I have a php script that limits the amount of times people can download content on my site. I found this script by google searching and changed it a bit to get it working for me.
The problem is I don't know anything really about php. The first part of the script checks the referring page. When I copied the php script, it was set up to check a single URL. My problem is I want to reference the php script from multiple pages, because one page has flash on it, and another page I created for mobile phones that don't have flash. Because of this, the link only works on one page - the page with the url I replace in the script.
My question is, what is the code to include multiple URLs in the reference check? I don't know if it's something very simple, or if it's even possible.
Below is the part of the php script which checks the referring URL, and then proceeds to login to mySQL DB to begin the download.
$referer = $_SERVER['HTTP_REFERER'];
$keymatch= $_SESSION['key'];
$pass='key';
$md5value= md5($pass);
if (($referer=="my url containing php script link")&& ($keymatch==$md5value)) {
$username = "user";
$password = "password";
$hostname = "host";
$database = "database";
$dbhandle = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
$selected = mysql_select_db($database,$dbhandle)
or die("Could not select $database");
Thanks in advance for any help.
-Richard
Rather than checking referer matches on one link:
if (($referer=="my url containing php script link")...
Create an array of links and match against that:
$referers = array('link1', 'link2','link3');
if((in_array($referer, $referers)...
Related
I'd like to know if I can use PHP in order to get data from a MySQL database. A fraction of the code can be seen here:
<?php
$servername = "localhost";
$username = "root";
$password = "pass";
$dbname = "name";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT aa, bb, cc FROM data";
$result = $conn->query($sql);
...
?>
This is placed inside an HTML file in the Play Framework folder "views", and is properly loaded by the controller, but when it loads, it just shows me the code as if it were text, and not code or the action that would be supposed to do, so it is like it does not recognise it. How can I solve it?
No, you cannot use PHP inside templates, Play doesn't parse PHP at all, actually it doesn't even know there is something like PHP.
P.S. Trying to reuse PHP code in your Java app will be much more difficult than learning the valid approach with Java only, see answer for similar post (it's about MySQL raw access, not PHP integration) which you can reuse in several minutes: https://stackoverflow.com/a/31118795/1066240
As bjfletcher mentioned you would need to configure both runtimes to be able work with Java and PHP at one server but it will NOT allow you for using PHP in Play's templates anyway! so it doesn't make deeper sense.
Play doesn't know PHP.
You need two runtimes:
Play runtime
PHP runtime
and use HTTP for integration. For example, if PHP code is on http://localhost/products then Play would send a GET request to this URL for a response. Play can then use this response to do whatever you want.
For example:
def index() = Action {
WS.get("http://localhost/products").get.map { resp =>
Ok(views.html.index(resp.body))
}
}
then in your view template:
#(resp: String)
<h1>Products</h1>
#resp
Best thing to do is write it totally in php. Forget about using the bloated playframework and trying to figure out all the connections that you would have to make to tie it all together.
I'm thinking about a concept of how can I serve file/video without exposing the real path/url. What I have in mind is something like a database table which is composed of a hash and equivalent url like this:
id: 1
hash: ABCDEF
realurl: http://site.tld/folders/videos/myvideo.mp4
Then, the video links are hidden by php like this:
http://site.tld/stream.php?video=ABCDEF
so that whenever I call the above url, it serves the file from realurl in database without the realurl being exposed to viewer since they are streaming the file/video through the stream.php
Any help would be appreciated.
EDIT: Here's what I did so far, still can't make it work. I wonder if I'm on the right way.
<?php
$video = $_GET['video'];
$username = "username";
$password = "xxxxxxxxxxx";
$hostname = "localhost";
$database = "stream";
$dbhandle = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
$selected = mysql_select_db($database,$dbhandle)
or die("Could not select $database");
$path = mysql_query("SELECT `realurl` FROM `stream` WHERE `hash`=’$video")
or die(mysql_error());
readfile($path);
mysql_close($dbhandle);
?>
Your solution would work.
Assuming that your URLs will be permanent, make sure you backup your database so that in case of crash or data loss, you are able to re-point your dynamic URLs to the correct video files.
I am working on a Joomla website and we are running jomsocial, my question is about the database connection using JFactory. Currently I need information from a database table that is not part of jomsocial so I have to get in the database from a specific page, and I'm doing it wrong. Only because I can't figure out how to make the right way work, so I'm asking here for help. Currently I am just using regular php and mysql_connect.. my DB connection looks like...
$db_host = 'localhost';
$db_user = 'xxxxxxxx';
$db_pass = 'xxxxxxxx';
$db_database = 'xxxxxxxx';
$link = mysql_connect($db_host,$db_user,$db_pass) or die('Not connected');
mysql_select_db($db_database,$link);
$user = CFactory::getUser($userid);
$user_plan = mysql_query("SELECT blah FROM blah WHERE blah = '".$user->id."'");
$user_plan_row = mysql_fetch_array($user_plan);
And this works, even though its wrong. What I want to do is use
JFactory::getDbo();
I have found this page which describes the syntax well I think, but I can not implement any of the methods described without breaking the page...
Any Ideas or help is greatly appreciated, as it stands right now I have all my secure information in the file and I don't want that I want to use the correct method, because when it comes time to move the site I'm going to have to go change each one of these manually instead of just changing the config file like usual.
The resource you linked to seems fine to me , you will need to post some specific errors.
I am programming a game in PHP and have the following code to connect to a database
//$sqldb=mysql_connect('godaddy.hostedresource.com', 'godaddyUserName', 'godaddyPassword') OR die ('Unable to connect to database! Please try again later.');
$sqldb=mysql_connect('localhost', 'root', 'mypassword') OR die ('Unable to connect to database! Please try again later.');
The trick here is that if I am on the production server I comment out the godaddy database; when I upload the code to the server I then comment out the localhost code instead.
Unfortunately the ineveitable has happened and I uploaded the code with the wrong connection commented out; this led to 24 hours of locked out customers! :(
Is there a way to have the code to tell if it is on the localhost server, and if it isn't it then looks for the godaddy connection?
you can try this to identify if its on live or localhost
if($_SERVER["SERVER_NAME"] == "localhost"
&&
$_SERVER["SERVER_ADDR"] == "127.0.0.1"){
// in localhost
$hostname = "localhost";
$username = "localuser";
$password = "localpassword";
}else{
// not in localhost
$hostname = "livehost";
$username = "liveuser";
$password = "livepassword";
}
and fail if couldn't connect to database but save the error into a file.
if(!mysql_connect($hostname,$username,$password)){
file_put_contents("mysql_connect.error",mysql_error(),FILE_APPEND);
die("Couldn't connect to database");
}
a suggestion, try not to use mysql_* anymore, switch to PDO or mysqli ..
if ($_SERVER['SERVER_NAME'] == 'the.name.of.your.devel.server') {
$host = 'localhost';
} else {
$host = 'name.of.godaddy.server';
}
$sqldb = mysql_connect($host, ....);
i normally use a method of obtaining the URL / domain of the site? This can work in certain situations and setups. Otherwise if your operating with a fixed IP than you can also use this method
Have a look over the methods using $_SERVER
PHP $_SERVER
One way would be for you to check your external IP address and see where you are. A solution should present itself by looking at the properties inside the $_SERVER global variable.
I have a good suggestion : You coding a game , game is a big program, you don't use mysql* function directly in big program , because yourself should handling them, such as error handling.i suggest you use a DB-Handler. please google for : DB-Handler PHP
As has been mentioned by other people, you can obtain the current site your script is running on using the $_SERVER variable. However, I would like to provide an alternative solution.
You could make a folder in your website (both local and production), something like config, then store a configuration file in it, for example config.php, with the following:
<?php
// Local
$db_host = 'localhost';
$db_username = 'root';
$db_password = 'mypassword';
?>
And for production:
<?php
// Production
$db_host = 'godaddy.hostedresource.com';
$db_username = 'godaddyUserName';
$db_password = 'godaddyPassword';
?>
and disallow access to the directory with a .htaccess file in the directory, something like:
deny from all
Then, in your PHP code, do the following:
<?php
require_once($_SERVER["DOCUMENT_ROOT"] . "/config/config.php");
$sqldb=mysql_connect($db_host, $db_username, $db_password) OR die ('Unable to connect to database! Please try again later.');
?>
Now, simply leave the different configuration files where they're at and upload everything else, so your code will access different configuration files whenever it runs.
Also, the .htaccess file should prevent anyone from accessing the file via HTTP, and having the file contents in PHP tags, as well as a .php extension should prevent anyone from seeing any contents if they were able to access the file (PHP would parse the file before it is rendered, and would output nothing).
I have to return data fetched from MySQL table into a php file as JSON. Here is my code to connect to mysql & get data from it. How could now I return it as JSON.
<?php
$username = "user";
$password = "********";
$hostname = "localhost";
$dbh = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
print "Connected to MySQL<br>";
$selected = mysql_select_db("spec",$dbh)
or die("Could not select first_test");
//$rows = array();
$query = "SELECT * FROM user_spec";
$result=mysql_query($query);
//mysql_close($dbh);
?>
Under is full stack that I have to implement. For step 3, I am rendering the list dynamically using user inputs though its not using any engine but directly using input values so I have to see it how to do once I get JSON data. I put the stack so that you people can kindly see it what I have to do when possibly helping me.
the user load an HTML page
the page make an ajax call and get the options as a JSON(either it exists already in the database, or a new option set is generated)
the json is rendered using a JS templating engine (PURE in our case)
the user change something
the same JSON is modified and sent by a POST to the server
the server read that JSON and store it in the database(you would write the data to your file). And then go back to the step 4, to wait for another user change.
Given that only one user_spec row is returned you can use the built in json_encode function:
<?php
$username = "user";
$password = "********";
$hostname = "localhost";
$dbh = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
//print "Connected to MySQL<br>";
$selected = mysql_select_db("spec",$dbh)
or die("Could not select first_test");
$query = "SELECT * FROM user_spec";
$result=mysql_query($query);
echo json_encode(mysql_fetch_assoc($result));
?>
Should do the trick.
Even if you are using an older version of PHP, you can find a suitable function in the user comments at the json_encode PHP Manual page to use in it's place.
I think what your looking for is json_encode
Unless you're like me using a painfully old version of Symfony (for your sake, I hope not!) your answer is json_encode Zend and CodeIgniter have similar other easy methods.
If you're not lucky enough to have access to that, you can build it manually via foreach loop.
You can check your JSON strings using JSONlint