Do I Need To Sanitize My CSVs Before Importing? (Link To Post On /R/Database Inside) phphelp
3 years ago | 3 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
I would do it, just to be safe. It's not going to hurt anything if you do. I believe PDO will do this for you.
3 years ago
Need some clarification with Contact Forms phphelp
3 years ago | 1 comment |
self.PHPhelp | Score: 1
Reddit
Latest Comment
If Apache is serving from
/Library/WebServer/Documents
Then anything you want to serve should go there.
3 years ago
[DISCUSSION] How much do you guys comment in your code phphelp
3 years ago | 12 comments |
self.PHPhelp | Score: 6
Reddit
Latest Comment
I try to follow the principle of explaining why I'm doing something, not what is being done.
The problem, however, is deciding what needs explanation. I think my code probably has too few comments in that regard.
3 years ago
Special answer style for an online survey phphelp
3 years ago | comments |
self.PHPhelp | Score: 1
Reddit
Empty array when i run print_r() phphelp
3 years ago | 5 comments |
self.PHPhelp | Score:
Reddit
Latest Comment
$data1 = array();
print_r($data1);
What do you expect to happen?
3 years ago
Why am I getting an undefined error? phphelp
3 years ago | 3 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
$this->_datatypes
would look up the property _datatypes
. $this->$_datatypes
looks up the property named by $_datatypes
.
3 years ago
MySQLi lib problem phphelp
3 years ago | 17 comments |
self.PHPhelp | Score: 4
Reddit
Latest Comment
WHERE username
= ?
I've never seen the ? in an SQL statement like that before. What does it do?
3 years ago
Mysql pdo binding variables problem phphelp
3 years ago | 7 comments |
self.PHPhelp | Score: 3
Reddit
Latest Comment
This seems to work for me regardless of whether $param1
is set to '2017-10-10'
or null
. I'm curious what you have in $opt
, I'm just using the defaults and not passing any options there.
There is, at least in theory, a PDOStatement method called debugDumpParams()
that's supposed to be of help here. However, I have yet to find a version of PHP where it dumps the bound values. If you have administrator access to the MySQL server, it may be easier to turn on query logging there, and examine the MySQL log to see what queries PDO is sending. You would need to put something like this in your my.cnf:
# Log all queries
general_log_file = /var/log/mysqld-all-queries.log
general_log = 1
The MySQL user will need permission to write to the file specified here. Restart the MySQL service and inside the log file you'll get the queries including parameters, like this:
2017-07-04T16:33:32.020672Z 11 Query SELECT *
FROM table_a
WHERE name = 'name is carl' AND ((`my date` >= NULL AND `my date` < '2017-10-17') OR
ISNULL(NULL))
ORDER BY `my date`
2017-07-04T16:33:32.021104Z 11 Quit
If you go this route, don't forget to turn that logging back off, since the log file can get big in a hurry depending on your environment.
3 years ago
Need help with Twig phphelp
3 years ago | 2 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
just get your data into array. For example, with PDO you can use fetchAll() method:
$stmt = $pdo->query("SELECT * FROM users limit ?, ?");
$stmt->execute([$limit, $offset]);
$users = $stmt->fetchAll();
then assign this $users variable to twig template the usual way and then iterate over it as it's shown in the manual:
<% for row in users %>
<a href="details.php?id={{ row.id }}">
{{ row.name }}
</a>
<% endfor %>
3 years ago
Execute command and display output with no block on windows phphelp
3 years ago | 2 comments |
self.PHPhelp | Score: 6
Reddit
Latest Comment
Before answering, are you absolutely sure this is a good idea? Really sure? Your commands are going to be hard coded and not based on user input, right? You've read about properly escaping command line input? Ok, the consequences are on your head, you have been warned.
You don't mention what kind of environment you are working with -- mod_php, FastCGI, CGI, or CLI -- or what webserver (Apache, Nginx, IIS) you are working with. It might also be helpful to know the version of PHP you are using.
The following works with the builtin PHP 7.1 webserver on Windows 10:
<?php
$handle = popen('ping -n 10 google.com', 'r'); // Opens a read-only file pointer to a command
while($buffer = fgets($handle)) { // Reads the output line by line until command ends
echo $buffer . '<br>' . PHP_EOL; // echo with some style
ob_flush(); // flush the buffer
}
pclose($handle); // close the process file pointer
http://php.net/manual/en/function.popen.php
http://php.net/manual/en/function.fgets.php
http://php.net/manual/en/function.ob-flush.php
3 years ago
I dunno anything about PHP. Can someone help with this line? phphelp
3 years ago | 2 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
I would interpret that as he's suggesting that you echo the variable by itself, like this:
<?php echo $ad['code']; ?>
3 years ago
Split Date object array for a specified period phphelp
3 years ago | 4 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
I think I'm confused here, but why not convert it to a unix timestamp which gives you a single number, then just check for a range +- 300 seconds.
3 years ago
php+eloquent eager loading query question phphelp
3 years ago | 4 comments |
self.PHPhelp | Score: 4
Reddit
Latest Comment
Idk if there is a shorter way:
Model::find(1234)->get()->pluck('color');
replace 1234
with whatever ID you like
3 years ago
Set MySql data using OFFSET phphelp
3 years ago | 7 comments |
self.PHPhelp | Score: 3
Reddit
Latest Comment
Eventually after some extensive googling I found a solution that worked.
Here's what worked for me, just in case some day someone else (or more than likely, me again) is having the same problem.
It turns out that OFFSET doesn't work when using UPDATE, however it does work with SELECT.
So this code is a way to get an offset row in mysql, just substitute 'table', 'column' and 'value' to whatever you need:
UPDATE table SET column = 'value' WHERE id =(SELECT t.id FROM (SELECT id FROM table ORDER BY id DESC LIMIT 1 OFFSET 1) t )
3 years ago
Call to undefined method mysqli_stmt::get_result on Godaddy Shared hosting. phphelp
3 years ago | 1 comment |
self.PHPhelp | Score: 1
Reddit
Latest Comment
Have you checked phpinfo()
to confirm that the module is actually enabled ?
3 years ago
Question about PHP code inside of an echo function phphelp
3 years ago | 14 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
$_POST is a variable, not a function. It is a 'superglobal' variable in PHP meaning it is initialised for you in all scripts and contains special values. Other examples are $_SERVER and $_COOKIE. You can read more about these here. In this case, $_POST is a variable that holds all data included with the HTTP Post request made to that particular script.
In your HTML, ensure your form method is set to POST. If you do not do this, the request made will default to a GET request, and the $_POST variable will not hold any data. You can ensure the <form> is POSTed by doing the following:
<form method="POST" ...> ... </form>
Going back to your issue with using variable in strings - because $_POST is a variable you can use it in the same way you'd use any other variable:
<?php
echo 'string'.$variable.'string';
echo "string{$variable}string";
echo 'string'.$_POST['key'].'string';
echo "string{$_POST['key']}string";
Looking specifically at this piece of code:
echo ' ... value="isset($_POST["inputs"]['.$i.']['.$j.'])"
PHP won't execute inside of a string that way, so you must break out of the string in order to execute the "isset()" function. By "break out of the string" I mean, closing the string with a matching quote and concatenating the string with the function call using the 'concatenation operator' (.). You can see this in action below:
<?php
echo 'string function("parameter")'; // Wrong - will literally echo the code itself
echo 'string' . function("parameter"); // Right - we stop the string before adding the PHP code
Secondly, once you've corrected those issues you will run into another problem. The function isset() returns a Boolean value. The documentation is your friend here. If you read the documentation for that function you will see:
bool isset ( mixed $var [, mixed $... ] )
The 'bool' at the beginning indicates that the function returns a value with the type 'boolean'. A boolean value is true or false. So in your code, you are actually going to be outputting the returned value of the isset() function, which is true or false (or actually - 1 or 0, as PHP will convert the boolean value to a numeric representation instead of literally outputting the word 'true'). You touched upon the solution in your post, you need to first check if the variable is set - outputting the variable if it is, and outputting nothing if not:
<?php
// The long way
if (isset($_POST['inputs'][$i][$j])) {
echo $_POST['inputs'][$i][$j];
} else {
echo '';
}
// Shorthand
echo isset($_POST['inputs'][$i][$j]) ? $_POST['inputs'][$i][$j] : '';
// Even-shorter-hand
echo $_POST['inputs'][$i][$j] ?: '';
Given the complexity of the string you are composing, in this situation you would benefit from using the sprintf function. This allows you to separate the string you are building from the data you are interpolating in the string, by using "conversion specifications" (%s) to denote where the data goes:
<?php
echo sprintf(
'<td><input type="number" id="%s_%s" name="%s" value="%s" min="1" max="9"></td>',
$i,
$j,
"inputs[{$i}][{$j}]",
$_POST['inputs'][$i][$j] ?: '' // Shorthand described above
);
Hope this helps :)
3 years ago
php + mysql security question phphelp
3 years ago | 17 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
Yes, this question could be called "stupid", in the meaning it's a non-existent problem as your premises are wrong.
To get the proper answer, you have to understand how PHP works. The most essential part is that, unlike JS, PHP works on the server, while giving away only a final result, instead of giving the source code to execute. From which you can tell that navigating to your file won't be of any help - they will likely see just a blank page.
3 years ago
Not sure how to test if values are being saved to array in _POST phphelp
3 years ago | 7 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
echo '<td><input type="number" id="$i_$j" name="inputs[$i][$j]" value="" min="1" max="9"></td>';
is outputting '$i' and '$j' instead of the values because you are using single quotes.
echo '<td><input type="number" id="$i_$j" name="inputs['.$i.']['.$j.']" value="" min="1" max="9"></td>';
The ids for each cell is still being set as $i_$j also.
3 years ago
PHP and MySQL - Trying to merge these to get list of addresses within last 60 seconds (so it doesn't hammer the mysql database) phphelp
3 years ago | 5 comments |
self.PHPhelp | Score: 4
Reddit
Latest Comment
DISCLAIMER: I'm half-asleep and someone else likely has a better way of handling this. I'm also having some difficulty understanding what you're trying to do with $uniqueListN[]
First and foremost, I'd suggest having a $db
connection made outside of the class, and then adding parameters to your methods that accept this DB connection. That way you're not making 3 new database connections every time this is run.
If you want to reduce the SQL queries, and alternative could be to have a single method pull the minerAddress
entries from miners
, dump that into an array, then use PHP to parse that resulting array to build your three $uniqueList
variables.
A quick and dirty (And untested, but theoretically functional) example that runs a single SQL query, and does the extra parsing solely with PHP:
$db = new PDO("mysql:host=localhost; dbname=hidden", 'hidden', 'hidden');
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
class SNATGRAB
{
public static function getUniqueList($unixdatetime, $db)
{
$stmt = $db->prepare("SELECT `minerAddress` FROM `miners` WHERE `minerDatetime` + 60 >= :minerDatetime ORDER BY `minerDateTime` DESC");
$stmt->bindParam(':minerDatetime', $unixdatetime, PDO::PARAM_INT, 34);
$stmt->execute(array(
':minerDatetime' => $unixdatetime,
));
return $stmt->fetch(PDO::FETCH_ASSOC);
}
}
$g = time();
$uniqueListArray = SNATGRAB::getUniqueList($g, $db);
$uniqueListTotal = count($uniqueListArray); // Theoretically the same as using the `$stmt->rowCount()` method
$uniqueList = $uniqueListArray[0]; // Theoretically should give you the same result as running the query with `LIMIT 1`, which would give you the first matching entry
// NOTE: Starting at '1' here because PHP indexes start at 0, instead of a counter in SQL starting at 1
for ($x = 1; $x < $uniqueListTotal; $x++) {
// Did you mean <= in this for loop? The last entry matching your WHERE condition will be skipped if you only use <
$uniqueListN[$x] = $uniqueListArray[$x]; // Theoretically the same result as your previous `SNATGRAB::getUniqueListLim` method
}
To be quite honest with you, I don't think the $uniqueList
and $uniqueListN
variables are actually needed, depending on what you're doing with them after this section, since $uniqueListArray
here is a numeric indexed array that can easily be parsed
3 years ago
New text is overwriting old text phphelp
3 years ago | 3 comments |
self.PHPhelp | Score: 3
Reddit
Latest Comment
The 'w+'
mode for fopen()
opens the file for writing and reading, yes, but it puts the file pointer at the start of the file, so whatever you write will immediately overwrite what's already there.
As /u/Morsus-y2k pointed out, the 'a'
(“append”) mode for writing to the end of the file is what you want.
3 years ago
XAMPP and php, please help (beginner problem) ! phphelp
3 years ago | 6 comments |
self.PHPhelp | Score: 4
Reddit
Latest Comment
This script is full of bad practices (md5 password hashing) and SQL injections. Do not use it! Read phptherightway.com for more infos.
3 years ago
Can you help me ??? phphelp
3 years ago | 8 comments |
self.PHPhelp | Score:
Reddit
Latest Comment
Undefined variable: database
Is the variable $database
defined somewhere above line seven?
3 years ago
"A non well formed numeric value encountered" phphelp
3 years ago | 5 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
3 years ago
Displaying specific data from JSON Array (Twitter API) phphelp
3 years ago | 4 comments |
self.PHPhelp | Score: 3
Reddit
Latest Comment
I think the twitter API returns a json response, so you would have to
json_decode( $statuses );
Then you should be able to use
$items->created_at
or
json_decode( $statuses, true );
$items['created_at'];
3 years ago
Creating an account page phphelp
3 years ago | 2 comments |
self.PHPhelp | Score: 4
Reddit
Latest Comment
Additional data goes into the database most likely. Things like images should be stored in the file system and referenced in the database. How you setup the file system storage is up to you. Easy solution would be to use PHP for image uploads and put all media into a /media folder under the username if you are creating a directory per user. If you are using mod_rewrite/SEFUs, you will have to come up with some other solution.
3 years ago
Help getting gettext working phphelp
3 years ago | 4 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
Do you use Windows (XAMPP) or Linux?
Under Linux the locale must be installed. So this will never work:
$locale = 'ga_IE'; // for testing
The filename of the mo file must be formated like this
<domain>_<locale>.mo
The full path must be look like this:
./locale/en_US/LC_MESSAGES/messages_en_US.mo
Here is an example
<?php
$locale = 'de_DE';
//$locale = 'fr_FR';
$domain = 'messages';
$textDomain = $domain . '_' . $locale;
$codeset = 'UTF-8';
$directory = __DIR__ . '/locale';
// For Windows
putenv('LC_ALL=' . $locale);
// Set language
setlocale(LC_ALL, $locale);
// Set base directory for all locales
bindtextdomain($textDomain, $directory);
// Set domain codeset (optional)
bind_textdomain_codeset($textDomain, $codeset);
// File: ./locale/de_DE/LC_MESSAGES/messages_de_DE.mo
textdomain($textDomain);
// test translations
echo _('Yes');
Edit: Fixed typo (local to locale)
3 years ago
Route planning from postcode (zip code) phphelp
3 years ago | 5 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
3 years ago
Can't get PDO to run from external file phphelp
3 years ago | 5 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
3 years ago
Better way to go about HTML in PHP phphelp
3 years ago | 7 comments |
self.PHPhelp | Score:
Reddit
Latest Comment
3 years ago
JQuery Ajax not passing post data to PHP phphelp
3 years ago | 8 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
First of all. You want to prevent the default behaviour of the submit.
First of all. You want to stick a callback in your jquery
$('#send').on('submit', function(event)
Then the first line should be
event.preventDefault();
This will stop the submit and complete the rest of your function, the default submit behaviour is preventing your code from executing.
And you need to put name="whateverName" for your inputs. To captcha the post variable.
3 years ago
E-Mail Form on static Website phphelp
3 years ago | 4 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
You could just a self processing form page with one PHP script.
For spam, someone else mentioned Captcha. An additional protection you can use is a honeypot, which only bots will see in the source code.
3 years ago
in_array function just not working. phphelp
3 years ago | 3 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
You have an array
of objects of type stdClass
.
Your if statement check would be $subarray->mac == $username"
Edit:
Turn on error reporting
3 years ago
Should I translate a multidimensional array to class structure instead phphelp
3 years ago | 2 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
Classes and multidimensional arrays serve different purposes. I use arrays all the time to store results from database calls like you are doing above.
Arrays are in the category of "Data Structures." Whereas classes not only hold "information" but also functions and state.
I would spend the time to learn classes. As your project becomes larger, if you effectively use classes, your code becomes more organized and easier to maintain.
A place I would highly suggest using a class, especially if you aren't using a framework, is put your database functionality behind a class:
Using PHP with MySQL - the right way
That link is a good example of how one could set that up.
Also, this discussion in stackoverflow makes some good points:
Why use classes in php?
Part of learning programming is simply reading through a lot of documentation, tutorials, stack overflow, etc. Which, there seems to be no lack of online.
But its worth your time to learn how to do it right and I hope that you find success doing so.
3 years ago
How to store form input in mySQL database? phphelp
3 years ago | 4 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
Have a look into some 'simple PHP CRUD tutorials' there are thousands of them out there that cover the basics. Like this one.
3 years ago
How do I update curl version for php on wamp server windows 7 phphelp
3 years ago | 4 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
My best guess (i'm not using wamp) is that the curl version for php 7.1.6 is not compatible with php version 5.5.12.
By the way, php 5.5 is no longer supported (end of life), which means no updates (not even security fixes) will be released for this version anymore. You can get an overview of supported versions here.
The current version of Wamp support php 5.6 and 7.0, which are both supported.
3 years ago
The "proper" way to do string interpolation phphelp
3 years ago | 15 comments |
self.PHPhelp | Score: 10
Reddit
Latest Comment
sprintf("Hello %s.", $name['key']);
3 years ago
PHP contact form keeps getting error phphelp
3 years ago | 3 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
$to is just a string that says 'email', not an actual email address. Maybe you removed the real email because you didn't want to post it here. If you did, and the server is on Windows, use just an email (e.g. 'email@address.com') as opposed to 'Full Name <email@address.com>'.
Also check your settings for SMTP.
It might also help to turn on php error logging to see what's being outputted. You can put this at the top of the file:
ini_set('display_startup_errors', 1);
ini_set('display_errors', 1);
error_reporting(-1);
There's a bunch of things that need to be changed and improved in your code, such as sanitization for example, but let's just get mail() working for now.
3 years ago
Best way to send variables in a link, encoded phphelp
3 years ago | 5 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
Don’t send data that you don’t want others to see within a link. It doesn’t matter if it is encoded/encrypted or not, it’s just plain insecure.
A better option would be if the data you need gets submitted via a POST to an API that you provide (over SSL of course). Anything else is just screaming for compromise.
3 years ago
Downgrading to 5 from 7 phphelp
3 years ago | 7 comments |
self.PHPhelp | Score: 3
Reddit
Latest Comment
OP edited to show final gratitude after implementing suggestions.
3 years ago
I need help with file locations after putting my project on a VPS. phphelp
3 years ago | 3 comments |
self.PHPhelp | Score: 3
Reddit
Latest Comment
3 years ago
wp cron script not working phphelp
3 years ago | 2 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
foreach ( $update_activate_id as $update_activate_id )
Using the same variable name on the both sides might cause some problems or ambiguities.
3 years ago
How to change 'foreach' to only single variable phphelp
3 years ago | 8 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
Put it in a function and type hint an array. Boom, done.
3 years ago
json_encode outputs too many decimal places for latitude and longitude phphelp
3 years ago | 3 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
3 years ago
Issues with my image class phphelp
3 years ago | 4 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
First - when the image supplied to saveAsJpeg is a PNG with transparencies, it gets rendered onto a black background, where I'd rather a white background instead.
Look here for a sollution
Second - I'm still trying to figure out how to verify if a file is a PDF or not.
If you are running this code on a linux systm, you can look at the file command.
Never trust the mime file the $_FILES array. That can be manipulated during the request.
Any advice/pointers to any of those would be appreciated. Thanks!
My 2 cents (after a quick scan of the code):
It looks like the image class has multiple purposses.
It can process an uploaded image or PDF file (basicaly not an image), resize an image or delete an image.
Uploading a document/image, resizing an image and managing a file are 3 different things and should be managed by 3 different classes.
Looking at you code I see the following/have the following recommendations:
- Use more consistent variable names. You use user_score and camelCase in the same class.
- Start using type hinting. Your $file is an array (I guess the raw $_FILES['uplad_file'] array).
- Instead of the raw $_FILES data, you can look into SplFileInfo. Using classes or object give you more control over the data they hold. Now you assume the $file variable is an array and the "tmp_name" key does exist.
- You calculate a SHA1 hash based on the temporary filename. There is no guarantee this filename is unique (over multiple requests) and it may result in a overwrite of the final image.
- Start using === instead of == (overal better to also check the type instead of just the value)
3 years ago
3 way websocket server in php? phphelp
3 years ago | 3 comments |
self.PHPhelp | Score: 3
Reddit
Latest Comment
3 years ago
I'm new to PHP coding. Need some help. phphelp
3 years ago | 3 comments |
self.PHPhelp | Score: 1
Reddit
Latest Comment
The HTML coding is working. I'm just having trouble executing the PHP. Any ideas you can lend me?
3 years ago
Trying to have a youtube video show up in a slider function with the embed code: am i doing this right? phphelp
3 years ago | comments |
self.PHPhelp | Score: 1
Reddit
Should an exception be thrown if a 'getter' method is given an improperly formatted key, or should the method simply be allowed to quietly return null? phphelp
3 years ago | 3 comments |
self.PHPhelp | Score: 2
Reddit
Latest Comment
When I use custom getters and setters, I always throw an exception for attempts to access a nonexistent value.
You don't have to, but I'd rather be safe than sorry.
3 years ago
googles invisible recaptcha phphelp
3 years ago | comments |
self.PHPhelp | Score: 1
Reddit
Does this class even make sense? phphelp
3 years ago | 4 comments |
self.PHPhelp | Score: 3
Reddit
Latest Comment
Regarding insert.
If you change your json array structure to meet this in the query, i.e. make it like this
$this->bookingData['startDate'];
$this->bookingData['endDate'];
$this->bookingData['days'];
$this->bookingData['price'];
then you'll be able to run your code like this
public function insert_booking() {
$query = 'INSERT INTO ' . $this->table . '(start, end, price, days) VALUES(:startDate, :endDate, :price, :days)');
$this->pdo->prepare($query)->execute($this->bookingData);
}
which is dramatically shorter and I hope does answer your question
3 years ago