PaulRyan
-
Posts
876 -
Joined
-
Last visited
-
Days Won
4
Posts posted by PaulRyan
-
-
@Jazzman, you have no clue what you're talking about.
@Jillianmarie, you want to look into getimagesize and use it on the uploaded image to check its dimensions, then if the image is too large, you will need to re-size it. You can Google some tutorials on how to do the re-sizing, and the come back if you get stuck with it.
-
Well it would be better to recode and have this all working properly and for it work to in future PHP versions, than just finding the "easy way" out of this.
-
@Jessica:
and I don't want to do it via a form because it would contain prepopulated sensitive info
-
@mac_gyver, he wants to actually go to the page he is POST-ing to, not do the POST in the background and return the website.
This is very similar to another question on here, both of which haven't been solved.
-
Well in that case, I don't think there is a way to do it solely by PHP.
You would need a form, with the method of POST, then submit that form by JavaScript or a manual submit button click.
Someone else may come up with something, but I can't think of anything.
-
You'd want to look into curl
-
You cannot output any content before the header redirect, you would know this if you turned on error reporting.
See here: Error Reporting
Once you have error reporting switched on, it will help with future development.
Put all PHP code above the <doctype element, and it should work nicely.
-
I have created a function to parse code blocks within my blog posts, it took me a little while to get my head around a few things, but I've completed it nonetheless.
I would like to know if anyone can spot and functions I should be using, or ways of shortening the code down (without making things to complicated) or if anyone has a better function to do the same job.PLEASE NOTE!! I had to add backslashes the my own code blocks within my $blogPost so I could post it on here without breaking the code parser.
<style> .codeBlock{ background: #FAFAFA; padding: 3px 5px; border: 1px solid #CCC; margin-top: 15px; } .lineNumber{ color: #444; } </style> <?PHP //### Example blog post content $blogPost = 'Testing my PHP code display/heightlighting parsing function.' .PHP_EOL; $blogPost .= '4cb09423dfa8b96afcf98c9361927b7a'), '', htmlentities($blogPost)); //### Iterate over all code blocks and replace markers with code block foreach($matches[1] AS $key => $codeBlock) { //### Highlight code string $codeBlock = highlight_string($codeBlock, TRUE); //### Remove the line endings from top and bottom of code block $codeBlock = preg_replace('#'.PHP_EOL.'#', '', $codeBlock); //### Explode the lines, so we can add line numbers $codeLines = explode('<br />', $codeBlock); //### Start output with code tag, to fix first line number error (shows as plain text) $codeBlockLines = '<code>'; //### Iterate over the code lines and add the line number with the line of code foreach($codeLines AS $line => $code) { $codeBlockLines .= '<span class="lineNumber">'. $line. ' |</span> '.$code . PHP_EOL; } //### Finally replace the code block back into the blog post $blogPost = str_replace('[?CODEBLOCK '.$key.'?]', '<div class="codeBlock">'. $codeBlockLines .'</div>', $blogPost); } //### Create new lines with output return nl2br($blogPost); } echo blog_post_parse($blogPost); ?> -
What does $domain and $dir contain?
-
I personally agree with DavidDannis, load the form without those credentials in. Then load the credentials via AJAX to the form.
A view source will not show the fields with your account pin etc in, an Inspect Element would do that, but the sort of people using your site probably wouldn't think of using that or even viewing the source.
-
That is because JavaScript is used to change the value to loading when a function is triggered, probably by a button being clicked/pressed.
This is the flow:
Page loads [Element PRESET to "complete"]
Button Click [Element set to "loading"]
Content loads [Element set back to "complete"]
Not that hard to follow right?
-
Are these values dynamic? Meaning, will they change depending on who submits the form?
-
You really need to add some error checking and debugging code to your functions.
You're expecting them to work all the time with the current code you've provided, you need to make sure the query has executed before returning data etc.
"ulferik" meant doing this:
$myQuery = "SELECT `user_id` FROM `users` WHERE `username`= '{$username}'"; $myResult = mysql_query($myQuery); if(mysql_error()) { echo 'MySQL Error: '. mysql_error() .'<br>'; echo 'Query: '.$myQuery; } else if(!mysql_num_rows($myResult)) { //### No rows returned } else { //### Row has been returned } -
@Christian F, thank you for your in-depth analysis of my code. I'll reply in a manner that's easily readable:
1 - Thanks for the advice on the PHP_SELF, I'll look into a better method for that, it did it's job and I didn't rigorously test it , so I assumed it was fine.
2 - I'll heed your advice on the validation, it should have indeed been more thorough and thought out before hand.
3 - Regarding the output of error messages, I've always preferred the singular message to multiple messages, I don't have a particular reason for it, just seems "right" to me. I should really do it the way you have mentioned, I'll have to get myself into the habit of doing it with grouped errors instead of singular errors.
4 - I agree, will look into improving that.
5 - I only recently realised the CSV functions within PHP, I've come across them and used them before, they just never crossed my mind. Thanks for this.
6, 7 - Agreed.
8 - I used a table for quickness, I usually use <ul> and <li> with forms, I quite like the way it works.
9 - This is was test for myself to use a flat file, of course a database would be 100% better, just wanted to see what I could think of without resorting to a database.
Regarding the ### with the comments, this is some I've really grown accustomed to. My eyes instantly spot these so I know to read the comment on the line.
Thanks for you critique, it has opened my eyes somewhat and I will take on board what you've said and implement the points listed above in future.
P.S. - This is just a test for myself, I have built more complex scripts. I wanted to get back to basics and get a new perspective on how I used to code, to how I should be coding.
-
@Hall of Famer, thanks for your input, I will take into consideration what you have said. I'm not to keen on OOP if I'm completely honest, either I haven't found a good enough tutorial to explain it, or I understand and just don't find it useful.
@Psycho, thanks for your input. I will make said changes to the script, I totally forgot about array_slice so thanks for that. The error handling will be added too. Regarding the redirect, this is something I've always done with processing data plus it stops the refresh Pop-Up with the post data.
I totally agree with the deliminator, I didn't really think it though.
Thanks for your critique, I will work with what you have given me.
-
Thanks for your critique, I'll change the footer to the first person, and also remove that line of text.
The comment about the design is spot on, this isn't to promote myself, more so just to show some new things/tips etc I pick up along the way in developing, as well as code I develop over time.
I haven't got a personal website/portfolio to speak of at this current time, this is something I will bring about in the future hopefully.
-
I have redesigned my personal website, and would like some critique on the new look.
It's not a portfolio or blog, it's more of a dumping ground for new things I find out and general grievances of developing.
I have plans to allow downloads of some small script I have developed, but need cleaned up first.
Thanks for your time, PaulRyan
Website Link: http://www.paulryanmc.co.uk
-
The element is preset with the value of "complete".
-
You don't have an input in your form with the name "command" you need to add one in.
<input type="text" name="command">
Edit - Please use the code tags in future to show code.
-
I've given you a good start with this, I usually wouldn't as this is a paid project for you.
<?PHP $allowedMimes = array('application/x-troff-msvideo', 'video/avi', 'video/msvideo', 'video/x-msvideo', 'video/mpeg', 'video/quicktime'); if(!is_uploaded_file($_FILES['file']['tmp_name'])) { echo 'Possible file upload attack.'; } else if($_FILES['file']['error'] > 0) { echo 'File upload error. Error Code: '. $_FILES['file']['error']; } else if(!in_array($_FILES['file']['type'], $allowedMimes)) { echo 'File type not permitted.'; } else if($_FILES['file']['size'] > 100633448) { echo 'File is too big.'; } else { //## Checks passed, do file moving } ?>You can do the rest from what I've given you above.
*Edit - I made a few errors, so I've fixed them.
-
Infact, you should use var_dump instead. You have too many checks in one place, you should be doing them sequentially.
First which should be checked is for file upload errors $_FILES["file"]["error"]
Then file size, then file type, then any other checks.
-
Really? Did you build the code above? If you don't know how to echo, then you're gunna struggle.
echo $_FILES["file"]["type"];
Put that above the if statement and below extension variable.
-
If none of the above work, you should echo out $_FILES["file"]["type"] to see what the files mime type is.
-
The last one on the avi list should be: video/x-msvideo
Annoying User
in PHP Coding Help
Posted
He probably has a dynamic I.P. address, which is very common in this day and age. There isn't much you can really do about it, you need to tighten up registration form, look at form tokens, re-captcha, also Google some tips to make forms less likely to be automated by a bot/script.