Search the Community

I'm experiencing something that I've no idea how to understand it. I have the following methods -> <?php public function action($action, $table, $where = [], $rule = "") { if(count($where) === 3) { $operators = array('=', '<', '>', '<=', '<='); $field = $where[0]; $operator = $where[1]; $value = $where[2]; if(in_array($operator, $operators)) { if($rule == "") { $sql = "{$action} FROM {$table} WHERE {$field} {$operator} ?"; } else { $sql = "{$action} FROM {$table} WHERE {$field} {$operator} ? {$rule}"; } if(!$this->query($sql, array($value))->error()) { return $this; } } } return false; } // public function get($table, $where = [], $column = "*", $rule = "") { // return $this->action("SELECT {$column}", $table, $where, $rule); // } public function get($table, $where = [], $rule = "") { return $this->action("SELECT *", $table, $where, $rule); } They're called like this -> <?php public function recent() { $rule = "ORDER BY RAND()"; $field = "type"; $type = "recent"; $query = $this->_db->get(self::$_table, array($field, "=", $type), $rule); print_r($query); } The code like it is here works. Where the weirdness comes in is if I use the commented out DB->get() method. When I switch it and use the get() method that is commented out in the above code I get a fatal error because it's parsing the query string as this -> The absolute only difference is adding in that $column parameter or not and when it's there this effed up query string is the result. Can one of you fine phreaks break it down for me, I've been staring at my code for an hour and can't figure it out. Thanks

Good evening, Phreaks. Quick question. I have this method here -> public function get($table, $where = [], $column = "*") { return $this->action("SELECT {$column}", $table, $where); } It works great as long as the call to it includes the $where array. I want both $where and $column to be optional here and $where to be an array when it's included. if I only use the $table parameter (which is the only one I want to be required). I keep getting a Could one of you fine folks please explain to me about this error and why I need the $where parameter when I want it to be optional. Thank you

Could someone explain to me why this connection/query succeeds <?php DB::getInstance()->query("SELECT username FROM users WHERE username=?", array("TechnoDiver")); But when I do this it comes back as failed <?php $user = DB::getInstance()->query("SELECT username FROM users WHERE username=?", array("TechnoDiver")); if($user) { echo "success -> "; } else { echo "fail -> "; } like I said I ran tests for the DB->query in the query method and it comes back successfully. It's only when I try to assign it that it comes back failed. Why??

Good morning Freaks, I hope you're all having a productive week. I've a question about an issue I'm having accessing static properties. I've been doing some reading on them but haven't yet deployed one successfully. I have a bunch of classes and I want to make the database query tables all static so they can be used cross-class, so to speak. Here's a sample attempt -> class Post { private $conn; private $user_obj; public static $table = "posts"; public function __construct($conn, $username) { $this->conn = $conn; $this->user_obj = new User($conn, $username); // $this->table = "posts"; } and accessing it here -> public function getBreakingNews() { $query = mysqli_query($this->conn, "SELECT * FROM self::$table WHERE type='breaking' ORDER BY RAND()"); This gets me an error that $table doesn't exist as does using Post::$table. When I assign $this->table = 'posts' (the commented out line in __construct) and access it by $this->table all works great. What am I doing wrong that it won't find that public static property? In the manual there's this example, which I feel like I've stayed true to -> class Foo { public static $my_static = 'foo'; public function staticValue() { return self::$my_static; } } ..... print Foo::$my_static . "\n"; The only difference I see is that they're printing the value and I'm trying to use it in a database query. Can anyone guide me through this mistake I'm apparently making and can't see? I've tried both self::$table and Post::$table, self::table and Post::table, every permutation I can think of but still the variable is saying it's unassigned. Share your knowledge please

I'm looking for some insight on where/how to look something up. I have a Post class and it's really messy so I'm trying to clean it up. There's a method - createPost() - that takes in 8 parameters from a form, does what's needed to them to prepare them for database and creates 7 more properties, as well. For a total of 15 fields being sent to the database. I want to create a sendPost() method to handle this. In creating this method I realized that all these parameters look and feel burdensome and there's no real connection between the 2 methods other than sharing a class. I'd like to look into how to make sendPost take however many of parameters from whichever method it's called for without always having to pass the same amount. So for example if sendPost is being called with createPost than it has to handle 15 parameters, but, later, if I want to call sendPost on an editPost method, for example, it may only need to send 6 parameters back to the database meaning the other 9 would have to be redundantly passed again. I seem to recall from Python years ago there was a way to do this but I can't remember and I really don't know what to even search for to research it. Any direction or resources or advice that anyone could share would be really helpful and appreciated. Thanks

Good Morning, Freaks, I hope you're all well. I've a question - I've been researching coding image resize functionality. While looking into the functions I'd need to do this I came across very similar code used in examples from 3 different sources so decided this was good code to learn from. So I tweeked it a bit and put it into a class method -> public function imageResize($target, $newcopy, $w, $h, $ext) { list($orig_w, $orig_h) = getimagesize($target); $scale_ratio = $orig_w/$orig_h; if(($w / $h) > $scale_ratio) { $w = $h * $scale_ratio; } else { $h = $w / $scale_ratio; } $img = ""; if($ext == "gif" || $ext == "GIF") { $img = imagecreatefromgif($target); } else if($ext == "png" || $ext == "PNG") { $img = imagecreatefrompng($target); } else if($ext == "jpg" || $ext == "JPG" || $ext == "jpeg" || $ext == "JPEG") { $img = imagecreatefromjpeg($target); } $create_tci = imagecreatetruecolor($w, $h); imagecopyresampled($create_tci, $img, 0, 0, 0, 0, $w, $h, $orig_w, $orig_h); imagejpeg($create_tci, $newcopy, 80); } and then connected it to a button -> <?php require("assets/initializations.php"); if(isset($_POST['upload_image'])) { $image_obj = new Image($conn, $user); $image_obj->imageUpload(); } else if(isset($_POST['resize_image'])) { mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT); $image_obj = new Image($conn, $user); $kaboom = explode(".", $image_name); //object params $image_ext = $kaboom[-1]; $target_image = "/opt/lampp/htdocs/site/admin/img/$image_name"; $resized_image = "/opt/lampp/htdocs/site/admin/img/resized_$image_name"; $max_w = 150; $max_h = 150; $image_obj->imageResize($target_image, $resized_image, $max_w, $max_h, $image_ext); //header("Location: add_photo.php"); } ?> Setup: A preview button chooses the image, a preview which is displayed underneath it (using js). There's also an upload button to bring it into the sites file system. This functionality works fine. I've just added the resize button beside the preview button and connected the object method to it. Intended Result: The resize button resizes the previewed image and the resized image is now previewed instead of the original image. Result: Nothing. The button stays in the active state, but nothing happens. I get no warning nor error messages and absolutely nothing in dev tools to work from. Not sure what my next step would be outside asking more experienced coders Any advise or guidance on getting this resolved would be met with appreciation. TIA

I've been trying to write some code that takes user supplied information, sends it to a database (phpmyadmin) and also displays it elsewhere in the app. I'm to the point I'm trying to get it to the database right now. The issue is that it's not making it to the DB and is being lost somewhere. There's no warnings, no errors, nothing being returned anywhere to help resolve the problem, except in the browsers dev tools and that is different whether it's chrome or FF. It's also something that I have trouble seeing being responsible for the loss of data. In Chrome it comes back as -> Page layout may be unexpected due to Quirks Mode In FF as -> Layout was forced before the page was fully loaded. If stylesheets are not yet loaded this may cause a flash of unstyled content. But, like I said, I can't see how this is to blame for the data not making it to the DB and I see no difference in the layout or style anyways. At the top of add_post.php is the following: <?php require("assets/initializations.php"); if(isset($_POST['add_post']) && !empty($_FILES['post_image'])) { $filename = $_FILES['post_image']['name']; $file_tmp_name = $_FILES['post_image']['tmp_name']; $filesize = $_FILES['post_image']['size']; $file_ext = explode('.', $filename); $file_act_ext = strtolower(end($file_ext)); $allowed = array('jpeg', 'jpg', 'png', 'gif'); if(!in_array($file_act_ext, $allowed)) { echo "<script>alert('File Type Not Allowed');</script>"; //not sure how well this size check is working, have to experiment more //also need to research how to do an initial image check } elseif($filesize > 10000000) { echo "<script>alert('Image Is Too Large');</script>"; } else { $file_new_name = uniqid('', true) . "." . $file_act_ext; $dir = "/opt/lampp/htdocs/qcic/usernet/img/"; $target_file = $dir . basename($file_new_name); move_uploaded_file($file_tmp_name, $target_file); $post_obj->addNews( $_POST['title'], $_POST['content'], $_POST['category'], $_POST['status'], $_POST['post_type'], $_POST['tags'], $target_file ); echo "<script>alert('Your Post Has Been Added');</script>"; mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT); } } ?> <?php require('includes/header.php'); ?> Most of it is handling the image. The Post and User objects are instantiated in initializations.php at the top. The image uploads fine, everything works except the post object. The class for that is -> <?php class Post { private $conn; private $user_obj; public function __construct($conn, $user) { $this->conn = $conn; $this->user_obj = new User($conn, $user); } public function addNews($title, $content, $category, $status, $type, $tags, $image) { if(!empty($title) && !empty($content)) { $title = strtoupper($title); $title = mysqli_real_escape_string($this->conn, $title); $content = nl2br($content); $content = mysqli_real_escape_string($this->conn, $content); $added_by = $this->user_obj->getUsername(); $query = mysqli_query($this->conn, "SELECT top_cat_id FROM top_categories WHERE top_cat_title='$category'"); $row = mysqli_fetch_array($query); $cat_id = $row['top_cat_id']; $statement = $this->conn->prepare("INSERT INTO news VALUES ('', '$title', '$content', '$added_by', '$category', '$cat_id', '$image', '$tags', '$status', '$type', '?', '?', '?', '?');"); if($statement) { $statement->execute(); } else { echo "You messed up somewhere"; } } } } ?> I'm not the best or most experienced coder, for sure, but in the few months I've been learning PHP I've written a few DB queries now and this looks right to me. The first attempt didn't have prepared statements but that wasn't getting the data to the DB either. I've checked that the number of fields being sent match the number of fields in the DB, been tinkering with a few small things since yesterday on it, nothing works and as I said, no error or warning is coming back to work from, no message at all to work from. The only thing it triggers is those 2 console messages I mentioned above and the image does get to its new location. It's to the point now I'm just blank-mindedly staring at code. I'm not even getting back the else echo "You messed up somewhere" error from the final if statement, just the javascript alert that it was sent correctly, which it wasn't. I can really use some guidance on this one, thank you

I've been scrolling through some 3rd party code trying to get ideas and a deeper understanding of PHP. I came across these 2 simple methods in a class entitled 'Category' -> public function deleteCategory($id) { $query = mysqli_query($this->conn, "DELETE FROM top_categories WHERE top_cat_id=$id"); if($query) { return true; } else { return false; } } public function updateCategory($id, $category) { $query = mysqli_query($this->conn, "UPDATE top_categories SET top_cat_title='$category' WHERE top_cat_id=$id"); if($query) { return true; } else { return false; } } They're simple enough and work perfectly in the context of their functionality, but I don't understand how. Their instantiation and calls are ordinary but I don't understand how they do what they do. To me (a very untrained eye) they look like they initialize a variable ($query) and then check if it's initialized or not without actually doing anything with it. They've both been instantiated in a file that is included at the top of each page and the method calls are seemingly normal -> if(isset($_POST['edit_cat'])) { $cat_obj->updateCategory($cat_id, $_POST['cat_title']); header("Location: category.php?message=category-updated"); } if(isset($_GET['cat_id'])) { $cat_obj->deleteCategory($_GET['cat_id']); header("Location: category.php?message=deleted-successfully"); } Can someone with the time and will please explain how these 2 methods do the things they do?

Hello everyone. I'm just learning programming. I have a class: class DbBox extends BoxAbstract { public function save() { } public function load() { } } This class has two methods, Load and Save. How to format them correctly so that they can save data to a file?

Hello, I hope it's ok to ask this question here. I have a registration script, but I'm not sure how to handle it efficiently and I have some questions about it. This is used in the page 'signup.php'. The class is called 'User'. I haven't noticed any errors or bugs. It would be very useful for me to be aware of my mistakes. public function regUser($uname,$upass,$upassverify) { $new_password = password_hash($upass, PASSWORD_DEFAULT); if(!password_verify($upassverify, $new_password)) { // passwords are not the same (I thought it would be better to do this after hashing, but maybe it doesn't matter or it's worse. I'm not sure about it) $info = 'pass_err'; } $stmt1 = $this->db->prepare("SELECT * FROM users WHERE username=:uname"); $stmt1->execute(array(':uname'=>$uname)); if($stmt1->rowCount() > 0) { // this username has already been used $info = 'user_err'; } if (!$info) { $stmt2 = $this->db->prepare("INSERT INTO users(username,password) VALUES(:uname, :upass)"); $stmt2->bindparam(":uname", $uname); $stmt2->bindparam(":upass", $new_password); $stmt2->execute(); // succesfully made an account $info = "success"; } header("Location:/signup.php?status=".$info); exit(); } Am I using the prepared statements as how I should be using them? Is this a safe way of handling my data or do you see vulnerabilities? I'm using PRG to prevent resubmission but I want to show a 'everything is fine' or 'oh no, something went wrong' to the one who is signinup. If I now go to signup.php?status=success, i see 'eveything is fine', without actually signing up, is there a better way to do this or can I somehow prevent everyone being able to see this? As you might have noticed in my last post, my English is not very good, sorry about that. Thanks, Fabian

I am getting Fatal error: Uncaught Error: Call to a member function real_query() on null with this code: public final function Retrieve($TABLE, $CRIT){ $_query = "SELECT * FROM `{$TABLE}` WHERE "; foreach($CRIT as $_field => $info){ $_query .= " `{$_field}` = `{$info}` &&"; } if($this->LINK->real_query(rtrim($_query, ' &'))){ return $this->LINK->store_result(); } else{ return json_encode(array("Error"=>$this->LINK->errno(), "Description"=>$this->LINK->error())); } } (LINK is my mysql_connect() result.) I have tried everything i can think of, ->query, going to mysqli_query, breaking it sown and using a $result variable, but nothing seems to work...

I wrote a Token Generator class based off the code from the following thread. It works as expected. I just want to get some more eyes on it for any feedback on improvements or problems. http://forums.phpfreaks.com/topic/298729-forgotten-password/?hl=%2Bmcrypt_create_iv&do=findComment&comment=1524084 <?php /** * Class Token * * Generates a Cryptographically Secure Pseudo Random Number Generator (CSPRNG) */ class Token { /** * Generates a pseudo-random string of bytes * * @return string */ public function getRandomBytes() { return openssl_random_pseudo_bytes(16); } /** * Convert (Encodes) binary data into hexadecimal representation * * Returns an ASCII string containing the hexadecimal representation of $randomBytes * * @param $randomBytes * @return string */ public function getEncodedToken($randomBytes) { return bin2hex($randomBytes); } /** * Decodes a hexadecimally encoded binary string * * @param $encoded_token * @return string */ public function getDecodedToken($encoded_token) { return hex2bin($encoded_token); } /** * Generate a hash value * * @param $raw_token * @return string */ public function sha256Hash($raw_token) { return hash('sha256', $raw_token); } } //---------------------------------------------------------------------------- //Test //---------------------------------------------------------------------------- $token = new Token(); /** Encode token and hash it */ $raw_token = $token->getRandomBytes(); echo $encoded_token =$token->getEncodedToken($raw_token);// Sent to User echo '<br>'; echo $token_hash = $token->sha256Hash($raw_token);// Stored in DB echo '<br>'; /** Decode token and hash it */ $raw_token = $token->getDecodedToken($encoded_token); echo $token_hash = $token->sha256Hash($raw_token);// Compare user token to DB token

I was practicing OOP and made a simple class to log logins. Does anyone see any problems with this or improvements that can be made? Any issue with using NOW() in the query string instead of a placeholder? In another thread, @Jaques1 said: How would I implement that? I rtfm and don't understand it as of yet. <?php // ---------------------------------------------------------------------------- // Database Connection // ---------------------------------------------------------------------------- $dbhost = 'localhost'; $dbname = 'test'; $dbuser = 'root'; $dbpass = ''; $charset = 'utf8'; $dsn = "mysql:host=$dbhost;dbname=$dbname;charset=$charset"; $opt = [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, PDO::ATTR_EMULATE_PREPARES => false, ]; $pdo = new PDO($dsn, $dbuser, $dbpass, $opt); //------------------------------------------------------------------------ // //------------------------------------------------------------------------ $valid_login = new LogLoginStatus($pdo); $valid_login->validLogin('goodusername'); $invalid_login = new LogLoginStatus($pdo); $invalid_login->invalidLogin('bad_username', 'bad_password'); //------------------------------------------------------------------------ // //------------------------------------------------------------------------ class LogLoginStatus { /** * Log Valid/Invalid logins * * @param string login_username * @param string login_password */ public function __construct($pdo) { $this->pdo = $pdo; } function validLogin($username) { $sql = "INSERT INTO user_login (login_status, login_ip, login_username,login_password, login_datetime) values(?, INET_ATON(?), ?, ?, NOW())"; $stmt = $this->pdo->prepare($sql); $stmt->execute(array( 1, $_SERVER['REMOTE_ADDR'], $username, '***' )); } function invalidLogin($username, $password) { $sql = "INSERT INTO user_login (login_status, login_ip, login_username,login_password, login_datetime) values(?, INET_ATON(?), ?, ?, NOW())"; $stmt = $this->pdo->prepare($sql); $stmt->execute(array( 0, $_SERVER['REMOTE_ADDR'], $username, $password )); } } ?> CREATE TABLE `user_login` ( `login_id` int(11) NOT NULL AUTO_INCREMENT, `login_status` tinyint(1) DEFAULT NULL, `login_ip` int(10) unsigned DEFAULT NULL, `login_username` varchar(255) DEFAULT NULL, `login_password` varchar(255) DEFAULT NULL, `login_datetime` datetime DEFAULT NULL, PRIMARY KEY (`login_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8;