Date: 08/14/06     Keywords: php, browser, css

This, currently, is the complete text of bodyMain.php at a demo site I'm trying to build for a customer.

Source: http://community.livejournal.com/php/483014.html

Date: 08/13/06     Keywords: php, rss, xml

I am still learning PHP, and I am trying to set up a feed to parse pictures. Below the cut you will see the code and the xml I am trying to parse. I want to be able to have the latest picture show up in a 150x thumbnail...

Thanks...


<?php if ($rs = aggrss('http://whogivesacrap.net/wp-gallery2.php?g2_view=rss.SimpleRender&g2_itemId=27838')) { // dump the structure //echo "<pre>"; //print_r($rs); //echo "</pre>"; echo $rs[description] . "<br /><br />"; ?> <?php foreach ($rs['items'] as $item) { echo "<p><a href='" .$item['link']. "'>" . $item['title'] . "</a><br/>" .html_entity_decode($item['description']). "</p>"; } if ($rs['items_count'] <= 0) { echo "Sorry, no items found in the RSS file <img src='/wp-admin/wp-images/smilies/wp-images/smilies/icon_sad.gif' alt=':-(' />"; } } else { echo "<!-- It's not possible to reach RSS file -->"; } ?>


− <rss version="2.0"> − <channel> <title>Picture of the day</title> <link>http://whogivesacrap.net/v/potd/</link> <description>I attempt to take and share a picture a day.</description> <language>en-us</language> <generator>Gallery 2 RSS Module, version 1.0.6</generator> <lastBuildDate>Sun, 13 Aug 2006 00:06:12 -0400</lastBuildDate> <ttl>120</ttl> − <image> − <url> http://whogivesacrap.net/gallery3/d/27844-2/potd.jpg?g2_GALLERYSID=f4f81af08ea6f40b7a5ba417a4372bdb </url> <title>Picture of the day</title> <link>http://whogivesacrap.net/v/potd/</link> </image> </channel> </rss>

Thanks again!

Source: http://community.livejournal.com/php/482373.html

Date: 08/13/06     Keywords: php, asp

I picked up PHP about 4 years ago and have been slowly been using it more and more until I guess I hit a critical mass point and prefer it over ASP or ColdFusion... but the one thing that has caught me off guard is Pear. I've read the Pear intro, the manual, and whatever else I could find about it since I started messing with it this morning... now I am starting to lean towards using it in my production projects. What I am looking for is anyone who uses Pear and what their opinions of it are: useful, POS, buggy, indispensable, etc...

Source: http://community.livejournal.com/php/482076.html

Date: 08/11/06     Keywords: web, shopping

Hello,

I was wondering if anyone might have any suggestions for taking credit card payments from a website. I don't need a traditional shopping cart, as it's not as simple as selecting a product and using a shopping cart to pay. What I need to do is have my site generate the cost due (which I'm working on) and then have the user click a link to pay, at which time they enter their credit card info.

Thanks for your time

Source: http://community.livejournal.com/php/481825.html

Date: 08/11/06     Keywords: mysql, sql, java, web

What I got now:

SignUP

Phase 1
Basic webform with Javascript helper script that isn't required.

Phase 2
Collect user information for sale from previous form, validate/normalize the information (anti-everything but alphanumeric except ' and -), insert information into DB with pending flag.

Embed record ID into hidden form field
Present user with sales choice (invoice, electr invoice, credit).

Phase 3
Grab the embedded form field, validate ID by "x = (int) y;", and compare REMOTE_ADDR to the DB Record, and update record via a super-limited DB user account ( it only has privileges set by MySQL to update "accountInfo.payMethod" and select "accountInfo.ID" and "accountInfo.IP"

Display confirmation page of their order then either jump to the CCard service and out of my responsiblity.


I can't see how someone could break this system as it stands, but I am tempted to do the entire thing with Session handling, passing the SID to the second form and retrieving it on the third to get $_SESSION['myID'] just to make it even harder to break.

Source: http://community.livejournal.com/php/481637.html

Date: 08/11/06     Keywords: php

Once again, it's time for "Why the heck can't she figure this out herself?!" with julisana!

In today's letter, she writes:

"PHP Guru's, why is it that the isset() function doesn't seem to work in my if statements when the element i'm trying to verify is set is a submit button for the form?"

Stay tuned for the amazing answers the php community users come up with this time!

/cut to commercial/

So apparently, after many attempts over many different days to get this to work, all I had to do was post in here, and BAMF. It does what I want.

What the heck?!

Before, what would happen is I'd have a form up, you'd fill it out and hit the submit button, and other stuff would come up (I didn't bother having the data sent to a new page. The form just pointed at the original.). I did this by way of the isset function on one of the required fields, but if I did it on the submit button, it'd just be a blank screen.

Now, workage. I just don't get it.

Source: http://community.livejournal.com/php/481292.html

Date: 08/11/06     Keywords: php, database, sql, security, web, hosting

Sorry to be posting again with nothing to actually contribute, but I'm having a hacker issue with one of my websites. I'm not one to jump on sudden suspicions of hackers, and I don't victimize myself, but this is the second time someone's hacked my site.

After the first time, I was extremely cautious. I uploaded my site to a new server and made sure not to install any interactive PHP scripts. I did, however, continue to code my website in basic PHP, but nothing that required a connection with an SQL database or any sort of log in - just simple PHP pages with dynamic inclusion and switch functions.

[/END SOB STORY]

My friend's webhost (my friend was hosting me at the time) sent this as a response to my e-mail:

"Do NOT put any php pages back up on this site if you wish to host it with us and certainly not any phpbb boards which were most likely used in the attempt to hack our server."

include("language.php");

"; include("layout.php"); echo " "; include("nav.php"); echo " "; // --- DYNAMIC INCLUSION $page = basename($x); if(!$x) include("main.php"); else include("$x.php"); echo "

";
?>

Source: http://community.livejournal.com/php/481154.html

Date: 08/10/06     Keywords: php

I want to repeat some code in different sections of a PHP script, without having to pass varibles as you do a function. These were called "Subprograms" in BASIC.

I could just:
* Copy+paste multiple copies of the code
* Make a small php file with the code & include() the file where I want it
* Copy the code to a string and get PHP to eval() it
* Use GOTO as in the good 'ole BASIC days :D

... but those seem such dirty ways to do it (that frankly, I would never use). No joy searching the manual.

Anybody done this before?

Source: http://community.livejournal.com/php/480848.html

Date: 08/09/06     Keywords: php, web

I've been using a form mail script from CosmicPHP for a while now, it was the only thing that I got to work on my server. The emails I recieved came from the email address no_reply@itweb.no (IT Web is my domain host). But now ITweb has hooked up with another host and they recently closed the itweb server, so I am not recieving the emails since the sender address does not exist.

I looked at the script to see where I would specify the sender address but I couldn't find it. I included the two files the script uses below in the lovely cuts.



include('config.php');

global $emailfield;
global $required;
global $sentmessage;
global $toemail;
global $fields;
global $subject;


$msg = array($name, $email, $message);
$name = 'name';
$email = 'email';
$message = 'message';

$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";

$filename = "email.htm";
$handle = fopen ($filename, "r");
$contents = fread ($handle, filesize ($filename));
fclose ($handle);

foreach ($fields as $field)
{
$entry = $_POST[$field];
if (!$entry) $entry = "No data submitted";
$contents = str_replace ("::$field::",$entry,$contents);
}

mail($toemail, $subject, $contents, $headers);

$filename = "sent.htm";
$handle = fopen ($filename, "r");
$contents = fread ($handle, filesize ($filename));
fclose ($handle);

$contents = str_replace ("::SentMessage::",$sentmessage,$contents);

echo $contents;
?>



## fields contains all the variables from the form to be sent in the email - CaSe SeNsItIvE
$fields = array('email','episode');

## required contains all the variables that MUST be filled in - CaSe SeNsItIvE
$required = array();

## emailfield contains the name of the variable to be validated as an email address
$emailfield = "Email";

## subject of the email to be sent
$subject = 'Quote Quiz Results';

## email address to send responses to
$toemail = 'kristine@perander.no';

## message displayed when email has been sucessfully sent
$sentmessage = "Your message has been sent."
?>

So my question is this; is it possible to add something to the script that spesifies a sender address and put one of my addresses there (and is it easy?), or should I look for a new script? My php knownledge: It is safe to let me customize it but not code it myself:p

Source: http://community.livejournal.com/php/480662.html

Date: 08/08/06     Keywords: no keywords

Hi there!

I'm looking for a method to test, whether an object has a certain property. Consider the following snippet:

class A { var $aaa; }
$var = new A;

(Assuming that the structure of class A is unknown) I need a way to check whether $var->aaa exists (test positive), and whether $var->xxx exists (test negative). I tried boolean tests, isset(), is_null(), but they can't tell the difference. I guess I could convert the object to an array and test its indices, but that wouldn't be practical for large objects with many fields.

Any other ideas? Thanks in advance.

Source: http://community.livejournal.com/php/480431.html

Date: 08/05/06     Keywords: html

Below is a rough draft failsafe code I wrote to prevent me or one of the other programmers from putting critical files into
the doc_root of the HTML server.   After this is where all the DB wrapper functions and the embedded username's and passwords to them.

Source: http://community.livejournal.com/php/479894.html

Date: 08/03/06     Keywords: no keywords

So I want to be able to program something for my blog that after a paragraph or two cuts off any remaining text and gives a "Read More . . " link . . but I'm not sure the logic behind generating that at all. What would I do?

(PS . . my blog is at http://www.scottmunn.com . . just in case.)

Source: http://community.livejournal.com/php/479499.html

Date: 08/03/06     Keywords: web

Hi all,

I can't figure out why this script to mail a file to someone won't work:

function mail_attached($to, $from, $subject, $message, $filenames, $headers = '') { $unique_sep = md5(uniqid(time())); // Set up the top headers $headers .= "From: $from\n"; $headers .= "MIME-Version: 1.0\nContent-Type: multipart/mixed;boundary=\"$unique_sep\";\n"; $headers .= "charset=\"iso-8859-1\"\nContent-Transfer-Encoding:7bit\n\n"; $headers .= "If you are reading this, then your e-mail client does not support MIME.\n"; $headers .= "Sent with mail_attached() (c) 2002 John Coggeshall\n\n"; $headers .= "--$unique_sep\n"; // Include the text portion of the e-mail $headers .= "Content-Type: text/plain; charset=\"iso-8859-1\"\n"; $headers .= "Content-Transfer-Encoding: 7bit\n\n"; $headers .= $message . "\n\n"; // Now the attachment foreach($filenames as $val) { if($val['error'] != 4 && file_exists($val['tmp_name'])) { $headers .= "--$unique_sep\n"; $headers .= "Content-Type: {$val['type']}; name=\"{$val['name']}\"\n"; $headers .= "Content-Transfer-Encoding: base64\n"; $headers .= "Content-Disposition: attachment\n\n"; $linesz= $val['size']+1; $fp= fopen($val['tmp_name'], 'rb'); $headers .= chunk_split(base64_encode(fread($fp,$linesz))); } } $headers .= "--$unique_sep--\n"; if(!mail($to, $subject, $message, $headers)) return false; else return true; } /* End of mail_attached() function */ ?> $mail_to = "email@email.com"; $message = "Dear Karin, Here are the files that go with " . $_POST['first_name'] . " " . $_POST['last_name'] . "'s mentor application. Enjoy! Jess"; $result2 = mail_attached($mail_to,$webmaster_email,"Mentor Application Files",$message,$_FILES);

I didn't write the mail_attached function (my predecessor took it from a script site, I think) and I can't say I understand every line of it. If there are any alternatives, that would be awesome, or if you can see the problem with this, that would be cool too!

edit: A mail is received by the $mail_to user, message in tact, but no file attachment.

Thanks!

Source: http://community.livejournal.com/php/479248.html

Date: 08/02/06     Keywords: no keywords

Assume this code:


$fetish = $_GET[fetish];


...


0)
{
foreach($fetish as $fet)
{?>&fetish[]=
}


now, if assuming that fetish is an array with one or more elements, why doesn't the foreach loop work?

UPDATE: I solved the problem. Apparently, there was a problem before the foreach loop that was preventing it from running. I rebuilt the echo statement that built the URL up to the point of the fetish portion, and now it works just fine.

Thanks to everyone who commented.

Source: http://community.livejournal.com/php/479050.html

Date: 08/02/06     Keywords: php, web, spam

I'm working on one of my linkware scripts, a part of which allows people to join (it's a script for fanlistings, if you're aware of those). Of course, spammers have found their way to it, so I'm trying to make it as spam-proof as possible. I've been doing it the "usual" way—checking for fake email, bad strings, stripping tags and trimming et al, but it doesn't seem to be working as well as I'd like; there are still those who end up in the approval queue. :p I'd like to limit this, obviously. Are are any other ways? I don't want to use captchas or otherwise making the visitor who wants to join add more fields than necessary :/

I put up the source over somewhere (http://indisguise.org/temp/show_join.txt) where you guys could see it, and if anyone would be willing to give it a look and all, I would appreciate that immensely. Thanks!

Crossposted: php, webdev, developers

Source: http://community.livejournal.com/php/478840.html

Date: 07/31/06     Keywords: no keywords

Using this array type:

$a = array(
   "one" => 1,
   "two" => 2,
   "three" => 3,
   "seventeen" => 17
);



In the example above $a is set and that's it. What if I wanted $a to contain multiple sets of data? How would I populate $a while looping through a data set?

Source: http://community.livejournal.com/php/478616.html

Date: 07/31/06     Keywords: php, java

Is anyone aware of a PHP plugin/library function that can perform script highlighting for an arbitrary language using some standard configuration files (eg emacs/vi syntax highlighting config)? I've found a couple (GeSHi and the 404-ing Enscript), but they seem to use their own configuration format, rather than allowing me to drop in an existing one - basically I'd just like to be able to call formatSomeScript($language_A_source, $path_to_language_A_emacs_config) or something along those lines.

I'm having trouble googling this, because most queries tend to bring up something for highlighting PHP source, rather than highlighting other source using PHP :)

(I'm trying to get something I can use generically to highlight PHP, Java, JavaScript and the scripting language from Second Life, the latter of which has a number of config files for various editors available).

Source: http://community.livejournal.com/php/478283.html

Date: 07/30/06     Keywords: security

Hello,

Thanks for all the help on my last post. I have another question for everyone. When you have directories that have universal read/write/execute access, what kind of security precautions do you take, if any, on those directories?

Thanks!
-AJ

Source: http://community.livejournal.com/php/478066.html

Date: 07/29/06     Keywords: php, web

Hello,

I currently use Gallery, but would like to go back to a "hand-made" photo gallery web application. Instead of processing the images on my computer and uploading them to my server (which I did in the past), I'd like to use something like ImageMagick to create the thumbnails, etc.

I know that Gallery uses ImageMagick, and it doesn't have any issues making thumbnails currently, so I know it's there somewhere. I'm not very familiar with how it works, and I tried to write some code based on what I saw online (please take into account that I am only slightly above the novice stage of using php, so excuse any stupid errors I may have made):

   $resize="-resize 600";
   $convert="convert " . $resize . " " . $input_file . " " . $output_file;
   exec($convert);
?>

So that $convert looks like: convert -resize 600 cow.jpg cow.jpg

What I ideally want is to resize the image down to 600px as the widest edge, do an unsharp mask, and save it into an album directory. Then I want to create a 150px thumbnail, do an unsharp mask, and save it into a subdirectory within the album folder.

Right now I'm not getting any error messages, and I'm not getting an altered image. I'm not getting anything, and I'm not sure what I'm doing wrong. (I tried messing around with folder permissions and stuff but nothing worked.)

And here's a link to my phpinfo page just in case you need this for more information.

Any help would be greatly appreciated. Thanks in advance!

-AJ

Source: http://community.livejournal.com/php/477948.html

Date: 07/29/06     Keywords: mysql, sql, security, web

Any problems with using error_log with parameter 1 (email) that I should be aware of? I just discovered it while researching something else and would like to abuse the hell out of it for production website. It would be nice to suppress all error messages and instead have them piped to a dedicated email address.

Other question... security. Any recommended reads, blogs, notes, what not on the subject? And I mean anything and everything.


Also, turns out I mistakingly posted this to another community by accident, so to save time... this is what I mean by error_log()

$link = mysql_connect("www.myServer.com","myAccount","password");
if($link == false)
{
$errMsg = "SITE: www.myServer.com\n";
$errMsg .= __FILE__ . "@" . __LINE__ ."\n";
$errMsg .= "Detail: Unable to connect to mysql server\n";
$errMsg .= "mysql_error: " . mysql_error() . "\n";
error_log($errMsg, 1, "errMsg@myOtherServer.com");
//then die or skip rest of script
}


And while I am on the subject, is there anything equivalent to c/c++ #define.  I really miss that and it would come in handy with something like the above code.

Source: http://community.livejournal.com/php/477454.html