Hi this is a simple question, however I have now stared at it long enough to realise im simply not seeing the error. If anyone can see where this is going wrong I would be very thankful.
public function create()
{
$this->load->model('ticket_model');
if($_POST)
{
// validate form
if($this->_validate())
{
// save updates
foreach($_POST as $key => $value){if(!is_array($value)) $_POST[$key] = htmlspecialchars($value);}
if ($_POST['subject'] == '') $body_data['error'][] = "You did not enter a subject.";
if ($_POST['priority'] == '') $body_data['error'][] = "You did not select a priority.";
if ($_POST['status'] == '') $body_data['error'][] = "You did not select a status.";
if ($_POST['ipAddress'] == '') $body_data['error'][] = "You did not enter a ipAddress.";
if ($_POST['text_area'] == '') $body_data['error'][] = "You did not enter a message.";
else
{
if (filter_var($_POST['ipAddress'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) == FALSE) $body_data['error'][] = "IP Address is not valid IPV4 Address.";
if (filter_var($_POST['ipAddress'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE) == FALSE) $body_data['error'][] = "IP Address cannot be from RFC1918 private space.";
if (filter_var($_POST['ipAddress'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE) == FALSE) $body_data['error'][] = "IP Address cannot be from reserved range.";
}
if ($_FILES['filename']['name'] != '')
{
if ($_FILES['filename']['size'] > '1024000')
{
$body_data['error'][] = "The file you uploaded is too large.";
unlink($_FILES['filename']['tmp_name']);
$body_data['ticket_list'] = $this->ticket_model->list_ticket();
$body_data['ticket_details'] = $this->ticket_model->get_ticket($ticket_id);
$body_data['ticket_summary'] = $this->ticket_model->list_ticket_summary($ticket_id);
$body_data['precan_list'] = $this->ticket_model->list_messages();
$body_data['users_list'] = $this->ticket_model->list_users();
$foot_data['accordian_active'] = 5;
$this->load->view('head',$head_data);
$this->load->view('sidebar/service',$head_data);
$this->load->view('ticket/edit',$body_data);
$this->load->view('foot',$foot_data);
return;
}
else
{
//the file is under the specified size. so copy it from temp to import folder and proccess
$thisFileHumanName = $_FILES['filename']['name'];
$thisFileSize = $_FILES['filename']['size'];
$thisServerFileName = strtoupper(uniqid('A'));
$thisFileType = $_FILES['filename']['type'];
$temp_file_location = $this->config->item('rootpath').'/assets/ticketuploads/'.$thisServerFileName;
if (!move_uploaded_file($_FILES['filename']['tmp_name'], $temp_file_location))
{
$body_data['error'][] = "File could not be moved due to a permissions error.";
unlink($_FILES['filename']['tmp_name']);
$body_data['ticket_list'] = $this->ticket_model->list_ticket();
$body_data['ticket_details'] = $this->ticket_model->get_ticket($ticket_id);
$body_data['ticket_summary'] = $this->ticket_model->list_ticket_summary($ticket_id);
$body_data['precan_list'] = $this->ticket_model->list_messages();
$body_data['users_list'] = $this->ticket_model->list_users();
$foot_data['accordian_active'] = 5;
$this->load->view('head',$head_data);
$this->load->view('sidebar/service',$head_data);
$this->load->view('ticket/edit',$body_data);
$this->load->view('foot',$foot_data);
return;
}
}
}
//clean error array
$body_data['error'] = array_filter($body_data['error']);
if ($body_data['error'])
{
$body_data['ticket_list'] = $this->ticket_model->list_ticket();
$body_data['ticket_details'] = $this->ticket_model->get_ticket($ticket_id);
$body_data['ticket_summary'] = $this->ticket_model->list_ticket_summary($ticket_id);
$body_data['precan_list'] = $this->ticket_model->list_messages();
$body_data['users_list'] = $this->ticket_model->list_users();
unlink($_FILES['filename']['tmp_name']);
$foot_data['accordian_active'] = 5;
$this->load->view('head',$head_data);
$this->load->view('sidebar/service',$head_data);
$this->load->view('ticket/edit',$body_data);
$this->load->view('foot',$foot_data);
return;
}
else
{
$_POST['userId'] = $this->session->get_user_id();
$thisMessageId = $this->ticket_model->save_message($_POST);
if ($_FILES['filename']['name'] != '')
{
//set variables for save
$_POST['file_path'] = $temp_file_location;
$_POST['file_name'] = $thisFileHumanName;
$_POST['file_size'] = $thisFileSize;
$_POST['file_type'] = $thisFileType;
$_POST['messageId'] = $thisMessageId;
$this->ticket_model->save_upload($_POST);
}
$this->ticket_model->save_ticket($_POST);
redirect(base_url().'ticket/');
return;
}
}
}
$body_data['ticket_list'] = $this->ticket_model->list_ticket();
$body_data['message_list'] = $this->ticket_model->list_message($ticket_id);
$body_data['customer_list'] = $this->ticket_model->list_customers();
$body_data['users_list'] = $this->ticket_model->list_users();
$foot_data['accordian_active'] = 5;
$foot_data['contact_search'] = true;
$this->load->view('head',$head_data);
$this->load->view('sidebar/service',$head_data);
$this->load->view('ticket/create',$body_data);
$this->load->view('foot',$foot_data);
return;
}
This is my code, and everything is going well, except for the section where i save the upload, as nothing seems to be firing the model, even thought there is a file being posted from the from submit and there for the filename being posted is != ''......
e.g
if ($_FILES['filename']['name'] != '')
{
//set variables for save
$_POST['file_path'] = $temp_file_location;
$_POST['file_name'] = $thisFileHumanName;
$_POST['file_size'] = $thisFileSize;
$_POST['file_type'] = $thisFileType;
$_POST['messageId'] = $thisMessageId;
$this->ticket_model->save_upload($_POST);
}
my apologies if this is silly mistake.
Why are you doing it this way? Codeigniter has a built in class for uploading files. You also should be using the input class instead of $_POST.
It will make it a lot easier!
As for your code. You're actually setting the $_POST variable and trying to use that in save_ticket. You can't do that.
The predefined $_POST variable is used to collect values from a form
sent with method="post"
You're trying to use it the other way around.
So to make it work, change the $_POST into $something and it should work, but it's still not the way to go.
//set variables for save
$something['file_path'] = $temp_file_location;
$something['file_name'] = $thisFileHumanName;
$something['file_size'] = $thisFileSize;
$something['file_type'] = $thisFileType;
$something['messageId'] = $thisMessageId;
$this->ticket_model->save_upload($something);
didn't have this set.......enctype="multipart/form-data"
red face on this end.
Related
I am trying to replace some pieces of codes in different theme files using the below function, however, I am stuck with the second part of the function where I want to replace some PHP code which contains a single quote.
When I run the function, the only part changes is the first part.
function update_GTour_theme_files()
{
$new_update = file_get_contents("/home/tourieuw/public_html/wp-content/themes/grandtour/header.php");
$new_update = preg_replace('/\$page_menu_transparent = 1/', '\$page_menu_transparent = 0', $new_update);
$new_update = preg_replace('/\$grandtour_page_menu_transparent = 1/', '\$grandtour_page_menu_transparent = 0', $new_update);
if (file_put_contents("/home/tourieuw/public_html/wp-content/themes/grandtour/header.php", $new_update)) {
$errpass = TRUE;
} else {
$errmsg = "Header.php was not updated";
$errpass = FALSE;
}
$new_update_2 = file_get_contents("/home/tourieuw/public_html/wp-content/themes/grandtour/templates/template-tour-header.php");
$new_update_2 = preg_replace('/(esc_html(grandtour_format_tour_price($tour_price)))/', '\'From \'.esc_html(grandtour_format_tour_price($tour_price)', $new_update_2);
if (file_put_contents("/home/tourieuw/public_html/wp-content/themes/grandtour/templates/template-tour-header.php", $new_update_2)) {
$errpass = TRUE;
} else {
$errmsg = "template-tour-header.php was not updated";
$errpass = FALSE;
}
if ($errpass = TRUE) {
echo '</br><span style="color:green;font-weight:bold;">Changes were applied successfully.</span>';
} else {
echo '</br><span style="color:red;font-weight:bold;">' . $errmsg . '</span>';
}
}
I am expecting when running this function that both variables in two files will be replaced with this code
On a blog I'm coding the admin can edit existing posts.
I want to let an error-message appear when the $_POST['title'] for e.g is empty(There will be displayed:"Your post should have a title"). I also do it if the subheading, content or category are empty.
The errors work just fine if one or some of them is/are empty. As soon I load the page to edit a post every error is displayed from the beginning.
How do I make them only appear when one or some $_POST's are empty after the <input type="submit .../> is clicked (they shouldn't be there when the site has loaded)?
This is the function in the PostsAdminController.php that checks the $_POST's and renders the site:
public function edit()
{
$error = "";
$id = $_GET['id'];
$entry = $this->postsRepository->find($id);
$categoryFId = $this->categoryRepository->getOneCatFromId($entry->c_Id);
$savedSuccess = false;
$abort = false;
if ($this->loginService->check()) {
if (!empty($_POST['title'])) {
$entry->title = $_POST['title'];
} else {
$error .= "Your post should have a title.";
$abort = true;
}
if (!empty($_POST['subheading'])) {
$entry->subheading = $_POST['subheading'];
} else {
$error .= "A good subheading is nothing you should just leave out.";
$abort = true;
}
if (!empty($_POST['content'])) {
$entry->content = $_POST['content'];
} else {
$error .= "Your post should have content, you know, it wouldn't be a 'post' then.";
$abort = true;
}
if (!empty($_POST['category'])) {
$entry->c_Id = $_POST['category'];
}
if ($abort == false){
$this->postsRepository->update($entry);
$savedSuccess = true;
}
} else {
$error = "You have no permission to do this, how the hell did you get here?";
}
$this->render("post/admin/edit", [
'entry' => $entry,
'error' => $error,
'savedSuccess' => $savedSuccess,
'categoryFId' => $categoryFId
]);
}
I really hope someone can help me with this, I don't know what I could to to let them only disappear when the POSTS have already been send..
You have to check if there was a POST action use:
if ($_SERVER['REQUEST_METHOD'] == 'POST')
in your case
...
if ($this->loginService->check()) {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!empty($_POST['title'])) {
...
}
}
}
I have this php code associated with a database and I need here to make a complete email and name validation
based on this code how can I do that because my code has some issues here
1)name key doesn't have (//) or any symbols to be a correct name
2)email key is valid email because what we did here just make ensure that there is # symbol and if I type the email hhhh#hhh.com or even without( .com ) it will be valid also ?!!
if(array_key_exists("submit",$_POST)){
$link = mysqli_connect("localhost","root","123456789","users");
if(mysqli_connect_error()){
die("There is a problem in connecting to database");
}
if(!$_POST['name']){
$error .="<p>Your Full name is required</p><br>";
}
if(!$_POST['email']){
$error .="<p>Your email address is required</p><br>";
}
if(!$_POST['password']){
$error .="<p>Your password is required</p><br>";
}
if($error !=""){
$error = "<p>There were errors in your form</p><br>".$error;
}
}
You can use this function for the validation:
function filtervariable($string,$type,$method) {
//function for sanitizing variables using PHPs built-in filter methods
$validEmail = false;
if ($method == 'sanitize') {
$filtermethod = 'FILTER_SANITIZE_';
} elseif ($method == 'validate') {
$filtermethod = 'FILTER_VALIDATE_';
} else {
return;
}
switch ($type) {
case 'email':
case 'string':
case 'number_int':
case 'int':
case 'special_chars':
case 'url':
$filtertype = $filtermethod.strtoupper($type);
break;
}
if ($filtertype == 'FILTER_VALIDATE_EMAIL' && !empty($string)) {
list($local,$domain) = explode('#',$string);
$localLength = strlen($local);
$domainLength = strlen($domain);
$checkLocal = explode('.',$domain);
if (($localLength > 0 && $localLength < 65) && ($domainLength > 3 && $domainLength < 256) && (checkdnsrr($domain,'MX') || checkdnsrr($domain,'A') || ($checkLocal[1] == 'loc' || $checkLocal[1] == 'dev' || $checkLocal[1] == 'srv'))) { // check for "loc, dev, srv" added to cater for specific problems with local setups
$validEmail = true;
} else {
$validEmail = false;
}
}
if (($filtertype == 'FILTER_VALIDATE_EMAIL' && $validEmail) || $filtertype != 'FILTER_VALIDATE_EMAIL') {
return filter_var($string, constant($filtertype));
} else {
return false;
}
}
And use it like this:
$email = filtervariable($registeremail,'email','validate');
It will return "true" on success and "false" on failure.
I have a form in which I am using a preg_match function to validate fields. I have a generalized function for the matching. The function validateForm() is being called earlier on in the script with the appropriate values.
When the function is NOT passed any values, all the fields show the error message despite having correctly matching information. Generalized function with no arguments:
function validateForm() {
if(preg_match()) {
return true;
}
else {
return false;
}
} // end function validateForm
When I pass just ONE specific regex/field pair argument, all the fields begin to validate and show the error message when appropriate (so basically the code works as it should despite having a field-specific argument in the function). For example, when I pass this single regex/field argument into preg_match, all the fields begin to validate each field correctly, regardless of the fact that I am only checking for the 'City' field in this case. Example of passing a field-specific argument, in which all the code 'works':
function validateForm($cityRegex, $city) {
if(preg_match($cityRegex, $city)) {
return true;
}
else {
return false;
}
} // end function validateForm
Can someone explain to me why, when passed a specific argument for a specific field, the function will work for all individual preg_match arguments in the code? The script is running as I would want it to, I just do not understand why the specific argument is what makes it validate all fields.
Here is all of the PHP code, if needed:
<?php
$first = '';
$last = '';
$phone = '';
$city = '';
$state = '';
$error_message = '';
$firstLastRegex = '/^[a-zA-Z]{2,15}$/';
$lastRegex = '/^[a-zA-Z]{2,15}$/';
$phoneRegex = '/^(\(\d{3}\))(\d{3}\-)(\d{4})$/';
$cityRegex = '/^[a-zA-Z]{3,20}$/';
$stateRegex = '/^[a-zA-Z]{2}$/';
$validate_first = '';
$validate_last = '';
$validate_phone = '';
$validate_city = '';
$validate_state = '';
$phone_string = '';
if(isset($_POST['submit'])) {
$first = $_POST['firstName'];
$last = $_POST['lastName'];
$phone = $_POST['phoneNumber'];
$city = $_POST['userCity'];
$state = $_POST['userState'];
$show_form = false;
$phone_string = str_replace(array('-', '(', ')'), '', $phone);
$validate_first = validateForm($firstLastRegex, $first);
$validate_last = validateForm($lastRegex, $last);
$validate_phone = validateForm($phoneRegex, $phone);
$validate_city = validateForm($cityRegex, $city);
$validate_state = validateForm($stateRegex, $state);
if($validate_first == false) {
$show_form = true;
$error_message .= "Please enter your FIRST name between 2 and 15 letters.<br>";
}
if($validate_last == false) {
$show_form = true;
$error_message .= "Please enter your LAST name between 2 and 15 letters.<br>";
}
if($validate_phone == false) {
$show_form = true;
$error_message .= "Please enter your phone number in (###)###-### format.<br>";
}
if($validate_city == false) {
$show_form = true;
$error_message .= "Please enter your city name between 3 and 20 letters.<br>";
}
if($validate_state == false) {
$show_form = true;
$error_message .= "Please enter your state's abbreviation (Example: CA).<br>";
}
} // end if isset();
else {
$show_form = true;
$error_message = "";
} // end else
// REGEX FUNCTION
function validateForm() {
if(preg_match()) {
return true;
}
else {
return false;
}
} // end function validateForm
?>
You still need to have arguments for you function. The code below will make your validate function work.
function validateForm($regEx, $field) {
if(preg_match($regEx, $field)) {
return true;
}
else {
return false;
}
} // end function validateForm
I also see other potential issues with not checking if post variables are set before using them, and you are setting $show_form = true for all your if/else cases. I'm sure you can figure everything else out with some debug statements.
I have this code:
btn_jouer.onRelease = function ()
{
verif = txt_email_user.text;
if (txt_email_user.text == "")
{
txt_erreur.textColor = 16724736;
txt_erreur.text = "Champ(s) manquant(s)";
}
else if (verif.indexOf("#", 0) == -1 || verif.indexOf(".", 0) == -1)
{
txt_erreur.textColor = 16724736;
txt_erreur.text = "Adresse E-mail invalide";
}
else
{
php_login = new LoadVars();
php_login.email = txt_email_user.text;
php_login.sendAndLoad(_root.page_Login, php_login, "POST");
php_login.onLoad = function(succes)
{
if (succes)
{
//txt_erreur.text = php_login.etat;
//return;
if (php_login.etat == "exist")
{
_root.var_user.id = php_login.id;
_root.var_user.nom = php_login.nom;
_root.var_user.prenom = php_login.prenom;
_root.var_user.score = php_login.score;
_root.MovieLogin.unloadMovie();
if (_root._root.selectedPhone == "KS360")
{
_root.gotoAndStop(4);
}
else
{
_root.gotoAndStop(3);
} // end else if
}
else if (php_login.etat == "non")
{
trace (php_login.etat);
txt_erreur.text = "Email non enregistré! veuillez vous s'inscrir";
} // end if
} // end else if
};
} // end else if
};
The "page_Login" is login.php file on the server,
After debugging, the file login.php successfully received Posted data so i got:
$_POST['email'] = "what ever you type in swf form";
The login.php processor file:
if(isset($_REQUEST['email'])){
$email = strtolower(addslashes($_REQUEST['email']));
$DB->_request("select * from gamers where email='$email'");
if($DB->_nr() > 0) {
$row = mysql_fetch_array($DB->Result);
echo "&etat=exist&nom={$row['nom']}&prenom={$row['prenom']}&score={$row['score']}";
//
exit;
}
else {
echo "&etat=non";
exit;
}
}
Here above, the $DB->_nr() always returns "0" even the email address exists!
I have tried to create a simple html page having a form with method POST and have a simple input type text with a name="email"
When i write my email which is valid in the database and hit submit $DB->_nr() returns 1.
This really is driving me crazy, i'm sure that the email address exists, the login.php page receive posted data "email = validemail#domain.com" from SendAndLoad(); but mysql_num_rows returns 0.
Any one there had the same issue??
Any help would be so much appreciated!
Barry,
Use the following code in PHP to compare the email in both cases: given from flash and from HTML form:
if(isset($_REQUEST['email'])){
//createa the testFile.txt and give it attributes with 0777 for permission (in case you are under linux)
$myFile = "testFile.txt";
$fh = fopen($myFile, 'a') or die("can't open file");
fwrite($fh, "-".$_REQUEST['email']."-\r\n");
fclose($fh);
$email = strtolower(addslashes($_REQUEST['email']));
$DB->_request("select * from gamers where email='$email'");
if($DB->_nr() > 0) {
$row = mysql_fetch_array($DB->Result);
echo "&etat=exist&nom={$row['nom']}&prenom={$row['prenom']}&score={$row['score']}";
//
exit;
}
else {
echo "&etat=non";
exit;
}
}
if you test for both of the cases, you will be able to compare the two exact forms. I have put "-" in the front and the end of it just to see if there are any whitespaces next to the email value.
Please reply with a compare result. thank you.