Search Results

Search found 31672 results on 1267 pages for 'php b grader'.

Page 121/1267 | < Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >

  • Php security question

    - by Camran
    I have a linux server, and I am about to upload a classifieds website to it. The website is php based. That means php code adds/removes classifieds, with the help of the users offcourse. The php-code then adds/removes a classified to a database index called Solr (like MySql). Problem is that anybody can currently access the database, but I only want the website to access the database (solr). Solr is on port 8983 as standard btw. My Q is, if I add a rule in my firewall (iptables), to only allow connections coming from the servers IP to the Solr port nr, would this solve my issue? Thanks

    Read the article

  • send javaScript variable to php variable

    - by mrbunyrabit
    First i thought that i had to convert javascript to php, but then i found out that cant because of server and client side executions. So now I simply want to send ONE variable <script type="text/javascript"> function scriptvariable() { var theContents = "the variable"; } </script> to a php variable <?php $phpvariable ?> That function in the javascript executes when lets say i click on a button. Now i have Nooo idea how to get that phpvariable Equal to the javascript one so i can use that phpvariable to look up stuff in my Database. I know i can add it to my url or some thing, and just refresh the page.. But id like to do it with AJAX as further in my webpage i might have to use this Ajax method.. So is there an easy way to do this without having to dump pages of code on my page to do one simple thing?

    Read the article

  • php/mySQL error: mysql_num_rows(): supplied argument is not a valid MySQL result

    - by Michael Robinson
    I'm trying to INSERT INTO a mySQL database and I'm getting this error on: if (mysql_num_rows($login) == 1){ Here is the php, The php does add the user to the database. I can't figure it out. <? session_start(); require("config.php"); $u = $_GET['username']; $pw = $_GET['password']; $pwh = $_GET['passwordhint']; $em = $_GET['email']; $zc = $_GET['zipcode']; $check = "INSERT INTO family (loginName, email, password, passwordhint, location) VALUES ('$u', '$pw', '$pwh', '$em', '$zc')"; $login = mysql_query($check, $link) or die(mysql_error()); if (mysql_num_rows($login) == 1) { $row = mysql_fetch_assoc($login); echo 'Yes';exit; } else { echo 'No';exit; } mysql_close($link); ?> Thanks,

    Read the article

  • Php inside javascript function

    - by jasminder
    What i am trying to do is inside script tags run javascript inside the php loops. For example: <script> $('#mydiv').mouseover(function(){ time(); function time(){ <?php $secs = 45; $secs--; if($secs <= 25){ ?>//javascript code here } }); </script> My main purpose is when the user mouseover a div, a javascript function runs and inside that javascript function there is php if conitions. If the time is less then 25 then do a specified javascript code. then another condition if the time is less that 10 then do another javascript function.Any type of help will be appreciated. THanks

    Read the article

  • PHP oop build array

    - by Industrial
    Hi! If I would need to build up an array with OOP based PHP, would this be the proper way to do it? class MyClass { $array = array(); function addElement($value) { $this->array[] = $value; } function fetch() { $return = $this->memcached->getMulti($this->array); return $return; } } PHP file where it will be used: <?php $this->myClass->addElement('key1'); $this->myClass->addElement('key1'); $this->myClass->addElement('key1'); $var = $this->myClass->fetch(); Thanks a lot

    Read the article

  • How to store and retrieve pictures using PHP?

    - by user1276898
    I am building a webpage using PHP to search within my database. I am able to do a query and get the data to show on my page. I also have a picture that is related to each record. Let's say something like a picture ID for each employee. I am wondering what is the best way to store and retrieve pictures in order to get it show using PHP. Is there a way to store all the pictures in the subfolder like " image" and retrieve the pictures using PHP? I tried to search around on the internet, but I get confused. Also, when I type something in the search box and click the button, is there a way to keep the input in the search box without erasing it? Thank you very much.

    Read the article

  • new controller in oo php

    - by pradeep
    Hi , I have a practical doubt , I am using OO php , and i am new to it. I am using zend framework to be clear. I am writing controllers(class) and actions(methods) with in it say PatientMapper.php which has all single mysql table related actions and Patient.php which has all setter and getter functions. I get a doubt that when should i write a new controller. Should i write a controller for all the actions on a single mysql table . or a single controller for all actions related to a module.

    Read the article

  • Error in PHP with Mysql

    - by maltad
    Hello, Im starting to learn PHP. When I run the script it had an error that said: "Assigned Employee:resource(6) of type (mysql result)" . Please help me and sorry for my bad English Here is the code: include_once 'rnheader.php'; include_once 'rnfunctions.php'; echo ''; echo ' Assigned Employee:'; $query = "SELECT UserName FROM employee where Classification_ClassificationID = '2'"; $result = queryMysql($query); if (!queryMysql($query)) { echo "Query fail: $query" . mysql_error() . ""; } else { var_dump($result); exit; echo ''; // or name="toinsert[]" while ($row = mysqli_fetch_array($result)) { echo '' . htmlspecialchars($row['UserName']) . ''; } } echo ''; ?

    Read the article

  • jQuery/JSON/PHP failing

    - by user730936
    I am trying to call a php script that accepts JSON data, writes it into a file and returns simple text response using jQuery/AJAX call. jQuery code : $("input.callphp").click(function() { var url_file = myurl"; $.ajax({type : "POST", url : url_file, data : {'puzzle': 'Reset!'}, success : function(data){ alert("Success: " + data); }, error : function (data) { alert("Error: " + data); }, dataType : 'text' }); }); PHP Code : <?php $thefile = "new.json"; /* Our filename as defined earlier */ $towrite = $_POST["puzzle"]; /* What we'll write to the file */ $openedfile = fopen($thefile, "w"); fwrite($openedfile, $towrite); fclose($openedfile); echo "<br> <br>".$towrite; ?> However, the call is never a success and always gives an error with an alert "Error : [Object object]".

    Read the article

  • How to include file from seperate remote folder in Netbeans (PHP Development)

    - by webworm
    I have a PHP project setup in Netbeans (v6.8) where all the PHP files are on a remote server and in a single directory. Whenever I save files locally they are updated on the remote server via SFTP. I now need to edit a remote JavaScript file to add some jQuery logic but the file is located within a different directory on the webserver. How to I add this JavaScript file such that when it is saved or updated it is transferred to it's own location on the server? When I attempt to create the file locally within NetBeans it saves to the same directory as my PHP files. I would like to be able to continue using NetBeans rather than doing this all manually using an SFTP client and a text editor. Thanks in advance.

    Read the article

  • PHP Inotify Non-blocking way

    - by demic0de
    I am reading a file in linux which is a log file that keeps on updating weather the file has changed and output it to the webpage. i do it using php inotify but my problem is that it is blocking. How can i make php inotify non-blocking so i can do other stuff while it is monitoring the text file?. <?php $fd = inotify_init(); $watch_descriptor = inotify_add_watch($fd, '/tmp/temp.txt', IN_MODIFY); touch('/tmp/temp.txt'); $events = inotify_read($fd); $contents = file_get_contents('/tmp/temp.txt'); echo $contents; inotify_rm_watch($fd, $watch_descriptor); fclose($fd) ?> Or can i do this in java?..Thanks.

    Read the article

  • PHP Variable Passing in Foreach on same page

    - by tooly228
    I've been struggling this for a while and I simply can't figure this out. Here is my code: <?php foreach($list as $id =>$name) { echo("<td style=\"vertical-align:middle;\"> <a href=\"item=$id#confirm\" role=\"button\" data-toggle=\"modal\"> Buy</a></td></tr>"); }?> <html> <div class="modal small hide fade" id="confirm" tabindex="-1" role="dialog" aria- labelledby="myModalLabel" aria-hidden="true"> <a href="redeem.php?item=<?php echo $id; ?>"><button class="btn btn-danger"> Buy</button></a></div> The main issue here is that the $id from the foreeach is not the same as the $id in the div class link. Instead the link is the end value of the foreach list.

    Read the article

  • php help hiding navigation with cookie

    - by user342391
    I have these tabs on my navigation: <li<?php if ($thisPage=="Customers") echo " class=\"current\""; ?>><a href="/customers/">Customers</a></li> <li<?php if ($thisPage=="Trunks") echo " class=\"current\""; ?>><a href="/trunks/">Trunks</a></li> <li<?php if ($thisPage=="Settings") echo " class=\"current\""; ?>><a href="/settings/">Settings</a></li> and I only want to show them when admin is logged in: if ($_COOKIE['custid'] == "admin") { echo "Customers"; echo "Trunks"; echo "Settings"; } How can I combine the two of these scripts???

    Read the article

  • PHP echo in Javascript

    - by DonCroce
    I have this code: document.getElementById('root').style.left = '<?php echo $page_position[$info["os"]][$info["browser"]][0]; ?>'; document.getElementById('root').style.top = '<?php echo $page_position[$info["os"]][$info["browser"]][1]; ?>'; Why won't this work like this? Can anybody point me in the right direction? EDIT: <?php echo $page_position[$info["os"]][$info["browser"]][1]; ?> echoed "top:300px;" Sorry guys, very stupid error of mine :/

    Read the article

  • Access property from include inside a class method in PHP

    - by Jojo
    How do you make a class property available to the other included file inside the same class' method? // file A.php class A { private $var = 1; public function go() { include('another.php'); } } in another file: // this is another.php file // how can I access class A->var? echo $var; // this can't be right Is this possible given the scope. If var is an array then we can use extract but if var is not, we can wrap it in an array. Is there a better way? Thanks!

    Read the article

  • php calling classes functions in separate pages

    - by sys_debug
    I've worked with J2EE recently and like the idea of struts.xml where I can handle the redirection to pages based on return string from action classes. In PHP, in my new under-development site, I am trying to follow the MVC standards without an MVC framework used from the internet. So I create the controllers, models and views (empty now). The only thing I am really stuck at is when I submit the form in view (insert_product.php) then I will need to create another php page to handle the post data and pass them to controllers. Anyway of avoiding creating those pages and maybe having something like struts.xml? Even if I can post data directly to controller class, that would be good. Thanks,

    Read the article

  • PHP and Javascript cookies

    - by shummel7845
    Can I access a cookie written with jQuery's cookie plug-in with PHP? I know you can't set Javascript equal to PHP or vice versa, but IN ESSENCE is: $.cookie('var') = $_COOKIE['var']? Again, I know you can't set them equal to each other, but if I set it in jQuery and then go to another page, can PHP access it? I've read lots of posts about this, but I can't seem to find an answer to this part. Note, if I look in Firefox's preferences, I can see the cookies are there, so I know they're set.

    Read the article

  • how to get the value of an php array in jQuery

    - by user1933824
    i have a PHP code that will obtain the total images of a certain website via CURL, and put it inside an PHP loop. $z=1; for ($i=0;$i<=sizeof($images_array);$i++) { ....<img src = "$images_array[$i]" id="$z"> .. $z++; } a user can then scan through the array with a prev/next button and the current image being shown will be displayed in my $('$current_image').val(1); $.post("curl_fetch.php?url="+ extracted_url, { }, function(response){ $('#loader').html($(response).fadeIn('slow')); $('#current_image').val(1); // insert loop value in .val() when i click a button, i want to get the value of the array, and not the loop value $(function() { $(document).on('click','.submit', function () { var img = $('#current_image').val(); //get the array value, not the loop value alert(img); });}); now, how do i properly get the array value in my $('#current_image').val(1); in Jquery.

    Read the article

  • nginx, php-fpm, and multiple roots - how to properly try_files?

    - by Carson C.
    I have a server context which is rooted in a login application. The login application handles, well, logins, and then returns a redirect to "/app" on the same server if a login is successful. The application is rooted elsewhere, which is handled by the location block shown here: location ^~ /app { alias /usr/share/nginx/www/website.com/content/public; location ~ \.php$ { try_files $uri =404; fastcgi_pass unix:/tmp/php5-fpm.sock; include fastcgi_params; } } This works just fine, however the $uri getting passed to PHP still contains /app, even though I am using alias rather than root. Because of this, the try_files directive fails to a 404 unless I link app -> ./ in /usr/share/nginx/www/website.com/content/public. It's obviously silly to have that link in there, and if that link ever gets lost, bam dead website without an obvious cause. The next thing I tried... Was to remove the try_files directive entirely. This allowed me to rm the app link in my /public folder, and PHP had no problem locating the file and executing it. I used that to dump my $_SERVER global from PHP, and found that "SCRIPT_FILENAME" => "/usr/share/nginx/www/website.com/content/public/index.php" when the browser URI is /app. This is exactly right. Based on my fastcgi_params below, this led me to beleive that try_files $request_filename =404; should work, but no dice. nginx still doesn't find the file, and returns 404. So for right now, it will only work without any try_files directive. PHP finds the file, whereas try_files could not. I understand this may be a PHP security risk. Can anyone indicate how to move forward? The nginx logs don't contain anything relating to the failed try_files attempt, as far as I can see. fastcgi_aparams fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; fastcgi_param HTTPS $server_https;

    Read the article

  • Can't connect to SSL web service with WS-Security using PHP SOAP extension - certificate, complex WSDL

    - by BillF
    Using the PHP5 SOAP extension I have been unable to connect to a web service having an https endpoint, with client certificate and using WS-Security, although I can connect using soapUI with the exact same wsdl and client certificate, and obtain the normal response to the request. There is no HTTP authentication and no proxy is involved. The message I get is 'Could not connect to host'. Have been able to verify that I am NOT hitting the host server. (Earlier I wrongly said that I was hitting the server.) The self-signed client SSL certificate is a .pem file converted by openssl from a .p12 keystore which in turn was converted by keytool from a .jks keystore having a single entry consisting of private key and client certificate. In soapUI I did not need to supply a server private certificate, the only two files I gave it were the wdsl and pem. I did have to supply the pem and its passphrase to be able to connect. I am speculating that despite the error message my problem might actually be in the formation of the XML request rather than the SSL connection itself. The wsdl I have been given has nested complex types. The php server is on my Windows XP laptop with IIS. The code, data values and WSDL extracts are shown below. (The WSSoapClient class simply extends SoapClient, adding a WS-Security Username Token header with mustUnderstand = true and including a nonce, both of which the soapUI call had required.) Would so much appreciate any help. I'm a newbie thrown in at the deep end, and how! Have done vast amounts of Googling on this over many days, following many suggestions and have read Pro PHP by Kevin McArthur. An attempt to use classmaps in place of nested arrays also fell flat. The Code class STEeService { public function invokeWebService(array $connection, $operation, array $request) { try { $localCertificateFilespec = $connection['localCertificateFilespec']; $localCertificatePassphrase = $connection['localCertificatePassphrase']; $sslOptions = array( 'ssl' => array( 'local_cert' => $localCertificateFilespec, 'passphrase' => $localCertificatePassphrase, 'allow_self-signed' => true, 'verify_peer' => false ) ); $sslContext = stream_context_create($sslOptions); $clientArguments = array( 'stream_context' => $sslContext, 'local_cert' => $localCertificateFilespec, 'passphrase' => $localCertificatePassphrase, 'trace' => true, 'exceptions' => true, 'encoding' => 'UTF-8', 'soap_version' => SOAP_1_1 ); $oClient = new WSSoapClient($connection['wsdlFilespec'], $clientArguments); $oClient->__setUsernameToken($connection['username'], $connection['password']); return $oClient->__soapCall($operation, $request); } catch (exception $e) { throw new Exception("Exception in eServices " . $operation . " ," . $e->getMessage(), "\n"); } } } $connection is as follows: array(5) { ["username"]=> string(8) "DFU00050" ["password"]=> string(10) "Fabricate1" ["wsdlFilespec"]=> string (63) "c:/inetpub/wwwroot/DMZExternalService_Concrete_WSDL_Staging.xml" ["localCertificateFilespec"]=> string(37) "c:/inetpub/wwwroot/ClientKeystore.pem" ["localCertificatePassphrase"]=> string(14) "password123456" } $clientArguments is as follows: array(7) { ["stream_context"]=> resource(8) of type (stream-context) ["local_cert"]=> string(37) "c:/inetpub/wwwroot/ClientKeystore.pem" ["passphrase"]=> string(14) "password123456" ["trace"]=> bool(true) ["exceptions"]=> bool(true) ["encoding"]=> string(5) "UTF-8" ["soap_version"]=> int(1) } $operation is as follows: 'getConsignmentDetails' $request is as follows: array(1) { [0]=> array(2) { ["header"]=> array(2) { ["source"]=> string(9) "customerA" ["accountNo"]=> string(8) "10072906" } ["consignmentId"]=> string(11) "GKQ00000085" } } Note how there is an extra level of nesting, an array wrapping the request which is itself an array. This was suggested in a post although I don't see the reason, but it seems to help avoid other exceptions. The exception thrown by ___soapCall is as follows: object(SoapFault)#6 (9) { ["message":protected]=> string(25) "Could not connect to host" ["string":"Exception":private]=> string(0) "" ["code":protected]=> int(0) ["file":protected]=> string(43) "C:\Inetpub\wwwroot\eServices\WSSecurity.php" ["line":protected]=> int(85) ["trace":"Exception":private]=> array(5) { [0]=> array(6) { ["file"]=> string(43) "C:\Inetpub\wwwroot\eServices\WSSecurity.php" ["line"]=> int(85) ["function"]=> string(11) "__doRequest" ["class"]=> string(10) "SoapClient" ["type"]=> string(2) "->" ["args"]=> array(4) { [0]=> string(1240) " DFU00050 Fabricate1 E0ByMUA= 2010-10-28T13:13:52Z customerA10072906GKQ00000085 " [1]=> string(127) "https://services.startrackexpress.com.au:7560/DMZExternalService/InterfaceServices/ExternalOps.serviceagent/OperationsEndpoint1" [2]=> string(104) "/DMZExternalService/InterfaceServices/ExternalOps.serviceagent/OperationsEndpoint1/getConsignmentDetails" [3]=> int(1) } } [1]=> array(4) { ["function"]=> string(11) "__doRequest" ["class"]=> string(39) "startrackexpress\eservices\WSSoapClient" ["type"]=> string(2) "->" ["args"]=> array(5) { [0]=> string(1240) " DFU00050 Fabricate1 E0ByMUA= 2010-10-28T13:13:52Z customerA10072906GKQ00000085 " [1]=> string(127) "https://services.startrackexpress.com.au:7560/DMZExternalService/InterfaceServices/ExternalOps.serviceagent/OperationsEndpoint1" [2]=> string(104) "/DMZExternalService/InterfaceServices/ExternalOps.serviceagent/OperationsEndpoint1/getConsignmentDetails" [3]=> int(1) [4]=> int(0) } } [2]=> array(6) { ["file"]=> string(43) "C:\Inetpub\wwwroot\eServices\WSSecurity.php" ["line"]=> int(70) ["function"]=> string(10) "__soapCall" ["class"]=> string(10) "SoapClient" ["type"]=> string(2) "->" ["args"]=> array(4) { [0]=> string(21) "getConsignmentDetails" [1]=> array(1) { [0]=> array(2) { ["header"]=> array(2) { ["source"]=> string(9) "customerA" ["accountNo"]=> string(8) "10072906" } ["consignmentId"]=> string(11) "GKQ00000085" } } [2]=> NULL [3]=> object(SoapHeader)#5 (4) { ["namespace"]=> string(81) "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" ["name"]=> string(8) "Security" ["data"]=> object(SoapVar)#4 (2) { ["enc_type"]=> int(147) ["enc_value"]=> string(594) " DFU00050 Fabricate1 E0ByMUA= 2010-10-28T13:13:52Z " } ["mustUnderstand"]=> bool(true) } } } [3]=> array(6) { ["file"]=> string(42) "C:\Inetpub\wwwroot\eServices\eServices.php" ["line"]=> int(87) ["function"]=> string(10) "__soapCall" ["class"]=> string(39) "startrackexpress\eservices\WSSoapClient" ["type"]=> string(2) "->" ["args"]=> array(2) { [0]=> string(21) "getConsignmentDetails" [1]=> array(1) { [0]=> array(2) { ["header"]=> array(2) { ["source"]=> string(9) "customerA" ["accountNo"]=> string(8) "10072906" } ["consignmentId"]=> string(11) "GKQ00000085" } } } } [4]=> array(6) { ["file"]=> string(58) "C:\Inetpub\wwwroot\eServices\EnquireConsignmentDetails.php" ["line"]=> int(44) ["function"]=> string(16) "invokeWebService" ["class"]=> string(38) "startrackexpress\eservices\STEeService" ["type"]=> string(2) "->" ["args"]=> array(3) { [0]=> array(5) { ["username"]=> string(10) "DFU00050 " ["password"]=> string(12) "Fabricate1 " ["wsdlFilespec"]=> string(63) "c:/inetpub/wwwroot/DMZExternalService_Concrete_WSDL_Staging.xml" ["localCertificateFilespec"]=> string(37) "c:/inetpub/wwwroot/ClientKeystore.pem" ["localCertificatePassphrase"]=> string(14) "password123456" } [1]=> string(21) "getConsignmentDetails" [2]=> array(1) { [0]=> array(2) { ["header"]=> array(2) { ["source"]=> string(9) "customerA" ["accountNo"]=> string(8) "10072906" } ["consignmentId"]=> string(11) "GKQ00000085" } } } } } ["previous":"Exception":private]=> NULL ["faultstring"]=> string(25) "Could not connect to host" ["faultcode"]=> string(4) "HTTP" } Here are some WSDL extracts (TIBCO BusinessWorks): <xsd:complexType name="TransactionHeaderType"> <xsd:sequence> <xsd:element name="source" type="xsd:string"/> <xsd:element name="accountNo" type="xsd:integer"/> <xsd:element name="userId" type="xsd:string" minOccurs="0"/> <xsd:element name="transactionId" type="xsd:string" minOccurs="0"/> <xsd:element name="transactionDatetime" type="xsd:dateTime" minOccurs="0"/> </xsd:sequence> </xsd:complexType> <xsd:element name="getConsignmentDetailRequest"> <xsd:complexType> <xsd:sequence> <xsd:element name="header" type="prim:TransactionHeaderType"/> <xsd:element name="consignmentId" type="prim:ID" maxOccurs="unbounded"/> </xsd:sequence> </xsd:complexType> </xsd:element> <xsd:element name="getConsignmentDetailResponse"> <xsd:complexType> <xsd:sequence> <xsd:element name="consignment" type="freight:consignmentType" minOccurs="0" maxOccurs="unbounded"/> </xsd:sequence> </xsd:complexType> </xsd:element> <xsd:element name="getConsignmentDetailRequest"> <xsd:complexType> <xsd:sequence> <xsd:element name="header" type="prim:TransactionHeaderType"/> <xsd:element name="consignmentId" type="prim:ID" maxOccurs="unbounded"/> </xsd:sequence> </xsd:complexType> </xsd:element> <xsd:element name="getConsignmentDetailResponse"> <xsd:complexType> <xsd:sequence> <xsd:element name="consignment" type="freight:consignmentType" minOccurs="0" maxOccurs="unbounded"/> </xsd:sequence> </xsd:complexType> </xsd:element> <wsdl:operation name="getConsignmentDetails"> <wsdl:input message="tns:getConsignmentDetailsRequest"/> <wsdl:output message="tns:getConsignmentDetailsResponse"/> <wsdl:fault name="fault1" message="tns:fault"/> </wsdl:operation> <wsdl:service name="ExternalOps"> <wsdl:port name="OperationsEndpoint1" binding="tns:OperationsEndpoint1Binding"> <soap:address location="https://services.startrackexpress.com.au:7560/DMZExternalService/InterfaceServices/ExternalOps.serviceagent/OperationsEndpoint1"/> </wsdl:port> </wsdl:service> And here in case it's relevant is the WSSoapClient class: <?PHP namespace startrackexpress\eservices; use SoapClient, SoapVar, SoapHeader; class WSSoapClient extends SoapClient { private $username; private $password; /*Generates a WS-Security header*/ private function wssecurity_header() { $timestamp = gmdate('Y-m-d\TH:i:s\Z'); $nonce = mt_rand(); $passdigest = base64_encode(pack('H*', sha1(pack('H*', $nonce).pack('a*', $timestamp).pack('a*', $this->password)))); $auth = ' <wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <wsse:UsernameToken> <wsse:Username>' . $this->username . '</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">' . $this->password . '</wsse:Password> <wsse:Nonce>' . base64_encode(pack('H*', $nonce)).'</wsse:Nonce> <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">' . $timestamp . '</wsu:Created> </wsse:UsernameToken> </wsse:Security> '; $authvalues = new SoapVar($auth, XSD_ANYXML); $header = new SoapHeader("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security",$authvalues, true); return $header; } // Sets a username and passphrase public function __setUsernameToken($username,$password) { $this->username=$username; $this->password=$password; } // Overwrites the original method, adding the security header public function __soapCall($function_name, $arguments, $options=null, $input_headers=null, $output_headers=null) { try { $result = parent::__soapCall($function_name, $arguments, $options, $this->wssecurity_header()); return $result; } catch (exception $e) { throw new Exception("Exception in __soapCall, " . $e->getMessage(), "\n"); } } } ?> Update: The request XML would have been as follows: <?xml version="1.0" encoding="UTF-8"?> <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://startrackexpress/Common/Primitives/v1" xmlns:ns2="http://startrackexpress/Common/actions/externals/Consignment/v1" xmlns:ns3="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <SOAP-ENV:Header> <wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <wsse:UsernameToken> <wsse:Username>DFU00050</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Fabricate1</wsse:Password> <wsse:Nonce>M4FIeGA=</wsse:Nonce> <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2010-10-29T14:05:27Z</wsu:Created> </wsse:UsernameToken> </wsse:Security> </SOAP-ENV:Header> <SOAP-ENV:Body><ns2:getConsignmentDetailRequest> <ns2:header><ns1:source>customerA</ns1:source><ns1:accountNo>10072906</ns1:accountNo></ns2:header> <ns2:consignmentId>GKQ00000085</ns2:consignmentId> </ns2:getConsignmentDetailRequest></SOAP-ENV:Body> </SOAP-ENV:Envelope> This was obtained with the following code in WSSoapClient: public function __doRequest($request, $location, $action, $version) { echo "<p> " . htmlspecialchars($request) . " </p>" ; return parent::__doRequest($request, $location, $action, $version); }

    Read the article

  • PHP: Proper way of using a PDO database connection in a class

    - by Cortopasta
    Trying to organize all my code into classes, and I can't get the database queries to work inside a class. I tested it without the class wrapper, and it worked fine. Inside the class = no dice. What about my classes is messing this up? class ac { public function dbConnect() { global $dbcon; $dbInfo['server'] = "localhost"; $dbInfo['database'] = "sn"; $dbInfo['username'] = "sn"; $dbInfo['password'] = "password"; $con = "mysql:host=" . $dbInfo['server'] . "; dbname=" . $dbInfo['database']; $dbcon = new PDO($con, $dbInfo['username'], $dbInfo['password']); $dbcon->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $error = $dbcon->errorInfo(); if($error[0] != "") { print "<p>DATABASE CONNECTION ERROR:</p>"; print_r($error); } } public function authentication() { global $dbcon; $plain_username = $_POST['username']; $md5_password = md5($_POST['password']); $ac = new ac(); if (is_int($ac->check_credentials($plain_username, $md5_password))) { ?> <p>Welcome!</p> <!--go to account manager here--> <?php } else { ?> <p>Not a valid username and/or password. Please try again.</p> <?php unset($_POST['username']); unset($_POST['password']); $ui = new ui(); $ui->start(); } } private function check_credentials($plain_username, $md5_password) { global $dbcon; $userid = $dbcon->prepare('SELECT id FROM users WHERE username = :username AND password = :password LIMIT 1'); $userid->bindParam(':username', $plain_username); $userid->bindParam(':password', $md5_password); $userid->execute(); print_r($dbcon->errorInfo()); $id = $userid->fetch(); Return $id; } } And if it's any help, here's the class that's calling it: require_once("ac/acclass.php"); $ac = new ac(); $ac->dbconnect(); class ui { public function start() { if ((!isset($_POST['username'])) && (!isset($_POST['password']))) { $ui = new ui(); $ui->loginform(); } else { $ac = new ac(); $ac->authentication(); } } private function loginform() { ?> <form id="userlogin" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> User:<input type="text" name="username"/><br/> Password:<input type="password" name="password"/><br/> <input type="submit" value="submit"/> </form> <?php } }

    Read the article

  • HTML and PHP simple contact form.

    - by user317128
    I tried to make a simple contact form via HTML and PHP but the form doesnt seem to submit. it stays on the HTML page and doesnt post to the php form. would love someone to look over the code, thanks in advanced. simple_form.html cdoe <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Simple Feedback Form</title> </head> <body> <form action="send_simpleform.php" method="post"> <p>Your name<br /> <input name="sender_name" type="text" size="30" /></p> <p>Email<br /> <input name="sender_email" type="text" size="30" /></p> <p>Message<br /> <textarea name="message" cols="30" rows="5"></textarea></p> <input name="submit" type="button" value="Send This Form" /> </form> </body> </html> send_simpleform.php code <? if (($_POST[sender_name] == "") || ($_POST[sender_email] == "") || ($_POST[message] == "") { header("Location: simple_form.php"); exit; } $msg = "Email sent from wwwsite\n"; $msg .= "Sender's Name:\t $_POST[senders_name]\n"; $msg .= "Sender's E-mail:\t $_POST[senders_email]\n"; $msg .= "Sender's Message:\t $_POST[message]\n"; $to = "[email protected]"; $subject = "Website feedback message"; $mailheaders = "From: My web site <www.testwebsite.com>\n"; $mailherders .= "Reply to: $_POST[sender_email]\n"; $mail($to, $subject, $msg, $mailheaders); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Simple Feedback Form Sent</title> </head> <body> <h1>The following email has been sent</h1> <p>Your Name:<br /> <? echo "$_POST[sender_name]"; ?> <p>Your Email Adress:<br /> <? echo "$_POST[sender_email]"; ?> <p>Message:<br /> <? echo "$_POST[message]"; ?> </p> </body> </html>

    Read the article

  • php slideshow sample

    - by serhio
    I try to do a simple image slideshow in php (just cycle images, no links, no other effects). after some googling I found the following in net: <HTML> <HEAD> <TITLE>Php Slideshow</TITLE> <script language="javascript"> var speed = 4000; // time picture is displayed var delay = 3; // time it takes to blend to the next picture x = new Array; var y = 0; <?php $tel=0; $tst='.jpg'; $p= "./images"; $d = dir($p); $first = NULL; while (false !== ($entry = $d->read())) { if (stristr ($entry, $tst)) { $entry = $d->path."/".$entry; print ("x[$tel]='$entry';\n"); if ($first == NULL) { $first = $entry; } $tel++; } } $d->close(); ?> function show() { document.all.pic.filters.blendTrans.Apply(); document.all.pic.src = x[y++]; document.all.pic.filters.blendTrans.Play(delay); if (y > x.length - 1) y = 0; } function timeF() { setTimeout(show, speed); } </script> </HEAD> <BODY > <!-- add html code here --> <?php print ("<IMG src='$first' id='pic' onload='timeF()' style='filter:blendTrans()' >"); ?> <!-- add html code here --> </BODY> </HTML> but it displays only the first image from the cycle. Do I something wrong? the resulting HTML page is: <HTML> <HEAD> <TITLE>Php Slideshow</TITLE> <script language="javascript"> var speed = 4000; // time picture is displayed var delay = 3; // time it takes to blend to the next picture x = new Array; var y = 0; x[0]='./images/under_construction.jpg'; x[1]='./images/BuildingBanner.jpg'; x[2]='./images/littleLift.jpg'; x[3]='./images/msfp_smbus1_01.jpg'; x[4]='./images/escalator.jpg'; function show() { document.all.pic.filters.blendTrans.Apply(); document.all.pic.src = x[y++]; document.all.pic.filters.blendTrans.Play(delay); if (y > x.length - 1) y = 0; } function timeF() { setTimeout(show, speed); } </script> </HEAD> <BODY > <!-- add html code here --> <IMG src='./images/under_construction.jpg' id='pic' onload='timeF()' style='filter:blendTrans()' ><!-- add html code here --> </BODY> </HTML>

    Read the article

  • Is this PHP/MySQL login script secure?

    - by NightMICU
    Greetings, A site I designed was compromised today, working on damage control at the moment. Two user accounts, including the primary administrator, were accessed without authorization. Please take a look at the log-in script that was in use, any insight on security holes would be appreciated. I am not sure if this was an SQL injection or possibly breach on a computer that had been used to access this area in the past. Thanks <?php //Start session session_start(); //Include DB config require_once('config.php'); //Error message array $errmsg_arr = array(); $errflag = false; //Connect to mysql server $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $login = clean($_POST['login']); $password = clean($_POST['password']); //Input Validations if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } //If there are input validations, redirect back to the login form if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: http://tapp-essexvfd.org/admin/index.php"); exit(); } //Create query $qry="SELECT * FROM user_control WHERE username='$login' AND password='".md5($_POST['password'])."'"; $result=mysql_query($qry); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result) == 1) { //Login Successful session_regenerate_id(); //Collect details about user and assign session details $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['user_id']; $_SESSION['SESS_USERNAME'] = $member['username']; $_SESSION['SESS_FIRST_NAME'] = $member['name_f']; $_SESSION['SESS_LAST_NAME'] = $member['name_l']; $_SESSION['SESS_STATUS'] = $member['status']; $_SESSION['SESS_LEVEL'] = $member['level']; //Get Last Login $_SESSION['SESS_LAST_LOGIN'] = $member['lastLogin']; //Set Last Login info $qry = "UPDATE user_control SET lastLogin = DATE_ADD(NOW(), INTERVAL 1 HOUR) WHERE user_id = $member[user_id]"; $login = mysql_query($qry) or die(mysql_error()); session_write_close(); if ($member['level'] != "3" || $member['status'] == "Suspended") { header("location: http://members.tapp-essexvfd.org"); //CHANGE!!! } else { header("location: http://tapp-essexvfd.org/admin/admin_main.php"); } exit(); }else { //Login failed header("location: http://tapp-essexvfd.org/admin/index.php"); exit(); } }else { die("Query failed"); } ?>

    Read the article

< Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >