|
I get the impression you aren't completely up to speed on what some of the code you used does. die() is a function that causes script execution to stop immediately (hence the name) and has an optional argument which is output to the browser. return is a keyword that causes a function to stop and return whatever comes afterwards. In particular, the "return" in "return die()" is redundant because script execution will have stopped before the "returning" happens. If you change return die($error); to return $error; then the function will return the contents of the variable $error, and your script will be able to continue to run.
|
#
?
May 20, 2010 00:22
|
|
|
|
| # ? May 31, 2024 23:48 |
|
|
Hammerite posted:I get the impression you aren't completely up to speed on what some of the code you used does. Got it! Thanks for helping, the code works perfectly now.
|
|
#
?
May 20, 2010 00:46
|
|
|
I have an issue where on one machine a require_once works fine, but on another it can't find the file. php.ini has one include_path, but the error message has a different one. As far as I can tell it's not being set in .htaccess files, so I'm at a bit of a loss. Any ideas as to where to look?
|
|
#
?
May 20, 2010 16:15
|
|
|
wins32767 posted:I have an issue where on one machine a require_once works fine, but on another it can't find the file. php.ini has one include_path, but the error message has a different one. As far as I can tell it's not being set in .htaccess files, so I'm at a bit of a loss. Any ideas as to where to look? It's an outside guess without seeing any code, but have you checked the permissions for the files on the server? If you just drop the file in the same directory as the script (and change the path appropriately), can you see it then?
|
|
#
?
May 20, 2010 16:40
|
|
|
Masked Pumpkin posted:It's an outside guess without seeing any code, but have you checked the permissions for the files on the server? If you just drop the file in the same directory as the script (and change the path appropriately), can you see it then? It ended up being several nested problems. I'd already fixed the permissions error, but because the second error (the lack of an installed library) wasn't causing any error messages to be generated and I wasn't looking carefully at timestamps I failed to notice it. Tracking down the problem with the lack of installed library was quite a problem with no error messages let me tell you.
|
|
#
?
May 21, 2010 02:52
|
|
|
first off, I am very new to PHP and web programing so I do not have a great understading of the language. With that said I am trying to create a "user profile" page which will display certain infromation about users that is pulled from a Mysql database, the information will be mainly text based with one link to a image that is stored in an "user images" folder alongside the php source. Would it be best to just use php/css, or could xml be used? basically it would be something like this https://wi.somethingawful.com/f3/f3ffc251e5cff56113348a19ee965e28b2ab688c.jpg
|
|
#
?
May 21, 2010 16:22
|
|
|
DholmbladRU posted:first off, I am very new to PHP and web programing so I do not have a great understading of the language. With that said I am trying to create a "user profile" page which will display certain infromation about users that is pulled from a Mysql database, the information will be mainly text based with one link to a image that is stored in an "user images" folder alongside the php source. You want to use HTML / CSS for display, and have PHP populate the dynamic bits. You *could* use XML ( and XSLT to render to the browser ) but you probably don't want to do that unless you have very good reasons not to just use HTML/CSS for display. code:
|
|
#
?
May 21, 2010 16:33
|
|
|
I guess the only reason I thought XML might be applicable is that there will be ~ "profiles" to be displayed. thanks for the information! If I create a class "users" and am trying to store multiple entrys into that, would this be stored as an array DholmbladRU fucked around with this message at 16:58 on May 21, 2010 |
|
#
?
May 21, 2010 16:42
|
|
|
DholmbladRU posted:I guess the only reason I thought XML might be applicable is that there will be ~ "profiles" to be displayed. You would create an array and add multiple users to it php:<?
class User
{
var name;
}
$user1 = new User();
$user1->name = "fred";
$user2 = new User();
$user2->name = "george";
$users = array();
$users[] = $user1;
$users[] = $user2;
// Then to loop through your array, do something like this
foreach ($users as $user)
{
echo $user->name . "<br />\n";
}
// The output would be
// fred<br />
// george<br />
?>
|
|
#
?
May 21, 2010 17:37
|
|
|
Begby posted:You would create an array and add multiple users to it In addition to this, if you are pulling user info from a DB, you loop through the results in a similar manner: php:<?
// database connection stuff goes here
$queryResults = mysql_query('SELECT firstName, lastName FROM users WHERE 1'); //you'd write a better query
while( $user = mysql_fetch_object( $queryResults ) )
{
printf("%s %s<br />\n", $user->firstName, $user->lastName);
}
?>
|
|
#
?
May 21, 2010 17:49
|
|
|
thanks for all of the help guys. For defining var in a class does it need to be 'var $Fname'? It doesnt seen to like it when there is no '$' there.
|
|
#
?
May 21, 2010 18:52
|
|
|
DholmbladRU posted:thanks for all of the help guys. For defining var in a class does it need to be 'var $Fname'? It doesnt seen to like it when there is no '$' there. http://www.php.net/manual/en/language.variables.basics.php http://www.php.net/manual/en/getting-started.php
|
|
#
?
May 21, 2010 20:16
|
|
|
I need help picking out an MVC framework to use for a project. I'm helping an open source project convert their web gui from the mess that it is to something more manageable. I've got experience with MachII (coldfusion framework) but no experience with any for php. suggestions?
|
|
#
?
May 22, 2010 17:37
|
|
|
Jick Magger posted:I need help picking out an MVC framework to use for a project. I'm helping an open source project convert their web gui from the mess that it is to something more manageable. I've got experience with MachII (coldfusion framework) but no experience with any for php. Kohana or Zend. Ignore anyone who says Smarty.
|
|
#
?
May 23, 2010 06:44
|
|
|
So I'm pretty new to PHP, having a rudimentary problem simply passing data page 1 form to another. http://pastebin.com/tJhivGzK That's the code I have, basically just trying to make a little thumbnail sort of page. Then when you click the thumbnail it takes you to a full blown image. How ever, the only way I've ever passed data before is with a form, so I'm not sure how I go about doing it through hyperlinks? Not really sure where to go from here...
|
|
#
?
May 24, 2010 13:45
|
|
|
Sab669 posted:So I'm pretty new to PHP, having a rudimentary problem simply passing data page 1 form to another. If you use the GET method to pass information to a page (as in page.php?PhotoID=12345) then the information is found in the $_GET array and can be retrieved in the same way as the information in the $_POST array (which you are presumably familiar with if you have dealt with forms).
|
|
#
?
May 24, 2010 15:22
|
|
|
It probably doesn't even need to be said, but I assume you're validating your inputs, right? $var = htmlentities($var, ENT_QUOTES) works pretty well for me, but if there are better options available, I'd be interested in hearing them.
|
|
#
?
May 24, 2010 15:46
|
|
|
Hammerite posted:If you use the GET method to pass information to a page (as in page.php?PhotoID=12345) then the information is found in the $_GET array and can be retrieved in the same way as the information in the $_POST array (which you are presumably familiar with if you have dealt with forms). Is that what I'd want? I know I was taught about GET at the beginning of the semester, but we literally never used it. I'll go read up on it, then. Thanks. edit; Just looking at w3schools, they still use GET inside of a form. So would I just put the images inside a form and the when the image is clicked, would that count? Sadly, I don't have my laptop with me so I can't try it right now. Sab669 fucked around with this message at 18:28 on May 24, 2010 |
|
#
?
May 24, 2010 18:24
|
|
|
Sab669 posted:edit; Just looking at w3schools, they still use GET inside of a form. So would I just put the images inside a form and the when the image is clicked, would that count? Sadly, I don't have my laptop with me so I can't try it right now.
|
|
#
?
May 24, 2010 18:38
|
|
|
The general rule of thumb is GET for retrieving data, POST for sending it. getinfo.php?getthisid=1 php:<? $id = $_GET['getthisid']; ?> php:<? $setthis = $_POST['setthis']; ?>
|
|
#
?
May 24, 2010 22:10
|
|
|
Masked Pumpkin posted:It probably doesn't even need to be said, but I assume you're validating your inputs, right? $var = htmlentities($var, ENT_QUOTES) works pretty well for me, but if there are better options available, I'd be interested in hearing them. http://www.php.net/manual/en/book.filter.php
|
|
#
?
May 25, 2010 01:01
|
|
|
Lumpy posted:In addition to this, if you are pulling user info from a DB, you loop through the results in a similar manner: Havnt had a chance to work on this much. Would the fallowing be sufficient to create an object, assign that object values, then store those objects in an array. php:<?
$queryResults = mysql_query('SELECT Fname, Lname, PrimEmail, SecEmail, Class, Standing, picture FROM 'xxx');
$count = 0;
$arryOfProfile[];
while( $user = mysql_fetch_object( $queryResults ) )
{
$temp = new User();
$temp->$Fname = $user->FName;
$temp->$Lname = $user->Lname;
$temp->$PrimEmail = $user->PrimEmail;
$temp->$SecEmail = $user->SecEmail;
$temp->$pClass = $user->Class; //What do I do about this? field is class in database, should I simply rename it?
$temp->$standing = $user->Standing;
$temp->$picture = $user->picture;
$arryOfProfile[$count] = $temp;
$count = $count + 1;
}
?>
|
|
#
?
May 25, 2010 20:07
|
|
|
DholmbladRU posted:Havnt had a chance to work on this much. Would the fallowing be sufficient to create an object, assign that object values, then store those objects in an array. A few tidbits $temp->$FName That should be $temp->FName. Using $ in there means to use the value of $FName as the field. code:You don't need to use the counter. Instead you can use $arrayOfProfile[] = $temp. The empty brackets means to add a new array value at the end of the array. code:What is the issue with Class? Are you having some issues with the SQL or something? If that is messing up your SQL statement you can surrount it with backticks `Class` which is the character on the tilda key above tab on your keyboard. Otherwise I think it should work. Have you given it a try? One thing that will help you as you try this out is print_r, use it to echo out the contents of objects and arrays and such, then view the source code in the browser. That will help you determine if your stuff is working right.
|
|
#
?
May 25, 2010 20:33
|
|
|
thanks! Ill take a look at all that and try it out tomorrow when I get a chance. ever done any object oriented php so this is all new to me. The issue with 'class' is that it is a predefine word used in php. And in my table it is one of the fields. edit shold have included the class. php:<?
class User
{
var $Username
var $Fname;
var $Lname='';
var $PrimEmail;
var $SecEmail;
var $Class;
var $standing;
var $picture
}
?>DholmbladRU fucked around with this message at 21:09 on May 25, 2010 |
|
#
?
May 25, 2010 21:01
|
|
|
DholmbladRU posted:Havnt had a chance to work on this much. Would the fallowing be sufficient to create an object, assign that object values, then store those objects in an array. What Begby said, plus you probably want to initialize your User inside the User class itself: php:<?
$queryResults = mysql_query('SELECT Fname, Lname, PrimEmail, SecEmail, Class, Standing, picture FROM 'xxx');
$arrayProfile = array();
while( $user = mysql_fetch_object( $queryResults ) )
{
$arrayProfile[] = new User( $user );
}
?>
|
|
#
?
May 25, 2010 21:04
|
|
|
If I may pull all of the above togetherphp:<? edit - dang, so close but for one line. Continue below.?> DoctorScurvy fucked around with this message at 08:22 on May 26, 2010 |
|
#
?
May 25, 2010 22:05
|
|
|
Close... but a touch off, should be more like thisphp:<?php class User { var $Username; var $Fname; var $Lname=''; var $PrimEmail; var $SecEmail; var $Class; var $standing; var $picture; function __construct($userData) { $this->Fname = $userData->FName; $this->Lname = $userData->Lname; $this->PrimEmail = $userData->PrimEmail; $this->SecEmail = $userData->SecEmail; $this->pClass = $userData->Class; $this->standing = $userData->Standing; $this->picture = $userData->picture; } } ?> <?php $queryResults = mysql_query('SELECT Fname, Lname, PrimEmail, SecEmail, Class, Standing, picture FROM 'xxx'); $arrayProfile = array(); while($userdat = mysql_fetch_assoc($queryResults)) { $arrayProfile[] = new User($userdat); } ?>
|
|
#
?
May 26, 2010 02:03
|
|
|
DholmbladRU posted:I was doing $temp->$Fname = $user->FName; and including the $ on the first value because this is the name of the variable in the class. Is this not correct? Yeah, that is not correct. There should only be a dollar sign on the name of your object, every dollar sign after gets evaluated as another variable as in my example above. If you use $temp->$FName, it will try to use the value of $FName as the field name. If $FName is null, I am not sure what happens, but its definitely not correct. Are you actually trying any of this code? Do what I said and run print_r and try these things out experimentally and see what happens. Learning by trying, failing, and fixing, will seriously make it so you understand and retain knowledge a lot more than someone telling you how to do it.
|
|
#
?
May 26, 2010 02:07
|
|
|
I'm working on a project on SQL Injections and to show them I'm using a simple PHP login form. I'm noticing some weird behavior that I think is coming from mysql_query() but I'm not positive and I don't really understand it so I'm looking for some help. Background: I have disabled magic quotes, and this example is from the weakest form with no security so it should be completely vulnerable to injections. The server I'm on has an old version of MySQL which doesn't seem to support '--' for commenting, so I'm using '#'. Here is the code from my checking function: code:Username: blah Password: ' OR 1=1# code:Username: ' OR 1=1# Password: s code:I've done some (very simple) PHP and MySQL work in the past, nothing ever dealing with logins and sessions though so some of this is new to me. I just don't really understand this behavior at all. Thanks to anyone who can help clear this up.
|
|
#
?
May 29, 2010 20:09
|
|
|
PHP has some weird requirements in order to get a comment to work correctly with mysql_query(). Try using "-- -" as the comment, because it seems to be the magic fix.
|
|
#
?
May 29, 2010 23:45
|
|
|
No such luck, still saying not a valid resource. I never thought I'd have this much trouble breaking something so weak.
|
|
#
?
May 30, 2010 08:30
|
|
|
Do a var_dump on $result. Is it false? If so, check mysql_error().
|
|
#
?
May 31, 2010 05:02
|
|
|
Is PDO's bindparam secure enough to do the following?:php:<?
$SQL->bindParam(":uname",$_POST['uname'],PDO::PARAM_STR);
$SQL->execute();
?>
|
|
#
?
May 31, 2010 23:25
|
|
|
McGlockenshire posted:Do a var_dump on $result. Is it false? If so, check mysql_error(). Yeah, I checked and $result is false. This is what I get: code:code:rivals fucked around with this message at 05:55 on Jun 1, 2010 |
|
#
?
Jun 1, 2010 05:52
|
|
|
gwar3k1 posted:Is PDO's bindparam secure enough to do the following?: rivals posted:Yeah, I checked and $result is false. This is what I get:
|
|
#
?
Jun 1, 2010 19:25
|
|
|
rivals posted:Yeah, I checked and $result is false. This is what I get: I'm not totally clear on why you're mucking about with comments, which as you can see are not particularly portable and often have weird syntax glitches because they are parsed differently than other components. If you set the username to something like ' OR ''='' OR ''=' then you'll wind up the statement SELECT * FROM plaintext WHERE username='' OR ''='' OR ''='' AND password='f' which because AND has higher precedence than OR and both are left-associative is parsed as SELECT * FROM plaintext WHERE (username='' OR ''='') OR (''='' AND password='f') which selects all rows. If you want just a particular username, you could use user' OR 'x'=' and get SELECT * FROM plaintext WHERE username='user' OR 'x'='' AND password='f' which parses like SELECT * FROM plaintext WHERE username='user' OR ('x'='' AND password='f') which can be seen to just select the row for that username.
|
|
#
?
Jun 1, 2010 20:06
|
|
|
Here's a question that will probably be ignored, as it's a bit odd: Suppose I want to get additional functionality that essentially requires a new control structure or language construct in the code I write, what options do I have? My motivation for thinking about this is as follows: I would like to be able to have my scripts output nicely indented HTML, but for ease of editing I also want to have the HTML appear verbatim in my PHP code with indenting that respects the eventual indenting of the HTML and at the same time the indentation level of the surrounding PHP. So the following (for a crude example) results in nice HTML, but doesn't look nice in my PHP: code:code:
|
|
#
?
Jun 1, 2010 21:32
|
|
|
Hammerite posted:Here's a question that will probably be ignored, as it's a bit odd: One thing that might solve your problem is to use some sort of templating system. Smarty actually has syntax very similar to what you have in your example. You will need to keep most of your PHP logic in separate files, but thats actually a really good thing. I am not saying to necessarily use Smarty, there are other templating systems out there. Check them out and see if it will solve your problem.
|
|
#
?
Jun 2, 2010 03:32
|
|
|
Have you tried the tidy extension? Though it seems to kill whitespace, not structure it. Hmm. Alternatively, you could load your output into a DOMDocument using loadHTML() and then manually perform output by crawling the DOM. Neither of these is likely to be very fast. McGlockenshire fucked around with this message at 05:41 on Jun 2, 2010 |
|
#
?
Jun 2, 2010 05:39
|
|
|
|
| # ? May 31, 2024 23:48 |
|
|
Interesting idea, yes, some kind of templating system might be a step forward. Thanks for the suggestion!
|
|
#
?
Jun 2, 2010 07:40
|
|