[search for unknown number in a string?]

Thank you, that's what I was missing.

[search for unknown number in a string?]

I've tried preg_match, preg_match_all & preg_quote but I can't find the syntax where I can find an unknown value in the string. 

All the examples I've found assume there are no unknowns in the string. 

In my string "Joe has 5 large apples", the number 5 is unknown during the programming call & I only know the string is "Joe has * large apples" .

 

[search for unknown number in a string?]

I want to search for a string like:  "Joe has 5 large apples" but don't know the actual number. 

In other words I want to search for the whatever number is in between "Joe has" & "large apples" 

I assume there is a way to do that in php but I haven't been able to find it. If so can someone help me with the solution ? 

[code for finding users TLS version?]

Thanks, I've been reading up on the Apache site but I still haven't figured out how to enable mod_ssl. 

It explains a lot about it but I don't see the actual steps to add it to the config file.

 

 

[code for finding users TLS version?]

I'm using Apache on my home server & I ran the same code on my webhost server which I assume is Apache also.

My phpinfo() shows Apache under server software environment on my webhost. 

Neither  nginx or FPM show up anywhere in my phpinfo() on either servers. mod_php7 shows on my home server but not on my webhost's server. 

Home server running php 7.2.34, Web server running php 7.4.30

[code for finding users TLS version?]

I printed out the results of $_SERVER & there's nothing about SSL_PROTOCOL. The only thing close is a SERVER_PROTOCOL 

I also searched the results for "1.3" because I know that is the version of TLS that I'm running & it came up empty. 

I tried gw1500se's suggestion earlier & it didn't work so I thought he was just joking but maybe not.

[code for finding users TLS version?]

34 minutes ago, requinix said:

PHP doesn't have access to that kind of information - it's all handled by the webserver automatically. As it should be.

But you can potentially have the server inject the information into your runtime environment. For example, nginx has a $ssl_cipher variable that you could pass into the PHP environment.

Thanks, that makes sense why it's not as simple as I thought it would be though I don't completely understand it. 

Since php is a server side language then I don't get why it doesn't have access to the same info that the server has. 

I must confess that I have no idea what nginx is, let alone how to pass a variable into the php environment from it.  

 

[code for finding users TLS version?]

I've been trying to find the code or commands needed to find the users TLS version & everything seems to point to specific sites like:

 $ch = curl_init('https://www.howsmyssl.com/a/check'); 
 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
  $data = curl_exec($ch); 
  curl_close($ch); 
  $json = json_decode($data); 
  echo "<h1>Your TLS version is: " . $json->tls_version . "</h1>\n";

Is it really that difficult to get a users TLS version without relying on another site to do it for you? 

I would have thought that there is a simple command like there is to get the users ip address but I guess not. 

Any enlightenment would be appreciated.

[Best way to stop undefined variable errors?]

23 minutes ago, ginerjm said:

Do you really want to present a page with 1000 inputs on a page for your users to have to work with?

It's a calculation program that defaults to about 50 inputs but if the user chooses, it can go up to 1,000 inputs. 

 

[Best way to stop undefined variable errors?]

That seems like a great idea. 

I wish I had done that before building my site.

I've can have as much as 1,000 variables on one page so it's  going to be a lot of work no matter what I do now.

Thanks again for the ideas

 

[Best way to stop undefined variable errors?]

I've tried these two options & they seem to work OK. 

The null option works better if I'm using the variable for any mathematical calculations.

Is there anything wrong with declaring all variables that might be used in a form with the null fallback value as I did below?  

$var=$_POST['var']; ?? '';

$var=$_POST['var']; ?? null;

 

[Best way to stop undefined variable errors?]

6 hours ago, kicken said:

The Null Coalescing operator provides a fallback value if the previous value is null (or doesn't exist). 

$displayName = $_POST['displayName'] ?? 'Anonymous';

Using ?? there is a shorter way of writing

if (isset($_POST['displayName'])){
    $displayName=$_POST['displayName'];
} else {
    $displayName='Anonymous';
}

Using ?? to provide a fallback value prevents PHP from complaining about undefined variables/indexes.

If you don't have an appropriate default value to provide, you can just use null.

"Now I see", says the blind man  

Thanks for the explanation. 

Now it looks like the only problem I'll have to be careful about is not having this type of universal fix to affect my sessions too.  

[Best way to stop undefined variable errors?]

I really appreciate the ideas but I have to admit that I don't understand the examples.  I have no idea what the :

?? 'Guest';

does or even means.

I am actually learning as I'm going, sort of on an as needed basis. 

Things that may seem obvious to the experienced programmer, are not obvious to me. 

I'm going to do a little testing with some of this stuff & see if i can make it work.   

[Best way to stop undefined variable errors?]

On pages where there are only a few variables I've tried :

if (!isset($_POST['var1'])) { $var1=""; }

else { $var1=$_POST['var1']; } 

That works but I don't want to have to do that with every variable.

[Best way to stop undefined variable errors?]

I have a lot form variables where I'm having the errors show up since I updated my php version on my webhost server.  

Since I have well over 100 variables, it's going to take a lot of time to correct them so i just disabled errors for now in the php.ini file to keep things working.  

I was wondering that since form variables are in kept an array, if there isn't an easy way to have them all initiated when the page loads.

I think that would solve the majority of the errors & there wouldn't be that many left.

Any ideas appreciated?

[Does this sound like my Apache server has been hacked?]

Update,

I decided to uninstall my LAMP server & reinstall it to see if that would fix anything & sure enough, it did. 

I'm not sure what happened to only effect two directories but they are working fine since I reinstalled Apache. 

Anyways, thanks for all the ideas.

 

 

[Does this sound like my Apache server has been hacked?]

5 hours ago, requinix said:

I didn't go any further than that. You can test it for yourself easily enough: grab a smartphone, get off your wifi, and browse to http://your-ip-address.

I think I'm going to take your advice & close down port 80 until I can figure out what is going on. 

I wanted to be able to remotely access my work & I've also been tinkering with the idea of hosting my own website so I've been playing around with this for quite a while. My port has been open for a few years & I've never had any problem until now. It all started when I forwarded one of my domain names to my computer as an experiment about a week or two ago. I used a php password protected index page with a mysql database to see if I had any visitors. When I realized it wasn't a good idea, I got rid of the domain name thing but I was still getting visitors. Then I added the .htaccess file with a password.  I'm not sure exactly when my directories started having the problem but I'm sure it wasn't until after I forwarded my domain name. It might have started when I added the .htaccess file & changed some configuration files but I can't be sure. If my whole site was down then I would think it would have to do with something I did, but having just two directories down doesn't make sense.    

[Does this sound like my Apache server has been hacked?]

Did you get to the login page? 

If you did, did you get to any of the site at all? 

[Does this sound like my Apache server has been hacked?]

3 minutes ago, requinix said:

So are you saying that you get a ERR_CONNECTION_REFUSED when you try to browse to a couple pages on your site but not for everything else? And everything in your browser's address bar looks correct, domain and path and all?

Yes,

I have quite a few different web sites & each site has its own directory. I use my Apache server to design the pages & test them before i upload them to my web host. So I can either just go to localhost from my browser or type in my ip address 

to view all my sites & pages. There's only two sites & pages on two separate directories along with their sub directories that I get the error & all the other sites & pages in about 40 other directories work fine.   

The path is fine & that's why i'm wondering if I've been attacked. I'm running Apache on Ubuntu Linux.    

[Does this sound like my Apache server has been hacked?]

I assume Apache has to be running because 90% of my server site is working & it's only two directories that I'm having the problem with. 

I created a new directory & copied the index file & the background image from one of the directories that wasn't working into it & it works OK except the background image doesn't work. 

If I type the url of the image file I get the same error but if I put another image file I don't get the error. It's like something has happened to some of the files in those two directories.

I'm at a complete loss. 

 

[Does this sound like my Apache server has been hacked?]

For a couple days I experimented with hosting my own site by routing a domain name to my computer. I didn't really want any outside traffic but i found i was getting a few visitors & i didn't have confidence in my password security. So i decided to unlink the domain name so at least someone would have to use my ip address to get to my site. I found that I was still getting a few visitors each day so I decided to use a password through .htaccess which was on of the suggestions I got from another thread. Everything seemed to be working fine & as far as I could tell no more visitors were getting in to my site. Now I find that two of my directories will not work through either browser, Chrome or Firefox. When I go to localhost to work on my site & to those two directories I just get:

" This site can’t be reached
localhost refused to connect.
Try:
Checking the connection
Checking the proxy and the firewall
ERR_CONNECTION_REFUSED "

I've checked permissions & can't find anything different than my other directories that do work. All my files are still there so I'm a little confused. I have plenty of other directories on my site still working.
I have messed with some configuration files to get .htaccess password to work but I can't even remember what I did. I tried removing the .htaccess file but that didn't help either.
Any ides?

[password protect all web pages?]

By doing the RewriteRule would that mean if I have any file in the root directory let's say called jimbo.php & someone typed in  http://myipaddress/jimbo.php it would redirect them to index.php? 

[password protect all web pages?]

Thanks,

If I understand you right, it could either be done through the .htaccess file or else I would have to edit every page to look for the correct session variable that is passed from index.php when the correct password is entered.

Assuming that is correct then .htaccess would be a better idea assuming it is reasonably secure. I don't do much other than surfing the web & doing my site on my server but I still don't like the idea of it being insecure.   

[password protect all web pages?]

I'm not sure if this is a php or Apache question but here goes anyways. 

I have my Apache web server set up so I can access it from anywhere which obviously means anyone else can access it too. I have my index page which is basically a menu for the site password protected with a simple php script. 

The problem is the index.php password page can be bypassed by just typing the name or path of any of the pages on the site. I don't want to have to password protect or enter a session variable onto every page.

Is there a practical way to make it where no page can be accessed without being routed from the index.php page ?   

[Is this a bug in Chrome or am I missing something?]

If anyone is using Chromium broswer I'd be curious if they tried that code & see what happened.  That code that I posted is the whole html file & nothing else. I made that simple html file just to test the onchange & alert functions together to see why they wouldn't work on my website. In Firefox it works as expected but in Chrome it crashes my browser & freezes my mouse & I have go to the terminal to close the program down. I should have been more specific because it doesn't crash until you actually change from one option to the other. Then the alert pops up on the screen & that's when everything locks up. After spending most of the day on it I finally found a solution. There have evidently been some conflicts with Chrome & the alert & confirm javascript functions & the only thing that worked for me was to use the setTimeout function. After adding that, everything works in Chrome. It's possible it's just the particular Linux version of Chrome that I am using.

This works now:

<html>
<head>
</head>
<body>
<select name="testify" onchange="setTimeout(function(){ alert('something'); })">
<option value=1> one </option>
<option value=2> two </option> 
</select>

</body>
</html>