|
IcedPee posted:I hope this is the right thread for this. I think a better answer would be neither. Both of those sound like a huge pain in the rear end. What I think you should do is use Vagrant to set up a Linux VM with Ubuntu/Debian and install a LAMP stack on there. I wrote a post a while ago on how to get started with Vagrant: https://leftnode.com/entry/getting-started-with-vagrant.html It uses Postgres but you can replace it to use MySQL. I'm also writing a book about all of this and PHP deployments, PM me if you're interested or need more help with Vagrant. It really is a great piece of software, has totally changed how we develop at work. Because your Vagrant VM is literally a Linux box, you can make it identical to your production server as well. I prefer to use the built in PHP server for development, but you're welcome to customize the bootstrap script to use Apache/Nginx (use Nginx). Edit: Or like what Sulla-Marius 88 said, you can also rent a small server to play around with. I don't love Digital Ocean for production apps, but for $5/mo they're great for messing around on.
|
#
?
Nov 7, 2013 13:44
|
|
|
|
| # ? Jun 7, 2024 18:04 |
|
|
Thanks for the responses. For starters, I'm not working with any commercial products or anything like that - I need to store some stuff in the database and display it on a page in a timeline fashion. I don't foresee it being a very big deal. As far as setting up a VM with Linux on it.... I believe I have what my old boss would call a, "violent, negative reaction." I've had nothing but horrible experiences trying (and never once succeeding, btw) to run Linux in a dual-boot or even VM setting on any of my machines at home. I really really don't want to do that for something this simple unless it really is the best option (PHP for IIS looks to be a simple install, which is an attractive option for just mucking through tutorials). Granted, this was years ago and it's probably not as bad as it used to be. If setting up a VM really is the way to go, are there any frameworks I should be looking at that make doing simple CRUD operations safer for an absolute PHP beginner? I've heard the horror stores and don't want to be in one. Edit: Oh, I guess I'm gonna have to do user accounts and eventually PayPal for transactions, too. I forgot about that. IcedPee fucked around with this message at 17:18 on Nov 7, 2013 |
|
#
?
Nov 7, 2013 17:12
|
|
|
IcedPee posted:I don't foresee it being a very big deal. This seems... familiar. And not in a good way You're best off mirroring your production environment as closely as possible. If it's a LAMP, set up a LAMP for development. A WAMP might come close enough, but you'll probably run into platform exceptions every now and then. If you're a big fan of unnecessary cross-platform debugging against a unique production environment and endless futility headaches, go ahead and use IIS.
|
|
#
?
Nov 7, 2013 21:37
|
|
|
Using Vagrant/PuPHPet, installing LAMP on a virtual machine on your windows box should be quite easy and will more closely match your production environment. The instructions on https://puphpet.com/ are quite straight-forward. Otherwise just from a really quick google search, this tutorial came up: http://www.dev-metal.com/setup-virtual-machine-multiple-vagrant-puphpet/ - might be useful, or else there should be tons of other tutorials on the same topic out there. If you just want to get some tutorial projects up and running, WAMPserver (http://www.wampserver.com/en/) might be enough, but as soon as you bring frameworks or special Apache module requirements to the table, that will become more of a headache. As for frameworks, I think Laravel is the current framework most recommended especially for beginners, although there are many very good alternatives and this is a very debatable topic. I'm not sure jumping straight into a framework is the best idea though, I would rather start here: http://www.phptherightway.com/ - this also has a short bit about Vagrant.
|
|
#
?
Nov 8, 2013 05:20
|
|
|
Hello people just a quick question on arrays and php_self (probably very simple): I have a database query which retrieves a list of items, at the same time I create an array containing the elements "Enabled" and "Disabled", I put the database items in an array and put the enabled/disabled at the end of each one, I then loop through and I end up with: Item 1 - drop down list (enabled/disabled) Item 2 - drown down list (enabled/disabled) .... .... Submit button The above it exactly what I planned, the idea is users get the initial data, all set to "Enabled" and they can choose to "disable" items. What I want to happen next is they click submit and the array is passed to another function where i can remove the elements according to whether the user chose to disable them. I have a simple form which goes to the same page using php_self, however I am completely unable to get the array to this section, I can get variables there no problem, just nothing with the array, no error messages and the rest of the page loads as normal. I have tried testing this with session variables, hidden inputs and I had a quick look at serialising. To be absolutely basic I even tried a print_r and it displays nothing after being submitted. code:code:I can pass the array to other functions on the page, manipulate values but as soon as I submit the page acts like it has never heard of it. Anyone had this before or can see where I am going wrong?
|
|
#
?
Nov 8, 2013 13:13
|
|
|
Can you post the entire page?
|
|
#
?
Nov 8, 2013 13:36
|
|
|
Submitting the form essentially reloads the page, so the user hits a new instance of your PHP code that doesn't have the foggiest idea about what variables got set last time. If you want to store data so it can be accessed after the user reloads the page, use session variables. If you want to see what values the user set on the form, check $_POST.
|
|
#
?
Nov 8, 2013 14:46
|
|
|
$normalvariables don't persist to page reloads (which is what post does). You need to do something like <input type="checkbox" value="1" name="option1"> and do something like this on the page reload: for ($_POST as $key => $value) { if ($value) { echo "<input type=\"checkbox\" value=\"1\" name=\"option1\">"; } }
|
|
#
?
Nov 9, 2013 04:19
|
|
|
crabrock posted:$normalvariables don't persist to page reloads (which is what post does). That was exactly what I needed, thanks for your replies, I had a problem where the while loop was going through, assigning the variables but then the session variable would only display the last element in the array. Time to do a bit more reading on arrays and I should be ok.
|
|
#
?
Nov 10, 2013 15:06
|
|
|
What's the preferred way to set your Laravel app's key automatically without having it in version control? In Rails I usually do this, based on RailsTutorial, and then add .secret to .gitignore to keep it private:Ruby code:
|
|
#
?
Nov 11, 2013 15:01
|
|
|
I'm completely new to PHP and JSON. I need to serialize some info from my database into JSON in a format given here: code:code:Any guidance helps. Edit: forgot my 'era' attribute IcedPee fucked around with this message at 19:10 on Nov 25, 2013 |
|
#
?
Nov 25, 2013 18:57
|
|
|
What isn't right about it? If you're missing the main 'timeline' key, add one more level to your array:php:<?php // ... code ... $json_data = array( 'timeline' => array( 'type' => 'default', 'headline' => 'I am a main headline', 'asset' => array( 'media' => 'media', 'credit' => 'credit', 'caption' => 'caption' ), 'date' => eventAtt(), 'era' => array( 'startDate' => '2011,12,10', 'endDate' => '2011,12,11', 'headline' => 'Headline Goes Here', 'text' => '<p>Body text goes here, some HTML is OK</p>', 'tag' => 'This is Optional' ) ) );
|
|
#
?
Nov 25, 2013 19:19
|
|
|
e: actually, nevermind
Shy fucked around with this message at 19:42 on Nov 25, 2013 |
|
#
?
Nov 25, 2013 19:33
|
|
|
Blah. I was just missing that timeline key.
|
|
#
?
Nov 25, 2013 19:35
|
|
|
IcedPee posted:I'm completely new to PHP and JSON. Glad to see you got this working. Just FYI though, you should really be using either PDO or MySQLi. The original MySQL extension is deprecated, on top of being a huge pain to work with. http://www.php.net/manual/en/mysqlinfo.api.choosing.php I prefer PDO, but either one is going to make your life a lot easier.
|
|
#
?
Nov 25, 2013 22:35
|
|
|
I actually don't really need to do anything complex with SQL other than CRUD ops, but thanks for the heads up on the deprecated API.
|
|
#
?
Nov 25, 2013 23:27
|
|
|
IcedPee posted:I actually don't really need to do anything complex with SQL other than CRUD ops, but thanks for the heads up on the deprecated API. Even if that's the case you should still use PDO.
|
|
#
?
Nov 25, 2013 23:47
|
|
|
Any recommendations for PDF generation? One of the guys here used to use FPDF but I am reading about TCPDF being a better alternative. These will basically be certificates they print out plus they think maybe table markers and name tags. So it'll take information from a form and pop it into a PDF document. Vintersorg fucked around with this message at 17:35 on Nov 26, 2013 |
|
#
?
Nov 26, 2013 17:29
|
|
|
Vintersorg posted:Any recommendations for PDF generation? One of the guys here used to use FPDF but I am reading about TCPDF being a better alternative. I've had good luck generating PDFs from HTML with dompdf.
|
|
#
?
Nov 26, 2013 17:46
|
|
|
I second DOMPDF, it's great. And if you use Symfony, use this bundle which is a nice wrapper for it: https://packagist.org/packages/slik/dompdf-bundle
|
|
#
?
Nov 26, 2013 18:28
|
|
|
DomPDF is killer. Another team did some pdf work using tcpdf marking out coordinates, and it took forever. I did a similar project and used DomPDF and it took like 30 mins.. I seem to remember it not supporting css box model stuff but it's still a lifesaver.
|
|
#
?
Nov 28, 2013 00:12
|
|
|
Don't disregard wkhtmltopdf. It's a touch out of date now, but it still works beautifully.
|
|
#
?
Nov 28, 2013 00:39
|
|
|
Thanks guys! That DOMpdf is greatness - nice and easy to use.
|
|
#
?
Nov 28, 2013 16:49
|
|
|
I'm not the best at PHP coding, but i'm learning a bit more every day and this project has helped! I'm building a database for a set of Pen & Paper games a bunch of friends play. I'd like a very rudimentary events calendar, that basically pulls the event time and day out of the database table, then adjusts it for timezone difference before displaying it. The day is stored in column game_day, time is stored in game_time as UTC (I can change the format), and the timezone is set at user registration and kept in a session. It usues the PHP timezone format, so it's stored as 'Americas\Halifax' or whatever. What's the easiest way to go about doing this? Everything i've looked up online is for adjusting the current time/day, which won't help me right now. Any help would be appreciated, or any directions on where/what to look into for figuring it out myself.
|
|
#
?
Dec 2, 2013 14:01
|
|
|
Is there any library that will allow me to place a texture on an image, but allow me to 3D transform it beforehand? I am having difficulty finding the terms to describe this in google, but I want to take this image: Apply this texture:  And achieve this result:  I will define the surfaces of the image beforehand, so the library does not have to guess where to place the thing. There will not be a 3D model of the object. Something similar to what I want is here: http://configurator.audi.co.uk/entry?.html=&context=accx-uk%3Agb-en But I also want to be able to upload my own textures. Any tips on where I might find something like this?
|
|
#
?
Dec 2, 2013 17:07
|
|
|
Imagick::distortImage and Imagick::compositeImage should do it. You're going to have to play around with the control points and offsets for rendering onto the cube, but it's basically like this: php:<?php $cube = new Imagick('cube.png'); $face1 = new Imagick('face.png'); $face2 = clone $face1; $face3 = clone $face2; $height = $face1->getImageHeight(); $width = $face1->getImageWidth(); $face1ControlPoints = array(0, 0, // top left x,y before 0, 0, // top left x,y after 0, $height, // bottom left 0, 100, $width, $height, // bottom right 100, 100, $width, 0, // top right 100, 0, ); // distort to make perfect 100x100 square $face1->distortImage(Imagick::DISTORTION_PERSPECTIVE, $face1ControlPoints, true); // do the same for $face2 and $face3 // these are the coordinates $face1 will be offset in the cube image $x1 = 0; $y1 = 0; $cube->compositeImage($face1, Imagick::COMPOSITE_ATOP, $x1, $y1); // do the same for $face2 and $face3 $cube->writeImage('new-cube.png'); ?> The Laplace Demon fucked around with this message at 21:48 on Dec 2, 2013 |
|
#
?
Dec 2, 2013 17:48
|
|
|
Cthulhuite posted:I'd like a very rudimentary events calendar, that basically pulls the event time and day out of the database table, then adjusts it for timezone difference before displaying it. You're already doing the right thing by storing the datetime as UTC. The easiest way to deal with this is going to be using DateTime and DateTimeZone: php:<?
$display_zone = new DateTimeZone('America/Los_Angeles');
$timestamp = 1386016456;
$original_datetime = new DateTime('@' . $timestamp);
$adjusted_datetime = clone $original_datetime;
$adjusted_datetime->setTimezone($display_zone);
echo "Original: ", $original_datetime->format('Y-m-d H:i:s e'); // Original: 2013-12-02 20:34:16 +00:00
echo "\nAdjusted: ", $adjusted_datetime->format('Y-m-d H:i:s e'); // Adjusted: 2013-12-02 12:34:16 America/Los_Angeles
?>php:<?
$utc_zone = new DateTimeZone('UTC');
$display_zone = new DateTimeZone('America/Los_Angeles');
$timestamp = '2013-12-02 12:42:13';
$original_datetime = new DateTime($timestamp, $utc_zone);
$adjusted_datetime = clone $original_datetime;
$adjusted_datetime->setTimezone($display_zone);
echo "Original: ", $original_datetime->format('Y-m-d H:i:s e'); // Original: 2013-12-02 12:42:13 UTC
echo "\nAdjusted: ", $adjusted_datetime->format('Y-m-d H:i:s e'); // Adjusted: 2013-12-02 04:42:13 America/Los_Angeles
?>Also note that I'm cloning the datetime here. They're mutable, so you have to be careful sometimes... McGlockenshire fucked around with this message at 21:46 on Dec 2, 2013 |
|
#
?
Dec 2, 2013 21:44
|
|
|
The Laplace Demon posted:awesomeness
|
|
#
?
Dec 2, 2013 21:47
|
|
|
McGlockenshire posted:You're already doing the right thing by storing the datetime as UTC. The easiest way to deal with this is going to be using DateTime and DateTimeZone: This is absolutely amazing, thank you! It only took me about 5 minutes to slot it into my current code and have it working, you're an absolute diamond!
|
|
#
?
Dec 3, 2013 15:55
|
|
|
I'm creating a data upload script that accepts big pieces of tab-separated data copied directly from excel. I am trying to make sure I am filtering this data so that it can be inserted into the database securely. However, since I only have a $_POST['data'] variable coming in, I am not sure exactly how I should filter it. Normally, I split this data by the line endings, split each resulting line by tabs, then combine it with an existing array of fields before inserting through a prepared statement. What follows is a simplified example: php:<?
$fields = array('id', 'name', 'date');
$data = $_POST['data'];
$lines = explode("\n", $data);
foreach ($lines as $line) {
$row = explode("\t", $data);
$pdo->insert('mytable', array_combine($fields, $row));
}
?>
|
|
#
?
Dec 6, 2013 19:39
|
|
|
Vasja posted:Should I be sanitizing each individual field with filter_var after I've split each line up? Maybe. Can we also see your custom insert method? Depending on what it does, you might be perfectly safe here. Alternatively, consider letting users just upload the Excel file, or a CSV export of it. This eliminates a big window of users causing problems. I've heard that PHPExcel doesn't suck too horribly.
|
|
#
?
Dec 6, 2013 21:20
|
|
|
My insert method is as follows:php:<?
class PDOAdapter
{
public function insert($table, array $params)
{
$cols = implode(", ", array_keys($params));
$placeholders = substr(str_repeat("?,", count($params)), 0, -1);
$sql = "INSERT INTO $table ($cols) VALUES ($placeholders)";
return $this->query($sql, $params);
}
public function query($sql, $params)
{
$statement = $this->pdo->prepare($sql);
$statement->execute(array_values($params));
return $statement;
}
}
?>
|
|
#
?
Dec 6, 2013 22:00
|
|
|
Vasja posted:My insert method is as follows: Standard operating procedure. You're doing everything correctly there. Almost. You should be extending PDO instead of wrapping it, but whatever. quote:Wouldn't I still need to do sanitation for excel files or csv? If they insert bogus data or javascript into fields that shouldn't have them, I'd still need to handle that, right? It all depends on what the data actually is. If the name field should only contain alphanumerics and punctuation, validate that. If the date field is actually being stored as a date in the database, you should run it through strtotime() or make it a DateTime to validate it and then format it correctly. If these are internal users, then you might not need to go all-out on the validation front. If you're worried about displaying bogus data, consider doing a call to htmlspecialchars when displaying the name, as that'll kill any HTML that might have come in.
|
|
#
?
Dec 7, 2013 00:17
|
|
|
I'm temporarily stumped by something that works, but also doesn't work.code:The above works if the Git repo is an http:// or https:// URL. Unfortunately, the repo I need to pull from is only available via SSH. I created an SSH key pair, and when I'm logged into the server as the user and run the script ('php-cli myscript.php'), the script works as expected. But it doesn't work when you run the code as a Web page (by entering its URL into a browser, or with wget). I get an SSH login error; it looks like the script can no longer see the SSH key files. Either way, the script is running as the same user (I use mod_suphp to ensure this). Aside from a few environment variables, I can't think of any differences in how the script would execute locally versus remotely. What am I overlooking?
|
|
#
?
Dec 7, 2013 03:39
|
|
|
How can I get REMOTE_USER info without requiring the user to log in using mod_auth_sspi? I've been googling like crazy but I'm stuck on a hurdle which is just a basic understanding of how the web server gets the user domain login info automagically, without requiring a manual login. I've found a thousand different solutions that don't really explain it and just assume that you've already got REMOTE_USER somehow. It's in an AD environment using IE to grab the user's domain login details. Running PHP on Apache on Windows Server 2008. I've been told http headers but getallheaders() doesn't output what I'm looking for. Should I be looking somewhere else or does the fault lie with group policy settings that aren't broadcasting the login name through http headers to trusted sites (i.e. mine)? I will be authenticating through another (non-PHP/apache) service but I need the username without popping up a login window.
|
|
|
#
?
Dec 10, 2013 15:50
|
|
|
Sulla-Marius 88 posted:It's in an AD environment using IE to grab the user's domain login details. Running PHP on Apache on Windows Server 2008. I've been told http headers but getallheaders() doesn't output what I'm looking for. Should I be looking somewhere else or does the fault lie with group policy settings that aren't broadcasting the login name through http headers to trusted sites (i.e. mine)? Is the header in the http request at all? You may be able to view the raw request in IE developer tool these days. It's possible with Firefox, Chrome, etc... If there is supposed to be a http header set, then I'd verify it's absinthe sent. Maybe apache access log can reveal it if configured? Man, I hate debugging in IE...
|
|
#
?
Dec 10, 2013 18:18
|
|
|
Is the PHP 5.5 password_hash function compatible with phpass, assuming bcrypt? I think bcrypt uses a standard format, but I don't want it biting me in the rear end.
|
|
#
?
Dec 12, 2013 10:44
|
|
Sulla-Marius 88 posted:How can I get REMOTE_USER info without requiring the user to log in using mod_auth_sspi? I've been googling like crazy but I'm stuck on a hurdle which is just a basic understanding of how the web server gets the user domain login info automagically, without requiring a manual login. I've found a thousand different solutions that don't really explain it and just assume that you've already got REMOTE_USER somehow. spacebard posted:Is the header in the http request at all? You may be able to view the raw request in IE developer tool these days. It's possible with Firefox, Chrome, etc... These are the steps I took to get it working. I'm about to fully configure NTLM to login but this puts the username in the $_SERVER vars for me. It will differ based on your php set up. Include mod_auth_sspi.so in your mods folder. Check that apache httpd.conf includes the relevant mods (headers, auth_sspi, basic auth etc). The basic premise is: Designate a folder or file to be your 'authentication' page. Set mod_auth_sspi to function in that page/location and rewrite headers so that the username is passed into the headers where PHP can get it. Everywhere else on your site, you check if user is logged in through your site's session system -- if not, redirect them to a page within the "authentication" folder, which gets the user details via SSPI, authenticates through NTLM, and then automatically logs the user in to your site's authentication system (i.e. creating a valid session), and redirect the user back to the previous page. This is what I chucked in my httpd.conf file. $_SERVER['USER_NAME'] should return the domain and username (e.g. "DOMAIN\useraccount"), although if you var_dump($_SERVER) you'll notice that it's being sent in other forms anyway via SSPI, like REMOTE_USER. code:Sulla Faex fucked around with this message at 10:59 on Dec 12, 2013 |
|
|
#
?
Dec 12, 2013 10:45
|
|
|
Weird Uncle Dave posted:
Following up on my problem: I knew it wasn't a PHP issue, but it was actually an SELinux issue. I'd have to add this to a SELinux policy somewhere: code:
|
|
#
?
Dec 12, 2013 22:12
|
|
|
|
| # ? Jun 7, 2024 18:04 |
|
|
Wheany posted:Is the PHP 5.5 password_hash function compatible with phpass, assuming bcrypt? Assuming bcrypt and portable mode is turned off, then yes, phpass produces the same bcrypt hash as a crypt() call. Kind of. It produces "2a" hashes, which while they can be read and verified by password_verify(), they are potentially subject to being complained about due to previous bcrypt bugs in PHP. If your PHP generates "2y" hashes by default, then you're fine. If you're using 5.3 you should be using password_compat instead of phpass.
|
|
#
?
Dec 13, 2013 08:12
|
|