I've started using PHP lately... all is good except one thing.
I am trying to call a function from another php file... but it's not working.
It's probably really simple, but I haven't found anything useful to solve it.
I've used "required_once " but it still does not work.
Does anyone know where I'm going wrong?
<?php
require_once "/Applications/MAMP/htdocs/me/database_functions.php";
require_once "/Applications/MAMP/htdocs/me/encode_decode.php";
if (isset($_POST['url']) && $_POST['url'] != "http://")
{
//Get the url posted
$long_url = $_POST['url'];
//Create record in long_url table and return it's id
$long_id = create_long_url($long_url);
Everything works so far.. But
the problem is this next function call.. it doesn't even go into the function.
$short_url = $encode($long_id);
}...............etc...
encode_decode.php looks a bit like this...
<?php //encode_decode.php
function encode($number)
{
echo "<br />in encode";
//Encode numer to 6 char
$s = strtr(rtrim(base64_encode(pack('i', $number)), '='), '+/', '-_');
echo $s;
return $s;
}
Any help is greatly appreciated...
You don't need the $ before your function call
$short_url = $encode($long_id);
should be
$short_url = encode($long_id);
The dollar sign would only be needed if the function is stored in a variable (which it isn't).
$short_url = encode($long_id);
remove the dollar sign from in front of the function. a dollar sign in PHP indicates a variable
As all others have said:
$short_url = encode($long_id);
But also you could clean up your require_once statements:
define('DS', DIRECTORY_SEPARATOR);
require_once(dirname(__FILE__) . DS . 'database_functions.php');
require_once(dirname(__FILE__) . DS . 'encode_decode.php');
Instead of the define() and reference to DS you could of course just prefix your file names with '/'. This also assumes your files are relative (but if not just prefix the folder to the filename) - this would make sure you don't get any problems if you move your site from different servers (i.e., testing, production).
Related
I have done integration with Quick-Books online using quick-books sdk from this link: https://github.com/consolibyte/quickbooks-php.
Everything works perfectly except one issue.
The issue is, when I retrieve Items from quick-books, it returns "Non Inventory" items as "service".
I have read different topics which state that I will have to shift to minor version 4 to resolve the issue.
But I can't find a way of how I can make my current SDK to use minor version 4 or above.
Any help will be appreciated.
For those who have similar issue, I have found a workaround and sharing it for others to benefit if they want:
open the file quickbook_sdk\QuickBooks\IPP\Service.php
Find the following function protected function _query($Context, $realmID, $query)
Replace the following code
$return = $IPP->IDS($Context, $realmID, null, QuickBooks_IPP_IDS::OPTYPE_QUERY, urlencode($query));
With
$query = urlencode($query);
$query .= "&minorversion=4";
$return = $IPP->IDS($Context, $realmID, null, QuickBooks_IPP_IDS::OPTYPE_QUERY, $query);
Note: I was querying Items, so this workaround may only be beneficial in case of getting data through query.
UPDATE:
if you want to add / update items to QuickBooks online with item type NonInventory, You need to modify the following code in your quickbook_sdk/QuickBooks/IPP.php file.
Find function named function _IDS_v3 and inside that function find the following condition
if ($optype == QuickBooks_IPP_IDS::OPTYPE_ADD or $optype == QuickBooks_IPP_IDS::OPTYPE_MOD)
{
$post = true;
$url = $this->baseURL() . '/company/' . $realm . '/' . strtolower($resource);
$xml = $xml_or_query;
}
Replace it with
if ($optype == QuickBooks_IPP_IDS::OPTYPE_ADD or $optype == QuickBooks_IPP_IDS::OPTYPE_MOD)
{
$post = true;
$url = $this->baseURL() . '/company/' . $realm . '/' . strtolower($resource);
$xml = $xml_or_query;
$url .= "?minorversion=4"; // this is the only addition
}
For those who use the official php sdk from Intuit, in the root folder you'll find the file sdk.config. Edit <minorVersion>3</minorVersion>.
If you go to the official PHP SDK:
https://github.com/intuit/QuickBooks-V3-PHP-SDK
You will see that you can use:
$dataService->setMinorVersion("4");
to set the minor version you want to use before making the HTTP call.
while($x<=$num_of_cpkgs){
$cpkg_navtray = '\'' . $cpkg_array[$x] . '.html\'';
include $cpkg_navtray;
$x++;
}
I'm getting an error when I try this ... it works when I manually include the same value however ... for example, if $cpkg_navtray = 'test.html', I'm getting an error; however, when I directly include 'test.html' like include 'test.html';, it works. Why?
You dont need quotes in filename variable -
$cpkg_navtray = $cpkg_array[$x] . '.html';
Looking same Question but tag and desire different: Jut do these, just a simple concatenate.
while($x<=$num_of_cpkgs){
$cpkg_navtray = $cpkg_array[$x].'.html';
include $cpkg_navtray;
$x++;
}
Is it secure to use the following code:
require($_SERVER['DOCUMENT_ROOT'] . "/pages/" . $_GET['page'] . ".php")
No, it is not secure. Why?
Because sequence of two dots /../ means one directory back and the attacker could potentially include anything on your system, even above $_SERVER['DOCUMENT_ROOT']. (In an unfortunate configuration that means secret/sensitive OS config files.)
You have to IF or SWITCH for the allowed values to prevent malicious input. Example:
switch($_GET['page']) {
case 'welcome': $page='welcome';
case 'shop': $page='shop';
default: $page='index';
}
require($_SERVER['DOCUMENT_ROOT'] . "/pages/" . $page . ".php")
Also check out in_array() for a little easier filtration.
StackOverflow has a useful Q&A for how to sanitize user input with PHP. It's a few years old, but the principles haven't changed at all.
The quick answer is: if you can avoid the problem in the first place, you're better off.
Show us how you're trying to use this, and we may be able to offer suggestions for improvement.
It's not secure. You can use array with allowed values.
For example
$allowed_pages = array('index', 'test', 'my_page')
if (!in_array($_GET['page'], $allowed_pages)){
echo 'good bye';
die();
} else {
//
}
If you trust all the files in the pages dir try:
if (in_array($_GET['page'],glob("/pages/*.php"))) {
require($_SERVER['DOCUMENT_ROOT'] . "/pages/" . $_GET['page'] . ".php");
} else echo "Nice try hacker!";
Here's another solution using parts of a function I use to clean uploaded filenames:
OPTION #2 thanks Daniel, Rok!
$page = preg_replace('/[^a-zA-Z0-9_ %\[\]\.\(\)%&-]/s', '', $_GET['page']);
$filename = $_SERVER['DOCUMENT_ROOT'] . "/pages/" . str_replace("/",'',$page) . ".php";
if (file_exists($filename)) {
require($filename);
} else echo "Nice try hacker!";
Note that this will only work if there are no special characters in your file names
use regExp to check your $_GET['page']!
I have to define two variables:
<?php
$path = 'http://' . $_SERVER['SERVER_NAME'] . '/root/images/folderX/';
$files = scandir('images/folderX/');
?>
In the place of 'folderX' I should use a dynamic value, which comes from a query, like
<?php echo $row_rsQuery["item_name"];?>
How can it be done?
I'm not too familiar with php, and I will perhaps never learn it (..too old..), but I solve most of my problems with Dreamweaver, however the above problem is beyond its (and my) capabilities...
String concatenation (appending one string to another) is done via the . operator:
$files = scandir('images/'.$row_rsQuery["item_name"]);
$path = 'http://' . $_SERVER['SERVER_NAME'] . '/root/images/'.$row_rsQuery["item_name"].'/';
$files = scandir('images/'.$row_rsQuery["item_name"].'/');
I am suffering from a problem while i take the current url of the page and spliting them into parts and then checking for the index.php phrase.So far i have done this:
<?php
$domain=$_SERVER['REQUEST_URI'];
$values = parse_url($domains);
$path = explode('/',$values['path']);
if(array_search($path[2], "index.php"))
{
echo "hello";
}
?>
but its not working so guys help me out and thank you in advance coz i know i will be satisfied by your answers.
Try this:
$pathToFile = $_SERVER['PHP_SELF'];
$currentFilename = substr($pathToFile, strrpos($pathToFile, '/') + 1);
if($currentFilename == 'index.php')
{
echo 'This file is index.php!';
}
$_SERVER['PHP_SELF'] is the path to the current file on the local system. Since you don't care about the domain name or the query string, this is easier.
strrpos($pathToFile, '/') gets the index of the last occurrence of / in $pathToFile.
substr($pathToFile, strrpos($pathToFile, '/') + 1) get the portion of $pathToFile starting with the character after the index found by strrpos() in step 2.
You should be left with only the filename in $currentFilename, which you can compare with whatever you choose.
Note that this will match any index.php file, not just the one at your domain root. For example, if your site is located at http://example.com, http://example.com/subdir/index.php would also be true for $currentFilename == 'index.php'. If that's not what you want, you'd do it a little differently.
Use this:
$domain=$_SERVER['REQUEST_URI'];
$path = explode('/',$domain);
if(array_search($path[2], "index.php"))
{
echo "hello";
}
I'm not sure what parse_url() is, but it didn't seem to do anything in your code.