I have an old site using Ubuntu and PHP 5.3. There is a cron script that hits an API to push/pull data. Recently I have been hit with an error when these scripts attempt to run: "Unidentified index: UserID" in the "appsettings.php" file.
$conn=db_connect();
if(!#$_SESSION["UserID"])
{
$allowGuest=guestHasPermissions();
$scriptname=getFileNameFromURL();
if($allowGuest && $scriptname!="login.php" && $scriptname!="remind.php" && $scriptname!="register.php" && $scriptname!="registersuggest.php")
{
$_SESSION["UserID"]="Guest";
$_SESSION["GroupID"]="<Guest>";
$_SESSION["AccessLevel"]=ACCESS_LEVEL_GUEST;
$auditObj = GetAuditObject();
if($auditObj)
$auditObj->LogLogin();
if($globalEvents->exists("AfterSuccessfulLogin"))
{
$dummy=array();
$globalEvents->AfterSuccessfulLogin("","",$dummy);
}
}
}
I understand that using the "#" symbol isn't best practice, but I've been given explicit instruction to "just make it work". This has worked in the past, but since pushing up some styling changes I started getting this error.
To check to see if the USERID exists, try changing
if(!#$_SESSION["UserID"])
to
if(!isset($_SESSION["UserID"])){...
...
} else {
...// handle the error
}
Related
I am very new to php and I tried to write this function. Now it seems like the function is not Defined. Nothing happens when I open the php file and if I try to use console to run it. It gives an error --
contentcheck('ex1.php','Bajestani')
ReferenceError: contentcheck is not defined
The Code is below.
<?php
if(contentcheck('ex1.php','Bajestani')===true)
echo 'Got it';
function contentcheck($filename,$phrase)
{
$content = shell_exec('C:\xampp\htdocs\docman\pdftotext '.$filename.' -');
if (strpos($content,$phrase) !== false)
{
return true;
}
else
return false;
}
if(contentcheck('ex1.php','Bajestani')===true)
echo 'Got it';
?>
Thanks In advance
You state that you try to run the function from the console.
In addition, ReferenceError: contentcheck is not defined is a Javascript error, not a PHP error.
Both of these facts lead me to the conclusion that you are trying to run the PHP code from inside the browser.
Please note that PHP code is not available from within the browser -- the function will indeed be undefined if you run it in the console, because PHP is run on the web server, not in the browser. The browser will never see your PHP functions; it simply sees the output of the PHP program (eg the HTML code, etc that is printed from by your PHP program). The PHP code itself is never seen by the browser.
It's not entirely clear what your program is supposed to be doing but what is clear is that the way you're trying to run it is not going to work. You're going to have to re-think this one completely, and possibly learn a bit more about how client/server systems work, and PHP in particular.
I'm using MAMP with PHP 5.4.10 and I have a problem with the following MWE:
<?php
trait T {
public function hello() { echo 'hello'; }
}
class A {
use T;
}
$a = new A();
$a->hello();
?>
The page shows 'hello' on the first load. But then, when I hit refresh, I get an Error 500.
If I modify the file (just by adding an empty line somewhere for instance) and refresh again, 'hello' shows up again. Hit refresh again, and the Error 500 is back.
Any clue where this might be coming from?
Update:
This shows up in the PHP errors log (nothing in the Apache errors log): PHP Fatal error: Call to undefined method A::0?
()
(the 0 doesn't always have the same name when I repeat the operation).
Xcache might be the problem here, try turning caching off (or at least xcache) and try it again
I had the same problem, and thanks to the #Leon Weemen i focused on the XCache. I found this bug (which is fixed in XCache 3.0.1) to be exactly what causes the problem (my version of XCache was 2.0.0). They suggest you to set in your php.ini the following values to solve the problem;
xcache.mmap_path = "/tmp/xcache"
xcache.readonly_protection = on
However, this workaround does not solve the problem for me. The only way I was able to disable the XCache was by using the ini_set() PHP method. The following snippet at the very begginning of my application solves the problem and is ready to use XCache as soon as it is updated:
try{
$xCache = new ReflectionExtension('xcache');
if(version_compare($xCache->getVersion(), '3.0.1', '<')){
ini_set('xcache.cacher', 0);
}
} catch(ReflectionException $e){
// xCache not installed - everything should work fine
}
I dont want to jump into everything as I'm about to leave work, I would just like suggestions or things to change. I have a centos linux server and this is the code that's giving me the error and i'm not sure whats wrong since I downloaded it like this and it wont work.
if (!extension_loaded('librets')) {
if (strtolower(substr(PHP_OS, 0, 3)) === 'win') {
if (!dl('php_librets.dll')) return;
} else {
// PHP_SHLIB_SUFFIX gives 'dylib' on MacOS X but modules are 'so'.
if (PHP_SHLIB_SUFFIX === 'dylib') {
if (!dl('librets.so')) return;
} else {
if (!dl('librets.'.PHP_SHLIB_SUFFIX)) return;
}
}
}
I get the following error:
Fatal error: Call to undefined function dl() in /home/removed/public_html/test/rets2/librets.php on line 22
I'm not sure whats wrong..
Anyone?
dl is not a good solution for loading libraries under certain conditions, which is why the function has been removed from several of the SAPI-s (Server APIs - the connection between PHP and the server running PHP). You'll either have to add it to php.ini or load it through whatever means your server has available for that. If you're on shared hosting, the hoster may also have disabled dl() for security reasons.
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
file_get_contents with query string
I'm using the file_get_contents function but although returning the correct output, it is still showing this error:
Warning: file_get_contents(secure/validate.php?cardnumber=1234567) [function.file-get-contents]: failed to open stream: No error in ...
The scenario is card number validation and in validatecard.php there is a simple if statement:
if (isset($_GET['cardnumber']) && ($_GET['cardnumber'] == "12345")) {
echo "OK";
} else {
echo "INVALID CARD";
}
My code is:
$cardnumber = $_POST["cardnumber"];
$url = "secure/validate.php?cardnumber=" . $cardnumber;
if (file_get_contents($url) != "OK"){
$order_error_msg = "Invalid card number";
} else { ....
What may be the problem?
Well, it seems like you don't have allow_url_fopen set in your php.ini #Gordon is correct, this is not a url_fopen issue. It's actually failing because using file_get_contents on the local file will actually get you the code for the file, not the PHP-processed result of running that file. To get it to work as you wanted, you'd need to hit apache/PHP by prepending "https://localhost/" to the url, and enabling allow_url_fopen.
But also this looks like a very worrying piece of code; you should do as little as possible with CC numbers in the code. By using file_get_contents and a card number on the get string, it opens up the possibility of the number being logged somewhere.
A much more secure implementation would look something like this:
validatecard.php
function checkCard($card) {
if ($card == "12345")) {
return "OK";
} else {
return "INVALID CARD";
}
}
Then in your main code:
include('secure/validatecard.php');
$cardnumber = $_POST["cardnumber"];
if (checkCard($cardnumber) != "OK"){
$order_error_msg = "Invalid card number";
} else { ....
That way your checkCard function is more re-usable, and you don't have to ferry the card number around so much.
If you decide to go with the file_get_contents approach and hit https://localhost/secure/validatecard.php?card=12345 then the credit card numbers will get logged in your apache access logs in plain text. This is verging on criminally negligent, don't do it.
also, as per Gordon's advice, make sure that you're using https all the way through.
You might consider hiring in a contractor with experience writing shopping carts/checkouts. These things are important to get right, and can be insecure in subtle ways if you're not experienced.
are you sure your php.ini configuration allows for opening urls?
you can check using phpinfo() and searching for allow_url_fopen
also, as another poster noted , using GET for this kind of stuff isn't really ideal (read: really really bad). if you're keen on making a request to another page, rather than using a file (if that other page is not on your server, for example), try using cURL and do a POST request
I'm trying to find if variables (using GET) exist using an if statement, but I can't get them to work on my web server, but my local server works fine.
I have if statements like these in my PHP:
if(isset($_GET['typeQ']) && $_GET['typeQ'] == 4 && isset($_GET['searchQ'])){
header("Location: schoolEdit.php?schoolid=".$_GET['searchQ']."");
} else if(isset($_GET['typeQ']) && $_GET['typeQ'] == 5 && isset($_GET['searchQ'])){
header("Location: vehicleEdit.php?vehicleid=".$_GET['searchQ']."");
} else if(isset($_GET['typeQ']) && $_GET['typeQ'] == 6 && isset($_GET['searchQ'])){
header("Location: driverEdit.php?driverid=".$_GET['searchQ']."");
} else if(isset($_GET['typeQ']) && $_GET['typeQ'] == 3 && isset($_GET['searchQ'])){
header("Location: studentEdit.php?studentid=".$_GET['searchQ']."");
}
When I go to this URL on my localserver (http://localhost/voyageur/index2.php?searchQ=1&typeQ=6), it sees that "typeQ" is set as 6 and "searchQ" is set to something and runs the header code. But on my web server, it doesn't run any of these using the same type of URL, it just skips them as if none of them were set.
Is there something I need to configure on my web server to get this to work properly like I have it working locally?
Try changing
header("Location: schoolEdit.php?schoolid=".$_GET['searchQ']."");
to
header("Location: schoolEdit.php?schoolid=".$_GET['searchQ']);
The header function on your server may be reading the header insert incorrectly since you're concatenated nothing to the end of your header. Hopefully, this will fix your problem. It's the only thing that I could find. Other than that, it looks sound.
Should have thought of this, but I got this to work by moving the if statements up higher in the code. Still strange how I didn't get "headers already sent" errors or something.
Thanks for the help everyone :)