[PHP] $_POST Array and Cleaning
I'm trying to create a function that will first take an array of $_POSTs and give them key/value pairs like variables. For instance, if i had $_POST['whatever'] = "whatever", that would be made into $whatever = "whatever", then i can clean for sql injection and xss. any ideas here? - e -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] POST/GET into variables
how does this look? should this by me calling ... myforms = new
forms(); work by turning all key/value pairs for both get and post
into variable names of the same name as the get/post key, and the
variable values as the values from the post/get?
class forms {
// Some stuff
var $MyPosts;
var $MyGets;
var $CleanedInput;
// Connect to the database
function forms() {
foreach($_POST as $curPostKey => $curPostVal) {
CleanInput($curPostKey);
$$curPostKey = $curPostVal;
}
foreach($_GET as $curGetKey => $curGetVal) {
CleanInput($curGetKey);
$$curGetKey = $curGetVal;
}
}
// Attempt to login a user
function CleanInput($userInput) {
return $this->CleanedInput;
}
}
thanks to anyone in advance
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] POST/GET into variables
im trying to keep this php4 OOP. im just trying to clean the post/gets
and then make them all into variables with their names being the keys
to the get/post, and their values as the variables values.
ie: $_POST['someFormInputName'] = "somevalue" ... turns into
$someFormInputName = "somevalue".
I am not concerned about cleaning the input as i have a function
already for that.
On Jan 20, 2008, at 10:06 PM, Nathan Nobbe wrote:
On Jan 20, 2008 9:47 PM, nihilism machine
<[EMAIL PROTECTED]> wrote:
how does this look? should this by me calling ... myforms = new
forms(); work by turning all key/value pairs for both get and post
into variable names of the same name as the get/post key, and the
variable values as the values from the post/get?
class forms {
// Some stuff
var $MyPosts;
var $MyGets;
var $CleanedInput;
// Connect to the database
function forms() {
foreach($_POST as $curPostKey => $curPostVal) {
CleanInput($curPostKey);
$$curPostKey = $curPostVal;
}
foreach($_GET as $curGetKey => $curGetVal) {
CleanInput($curGetKey);
$$curGetKey = $curGetVal;
}
}
// Attempt to login a user
function CleanInput($userInput) {
return $this->CleanedInput;
}
}
im a little bit lost on the comments about connecting to the
database and logging
in a user. if you are writing a class to filter data in the $_POST
and /or $_GET, then
thats all it should be responsible for.
the decision youll have to make is this; will this class simply act
as a filter for these
arrays, which means it will modify the data in those arrays, or will
it leave the contents
of those arrays unaltered and store the filtered values in instance
variables? the design
of the class will depend upon this decision.
i think if you want to keep it simple, you should shoot for the
former option. then your
class would look something like this
class InputFilter {
public static function filterInput($optionalFilter='') {
if(count($_GET) > 0) {
self::filterArray($_GET, $optionalFilter);
}
if(count($_POST) > 0) {
self::filterArray($_POST, $optionalFilter);
}
}
private static function filterArray($array, $optionalFilter='') {
foreach($array as $key => $value) {
$$key = self::filterValue($value);
if(!empty($optionalFilter) &&
is_callable($optionalFilter)) {
$$key = $optionalFilter($$key);
}
}
}
private static function filterValue($value) {
return trim(stripslashes($value));/// <-- NOTE: this is
only an example
}
}
then from client space you would just say
InputFilter::filterInput();
then, subsequently you can use $_POST and $_GET directly with the
assumption
that the input has been escaped.
and, using the class above, you can also supply a custom filtering
function as well,
on a per-need basis; eg.
function filterMsql($value) {
return mysql_real_escape_string($value);
}
InputFilter::filterInput('filterMysql');
NOTE: i just typed this into my mail client, so it might not be
perfect.
-nathan
[PHP] forms class
Why isnt this cleaning my form $_POST's
class forms {
var $UserInputClean;
// Forms to variables
function forms() {
if (count($_POST) > 0) {
foreach($_POST as $curPostKey => $curPostVal) {
$curPostKey = forms::CleanInput($curPostVal);
}
}
// Debug
print_r($_POST);
}
// Clean XSS
function CleanInput($UserInput) {
$allowedtags =
"";
$notallowedattribs = array("@javascript:|onclick|ondblclick|
onmousedown|onmouseup"
."|onmouseover|onmousemove|onmouseout|onkeypress|onkeydown|
[EMAIL PROTECTED]");
$changexssto = '';
$UserInput = preg_replace($notallowedattribs, $changexssto,
$UserInput);
$UserInput = strip_tags($text, $allowedtags);
$UserInput = nl2br($UserInput);
return $this->UserInputClean;
}
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] form cleaning class
now my debug shows that with the following code, all of the
$_POST['whatever'] values are blank.
class forms {
var $UserInput;
// Forms to variables
function forms() {
if (count($_POST) > 0) {
foreach($_POST as $curPostKey => $curPostVal) {
$_POST[$curPostKey] =
forms::CleanInput($curPostVal);
}
}
// Debug
print_r($_POST);
}
// Clean XSS
function CleanInput($UserInput) {
$allowedtags =
"";
$notallowedattribs = array("@javascript:|onclick|ondblclick|
onmousedown|onmouseup"
."|onmouseover|onmousemove|onmouseout|onkeypress|onkeydown|
[EMAIL PROTECTED]");
$changexssto = '';
$UserInput = preg_replace($notallowedattribs, $changexssto,
$UserInput);
$UserInput = strip_tags($text, $allowedtags);
$UserInput = nl2br($UserInput);
return $UserInput;
}
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] upload problem
any ideas why this does not work?
class upload {
function upload() {
upload::uploader();
}
function uploader() {
$FileName = basename($_FILES['upload1']['name']);
if (move_uploaded_file($_FILES['upload1']['tmp_name'],
$FileName)) {
chmod($FileName, 0755);
rename($FileName, "admin/advertisements/" . $FileName);
return $FileName;
} else {
return "Error!";
}
}
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] sessions/cookies
I wrote an authentication class in php4. The sessions dont seem to be
working with internet explorer, just with FF. here is the code below,
a cookies notice pops up when you try and login:
mysql_connect('','','') or die('ERROR: Could not connect to
database');
mysql_select_db('') or die('ERROR: Could not select database');
}
// Attempt to login a user
function CheckValidUser($Email,$Password) {
$result = mysql_query('SELECT * FROM Users');
$Password = $this->encode($Password);
if (mysql_num_rows($result) != 0) {
while($row = mysql_fetch_assoc($result)) {
if (!strcmp($row['Email'],$Email)) {
if
(!strcmp($row['Password'],$Password)) {
// User info stored in Globals
$this->UserID = $row['ID'];
$this->AdminLevel =
$row['Admin_Level'];
$this->FirstName =
$row['First_Name'];
$this->LastName =
$row['Last_Name'];
$this->DateAdded =
$row['Date_Added'];
$this->MobileTelephone =
$row['Telephone_Mobile'];
$this->LandLineTelephone =
$row['Telephone_Land_Line'];
// User info stored in Sessions
session_start();
$_SESSION['Status'] =
"loggedIn";
$_SESSION['Email'] =
$row['Email'];
$_SESSION['AdminLevel'] =
$row['Admin_Level'];
$_SESSION['LandLine'] =
$row['Telephone_Land_Line'];
$_SESSION['MobileTelephone'] =
$row['Telephone_Mobile'];
$_SESSION['FirstName'] =
$row['First_Name'];
$_SESSION['LastName'] =
$row['Last_Name'];
return true;
}
}
}
header("Location: index.php?error=invalidLogin");
} else {
die('ERROR: No Users in the database!');
}
}
// Create a new user account
function CreateUser($Email, $Password, $AdminLevel,
$LandLineTelephone, $MobileTelephone, $FirstName, $LastName) {
$Password = $this->encode($Password);
$this->AccessLevel = $AdminLevel;
$DateAdded = date("Y-m-d H:i:s");
mysql_query("INSERT INTO Users (Email, Password, Admin_Level,
Date_Added, First_Name, Last_Name, Telephone_Land_Line,
Telephone_Mobile) VALUES ('$Email','$Password','$AdminLevel',
'$DateAdded', '$FirstName', '$LastName', '$LandLineTelephone',
'$MobileTelephone')") or die(mysql_error());
return $this->UserID = mysql_insert_id();
}
// Update a users access level
function UpdateAccessLevel($ID,$AdminLevel) {
mysql_query("UPDATE Users SET Admin_Level='$AdminLevel' WHERE ID=
$ID") or die(mysql_error());
return true;
}
// Delete a user
function DeleteUser($ID) {
mysql_query("DELETE FROM Users WHERE ID=$ID") or
die(mysql_error());
return true;
}
// Get a users access level
function GetAccessLevel() {
return $this->AccessLevel;
}
// Get a users ID
function GetUserID() {
return $this->UserID;
}
// Log user out
function LogOut() {
session_start();
session_unset();
session_destroy();
header("Location: index.php");
}
// Check users access level to see if they have clearance for a
certain page
function CheckUserLevel($RequiredLevel) {
if ($_SESSION['AdminLevel'] < $RequiredLevel) {
if ($_SESSION['AdminLevel'] == 2) {
header("Location: financial.php");
} else if ($_SESSION['AdminLevel'] == 1) {
header("Location: user.php");
} else {
header("Location: index.php");
}
}
}
// Check to see if a user is logged in
function CheckLoggedIn() {
session_start();
if ($
[PHP] upload issue
i am using this code on my form page:
method="post" name="adForm" id="adForm">
alt="Submit Form" />
my upload code is below:
$uploaddir = 'admin/advertisements/';
$uploadfileTmp = basename($_FILES['upload1']['name']);
$uploadfile = $uploaddir . basename($_FILES['upload1']['name']);
if (move_uploaded_file($_FILES['upload1']['tmp_name'], $uploadfile)) {
$FileName = $uploadfileTmp;
} else {
echo "Error!";
exit();
}
my error is:
Internal Server Error
The server encountered an internal error or misconfiguration and was
unable to complete your request.
Please contact the server administrator, [EMAIL PROTECTED] and
inform them of the time the error occurred, and anything you might
have done that may have caused the error.
More information about this error may be available in the server error
log.
---
any ideas? i have no access to error.log...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] first php 5 class
Ok, trying to write my first php5 class. This is my first project using all OOP PHP5.2.5. I want to create a config class, which is extended by a connection class, which is extended by a database class. Here is my config class, how am I looking? $connInfo; } } ?> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] first php class take 2
How does this look now?
$connInfo;
}
}
?>
$connInfo = new dbconfig();
$username =
$hostname =
$password =
$database =
$DB = new PDO("mysql:host=$connInfo[$hostname];dbname=
$connInfo[$database]", $connInfo[$username], $connInfo[$password]);
return $DB;
}
}
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] call to a member function select() on a non object.
I amn trying to use my db class in my auth class, but i get the error:
call to a member function select() on a non object
connect();
}
// Connect to MySQL Server
private function connect() {
$this->link = mysql_connect($this->db_server,$this->db_user,$this-
>db_pass) or die("ERROR - Cannot Connect to DataBase");
mysql_select_db($this->db_name,$this->link) or die("ERROR: Cannot
Select Database (" . $this->db_name . ")");
}
// Disconnect from MySQL Server
private function disconnect() {
mysql_close($this->link);
}
// MySQL Select
public function select($sql) {
$this->result_id = $this->query($sql);
if($this->result_id){
$rows = $this->fetch_rows();
}
return $rows;
}
// Insert into MySQL
public function insert($params) {
extract($params);
$sql = 'INSERT INTO '.$table.' ('.$fields.') VALUES
('.$values.')';
$this->query($sql);
if($this->result_id){
$affected_rows = $this->affected_rows();
}
return $affected_rows;
}
// Delete from MySQL
public function delete($params) {
extract($params);
$sql = 'DELETE FROM '.$table.' WHERE '.$where;
if (is_numeric($limit)) {
$sql .= ' LIMIT '.$limit;
}
$this->query($sql);
if($this->result_id){
$affected_rows = $this->affected_rows();
}
return $affected_rows;
}
// Update MySQL
public function update($params) {
extract($params);
$sql = 'UPDATE '.$table.' SET '.$values.' WHERE '.$where;
if(is_numeric($limit)){
$sql .= ' LIMIT '.$limit;
}
$this->query($sql);
if($this->result_id){
$affected_rows = $this->affected_rows();
}
return $affected_rows;
}
// MySQL Query
private function query($sql) {
$this->result_id = mysql_query($sql);
return $this->fetch_rows();
}
// MySQL Fetch Rows
private function fetch_rows() {
$rows = array();
if($this->result_id){
while($row = mysql_fetch_object($this->result_id)){
$rows[] = $row;
}
}
return $rows;
}
// MySQL Affected Rows
private function affected_rows() {
return mysql_affected_rows($this->link);
}
// MySQL Affected Rows
private function num_rows() {
return mysql_num_rows($this->link);
}
// MySQL Affected Rows
private function select_id() {
return mysql_insert_id($this->link);
}
// Destruct!
public function __destruct() {
$this->disconnect();
}
}
?>
encode($Password);
$rows = $DB->select("SELECT * Users WHERE Email='$Email', AND
Password='$PasswordEncoded'");
if ($DB->num_rows > 0) {
$this->UserID = $row['ID'];
$this->AdminLevel = $row['Admin_Level'];
$this->FirstName = $row['First_Name'];
$this->LastName = $row['Last_Name'];
$this->DateAdded = $row['Date_Added'];
$this->MobileTelephone = $row['Telephone_Mobile'];
$this->LandLineTelephone = $row['Telephone_Land_Line'];
// User info stored in Sessions
session_start();
$_SESSION['Status'] = "loggedIn";
$_SESSION['ID'] = $row['ID'];
$_SESSION['Email'] = $row['Email'];
$_SESSION['AdminLevel'] = $row['Admin_Level'];
$_SESSION['LandLine'] = $row['Telephone_Land_Line'];
$_SESSION['MobileTelephone'] = $row['Telephone_Mobile'];
$_SESSION['FirstName'] = $row['First_Name'];
$_SESSION['LastName'] = $row['Last_Name'];
} else {
return false;
}
}
public function encode($str) {
return md5(base64_encode($str));
}
}
?>
CheckValidUser("[EMAIL PROTECTED]", "password");
echo $x;
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
[PHP] shopping carts
Does anyone know of a shopping cart which allows you to add multiple custom fields to each product? --e -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] shopping carts
that does not help, none specify whether they have a custom fields option or not. On Feb 6, 2008, at 4:23 PM, Daniel Brown wrote: On Feb 6, 2008 4:18 PM, nihilism machine <[EMAIL PROTECTED]> wrote: Does anyone know of a shopping cart which allows you to add multiple custom fields to each product? http://www.hotscripts.com/ http://php.resourceindex.com/ http://www.sf.net/ -- Daniel P. Brown Senior Unix Geek -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] issues with calling methods twice in a row
that was just an example. yes they both provide 5 input variables.
On Feb 8, 2008, at 4:18 PM, Jim Lucas wrote:
nihilism machine wrote:
i have a method called CreateUser() which is public and takes 5
variables as its data, then adds them to a db. it only executes the
first method not the other although its all the same but the
variable.
Here you say that the method takes five (5) variables.
ex:
$auth = new auth();
$auth->CreateUser("fake email", 1, "fake name", 4);
$auth->CreateUser("fake email", 2, "fake name", 4);
$auth->CreateUser("fake email", 3, "fake name", 4);
$auth->CreateUser("fake email", 4, "fake name", 4);
$auth->CreateUser("fake email", 5, "fake name", 4);
But here, you are only putting 4 variables in the method call.
Are you missing something that is required? The fifth field perhaps?
any ideas? only the first method gets executed?
--
Jim Lucas
"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."
Twelfth Night, Act II, Scene V
by William Shakespeare
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] issues with calling methods twice in a row
i have a method called CreateUser() which is public and takes 5
variables as its data, then adds them to a db. it only executes the
first method not the other although its all the same but the variable.
ex:
$auth = new auth();
$auth->CreateUser("fake email", 1, "fake name", 4);
$auth->CreateUser("fake email", 2, "fake name", 4);
$auth->CreateUser("fake email", 3, "fake name", 4);
$auth->CreateUser("fake email", 4, "fake name", 4);
$auth->CreateUser("fake email", 5, "fake name", 4);
any ideas? only the first method gets executed?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Better DB Class MySQL
Looking to really beef up my DB class, any suggestions for functions
to add that will be more time saving for a web 2.0 app, or ways to
improve existing methods? thank you everyone in advance.
connect();
}
// Connect to MySQL Server
public function connect() {
$this->link = mysql_connect($this->db_server,$this->db_user,$this-
>db_pass) or die("Error: Cannot Connect to DataBase");
mysql_select_db($this->db_name,$this->link) or die("Error: Cannot
Select Database (" . $this->db_name . ")");
}
// MySQL Query
public function query($sql) {
$this->result_id = mysql_query($sql);
return $this->fetch_rows();
}
// MySQL Query
public function insert($sql) {
$this->result_id = mysql_query($sql);
return $this->select_id;
}
// MySQL Fetch Rows
public function fetch_rows() {
$rows = array();
if($this->result_id){
while($row = mysql_fetch_object($this->result_id)) {
$rows[] = $row;
}
}
return $rows;
}
// MySQL Affected Rows
public function num_rows() {
return mysql_num_rows($this->link);
}
// MySQL Affected Rows
public function select_id() {
return mysql_insert_id($this->link);
}
// Disconnect from MySQL Server
public function disconnect() {
mysql_close($this->link);
}
// Terminator Style Function simply in coolness
public function Terminator($tbl) {
}
// Destruct!
public function __destruct() {
$this->disconnect();
}
}
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mysql question
i have this functuon:
public function select_one($sql) {
$this->last_query = $sql;
$r = mysql_query($sql);
if (!$r) {
$this->last_error = mysql_error();
return false;
}
if (mysql_num_rows($r) != 1) {
return false;
}
$ret = mysql_result($r, 0);
mysql_free_result($r);
if ($this->auto_slashes) return stripslashes($ret);
else return $ret;
}
what is $ret, an array? if so how can i access the individual rows in
it?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mysql question #2
Ok, I read the php.net info. so with this function though:
public function select_one($sql) {
$this->last_query = $sql;
$r = mysql_query($sql);
if (!$r) {
$this->last_error = mysql_error();
return false;
}
if (mysql_num_rows($r) != 1) {
return false;
}
$ret = mysql_result($r, 0);
mysql_free_result($r);
if ($this->auto_slashes) {
return stripslashes($ret);
} else {
return $ret;
}
}
how can i get the contents of a column in the returned row say for
something called "Email" as the column name. here is my code now:
// Attempt to login a user
public function CheckValidUser($Email, $Password) {
$PasswordEncoded = $this->encode($Password);
$sql = "SELECT * FROM CMS_Users WHERE Email='$Email' AND
Password='$PasswordEncoded'";
$result = $this->DB->select_one($sql);
if ($result) {
// User info stored in Sessions
$_SESSION['Status'] = "loggedIn";
$_SESSION['ID'] = $row['ID'];
$_SESSION['Email'] = $row['Email'];
$_SESSION['AdminLevel'] = $row['AdminLevel'];
$_SESSION['FirstName'] = $row['FirstName'];
$_SESSION['LastName'] = $row['LastName'];
return true;
} else {
return false;
}
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] https forced redirect question
why isnt this redirecting my page to https://www.mydomain.com instead
the page stays at my domain.com
checkHTTPS();
$this->checkWWW();
$this->ServerName = $_SERVER['SERVER_NAME'];
}
// Check if HTTPS
public function checkHTTPS() {
if ($_SERVER['HTTPS'] != "on") {
$this->HTTPS = false;
} else {
$this->HTTPS = true;
}
}
// Redirect to HTTPS Site
public function HTTPSRedirect() {
if($this->HTTPS = false) {
$redir = "Location: https://"; . $_SERVER['SERVER_NAME'];
echo $redir;
header($redir);
}
}
// Check if site is preceeded by 'WWW'
public function checkWWW() {
return true;
}
// Redirect to WWW
public function WWWRedirect() {
if ($this->WWW = false) {
$redir = "Location: http://www."; .
$_SERVER['SERVER_NAME'];
header($redir);
}
}
}
$myURL = new URL();
$myURL->HTTPSRedirect();
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] www. not working
this still does not work, if a domain has no preceeding www. it
redirects to http://www.www.site.com, if it has a www. it goes to www.www.mydomain.com
, any ideas?
checkWWW();
$this->ServerName = $_SERVER['SERVER_NAME'] .
$_SERVER['REQUEST_URI'];
}
// Check if site is preceeded by 'WWW'
public function checkWWW() {
$myDomain = $_SERVER['SERVER_NAME'];
$FindWWW = 'www.';
$POS = strpos($myDomain, $FindWWW);
if ($POS === 1) {
$this->WWW = true;
} else {
$this->WWW = false;
}
}
// Redirect to WWW
public function WWWRedirect() {
if ($this->WWW == false) {
$redir = "Location: http://www."; . $this->ServerName;
header($redir);
}
}
}
$myURL = new URL();
$myURL->WWWRedirect();
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] check if website has www. in front of domain
here is my function:
// Check if site is preceeded by 'WWW'
public function checkWWW() {
$myDomain = $_SERVER['SERVER_NAME'];
$FindWWW = '.';
$POS = strpos($myDomain, $FindWWW);
if ($POS === false) {
return false;
} else {
return true;
}
}
any idea why this is not working? just trying to test if the site is www.site.com
and not site.com
---
Edward H. Hotchkiss
Chief Technical Officer
Durgle, INC
[EMAIL PROTECTED]
http://www.durgle.com
---
Re: [PHP] www. check still not working
thank you everyone!
On Feb 15, 2008, at 3:53 PM, Nathan Rixham wrote:
Anjan Upadhya wrote:
// Redirect to WWW
public function WWWRedirect() {
if ($this->WWW == false) {
$redir = "Location: http://www."; .
$_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
header($redir);
}
}
Regards,
Anjan Upadhya
nihilism machine wrote:
checkWWW();
}
// Check if site is preceeded by 'WWW'
public function checkWWW() {
$myDomain = $_SERVER['SERVER_NAME'];
$FindWWW = 'www.';
$POS = strpos($myDomain, $FindWWW);
if ($POS === 1) {
$this->WWW = true;
} else {
$this->WWW = false;
}
}
// Redirect to WWW
public function WWWRedirect() {
if ($this->WWW = false) {
$redir = "Location: http://www."; .
$_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
header($redir);
}
}
}
$myURL = new URL();
$myURL->WWWRedirect();
?>
and
public function checkWWW() {
$this->WWW = (strtolower(trim(substr($_SERVER['SERVER_NAME'],0,4)))
== 'www.');
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] www. check still not working
checkWWW();
}
// Check if site is preceeded by 'WWW'
public function checkWWW() {
$myDomain = $_SERVER['SERVER_NAME'];
$FindWWW = 'www.';
$POS = strpos($myDomain, $FindWWW);
if ($POS === 1) {
$this->WWW = true;
} else {
$this->WWW = false;
}
}
// Redirect to WWW
public function WWWRedirect() {
if ($this->WWW = false) {
$redir = "Location: http://www."; . $_SERVER['SERVER_NAME'] .
$_SERVER['REQUEST_URI'];
header($redir);
}
}
}
$myURL = new URL();
$myURL->WWWRedirect();
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] upload issue
any idea why this fails?this is the error: "Sorry, there was a problem
uploading your file"
$insertID = $DB->insert_sql("INSERT INTO CMS_Media (File_Name) VALUES
('')");
$target = "media/" . $insertID . $extension;
//echo $target;
if (move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) {
// Error
echo "File was uploaded!";
} else {
echo "Sorry, there was a problem uploading your file.";
}
chmod($target, 0755);
header("Location: crop.php?imageName=$newFileName");
?>
---
Edward H. Hotchkiss
Chief Technical Officer
Durgle, INC
[EMAIL PROTECTED]
http://www.durgle.com
---
[PHP] separating strings from extensions
i am using this code to get the extension of a filename: $extension = strtolower(strrchr($fileName,".")); how can i get the text BEFORE the . (period) ? thanks in advance. -e -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] classes
if i declare an instance of a class in the top of my php file, then have html, then later on user $myClassInstance->myMethod(); -- myMethod() does not execute, only when i have the instantiation of the class right before the call to the method does it work. any ideas? -e -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mysql input
I have a user saving a VARCHAR(255) field in a mysql db which has single quotes in the text, how can i replace them so that they dont fuck up my mysql command? -e -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] form cleaner class
What is a better idea? Using this class in my db class and using
CleanInput on the sql statements, or using it in the top of the all
pages with form input to clean the $_POST's? Also, any ideas or
comments on improving the class?
0) {
foreach($_POST as $curPostKey => $curPostVal) {
$_POST[$curPostKey] =
$this->CleanInput($curPostVal);
}
}
}
// Clean Form Input
public function CleanInput($UserInput) {
$allowedtags = "li>";
$notallowedattribs = array("@javascript:|onclick|ondblclick|
onmousedown|onmouseup|onmouseover|onmousemove|onmouseout|onkeypress|
onkeydown|[EMAIL PROTECTED]");
$changexssto = '';
$UserInput = preg_replace($notallowedattribs, $changexssto,
$UserInput);
$UserInput = strip_tags($UserInput, $allowedtags);
$UserInput = nl2br($UserInput);
return $UserInput;
}
}
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sendmail question
I have a link that i want to use as the body of an html email. here
is the code i use:
// Notify about comments
public function emailComment($Link, $ID) {
$mail = new SendMail();
$mail->SetCharSet("ISO-8859-1");
$mail->from("someone", "[EMAIL PROTECTED]");
$mail->to("[EMAIL PROTECTED]");
$mail->subject("New Comment!");
$str = 'http://www.mysite.com/permalink.php?ID='.
$Link.'">Comment ID #'.$ID.'';
$mail->text($str);
//$mail->attachment($fileName);
$mail->send();
Where link = a number.
the email that i get is:
So the email should be a link to: http://www.mysite.com/permalink.php?ID=120
but instead links to: http://www.mysite.com/permalink.php?ID%120
Here is the php sendmail library =
textboundary = uniqid(time());
$this->emailboundary = uniqid(time());
$this->charset = "ISO-8859-1";
}
public function SetCharSet($char) {
$this->charset = $char;
}
public function Validate_Email($emailAddress) {
if(!preg_match("/[a-z0-9_-]+(\.[a-z0-9_-]+)*@([0-9a-z][0-9a-
z-]*[0-9a-z]\.)+([a-z]{2,4})/i", $emailAddress)) {
die('Invalid Email Address: '.$emailAddress);
}
return $emailAddress;
}
public function from($name, $email) {
$this->emailheader .= 'From: '.$name.'<'.$email.'>'."\r\n";
}
public function to($to) {
$this->empfaenger = $this->Validate_Email($to);
}
public function cc($cc) {
$this->cc[] = $cc;
}
public function bcc($cc) {
$this->bcc[] = $cc;
}
public function makeMimeMail() {
if(count($this->cc) > 0) {
$this->emailheader .= 'Cc: ';
for($i=0; $icc); $i++) {
if($i > 0) $this->emailheader .= ',';
$this->emailheader .=
$this->Validate_Email($this->cc[$i]);
}
$this->emailheader .= "\r\n";
}
if(count($this->bcc) > 0) {
$this->emailheader .= 'Bcc: ';
for($j=0;$jbcc);$j++) {
if($j > 0) $this->emailheader .= ',';
$this->emailheader .=
$this->Validate_Email($this->bcc[$j]);
}
$this->emailheader .= "\r\n";
}
$this->emailheader .= 'MIME-Version: 1.0'."\r\n";
}
public function subject($subject) {
$this->subject = $subject;
}
public function text($text) {
$this->textheader .= 'Content-Type: multipart/alternative;
boundary="'.$this->textboundary.'"'."\r\n\r\n";
$this->textheader .= '--'.$this->textboundary."\r\n";
$this->textheader .= 'Content-Type: text/plain; charset="'.$this-
>charset.'"'."\r\n";
$this->textheader .= 'Content-Transfer-Encoding: quoted-
printable'."\r\n\r\n";
$this->textheader .= strip_tags($text)."\r\n\r\n";
$this->textheader .= '--'.$this->textboundary."\r\n";
$this->textheader .= 'Content-Type: text/html; charset="'.$this-
>charset.'"'."\r\n";
$this->textheader .= 'Content-Transfer-Encoding: quoted-
printable'."\r\n\r\n";
$this->textheader .= ''.$text.''."\r\n
\r\n";
$this->textheader .= '--'.$this->textboundary.'--'."\r\n\r\n";
}
public function attachment($fileName) {
if(is_file($fileName)) {
$attachment_header = '--'.$this->emailboundary."\r\n" ;
$attachment_header .= 'Content-Type: application/octet-stream;
name="'.basename($fileName).'"'."\r\n";
$attachment_header .= 'Content-Transfer-Encoding:
base64'."\r\n";
$attachment_header .= 'Content-Disposition: attachment;
filename="'.basename($fileName).'"'."\r\n\r\n";
$file['inhalt'] =
fread(fopen($fileName,"rb"),filesize($fileName));
$file['inhalt'] = base64_encode($file['inhalt']);
$file['inhalt'] = chunk_split($file['inhalt'],72);
$this->attachment[] =
$attachment_header.$file['inhalt']."\r\n";
} else {
die('ERROR - Invalid Filename: "' . $fileName . "\r\n");
}
}
public function send() {
$this->makeMimeMail();
$header = $this->emailheader;
if(count($this->attachment)>0) {
$header .= 'Content-Type: multipart/mixed; boundary="'.$this-
>emailboundary.'"'."\r\n\r\n";
$header .= '--'.$this->emailboundary."\r\n";
$header .= $this->textheader;
if(count($this->attachment) > 0) $header .= implode("",$this-
>attachment);
$header .= '--'.$this->emailboundary.'--';
} else {
$header .= $this->textheader;
}
mail("$this->
[PHP] email issue
here is my simple email lib: http://pastebin.com/m4d107c01 any idea why in the body i have a link with an = sign that gets replaced with a % sign? -e -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] GD / Pixel Font Rendering
I am trying to render an 8 pixel pixel font without anti aliasing to look crisp (silkscreen) in 8pt with gd. the font is huge and ugly: -- any ideas? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
