We Keep Coding

failed to share cookie with subdomain

Im trying to pass some information via cookie to my subdomain
in the WordPress login file, wp-login.php I create cookies everytime user login
$outlaw = $_POST['pwd'];
$inlaw = $_POST['log'];
$exp = time()+86400*10;
setcookie("lauthUr", $inlaw, $exp, "/", "mysite.com");
setcookie("lauthPd", $outlaw, $exp, "/", "mysite.com");
in my subdomain which is panel.mysite.com
I run this code in javascript to check if cookie exist via console
function getCookie(name) {
var dc = document.cookie;
var prefix = name + "=";
var begin = dc.indexOf("; " + prefix);
if (begin == -1) {
begin = dc.indexOf(prefix);
if (begin != 0) return null;
}
else
{
begin += 2;
var end = document.cookie.indexOf(";", begin);
if (end == -1) {
end = dc.length;
}
}
// because unescape has been deprecated, replaced with decodeURI
//return unescape(dc.substring(begin + prefix.length, end));
return decodeURI(dc.substring(begin + prefix.length, end));
}
function doSomething() {
var myCookie = getCookie("lauthUr");
if (myCookie == null) {
alert('no');
}
else {
alert('yes')
}
};
doSomething();
I get no alert
can you tell me whats the problem ?
Update
this didnt work either
setcookie("lauthUr", $inlaw, $exp, "/", ".mysite.com");
setcookie("lauthPd", $outlaw, $exp, "/", ".mysite.com");

Execute on certain url format with strpos

I want to perform an action when the url is /bookings , but not /bookings/something-else
I tried this...
if ($_SERVER['REQUEST_URI'] == '/bookings') {
// do stuff....
}
But it fails when the user is on the /bookings page and searches, at which point queries are added to the url, e.g. /bookings?search=this
I have also tried this...
if (strpos($_SERVER['REQUEST_URI'],'/bookings') !== false && strpos($_SERVER['REQUEST_URI'],'/bookings/') == false ) {
// do stuff...
}
But this still executes on /bookings/some-thing and i cant figure out why?

You'll be better off using a dedicated method for URL parsing, rather than using string manipulation. PHP's parse_url function is perfect for this:
$path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
if ($path === '/bookings') {
...
}

Try this condition. first will make exact string. while seocnd match with query sring
if ($_SERVER['REQUEST_URI'] == '/bookings' || strpos($_SERVER['REQUEST_URI'],'/bookings?') !== false) {
// do stuff....
}
OR use === while matching false/ otherwise 0 and false become equal
if (strpos($_SERVER['REQUEST_URI'],'/bookings') !== false && strpos($_SERVER['REQUEST_URI'],'/bookings/') === false ) {

How do I add an if / else?

I am using the following code to pass a variable. if variable = a, do nothing.
I then want to check if variable = a, do nothing, if b, do nothing, else do something
<?
if($_GET['pageid'] == 'a'){
} else {
include('header_image.php');
}
?>
Above is the code I have working correctly for one vartiable.
How do I add an if / else?

if($_GET['pageid'] != 'a' && $_GET['pageid'] != 'b'){
//do smth
}

This is a comment - i want the formatting...
To do what you want:
if ($_GET['pageid'] == 'a') {
// do nothing for now
}
elseif ($_GET['pageid'] == 'b') {
// do some more nothing...
}
else { // we do something...
include('header_image.php');
}
You could combine the 'do nothing' tests as:
if ( $_GET['pageid'] == 'a'
|| $_GET['pageid'] == 'b') {
// do nothing for now
}
else { // we do something...
include('header_image.php');
}
I agree it reads better than the 'not equal and' tests. However, that is what 'programmers' use so it is worthwhile getting used to it.

Why is Apache inserting comment into some of my HTML output?

While running my code through W3C's HTML validator for HTML5, I noticed that some of my files had this comment inserted before the tag:
<!-- This file should NOT be stored in the web root directory (or any sub-directory thereof) If this is not possible, place it in the 'include' directory and restrict access via Apache's .htaccess files -->
This only seems to happen with pages that are accessed via POST requests, though I have been unable to pin down any cause, nor have searches turned up anything.
I am using mod rewrites and the HTML is generated from multiple files from webroot/views/ and webroot/includes/, but other pages that are similarly generated do not have this issue.
Anyway, I normally wouldn't worry about it, but when sending an xml request to dynamically update a price field, the xml return results, which were supposed to be just the price value as a number, were prefixed by that entire comment.
Now, I can remove it in my application code, which is what I have done, but I'd really like to know under what circumstances Apache decides to inject this comment into outputted HTML files.
For reference, here is my JS to send/handle the xml request:
<script type="text/javascript">
/**
* Updates the currently displayed price based on currently selected options
* #param category_id Id of currently selected category
*/
function updatePrice(category_id) {
if (category_id === undefined || category_id < 1) {
return false;
}
if (!document.getElementsByTagName) { return; }
var aSelect = document.getElementsByTagName("SELECT");
var data = [];
data.push("category_id=" + category_id);
for (var i = 0; i < aSelect.length; i++) {
var sid = aSelect[i].id;
if (sid !== undefined && sid.indexOf("select_") > -1) {
data.push(sid + '=' + aSelect[i].value);
}
}
data = data.join('&');
var xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatechange = function() {
if (xmlhttp.readyState == 4 && xmlhttp.status == 200) {
// Hack to remove Apache's auto-generated comment/warning at top of some pages
var text = xmlhttp.responseText;
text = (text.length > 0 ? text.substring(text.lastIndexOf('>') + 1).trim() : '');
var price = document.getElementById("product-price");
if (price != null) {
price.value = (text.length < 1 ? 'N/A' : ('$' + text));
}
}
}
xmlhttp.open("POST", "rental_update_price.php", true);
xmlhttp.setRequestHeader("Content-type","application/x-www-form-urlencoded");
xmlhttp.send(data);
}
</script>
And here is the php file that processes the request:
<?php
if (!isset($errors)) { $errors = array(); }
if (!isset($notifications)) { $notifications = array(); }
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (empty($_POST['category_id']) || !is_numeric($_POST['category_id'])) {
die('Sorry, there has been a system error.');
}
$category_id = (int) $_POST['category_id'];
require './includes/config.inc.php';
require MYSQL;
$att_tbl = selectWithCondition($dbc, 'att_table', 'rental_categories', 'id', $category_id, 'i', 'LIMIT 1');
if ($att_tbl === FALSE) {
die('Failed to retrieve product attribute table from database.');
}
// Retrieve all 'select' keys and values to query exact product id and price
$selected = array();
foreach($_POST AS $k=>$v) {
if (strpos($k, 'select_') > -1) {
// All select fields should be foreign key references, i.e. positive integers
if (ctype_digit($v) && $v > 0) {
$selected[(str_replace('select_', '', $k) . '_id')] = (int) $v;
} else {
$errors[$k] = 'Invalid value';
}
}
}
if (empty($selected)) {
die('No columns selected.');
}
// TODO select price instead of id
$q = "SELECT p.id FROM products p";
$where = '';
foreach($selected AS $k=>$v) {
if (empty($where)) {
$where = "t.$k=$v";
} else {
$where .= " AND t.$k=$v";
}
}
$q .= " JOIN $att_tbl t ON t.product_id=p.id WHERE $where LIMIT 1";
if (($r = $dbc->query($q))) {
if ($row = $r->fetch_assoc()) {
// Generate dummy price value for testing:
echo number_format((((int) $row['id']) * 31) / 100, 2);
}
$r->close();
} else {
$notifications['error'] = 'A system error has occurred. The system administrator will be notified automatically.';
$notifications['error_log'] = 'Error No: ' . $dbc->errno . '-' . $dbc->error;
}
}

require MYSQL;
if MYSQL is a file, give it an extension .php so it doesn't bypass the PHP interpreter.
I think PHP does print the warning when you include a file which is not parsed.

Answering my own question since it was one of those where you look for days and when you finally break down and ask, it becomes glaringly obvious almost immediately.
In my MYSQL file, I had that comment at the top, even before the php tags, and in certain situations the MYSQL file is included before any other HTML output, which then results in that comment being displayed.
Moving the comment to within the php tags so that it is not considered HTML fixes the issue.
Thanks to all who commented.

Idea with php logic using operators

I am new to PHP and find it very hard to explain.
I have a PHP navigation script with 5 categories and two variables relevant to my question:
$catname = 'used-cars'; // the same value for all categories
$currentpage; // pages 1 to 5
index.php of my site has $currentpage == '1'
The issue is that I need a logic that will say:
If $catname IS NOT 'used-cars', do something, BUT, IF $currentpage is equal to 1, even if $catname is 'used-cats' do it anyway
I am thinking of something like this:
if($catname != 'used-cars' && !($currentpage > '1')):
endif;
Hope you can help!

This is merely a single or condition. On the right side, $currentpage === 1 will evaluate to TRUE without regard to the value of $catname. If either part of the condition is TRUE, you'll enter the if () block to execute your code there.
if ($catname !== "used-cars" || $currentpage === 1) {
// do your thing
}

This is just:
if (strcmp($catname, 'used-cars') != 0 || $currentpage == 1)
(Careful with the string comparison.)

Alternatively, you could declare it as a boolean first:
$proceed = false;
if($catname != 'used-cars')
$proceed = true;
if($currentpage == 1)
$proceed = true;
if($proceed){
// whatever you want
}

$doflag = 0;
if($catname != 'used-cars')
{
$doflag = 1;
} else if($currentpage == 1) {
$doflag = 1;
}
if($doflag == 1) {
//do something
}
Basically instead of trying to do everything with the block, use the block to set a flag and use the flag to do something.