Posts by ryantroop

Your local MySQL configuration has port 33061 open? No firewall blocking the connection?

I also doubted the need for the \PDOException but I havent used PDO in quite a while now... that said, the only way you are likely gonna solve this at this point is to echo/vardump after each step and see what you got.

It's possible that if the port or URL is not acceptable/accessible, PHP just hangs and waits and times out.

Javascript (JS) is a top down JIT. Which means if the DOM element exists before the JS gets called, it will be available for use.

In example 1, your function declaration and call happen before "demo" is available on the DOM (in the body element, however you want to think about it).

In example 2, the element is declared first, and therefore available for JS to use.

In the wild, you will see a lot of websites put code library or include type script at the very bottom of the page for 2 reasons.
1 - you load the HTML and the DOM displays to the user even if there is a network hiccup to the provider (akamai, or whatever)
2 - you are guranteed all elements are rendered and available on the page

That said, the "right" or "javascript" way of doing this is to have a window "onload" handler (window.addEventListener("load", fnYourFunction)) which will fire off all script after the DOM has finished loading and has parsed all elements.

Link for reference: https://developer.mozilla.org/en-US/docs/Web/Events/load

Edit ---

This leads to some of the wonky ways that JS uses DOM elements and references them. For example, in your example #2 you could have just put :

demo.innerHTML = myFunction(4, 3); //dont do this youll make people mad.

because all elements get referenced in the global scope of JS

also, for your file input on the html you may want to look into the accept attribute:

<form action="/action_page.php">
  <input type="file" name="pic" accept="image/*">
  <input type="submit">
</form>

https://www.w3schools.com/tags/att_input_accept.asp

Again, this is meant as a helpful filter, and will not prevent them from changing the type. It also does not limit file size.

If you want to stop it client side (to prevent the form from submitting at all), you can look at the input data's type (which should give you the mime type) and you are looking for "image/" if the mime-type doesn't match, return false from the form (otherwise it will still submit).

If you want to do this server side, this page can be of help -- https://www.saotn.org/validate-mime-types-with-php-fileinfo/
Either look at the file name with a regex (bad), look at the file data directly for the mime type (better), or if you have fileinfo extension, use that for mime type comparison.

please note, client side "validation" is meant to make things easier UX/UI wise for your user - it is always good to validate both client and server side, with a minimum being the server side (otherwise, people can just send trash data at you).

Hope that helps,

Ryan

So...

I see your check for existence SQL, and your actual insert... I don't, however, see your attempt to save the file data to the database. Am I misunderstanding your question? The reason it wouldn't be in your database is because you're not even trying to put it in there :-/

Are the images available in the directory you make with $target_file = $target_dir . basename($_FILES["image"]["name"]);

Also, in general, you don't want to put the image data in the database - that's slow, especially for large image files - you should do as you are (move the image to a directory), and in the database keep the path to the image for use later.

Well.. lets begin..

First, arrays in most languages (and it looks like you're using PHP, and PHP is one of them) start at 0. So first, $b = 0;

Second, <= 6 is not what you think it's doing. Since we start at 0 (i.e., $count[0]), when you get up to 6 you are doing $count[6], which is out of bounds of your array. So, $b < 6;

After that.. I dunno. Looks fine to me. Im not sure what you mean it 'goes on forever' but I assume you get something you don't expect, and I will also assume that it has a lot to do with the errors in your code.

TL;DR;
for ($b = 0; $b < 6;$b++) { ... }

what have you tried?

It looks like you can do it with some subqueries and a NOT IN, but that would likely be very inefficient.. perhaps joining against itself and doing some sort of group by?

https://jsfiddle.net/j5Lrqmxd/

you should be able to modify this to meet your need.

In short, use display: inline-block and vertical-align: middle

Well... the most straight forward way is

let first arr = $aArr;
let second arr = $aArr2;

$aArr[0][1]['user_nicename'] = $aArr2[0][0]['user_nicename'];

However, this is assuming the same data every time... what I can't devise is what your data structure looks like, or how they relate - and if they are all part of the same database, why not just get it from the SQL instead of merging after the fact?

The only way you can really do this is by iterating over everything, finding specific keys (which I don't understand at all how these two arrays match up), and then merging them as the above example shows when finding a matching pair.

Goggle
document.createElement

and

Element.appendChild

You can dynamically build pretty much whatever you want in script.

Well... for one, you can not use 3rd party code that has errors.

If that's not an option, you can look to ensure that you are implementing their code appropriately, and including appropriately as to not cause XSS errors.

If that's not an option / isnt' the problem, then start contributing to the projects that have errors and figure out where you can improve their code to reduce or remove those errors.

If that's not an option, then contact them and tell them they have a problem or see if they have a bug sheet that you can search/add to.

Lastly, no. There is nothing you can do.

No, correct syntax is
$query = "INSERT INTO SURVEY (surveyid,q1,q2,q3) VALUES (?,?,?,?), (?,?,?,), (?,?,?,)";

@Atli,

Your table design doesnt handle multiple answers per question well :-/

However, your point is valid and should probably be considered :)

SQL server 2008+ has the same syntax, and same solutions otherwise. Batch it, or make a stored proc that takes a delimited string and makes the batch for you.

If you have an up to date version of mySQL you can have PHP write something like this:

insert tableName (a, b) values (c,d), (e,f), (g,h) .... (y,z);

http://dev.mysql.com/doc/refman/5.5/en/insert.html

Alternatively, you can have PHP write a batch for you, and submit a batch (but that's less efficient than using the above method). Even using a stored proc would be somewhat wasteful, as you will have the same efficiency issues, unless you have PHP make some sort of delimiter for you, pass the delimited string to sql and parse it in the stored proc, which would ultimately come down to a series of inserts (or dynamically created SQL, which would be faster in PHP :-/ )

I certainly hope you are sanitizing your data before sending to the database, as well.. all that good stuff.. good luck!
ryan

When posting questions like this, it really does help to have a "live" demo page available. That said...

A couple comments on what I do see...

you have a "fixed" footer, which removes it from the page flow no matter what - which means being structured inside the "container" element does nothing for you. In fact, it may be part of your problem depending on the browser and how it handles a fixed element inside a relative element (im pretty sure the "right" way for a browser to handle this is to ignore the relative element completely, but shrug who am I to say so?)

That said, your "container" element has a height of 100% - of what? Since your HTML and BODY tags do not have a given height, this particular bit of CSS is worthless. This means that all of the "height" comes from block elements with height that exists within the flow of the document within this container. So, if all of that adds up in size, and then you have your height 100%, you basically have double the height of the parent container - and if that causes an overflow on the page - then there's your problem.

So I went and plopped this into JS Fiddle (https://jsfiddle.net/kdvx5yes/) and you can see the result - it's not pretty. If that's not at all what your page looks like, then some other things appear to be missing, and not given to us via your code snippet …

To answer your question - yes, you would limit to only the last 10 posts with your query.

You query would look something like this:

select
  U.UserKey,
  M.MessageKey
from
  User U
    LEFT OUTER JOIN Message M ON M.UserKey = U.UserKey
 where
   M.MessageKey IN (select M2.MessageKey from Message M2 where M2.UserKey = U.UserKey order by M2.PostDate DESC LIMIT 10)
 order by
   U.UserKey (or whatever.. date?)

Of course, your mileage may vary... but this should hopefully get you started.

For speed, you may want to use an inner join instead of "IN", but then youre gonna have some struggles dealing with the LIMIT and the order.. truth be told, Im not sure how best to do it without an IN, but I've always been told that an IN can always be replaced by a JOIN of some sort.

inline-block and width: calc(100% - 230px)

or,

use floats, and put overflow: hidden on the parent div.

Likely it's just the memory used by the script. While it may not be much when compiled down, it's still memory and cycles required to turn it into machine code and have the pointers available for reference.

If memory isn't an issue (in most cases it is not) and CPU cycles are not a major thing (on most web servers they are not), then you probably have little to worry about if your file size is fairly manageable. However, if you're loading Megabytes worth of dead function pointers, many would first ask why bother? Then, the potential hit will come from how fast the machine is (and what resources are availale), and if it is capable of processing that much data that quickly (in a shared rack space and/or on a VM, it may make a few eyebrows raise).

Im confused...

nav ul li a.submenu should only affect anchor tags that have the class submenu. That's a pretty specific selector...

Can you put up a fiddle with your issue so we can see more clearly what you are struggling with?

Personally, with your current structure.. my CSS would be something a little less absolute unless needed...

a.submenu by itself is more than sufficient, unless you see that class being used elsewhere. If you are concerned about other page contamination, then maybe li > a.submenu, but really your "nav" element should have its own class at that point to alleviate that concern.

You are likely getting overruled by the generalization of your selector, and arent specific enough to change what you are looking for. Try this and see if it's what youre after.

https://jsfiddle.net/6x93nzfn/

Also, your markup has an error. Your closing sub ul is missing </ul> on line 8.

Proper HTML markup says anchor tags cannot be children of anchor tags (basically, which one are you clicking?) which is why the commented out block isnt working.

You will have to make a more complex structure to do what you are trying to do, and will likely require some javascript as well to manage the height of an overflow hidden container (otherwise, using max-height will be slow when calculating the height for you and will look delayed).

If I understand what you want to do, then you are correct - you have hit the limit of SVG as a free form drawing tool. If you want more fine pixel control, you will have to work with a canvas instead - but that also has some serious drawbacks (such as undo/redo/delete, etc... being obnoxiously difficult).

:-/ I.. really don't know what to say here. The difference between a left join and a right join are... I guess a design choice...

however, I still think the answer above is a bit over complicated.. as seen here:

http://sqlfiddle.com/#!9/8ca784/2/0
(it's slow, I know, but let it load)

And to be quite honest, I feel this is as close to a homework query as you can get... so I didn't feel like answering it outright out of principle. Sorry if my assumption is incorrect, but this is pretty simple stuff for SQL :-/

If I am reading it right, it looks like you just want a left outer join on ItemID...

I disagree that changing the header type of the AJAX call is the ONLY change that needs to be changed. The reality is, as long as a request without headers (or default headers) is being returned as plain text, it is a HUGE security vulnerability.

For my 2 cents, I would encourage you to look MORE into the nginx configuration to see if there is a way to set default headers.

After browsing through this:
https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/

You may also want to make a few other changes, as it seems to be a very straight forward primer for nginx configuration do's and don'ts..

from what I see you are already using try_files, and you should probably use that in the check for the file existence before the redirect as well. It is also possible that since you are not doing a "return" or stopping execution after the redirect, it is continuing to process further down the config file and try_files is actually returning the file you asked for, so behind the scenes you are getting a quick redirect, then a read of the file you just processed.

You may also be interested in this answer: http://serverfault.com/a/329970

Out of curiosity, do you have an extension on your php file?

Secondly, I may wager a guess that this is your problem:

if (!-e $request_filename)
{
    rewrite ^(.*)$ /index.php?page=$1 break;
}

If not that directly, it may be something else in that file. I am more familliar with htaccess than module rewrites, so maybe someone better suited can look and see if anything is glaringly obvious.

These links may also be of interest:
http://stackoverflow.com/questions/15714706/nginx-rewrite-to-php-file-file-is-being-downloaded
http://serverfault.com/questions/465607/nginx-document-rootfastcgi-script-name-vs-request-filename

It is entirely possible that somehow when using ajax, the space is accidentally making it possible to access the file as if it were a directory, and turning it into a valid file, therefore giving it binary headers as opposed to processing through the CGI.

You ever get this figured out? If not, do you have a sample page where this is occuring?

So you are seeing <?php ... ?> as the responseText of the ajax call? Are you using htaccess for a redirect? Does your rule apply here?

If you have a demo page of this it would help. Otherwise, are you sure youre actually sending and receiving? If so, you may have to send headers making the ajax call use the same enctype as a for post and the php will receive it. Depending on your server configuration, php may ignore incoming requests without a valid enctype or understandable headers.

Yeah. Don't use z-index. Instead, just do the opacity shift on both elements. The only way to make this work, though, is to make sure they are absolutely positioned, one on top of the other.

in:
.thumbnail .info

with the negative margin, also add "position: relative"

You will need to communicate more clearly what you are trying to accomplish.

The height of the inner boxes is irrelvant. I could have done 50% and given the container box a height, which in turn could be relative in height to another container.

Also, you clearly modified the code I provided as

.container .Box:first-of-type { height: 250px; }

is most definitely not in the fiddle I provided.

I would encourage you to play with the fiddle a bit, and learn some CSS. There are many many ways to do what you are (likely) asking using pure CSS without any javascript hackery.

If you REALLY need fluid layout and you want size indepenence, you may want to look into flex-box layouts, but they are still currently difficult to use due to cross browser compatability (and vendor prefixing).

Edit:

here is the same thing, using the container element to provide height for the inner elements:
https://jsfiddle.net/08c1g4cm/1/

The .Circle class can also be modified to take height from the parent using % but I did not know if that is what you want/need. Also, if you are going to have text, you will need some way to scale that as well (such as using em instead of px).

All I see there is a container div and 3 child divs. Two relative positioned divs are block with height and width, one is absolutely positioned with appropriate margins / positions set (either with calc() on margin or top/left) - it also has a border radius of 50%

I am unsure if I understand your question correctly.. as this seems pretty straight forward.

Is this what you are talking about?
https://jsfiddle.net/08c1g4cm/

Ok, simple answer for you - they use TCP. By design and specification, TCP is required to reach the target in the specified order it was sent. In contrast, UDP does not, and therefore is not "guaranteed." For added security, they "sign" their data (much like a real-time checksum).

Does that answer your question?

Likely because his personal private key did not match the key on the server, and the server did not originally care to authenticate. With a patch, they suddenly care, and then were able to block users due to malformed or incorrectly encrypted data.

Or, the encryption type used was not very good (such as MD5), and was easily cracked by modern standards. If they updated their encryption method, they could simply look at the resulting login string to know which hashing algorithm was used and ban/deny any that came from MD5... without knowing their code, and their specific setup, it's impossible to know what method of intrusion detection they have, or how they were able to figure out where a bad request was coming from.

Disclaimer: This is my understanding of how all this works - if I am mistaken, or uninformed, I would love to be better educated on the topic.

So the way you as a programmer defensively do this is to use a method similar to oAUTH 2.

You have a package (your data), which is encrypted with a key. The bundled package is sent along with the unencrypted state (or you can encode it or whatever you like (base64 is popular)), as well as the PUBLIC key for the recipient machine to decode your data, and the encryption method (which you can ommit if you know the method since it's your application, but obscurity will only get you so far).

Over HTTPS, this will go a step further and do a handshake to verify the machine that it is receiving data from is consistent. As far as Man in the Middle attacks, you will forever be vulnerable because you do not set up direct connections between machines when communicating over the internet. There are routers, load balancers, and every other type of machine out there. It will happen. It does happen. Move on with your day and code defensively to expect it to happen.

Now, lets look at what your little data package is gonna do. Since it is encrypted and encoded, the man in the middle would have to be able to do a number of things quickly. Intercepting the data is one thing - since you have to send …

you have no height, therefore the propery should be ignored. If it is not, then the ones adhering to your markup are likely at fault, or "figuring out" what you meant.

Try adding height 100% to body, html and see if that fixes your problem.

You would need to iterate over your $data array.. soo...

for ($Lup = 0; $Lup < sizeof($data); $Lup++)
  echo StringifyCartArray($data[$Lup]);

Or some variance of that, depending on your need.

it all depends on your data structure... I cant possibly answer your question without knowing more about how the data looks.

From your example, your most basic data had only 4 parts, so it would be silly to iterate through only 4.

If you have, say, 50 fields, then yes - iteration is likely the best method, but then you kinda lose the customization of your string based on index...

youre asking theory questions at this point - instead, why not show an example of what you are actually working on and you will get far superior answers that are more relevant to your exact problem. I can show you all the tools in the world by pointing you to php.net, but without knowing the job it's impossible to tell you the right one. (think, jack hammer to hang a picture? I think not..).

In my opinion...

extract() can be dangerous if you have an array key that matches a variable you already have in use in the namespace. In reality, all that extract is doing under the hood is looping through they array with a foreach loop, and using the $key part to declare a variable for you (to many developers, this kind of automation and magical creation of variables is bad since you did not declare it explicitly and therefore risk overwriting something of your own on accident, making a near impossible to find bug in your code).

If your array is always going to be the same, I would encourage you to make a sub function that processes by index, something like:

function StringifyCartArray($aArr)
{
  return $aArr[0] . " ( " . $aArr[1] . " x " . $aArr[2] . " ) " . $aArr[3];
}

Or, if this in a function already, simply access the variables by array index.

Of course, in the example above, if you have a two dimensional array, ($data), you would pass in $data[0], eg:
$message = StringifyCartArray($data[0]);

Reasoning:
As I understand it, arrays in PHP are not "really" arrays - they are more like iterable hash maps (like in javascript). These hashmaps are stupid fast already, so why bother iterating if the data is never going to change? And even if it does, if you abstract it out to a function, all you have to do is change the function to consume the …

I am a little confused as to what you are trying to do...
You have the solution to your question in your original code, it seems.

Can you show an example of your expected output, please?

I also question the need for making a file for each email sent, especially by name of the sender..

If you have database access, you should probably use it. You can templatize a single php page, and get the values from the database for that user. That way, you also have a paper trail of all the emails you sent out, and you wont be sucking up so much disk space making new files.

Just my 2c

Looks like StefanRafa is not a valid column name in your table kladilnica

Try adding quotes around '{User}' on line 18.

So you are getting the result of this line:

<?php echo $fetch_info['check_list'];?>

The value in there is an array. Instead of echo, try var_dump($fetch_info['check_list']); to see how you need to iterate or consume.

Good? I think... ?

So did this solve your problem?

Ahh..

It has been a while but if I recall, header() does not implicitly pass POST variables to the redirect.

Since you are using a database, why not use it as it is supposed to be used? Once it is saved, it is ready for consumption. Your "profile.php" page should remember the user (SESSION['last_id']), and should make a call to the database and retrieve what it just saved. While that seems kinda rediculous (because, you have the data why not just use it right?), this will allow you to 1) Debug your database and make sure the insert works, 2) have a re-usable profile page that can be accessed any time you know the user ID / session ID.

Just my 2 cents there.. I'm sure if I am misinformed about HEADER/Redirects not passing POST data, someone will correct me.. but Im pretty sure that's still the case.

Good luck!

Ryan

Im very confused as to how these pages are related....

On the one page, you have a form that posts to itself (the same page), and inserts into the database.

On the other, you have a page that is expecting a post from said form - and when it's not there, it echoes "You didn't select any interests."

When exactly do you post (or submit a form) to "profile.php"?

I believe you capitalized "Submit" on line 10:

`    if (isset($_POST['Submit']))`

Make that lower case, and see if that helps.

You are not asking the function to return the set, you are asking the function to return the second element of the set. (return x[1])

If you want the set returned, simply return x

Also, as a matter of practice and good coding, please don't use

"select * from..."

with "production" code. It's slow, returns way too much data most of the time, and if you ever add a column you will be returning it without the need of it. Be explicit, and save yourself problems in the future. It will also make debugging easier for you, since you will know exactly what you are asking for, and helps the SQL engine return more meaningful errors to you (such as, invalid column name, etc..) where as PHP will just ignore the request because a mistyped column name simply doesn't have a map in the hash table.