Jump to content


  • Posts

  • Joined

  • Last visited

Posts posted by LLLLLLL

  1. I'm having a conflict between jQuery versions or something, I get Property '$' of object [object Window] is not a function


    I've read about using $.noConflict() or other potential fixes but I cannot get any solution to work. The working page is http://americangene.com/checkout/ -- the problem is between the cart's jQuery and the jQuery in use by the WordPress template. Any suggestions are welcome.

  2. This seems like the most appropriate forum on here for posting.


    I'm curious what people use for LAMP website vulnerability testing. I know of TrustWave and maybe one or two others. I'm not sure I want or need a subscription service where they scan on a recurring basis. Maybe just a one-time thing.


    I'm looking for the typical scans: cross-site scripting, SQL injection, and then patch suggestions for OS vulnerabilities, etc.


    Any advice is helpful.

  3. You clearly have never written an application that uses abstraction and base classes. This is basic stuff.


    The base class doesn't know about every field for every column. It knows "I have these POST values" and "here's my table". That's all it knows. The base class generates a query from that. It's unaware of every column type.


    So the answer is .... quoted columns in the query string. A standard feature in DB engines.


    I'm got the answer to my specific question a while ago. Our conversation, while enjoyable, didn't help anyone. I'm no longer following this thread.

  4. I'm saying, how can the code dynamically generate the query without quotes? (Without doing extra reads or writing lots of extra code.)


    You can't. You get data from a form, and you don't know anything except that you have data. The code doesn't know that some textbox is numeric only, or that some select box values are ints.

  5. MS-SQL allows this, too.


    I think it depends on the language; PHP is weakly-typed so its database pretty much needs to allow this type of syntax. If you're in C# with an MS-SQL back-end, then you'll know the data type and quoting isn't necessary.


    Again, without writing all sorts of code and/or performing extra reads, quoted values is the only way to go. There's no easy solution without it.

  6. On one customer website, the customer cannot insert any rows if a field is left blank and the column is a number. In short...


    ... is not being accepted for numeric or decimal columns.


    I've never had this on any other customer site, and it's pretty standard to use '' for column values in by MySQL (and even MS-SQL).


    What would be preventing this? I assume it's a MySQL setting somehow? For what it's worth, this customer is on a Windows server, much to my chagrin.

  7. This is a fairly typical piece of AJAX code...


    $.get( "someurl.php", {
     param1: someVariableValue,
     param2: 'someHardCodedString'
     function( data ) {


    On the back-end, PHP will receive $_GET with "param1" and "param2" keys, and the values as displayed above.


    My question is if it's possible to set the name of the keys param1 and param2 dynamically. I'm looking for a way to have a single function make the ajax calls, and to do that I won't have hard-coded "param1" keys, but the keys will be generated from whatever code I'm using to make the call. (Does that make sense?)


    Anyway, I am just looking for a way to set the keys of the GET (or POST) without hard-coding them on the page. Is this possible?

  8. I don't have HTTP_ORIGIN in the requests. I've tested on my server and a couple customers. This won't work as a solution.


    So two questions:

    1) What is the expected format to list domains? Comma-separated? Space-separated? Some server setting that determines the separation? It should work.

    2) Can I put multiple headers like this? Is it expected and/or good practice?




    header("Access-Control-Allow-Origin: http://website.com");

    header("Access-Control-Allow-Origin: http://www.website.com");

  9. What is the correct syntax for listing multiple domains to be allowed for cross-domain AJAX calls? My code does this:


    header("Access-Control-Allow-Origin: http://website.com");


    This works when website.com is the caller, but not when www.website.com is the caller. So I tried:


    header("Access-Control-Allow-Origin: http://website.com http://www.website.com");


    ... and...


    header("Access-Control-Allow-Origin: http://website.com, http://www.website.com");


    But these things don't work. When I say they don't work, I mean that neither website.com nor www.website.com will be able to make the call with those configurations. So right now the only option is to put * and allow everything. I don't want to do that.


    Is there another header directive or something that I need? I saw something about Access-Control-Allow-Headers: X-Requested-With but that didn't work either.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.