure out how to get the correct SUMtotal of the invoice_item_price, when searching through the tbl_task_item, to see if a Typesetting task has been completed. In trying to do this, it multiplies the invoice_item_price by the amount of tasks within a job. Database: -- MySQL dump 10.11 -- -- Host: localhost Database: dbtemp -- ------------------------------------------------------ -- Server version 5.0.83-community-nt /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */; /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */; /*!40101 SET NAMES utf8 */; /*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */; /*!40103 SET TIME_ZONE='+00:00' */; /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */; /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */; /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */; /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; -- -- Table structure for table `tbl_analysis` -- DROP TABLE IF EXISTS `tbl_analysis`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_analysis` ( `analysis_id` int(20) unsigned NOT NULL auto_increment, `FK_job_id` int(20) unsigned default NULL, `analysis_gross` int(10) default NULL, `analysis_net` int(10) default NULL, PRIMARY KEY (`analysis_id`), KEY `FK_job_id` (`FK_job_id`) ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_analysis` -- LOCK TABLES `tbl_analysis` WRITE; /*!40000 ALTER TABLE `tbl_analysis` DISABLE KEYS */; INSERT INTO `tbl_analysis` VALUES (1,1,100,50),(2,2,500,250); /*!40000 ALTER TABLE `tbl_analysis` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `tbl_customer` -- DROP TABLE IF EXISTS `tbl_customer`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_customer` ( `cust_id` int(20) unsigned NOT NULL auto_increment, `cust_name` varchar(255) default NULL, PRIMARY KEY (`cust_id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_customer` -- LOCK TABLES `tbl_customer` WRITE; /*!40000 ALTER TABLE `tbl_customer` DISABLE KEYS */; INSERT INTO `tbl_customer` VALUES (1,'Customer A'); /*!40000 ALTER TABLE `tbl_customer` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `tbl_invoice` -- DROP TABLE IF EXISTS `tbl_invoice`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_invoice` ( `invoice_id` int(20) unsigned NOT NULL auto_increment, `FK_cust_id` int(20) unsigned default NULL, `FK_proj_id` int(20) unsigned default NULL, `invoice_date` date default NULL, `invoice_total` varchar(30) default NULL, `invoice_status` enum('Pending','Sent') default NULL, PRIMARY KEY (`invoice_id`), KEY `FK_cust_id` (`FK_cust_id`), KEY `FK_proj_id` (`FK_proj_id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_invoice` -- LOCK TABLES `tbl_invoice` WRITE; /*!40000 ALTER TABLE `tbl_invoice` DISABLE KEYS */; INSERT INTO `tbl_invoice` VALUES (1,1,1,'2010-01-30','500','Sent'); /*!40000 ALTER TABLE `tbl_invoice` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `tbl_invoice_item` -- DROP TABLE IF EXISTS `tbl_invoice_item`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_invoice_item` ( `invoice_item_id` int(20) unsigned NOT NULL auto_increment, `FK_job_id` int(20) unsigned default NULL, `FK_invoice_id` int(20) unsigned default NULL, `invoice_item_price` varchar(30) default NULL, `invoice_status` enum('Pending','Sent') default 'Pending', PRIMARY KEY (`invoice_item_id`), KEY `FK_job_id` (`FK_job_id`), KEY `FK_invoice_id` (`FK_invoice_id`) ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_invoice_item` -- LOCK TABLES `tbl_invoice_item` WRITE; /*!40000 ALTER TABLE `tbl_invoice_item` DISABLE KEYS */; INSERT INTO `tbl_invoice_item` VALUES (1,1,1,'250','Sent'),(2,2,1,'250','Sent'); /*!40000 ALTER TABLE `tbl_invoice_item` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `tbl_job` -- DROP TABLE IF EXISTS `tbl_job`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_job` ( `job_id` int(20) unsigned NOT NULL auto_increment, `FK_proj_id` int(20) unsigned default NULL, `FK_langt_id` int(20) unsigned default NULL, `job_title` varchar(255) default NULL, `job_pages` int(10) default '1', `job_complete` enum('Yes','No') default 'No', `job_complete_date` timestamp NULL default NULL, PRIMARY KEY (`job_id`), KEY `FK_proj_id` (`FK_proj_id`), KEY `FK_langt_id` (`FK_langt_id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_job` -- LOCK TABLES `tbl_job` WRITE; /*!40000 ALTER TABLE `tbl_job` DISABLE KEYS */; INSERT INTO `tbl_job` VALUES (1,1,1,'Job 1',1,'Yes','2012-30-01 17:30:00'), (2,1,3,'Job 2',2,'Yes','2012-30-01 17:30:00'); /*!40000 ALTER TABLE `tbl_job` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `tbl_language` -- DROP TABLE IF EXISTS `tbl_language`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_language` ( `lang_id` int(20) unsigned NOT NULL auto_increment, `langname` varchar(255) default NULL, PRIMARY KEY (`lang_id`) ) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_language` -- LOCK TABLES `tbl_language` WRITE; /*!40000 ALTER TABLE `tbl_language` DISABLE KEYS */; INSERT INTO `tbl_language` VALUES (1,'EN'),(2,'DE'),(3,'FR'); /*!40000 ALTER TABLE `tbl_language` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `tbl_project` -- DROP TABLE IF EXISTS `tbl_project`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_project` ( `proj_id` int(20) unsigned NOT NULL auto_increment, `proj_title` varchar(255) default NULL, `FK_cust_id` int(20) unsigned default NULL, `FK_langsid` int(20) unsigned default NULL, `proj_start_date` timestamp NULL default NULL, `proj_end_date` timestamp NULL default NULL, `proj_status` enum('Open','Hold','Enquiry','Redundant','Complete') default NULL, PRIMARY KEY (`proj_id`), KEY `FK_cust_id` (`FK_cust_id`), KEY `FK_langsid` (`FK_langsid`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_project` -- LOCK TABLES `tbl_project` WRITE; /*!40000 ALTER TABLE `tbl_project` DISABLE KEYS */; INSERT INTO `tbl_project` VALUES (1,'Project A', 1,2,'2012-01-30 09:00:00','2012-01-30 17:30:00','Complete'); /*!40000 ALTER TABLE `tbl_project` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `tbl_task` -- DROP TABLE IF EXISTS `tbl_task`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_task` ( `task_id` int(20) unsigned NOT NULL auto_increment, `task_title` varchar(50) default NULL, PRIMARY KEY (`task_id`) ) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_task` -- LOCK TABLES `tbl_task` WRITE; /*!40000 ALTER TABLE `tbl_task` DISABLE KEYS */; INSERT INTO `tbl_task` VALUES (1,'Preparation'),(2,'Typesetting'),(3,'Correction'),(4,'Evaluate'); /*!40000 ALTER TABLE `tbl_task` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `tbl_task_item` -- DROP TABLE IF EXISTS `tbl_task_item`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `tbl_task_item` ( `task_item_id` int(20) unsigned NOT NULL auto_increment, `FK_job_id` int(20) unsigned default NULL, `FK_task_id` int(20) unsigned default NULL, `status` enum('Pending','Ready','Sent','Active','Complete') default 'Pending', `task_complete_date` timestamp NULL default NULL, `task_order` int(20) unsigned default NULL, PRIMARY KEY (`task_item_id`), KEY `FK_task_id` (`FK_task_id`), KEY `FK_job_id` (`FK_job_id`) ) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `tbl_task_item` -- LOCK TABLES `tbl_task_item` WRITE; /*!40000 ALTER TABLE `tbl_task_item` DISABLE KEYS */; INSERT INTO `tbl_task_item` VALUES (1,1,1,'Complete','2012-01-30 10:00:00',1),(2,1,2,'Complete','2012-01-30 11:00:00',2),(3,1,3,'Complete','2012-01-30 12:00:00',3),(4,1,4,'Complete','2012-01-30 17:30:00',4),(5,2,1,'Complete','2012-01-30 10:00:00',1),(6,2,3,'Complete','2012-01-30 12:00:00',3),(7,2,4,'Complete','2012-01-30 17:30:00',4); /*!40000 ALTER TABLE `tbl_task_item` ENABLE KEYS */; UNLOCK TABLES; /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */; /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */; /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; -- Dump completed on 2012-01-30 18:59:47 QUERY: SELECT DATE_FORMAT(proj_end_date, '%m') as month_number, MONTHNAME(proj_end_date) AS the_month, YEAR(proj_end_date) AS the_year, SUM(analysis_net) as analysis_net, SUM(analysis_gross) as analysis_gross, SUM(job_pages) as job_pages, SUM(invoice_item_price) as total, CASE WHEN task_title='Typesetting' AND ti1.status='Complete' THEN 'Typeset' ELSE 'Non-Typeset' END AS 'JobType', langname FROM tbl_job as j INNER JOIN tbl_task_item as ti1 ON ti1.FK_job_id = j.job_id INNER JOIN tbl_task as t ON t.task_id = ti1.FK_task_id INNER JOIN tbl_invoice_item as ii ON ii.FK_job_id = j.job_id INNER JOIN tbl_invoice as i ON i.invoice_id=ii.FK_invoice_id INNER JOIN tbl_analysis as a ON a.FK_job_id = j.job_id INNER JOIN tbl_language as l ON l.lang_id = j.FK_langt_id INNER JOIN tbl_project as p ON p.proj_id = j.FK_proj_id WHERE p.FK_cust_id = 1 AND proj_status='Complete' GROUP BY the_year, month_number, JobType, langname ORDER BY the_year DESC, month_number DESC, JobType DESC, langname ASC The second problem I'm having is in presenting the results in the correct way. From my example below, you can see what I'm trying to achieve. The 'commented-out' PHP code, should 'GROUP' the JobType results, just like how the 'the_month' is working. But again, becoming a bit stuck in getting this to work too. <table border="3" cellpadding="3" cellspacing="3"> <tr> <td>Month</td> <td>Year</td> <td>JobType</td> <td>Analysis Net</td> <td>Analysis Gross</td> <td>Pages</td> <td>Invoice Total</td> <td>Language</td> </tr> <?php $previousMonth = ''; $previousType = ''; do { if ($previousMonth != $row_rsProjType['the_month']) { //if ($previousType != $row_rsProjType['JobType']) {?> <tr> <td><?php echo $row_rsProjType['the_month']; ?></td> <td><?php echo $row_rsProjType['the_year']; ?></td> <td></td> <td></td> <td></td> <td></td> <td></td> <td></td> </tr> <?php $previousMonth = $row_rsProjType['the_month'];} ?> <tr> <td></td> <td></td> <td><?php echo $row_rsProjType['JobType']; ?></td> <td></td> <td></td> <td></td> <td></td> <td></td> </tr> <?php //$previousType = $row_rsProjType['JobType'];} ?> <tr> <td></td> <td></td> <td></td> <td><?php echo $row_rsProjType['analysis_net']; ?></td> <td><?php echo $row_rsProjType['analysis_gross']; ?></td> <td><?php echo $row_rsProjType['job_pages']; ?></td> <td><?php echo $row_rsProjType['total']; ?></td> <td><?php echo $row_rsProjType['langname']; ?></td> </tr> <?php } while ($row_rsProjType = mysql_fetch_assoc($rsProjType)); ?> </table> If anyone can help me out in getting this to display correctly, it'll be highly appreciated.

Hi Chaps, Fully aware that this is not strictly a PHP based query, but I am hving problems with PHP / File Uploads to a FTP site. Basically, I have a PHP app that requires login, the login credentials determine which FTP folder to read on sucessful login. The user can then browse the FTP folder, upload and download files. The user cannot access/view any FTP folders other than their specific folder. I'm looking into alternatives to PHP/PHP_FTP file uploads, as using Form POSTs or Java has caused problems for some, but not for others. My question is: is there any controls that can open a MS-style Explorer FTP Window, outside of the app (i.e. in a pop-out exporer window) that can restricted a user to a certain folder level e.g.: This would mean that when User A logs in, his default FTP Window/access would be User-A, and would be able to browse down to Folder-3, but could not see User-B, Freelance or FTP-Root folders. Again, sorry if this is misplaced.

thanks for the reply, it's on a windows iis7 server. would that make a difference in using the different headers. also, where can i find the correct header info, so that php doesn't have to read the entire file? cheers

Hi Chaps, I have a PHP app that allows users to login and view contents of an FTP folder (that is unique to their login). They can upload and download files but some users are having problems. As some of the files can be quite large, the app seems to be a bit tempremental when uploading files. Also, when downloading very large files, sometimes in excess of 200-300 Mb, the script seems to timeout. The script reads the file to be downloaded, then loads it to the header, to force open/download. But again, this is very tempremental and there's nothing much to go on in terms or trouble-shooting. Everytime I test it, it seems to work, but users are having trouble. I have checked the Windows IIS 7/PHP file settings, and all are OK. So my questions are: 1. what is the best way to handle very large file uploads? 2. what is the best way to force open/download of large files, without PHP having to 'read' the file first? Any help or guidence would be most appreciated. Cheers

Hi, Administration login/pages are secured, so that you shouldn't be able to access them if not logged in. I will double-check the exit; I am using ? Parameters, but not in the way you mention (.php?prod_id=something, rather than .php?page=contact) or will this cause the same issues?

Top stuff Keith, thanks for explaining. I'll give it a whirl Samuel

Thanks for the replies, How do you do this on a shared server, and if the images are outside the web accessable area, how can the images be read?

Hi Chaps, After my clients' site was hacked just over a week ago, I took down the site and made some changes to the PHP scripts. - Backed-up the database, then removed it from the webhost - Removed all web files - Changed the FTP and SQL login credentials - Encrypted all user passwords - Secured the login/signup scripts with a Captcha tool. - Secured all account & checkout pages with cookie checks (forces login). - I validated all the user inputs for XSS. - Secured the SQL scripts with mysql_real_escape_string()/strip_tags()/str_replace(). - Used HTTP_REFERER on account/checkout pages I'm hoping this will sure up the front-end site. Whilst I was backing up the images folder (500Mb+) to my PC, I was warned of trojans and viruses. It turned out the hackers had placed php files (cid.php/sniper.php/etc) and a couple of files without extensions, into the main Images folder. Without knowing how they actually did this (whether they had access to the FTP site, gained access through the website, or through a virus on the laptop used to update the site/upload images), I would like to know what I can do to make sure that they can't do this again. There is no option for front-end users to upload files, but the administration site does allow image uploads. At the moment, the images folder permissions are set to 0775, I think this is correct. Is there something I can do to the Image folder permissions as a whole, or should I just run a regular check on the directories, checking for all non-image files, or any file/directory that doesn't have the 0775 permission? Are there any resources on protecting FTP folders with PHP, uploading files/directories to protected folders, good practices to continually check for unwanted files? Is there anything else I should be looking into, I did read something about the dangers of include()/require_once() The site is hosted on a shared server, and don't have access to the .htaccess files. Is there anything I can ask the hosting company to check that there firewall is working correctly? Sorry for the range of questions in this, but any help or guidance would be most appreciated. Many thanks

Hi Chaps, I'm trying to put together a Nested Set Model (Hierarchical Data), but I have having problems when it comes to deleting/updating the 'nested' table. I'm using this as a guide: http://dev.mysql.com/tech-resources/articles/hierarchical-data.html But when trying to run a query, such as: SELECT @myLeft := lft, @myRight := rgt, @myWidth := rgt - lft + 1 FROM nested_category WHERE name = 'GAME CONSOLES'; DELETE FROM nested_category WHERE lft BETWEEN @myLeft AND @myRight; UPDATE nested_category SET rgt = rgt - @myWidth WHERE rgt > @myRight; UPDATE nested_category SET lft = lft - @myWidth WHERE lft > @myRight; I get a MySQL syntax error. This code works fine in something such as Windows Command Prompt, but not in PHP. Is there a special way to run multiple queries in 1 PHP script? Many thanks

Hi Chaps, I'm about to start building a MySQL/PHP forum but would like to know what are the best administration steps to take. Basically it'll be open to members of a site to share info (as like many forums out there), but obviously I don't want anybody to post either harmful content or offensive material. Can someone point me in the right direction, or give me a basic outline of what I have to look out for? Many thanks

Hi Chaps, I have a PHP Application, hosted on IIS 7 Server. The Application needs to be secure for a customer (based in Germany). The problem I face is that the only security I have used is cookies. The customer, however does not want to use cookies, due to the difficulty of managing these cookies at their end. Their solution would be to use some sort of IP Address based security, where only access from certain IP Addresses would be permitted. The problem I see with this is that the customer has numerous different 'sites' across Germany, which would have their own servers and therefore different IP Addresses and in some cases, no server at all. So my questions are: 1. Is IP Address security a viable option? 2. Would the customer's request be a valid concern? 3. What would be the best practice of implementing the request? Many thanks

Hi Chaps, I've created a web-based FTP site, but having trouble with PHP's FTP_PUT function. I've tried: // FTP access parameters $host = 'ftp.example.org'; $usr = 'example_user'; $pwd = 'example_password'; // file to move: $local_file = './example.zip'; $ftp_path = '/data/example.zip'; // connect to FTP server (port 21) $conn_id = ftp_connect($host, 21) or die ("Cannot connect to host"); // send access parameters ftp_login($conn_id, $usr, $pwd) or die("Cannot login"); // turn on passive mode transfers (some servers need this) // ftp_pasv ($conn_id, true); // perform file upload $upload = ftp_put($conn_id, $ftp_path, $local_file, FTP_BINARY); // check upload status: print (!$upload) ? 'Cannot upload' : 'Upload complete'; print "\n"; // close the FTP stream ftp_close($conn_id); And also Net_FTP's FTP_PUT function: require_once 'Net/FTP.php'; $test = new Net_FTP('www.domain.co.uk', 21); $test->connect('www.domain.co.uk', 21); $test->login('username', 'password'); $file_tmp = $_FILES["file"]["tmp_name"]; $file_name = $_FILES["file"]["name"]; $test->put($file_tmp, 'Uploads/'.$file_name, FTP_BINARY); I've tested this with a very small text file and it works OK, but when I try with a zip file of around 9Mb it takes FOREVER, and sometimes doesn't upload at all, or if it does, it has a size of 0kb. I need the script to handle big files up to 150Mb in size. What can I do to speed up the process and is there something I have missed (current config settings > ini_set('max_upload_filesize', 150000000)) ?

Hi Chaps, I have a PHP FTP App, where users can log in using a unique code and a password. Their unique code corresponds to an FTP folder, e.g. So when the user logs in, they can see their FTP directory and contents, in this case an Inbox and an Outbox. This works as the FTP folder contains both an Inbox and an Outbox. The problem I am having is when I try browsing within this directory (say the Inbox), ftp-chdir fails. I have a hyperlink that sends a 'dir' parameter to the same ftp.php page, and if set, will attempt to change to the given directory. So even though the URL Hyperlink reads: When you click on this link, the page tries to load: So my question is what do I need to change, the Hyperlink to read something like: Do something to the ftp-chdir function, where I encode/decode/whatever to make sure it tries to change to the correct FTP directory? Or exclude all ampersand entirely?

Well that's what I had learned, but in order to get these functionalities to work on IIS server, I had to change the security settings on the server's CMD.EXE. What I want to know is how can I get the PHP MKDIR to work, without having to change the security settings?

Only through testing on my existing server. Windows Server SBS2003, uses IIS, the only way I could get PHP to MKDIR was to grant access to CMD.EXE. Is there something I'm missing?

Hi Chaps, I'm setting up a PHP App on a new SBS2008 Server. My scripts use MKDIR, RENAME, etc, which I believe use the Windows Command Prompt by default to perform these functions. On my existing server, I have added IUSER to the security settings, but I am unable to do this on the new SBS2008 Server. I have read that it is advised against giving such permissions to 'Guests' to the CMD.EXE, so my question is how do I get around this. If PHP uses CMD, but I cannot grant permissions to, what was IUSER, how can PHP perform these actions? Cheers

used ini_set('memory_limit', '300M');

Hi Chaps, I'm using readfile to force the download of a file: set_time_limit(0); $file = 'monkey.gif'; if (file_exists($file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename='.basename($file)); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); ob_clean(); flush(); readfile($file); exit; } flush(); And this works fine, however, I do have some software installation files that could be downloaded (these are in excess of 280Mb). I have checked php.ini: But Internet Explorer hangs and then crashes. Is there a way to allow big files to download using this method, or is there another way of forcing the download, without php 'reading' the file first? I'm guessing that the problem lies with the memory_limit being smaller than the file size. Is it a good idea to increase the memory_limit to eg. 280Mb? Cheers

turns out it was a problem with the way i was contructing my parameter: changed '&' to &, and it worked fine!

Hi, $nvpstr (without Header): $resArray: Please note, the $nvpstr was made up of variable to produce the above. This resutls in failure (see $resArray). If I copy the value of $nvpstr, as it appears above, and send that as a string, it works.

Hi, this is the php that collects the form inputs from previous page, contructs the parameter and passes to payapl. require_once 'CallerService.php'; require_once 'constants.php'; $API_UserName=API_USERNAME; $API_Password=API_PASSWORD; $API_Signature=API_SIGNATURE; $API_Endpoint =API_ENDPOINT; $subject = SUBJECT; $token = $_REQUEST['token']; $getAuthModeFromConstantFile = true; $nvpHeader = ""; if(!$getAuthModeFromConstantFile) { $AuthMode = "THIRDPARTY"; } else { if(!empty($API_UserName) && !empty($API_Password) && !empty($API_Signature) && !empty($subject)) { $AuthMode = "THIRDPARTY"; }else if(!empty($API_UserName) && !empty($API_Password) && !empty($API_Signature)) { $AuthMode = "3TOKEN"; }else if(!empty($subject)) { $AuthMode = "FIRSTPARTY"; } } switch($AuthMode) { case "3TOKEN" : $nvpHeader = "&PWD=".urlencode($API_Password)."&USER=".urlencode($API_UserName)."&SIGNATURE=".urlencode($API_Signature); break; case "FIRSTPARTY" : $nvpHeader = "&SUBJECT=".urlencode($subject); break; case "THIRDPARTY" : $nvpHeader = "&PWD=".urlencode($API_Password)."&USER=".urlencode($API_UserName)."&SIGNATURE=".urlencode($API_Signature)."&SUBJECT=".urlencode($subject); break; } if(! isset($token)) { $serverName = $_SERVER['SERVER_NAME']; $serverPort = $_SERVER['SERVER_PORT']; $url=dirname('http://'.$serverName.':'.$serverPort.$_SERVER['REQUEST_URI']); $currencyCodeType=$_REQUEST['currencyCodeType']; $paymentType=$_REQUEST['paymentType']; $personName = $_REQUEST['PERSONNAME']; $SHIPTOSTREET = $_REQUEST['SHIPTOSTREET']; $SHIPTOCITY = $_REQUEST['SHIPTOCITY']; $SHIPTOSTATE = $_REQUEST['SHIPTOSTATE']; $SHIPTOCOUNTRYCODE = $_REQUEST['SHIPTOCOUNTRYCODE']; $SHIPTOZIP = $_REQUEST['SHIPTOZIP']; $cartTotal = cartTotal(); $items = $_REQUEST['different_items']; $arr_items = array(); $arr_items_cost = array(); $i = 0; do{ $L_NAME = $_REQUEST['L_NAME'.$i]; $L_NUMBER = $_REQUEST['L_NUMBER'.$i]; $L_DESC = $_REQUEST['L_DESC'.$i]; $L_QTY = $_REQUEST['L_QTY'.$i]; $L_AMT = $_REQUEST['L_AMT'.$i]; $NVP = "L_NAME$i=$L_NAME&L_NUMBER$i=$L_NUMBER&L_DESC$i=$L_DESC&L_QTY$i=$L_QTY&L_AMT$i=$L_AMT"; $arr_items[] = $NVP; $arr_items_cost[] = $L_AMT; $i++; }while ($i < $items); $joined_nvp = join("&", $arr_items); $shipping_post = utf8_decode($_REQUEST['shippingname']); $shipping_iso = $_REQUEST['SHIPTOCOUNTRYCODE']; mysql_select_db($database_dbconnect, $dbconnect); $query_rsPostage = "SELECT * FROM tbl_postage INNER JOIN tbl_countries ON tbl_countries.shipping_zone=tbl_postage.shipping_zone WHERE tbl_countries.iso='$shipping_iso' ORDER BY postagetitle ASC"; $rsPostage = mysql_query($query_rsPostage, $dbconnect) or die(mysql_error()); $row_rsPostage = mysql_fetch_assoc($rsPostage); $totalRows_rsPostage = mysql_num_rows($rsPostage); $quantity = NoItems(); $arr_shipping = array(); $arr_ship_cost = array(); $pi = 0; do { $L_SHIPPINGOPTIONLABEL = $row_rsPostage['shipping_zone'].'-'.$row_rsPostage['postagetitle']; $L_SHIPPINGOPTIONNAME = $row_rsPostage['shipping_zone'].'-'.$row_rsPostage['postagetitle']; if($quantity != 1){ $surcharge_items = ($quantity-1); $surcharge_shipping = ($surcharge_items*$row_rsPostage['surcharge']); $L_SHIPPINGOPTIONAMOUNT = $row_rsPostage['postageprice']+$surcharge_shipping; } else { $additional_shipping = 0; $L_SHIPPINGOPTIONAMOUNT = $row_rsPostage['postageprice']; } if($L_SHIPPINGOPTIONLABEL == $shipping_post){ $L_SHIPPINGOPTIONISDEFAULT = "true"; $NVP_SHIP_OPTION = "SHIPPINGAMT=$L_SHIPPINGOPTIONAMOUNT"; $NVP_ARRAY_OPTION = "$L_SHIPPINGOPTIONAMOUNT"; $CALC_SHIP = $L_SHIPPINGOPTIONAMOUNT; } else{ $L_SHIPPINGOPTIONISDEFAULT = "false"; } $NVP_SHIP = "L_SHIPPINGOPTIONLABEL$pi=$L_SHIPPINGOPTIONLABEL&L_SHIPPINGOPTIONNAME$pi=$L_SHIPPINGOPTIONNAME&L_SHIPPINGOPTIONAMOUNT$pi=$L_SHIPPINGOPTIONAMOUNT&L_SHIPPINGOPTIONISDEFAULT$pi=$L_SHIPPINGOPTIONISDEFAULT"; $arr_shipping[] = $NVP_SHIP; $arr_ship_cost['price'] = $L_SHIPPINGOPTIONAMOUNT; $pi++; } while ($row_rsPostage = mysql_fetch_assoc($rsPostage)); $joined_nvp_ship = join("&", $arr_shipping); $returnURL =urlencode($url.'/ReviewOrder.php?currencyCodeType='.$currencyCodeType.'&paymentType='.$paymentType); $cancelURL =urlencode("$url/SetExpressCheckout.php?paymentType=$paymentType" ); $itemamt = array_sum($arr_items_cost); $items = number_format($itemamt, 2, '.', ''); $CALC_SHIP = number_format($CALC_SHIP, 2, '.', ''); $amt = $itemamt+$CALC_SHIP; $amt = number_format($amt, 2, '.', ''); $max_ship = max($arr_ship_cost); $maxamt= $itemamt+$max_ship; $maxamt = number_format($maxamt, 2, '.', ''); $shiptoAddress = "&SHIPTONAME=$personName&SHIPTOSTREET=$SHIPTOSTREET&SHIPTOCITY=$SHIPTOCITY&SHIPTOSTATE=$SHIPTOSTATE&SHIPTOCOUNTRYCODE=$SHIPTOCOUNTRYCODE&SHIPTOZIP=$SHIPTOZIP"; $nvpstr="&ADDRESSOVERRIDE=1$shiptoAddress&".$joined_nvp."&MAXAMT=".(string)$maxamt."&AMT=".(string)$amt."&ITEMAMT=".(string)$itemamt."&CALLBACKTIMEOUT=4&".$joined_nvp_ship."&INSURANCEAMT=0.00&INSURANCEOPTIONOFFERED=false&SHIPPINGAMT=".(string)$CALC_SHIP."&SHIPDISCAMT=0.00&TAXAMT=0.00&ReturnUrl=".$returnURL."&CANCELURL=".$cancelURL ."&CURRENCYCODE=".$currencyCodeType."&PAYMENTACTION=".$paymentType."&CALLBACK=https://www.ppcallback.com/callback.pl"; $nvpstr = $nvpHeader.$nvpstr; $resArray=hash_call("SetExpressCheckout",$nvpstr); $_SESSION['reshash']=$resArray; $ack = strtoupper($resArray["ACK"]); if($ack=="SUCCESS"){ $token = urldecode($resArray["TOKEN"]); $payPalURL = PAYPAL_URL.$token; header("Location: ".$payPalURL); } else { $location = "APIError.php"; header("Location: $location"); } } else { $token =urlencode( $_REQUEST['token']); $nvpstr="&TOKEN=".$token; $nvpstr = $nvpHeader.$nvpstr; $resArray=hash_call("GetExpressCheckoutDetails",$nvpstr); $_SESSION['reshash']=$resArray; $ack = strtoupper($resArray["ACK"]); if($ack == 'SUCCESS' || $ack == 'SUCCESSWITHWARNING'){ require_once "GetExpressCheckoutDetails.php"; } else { $location = "APIError.php"; header("Location: $location"); } } ?> Hope that is what you were on about, if not let me know and hopefully we can get it solved! cheers

Hi I have tried: urlencode, urldecode, utf8_encode, utf8_decode, and none of them work. When I echo my variables in $nvpstr , and then copy this, and replace the $nvpstr variables with a "string", it works fine. I do not understand!

Hi Chaps, I'm integrating my app with PayPal WebPaymentsPro and at the ExpressCheckout part. I've contructed a parameter in NVP format: $nvpstr="&ADDRESSOVERRIDE=1$shiptoAddress&".$joined_nvp."&MAXAMT=".(string)$maxamt."&AMT=".(string)$amt."&ITEMAMT=".(string)$itemamt."&CALLBACKTIMEOUT=4&".$joined_nvp_ship."&INSURANCEAMT=0.00&INSURANCEOPTIONOFFERED=false&CALLBACK=https://www.ppcallback.com/callback.pl&SHIPPINGAMT=".$CALC_SHIP."&SHIPDISCAMT=0.00&TAXAMT=0.00&ReturnUrl=".$returnURL."&CANCELURL=".$cancelURL ."&CURRENCYCODE=".$currencyCodeType."&PAYMENTACTION=".$paymentType; This, as an example, echo's: If I attempt to pass the parameter to PayPal, I get an error stating that the Flat-rate shipping options are missing. However, if I echo the above code into a browser, then copy and paste in place of the variable parameter (so it is simply text): $nvpstr="&ADDRESSOVERRIDE=1&SHIPTONAME=Name&SHIPTOSTREET=&SHIPTOCITY=&SHIPTOSTATE=&SHIPTOCOUNTRYCODE=GB&SHIPTOZIP=&L_NAME0=ITEM!&L_NUMBER0=40&L_DESC0=S&L_QTY0=1&L_AMT0=22.50&L_NAME1=ITEM2&L_NUMBER1=186&L_DESC1=S/M&L_QTY1=1&L_AMT1=14.00&L_NAME2=ITEM3&L_NUMBER2=105&L_DESC2=8&L_QTY2=1&L_AMT2=23.00&MAXAMT=66.5&AMT=59.5&ITEMAMT=59.5&CALLBACKTIMEOUT=4&L_SHIPPINGOPTIONLABEL0=UK - Free Delivery (UK orders over £50)&L_SHIPPINGOPTIONNAME0=UK - Free Delivery (UK orders over £50)&L_SHIPPINGOPTIONAMOUNT0=0&L_SHIPPINGOPTIONISDEFAULT0=true&L_SHIPPINGOPTIONLABEL1=UK-Recorded Delivery - £3.00 (plus 50p charge per extra item)&L_SHIPPINGOPTIONNAME1=UK-Recorded Delivery - £3.00 (plus 50p charge per extra item)&L_SHIPPINGOPTIONAMOUNT1=4&L_SHIPPINGOPTIONISDEFAULT1=false&L_SHIPPINGOPTIONLABEL2=UK-Special Next Day Delivery - £6.00 (plus 50p charge per extra item)&L_SHIPPINGOPTIONNAME2=UK-Special Next Day Delivery - £6.00 (plus 50p charge per extra item)&L_SHIPPINGOPTIONAMOUNT2=7&L_SHIPPINGOPTIONISDEFAULT2=false&INSURANCEAMT=0.00&INSURANCEOPTIONOFFERED=false&CALLBACK=https://www.ppcallback.com/callback.pl&SHIPPINGAMT=0&SHIPDISCAMT=0.00&TAXAMT=0.00&ReturnUrl=http%3A%2F%2Fwww.xxxxx.co.uk%3A80%2Fshop%2Fphp_nvp_samples%2FReviewOrder.php%3FcurrencyCodeType%3DGBP%26paymentType%3DSale&CANCELURL=http%3A%2F%2Fwww.xxxxx.co.uk%3A80%2Fshop%2Fphp_nvp_samples%2FSetExpressCheckout.php%3FpaymentType%3DSale&CURRENCYCODE=GBP&PAYMENTACTION=Sale" This works, which has really stumped me. How can a parameter made up of variables fail, but the same output in it's place does? Is there something obvious that I am missing, because this is doing my brain in!

$arr = array(); $L_NAME0 = 'Item 1'; $L_NUMBER0 = '0001'; $L_QTY0 = '1'; $L_AMT0 = 10.50; $NVP0 = "L_NAME0 = $L_NAME0&L_NUMBER0 = $L_NUMBER0&amp"; $arr[] = $NVP0; $L_NAME1 = 'Item 2'; $L_NUMBER1 = '0002'; $L_QTY1 = '3'; $L_AMT1 = 20.50; $NVP1 = "L_NAME1 = $L_NAME1&L_NUMBER1 = $L_NUMBER1&amp"; $arr[] = $NVP1; $joined_nvp = join("", $arr); echo $joined_nvp;

Hi Chaps, I have a while loop which produces a couple of variables: do { $L_NAME.$i = 'Item 1'; $L_NUMBER.$i = '0001'; $L_QTY.$i = '1'; $L_AMT.$i = 10.50; $NVP.$i = "L_NAME.$i.= .$L_NAME.$i.&L_NUMBER.$i. = .$L_NUMBER.$i.&amp"; } while($i == $items); Basically what I need to do is contruct a parameter made up of all the $NVP variables. I've a feeling that I would need to add each variable to an array and then use a foreach statement, but I'm not 100% sure. I'd be interested in the correct way to go about this, any comments welcome!