|
PHP - Please Help Me : Security And Required Fields With Php
i need help in this form
Code: [Select] <FORM action="thanx.php" method="post"> <TABLE width="100%" border=0> <TBODY> <TR> <TD align=center><FONT color=#ff0000>* </FONT>title:<BR><INPUT size=40 name=title><BR></TD> </TR> </TBODY> <TABLE width="100%" border=0> <TBODY> <TR> <TD align=center><FONT color=#ff0000>* </FONT>Url<BR><INPUT size=40 name=url value=http://><BR><TD></TR></TBODY></TABLE> </TD> </TR> <TABLE width="100%" border=0> <TBODY> <TR> <TD align=center>description<BR> <textarea cols="50" rows="4" name="description"></textarea><BR><TD></TR></TBODY></TABLE> </TD> </TBODY></TABLE> <P style="TEXT-ALIGN: center" align=center><INPUT class=submit type=submit value="add" name=send></TD> </FORM> first : i want make fields required "at lest Three letters" using php not java ... but i want the user don't leave the form if this fields empty .. and i need the user don't go the add.php if this fields empty like :: please fill the blank fields second : some time my users post in the in fields ..something like this Code: [Select] <SCRIPT type=text/javascript> <!-- //--> </SCRIPT> or something like this Code: [Select] <a href=""</a> and some time user write one letter in the field i don't accept this ..because it makes problems in the results.. so what can i do to fix this and make security for this . so can anyone help me ..please Similar TutorialsHi I am learning PHP and working on a Contact Us page with a required fields. For some reason it works great for the name and email, but always says please enter your phone number. If you guys have a better way of doing this please let me know. Also if the email is sent successfully I want it to goto the page "success.html" this part works good though just need some help please Here is the form: Code: [Select] <form action="contact.php" method="post" id="contactform"> <ol> <li> <label for="name">Full Name <span class="red">*</span></label> <input id="name" name="name" class="text" /> </li> <li> <label for="email">Your email <span class="red">*</span></label> <input id="email" name="email" class="text" /> </li> <li> <label for="phone">Phone Number <span class="red">*</span></label> <input id="phone" name="phone" class="text" /> </li> <li> <label for="company">Company</label> <input id="company" name="company" class="text" /> </li> <li> <label for="topic">Subject<span class="red">*</span></label> <input id="topic" name="topic" class="text" /> </li> <li> <label for="comments">Message <span class="red">*</span></label> <textarea id="comments" name="comments" rows="6" cols="50"></textarea> </li> <li class="buttons"> <input type="image" name="imageField" id="imageField" src="images/send.gif" /> </li> </ol> </form> The PHP code I tried: Code: [Select] <?php // Pick up the form data and assign it to variables $name = check_input ($_POST['name'], "Please enter your name"); $email = check_input ($_POST['email'],"Please enter your email"); $phone = check_input ($_POST['phone'], "Please enter your phone number"); $company = $_POST['company']; $topic = check_input ($_POST['topic'], "Please enter your subject"); $comments = check_input ($_POST['comments'], "Please enter your message"); function check_input($data, $problem='') { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); if (strlen($data) == 0) { die($problem); } else { return $data; } } // Build the email (replace the address in the $to section with your own) $to = 'email@email.com"'; $subject = "New message: $topic"; $message = "Email: $email \n Phone: $phone \n Company: $company \n $name said: $comments"; $headers = "From: $email"; // Send the mail using PHPs mail() function mail($to, $subject, $message, $headers); // Redirect header("Location: success.html"); ?> I was able to make my fields required and the user gets a message and has to go back and enter all of the required fields before they see a successful submission, but I still get an email every time they get the error message. Below is the code, thanks so much for your help. (fyi, i got all of the code from the web and changed to fit my needs, so I'm not entirely sure what it all does, if i had to guess, i would think the problem is in "$sent = mail($to, $subject, $body, $headers);", but that's just a guess) Code: [Select] <?php $to = "email@mydomain.com"; $email = $_REQUEST['email'] ; $fname = $_REQUEST['fname'] ; $lname = $_REQUEST['lname'] ; $phone = $_REQUEST['phone'] ; $type = $_REQUEST['type'] ; $details = $_REQUEST['details'] ; $subject = "Message from: $fname $lname"; $headers = "noreply@mydomain.com"; $body = "FirstName: $fname \n\n Lastname: $lname \n\n PhoneNumber: $phone \n\n Email: $email \n\n Type: $type \n\n Details: $details \n\n"; $sent = mail($to, $subject, $body, $headers) ; if ($_POST['fname']=="") { Print("Ooops, please use your back button and provide your first name!<br>"); } elseif ($_POST['lname']=="") { Print("Ooops, please use your back button and provide your last name!<br>"); } elseif ($_POST['phone']=="") { Print("Ooops, please use your back button and provide your phone number!<br>"); } elseif ($_POST['email']=="") { Print("Ooops, please use your back button and provide your email!<br>"); } elseif($sent) {echo "<script language=javascript>window.location = 'thanks.php';</script>";} else {echo "<script language=javascript>window.location = 'error.php';</script>";} ?> If I wanted to make multiple fields required before letting a User move past the field is this the proper way to do it? Code: [Select] if(isSet($_POST['playerFirst']['playerLast']['feet']['inches']['year']['status'])) { ## Something } else { ## Something else } Hey guys,
Thank you in advance... here is my situation, I have a form with three (3) fields in it, the 'student name' is unlimited textfield with an "add more" button to it and I have two select fields ('number of shirts' and 'trophies') that depend on the number of entries for 'student name'...
I want to create the select fields based on this math, for as many 'student name' entries:
1- i want to have the select form for 'number of shirts' to be 0 up to that number... so if there are 6 'student name' entries, the select options will be 0,1,3,4,5,6,7
2- I want to have the select form for 'trophies' to be 5 'student name' entries to 1 'trophies', for example if there are 6 'student name' entries, the select options will be 0,1... if there are 13 entries, options will be 0,1,2... So if there are less than 5 'student name' entries, the select field will not show (hidden)
of course if there are no 'student name' entries, these two fields won't show up (hidden)
let me know if that make sense and ANY help or directions will be GREATLY APPRECIATED.
Thanks guys!
Hi Friends, I am trying to do an API with oracle database. The JSON request from 3rd party will look like below. {
"contact_id": "1",
"serial_no": "100",
"name": "baby",
"inv_date": "2018-06-27",
"due_date": "2018-06-27",
"currency": "KD",
"subtotal": "143",
"tax_total": "13",
"shipment_data": [
{
"serial_no": "33",
"master_no": "55",
"house_no": "77",
"cost_revenue_items": [
{
"charge_ref": "rr",
"currency": "INR",
"quantity": "2",
"selling_rate": "45",
"exchange_rate": "7",
"taxes": [
{
"serial_no": "1",
"ref": "INR",
"voiding_remarks": "oo"
},{
"serial_no": "2",
"ref": "KWD",
"voiding_remarks": "asd"
}
]
}
]
}
]
}
how to handle request for JSON in which master is updated (PUT) and child record is (Either INSERTED, UPDATED or DELETED) ? Hi,
I am fairly new to PHP, I am tryin to put a code together that would see my incoming CLI as 44 and remove the 44 from it and add a 0 to it. I have managed to do this so far, now I am stuck, as any number thats not matching the length (10 digits ) or is not starting with 44 is also not forwarded to my database for query.
$input = ($cid); if(preg_match('/^(44|0)(\d{10})$/',$input,$matches)){ $phone = '0'.$matches[2]; }else die("Invalid Phone Number") ; What I would like is that any number starting with 441234567890 to become 01234567890, but should not involve 10 digits criteria. Any help would be appreciated. I am trying to update task based progress updates. I've got a very simple database that needs to be updated with:
Database name: progress
1. ID (auto increment)
2. admin (name of the project manager)
3. adminid (ID of the project manager in the project manager db)
4. member (name of the member of the project in the members db)
4. project (particular project being updated)
5. status (progress of the project as a number between 10 and 90)
6. timestamp
I have the following php script update insert a new line into my progress table:
if (!empty($_POST['progress'])) {
if(Input::exists()) {
if(Token::check(Input::get('token'))) {
$adminprogress = Input::get('admin');
$adminidprogress = Input::get('adminid');
$memberprogress = Input::get('member');
$projectprogress = Input::get('project');
$statusprogress = Input::get('status');
$timestamp = date('Y-m-d H:i:s');
$progressupdate = DB::getInstance()->insert(progress, array(
'admin' => $adminprogress,
'adminid' => $adminidprogress,
'member' => $memberprogress,
'project' => $projectprogress,
'status' => $statusprogress,
'timestamp' => $timestamp
));
Redirect::to('memberattire1.php');
}
}
}
And I have the following code in the body of my page:
<form method="post" action="">
<label>
<select name="status">
<option value=choose>---Please Select---</option>
<option value = "0">(10%) Bunker Registered</option>
<option value = "10">(20%) First discussions held</option>
<option value = "20">(30%) Initial research undertaken</option>
<option value = "30">(40%) Ideas shared</option>
<option value = "40">(50%) Enquiries made</option>
<option value = "50">(60%) Results of enquiries shared</option>
<option value = "60">(70%) Preferences shared</option>
<option value = "70">(80%) Decisions made</option>
<option value = "80">(90%) Decisions being executed</option>
<option value = "90">(100%) Project Completed</option>
</select>
</label>
<br><br>
<input type="hidden" name="member" value="<?php echo $membername; ?>">
<input type="hidden" name="admin" value="<?php echo $admin; ?>">
<input type="hidden" name="adminid" value="<?php echo $adminid; ?>">
<input type="hidden" name="project" value="attire1">
<input type="hidden" name="token" value="<?php if(isset($token)) { echo $token; } else { echo $token = Token::generate(); } ?>" >
<input type="submit" value="Submit Update" name="progress">
</form>
I know my $membername, $admin and $adminid are ok because I can simply echo them out to confirm them, so there is something silly in my coding that I've overlooked.
Can someone with a fresh pair of eyes see a typo or missed semi-colon or whatnot?
Many thanks for any help.
Okay, so below I have posted my code, the problem I am having is not knowing how PDO works that well. So what I have attempted to do here is use SQL to check if the user and password are correct, but I'm not sure how to carry on. I realize I have to determine if the database found the matching password and/or username but I have no idea how, any help will be much appreciated. <html> <head> <title>Database login</title> <?php if (isset($_POST['submit'])) { print_r($_POST); $password = md5($_POST['password']); echo'<p>'.$password.'</p>'; $username = ($_POST['username']); echo'<p>'.$username.'</p>'; } ?> </head> <body> <?php $db = new PDO('sqlite:login.sqlite'); $login = 'SELECT * FROM login WHERE userid="'.$username.'" AND password="'.$password.'";'; echo'<p>'.$login.'</p>'; $attempt = $db->query($login); ?> <form method="post" action="Db_login.php"> <p>Username:<br /><input type="text" name="username" /> </p> <p>Password:<br /><input type="password" name="password" /></p> <p><input type="submit" name="submit" value="Log In!" /></p> </body> </html> I have a login page that after logging in it sets a session Code: [Select] $_SESSION['user_info'] = $_POST['username']; and takes me to a start page (and checks for the session) which all works wonderfully. The problem is that no matter what link is clicked on that page it takes me to the login page again after checking to see if that same session is set Code: [Select] session_start(); if(!isset($_SESSION['user_info'])){ header("Location: http://website.com/folder/log_in.php"); } After logging in a second time every link on that same start page works wonderfully. If it works the second time why not the first? Hi All, I am new to PHP and HTML and I am trying to write an interface to MySQL 5.1 data base on Ubuntu 10.04LTS using PHP. My database has following tables 1) parts---> Part_no, Part_name--->PK is Part_no 2) operation---> Part_no,op_id--->PK is op_id, FK is Part_no 3)tool_list---->tl_id,op_id, tool---->PK is tl_id, FK is op_id 4)tool---->tool_part_no, tool_desc---->PK is tool_part_no I have many rows of data in 'tool' table. I want to referance/add these tools in to 'tool_list' table. these 'tool_list's are specific to a operatiom which once again is specific to a part. So Part_no--->op_id--->tool_list---->tool I have created 'one.php' which will aske the user for part no. This is a list which is populated from database. once the user selects the part_no and submits. it loads 'two.php' and lists operations specific to that part_no. Here once operation is selected and submited it calls 'three.php'. Here I need to add tools on to this selected operation. There can be as many as 20 different tool that can be added in to an operation. What i am looking to do is to list all tool in the 'tool' table as a list and add each tool in to the 'tool_list' table. once all tools are added press another button caled Exit which will take the user to Home page. The question is how do i accomplish this. 1) once a tool is selected it has to be added as a new row in to tool_list and the page need to be reloaded but has to remember the part_no, op_id for subsequent additions. 2) once all tools are added and exit is pressed it needs to goto home page. How do i accomplish these. Can a HTML page have two forms in it like on inside the other?. Or can this be accomplished with PHP only?. Thanks SKN Trying to make the email field in my form mandatory. Im new to php, more used to javascript but from everything i have read php is more universal. Here is my code, any help would be great. Code: [Select] <?php $emailsubject = 'Golf Registration'; $webMaster = 'dustin@duncantek.com'; $namea = $_POST['namea']; $nameb = $_POST['nameb']; $namec = $_POST['namec']; $named = $_POST['named']; $total = $_POST['total']; $sponsor = $_POST['sponsor']; $email = $_POST['email']; $comments = $_POST['comments']; $body = <<<EOD <br><hr><br> Golfer1: = $namea <br> Golfer2: = $nameb <br> Golfer3: = $namec <br> Golfer4: = $named <br> Total Owed: = $total <br> Sponsorship Name: = $sponsor <br> Comments: = $comments<br> EOD; $headers = "From: $email\r\n"; $headers .= "Content-type: text/html\r\n"; $success = mail($webMaster, $emailsubject, $body, $headers); $theResults = <<<EOD <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Thanks For Registering</title> <link href="golf-website.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="border"> <div class="name">Thanks For Registering!</div> <div id="links_bg"> <div class="toplinks"><a href="default.html">Homepage</a></div> <div class="toplinks"><a href="file:///C|/Users/Dustin/Desktop/Templates/Golf-Website/index.html">About Us</a></div> <div class="toplinks"><a href="file:///C|/Users/Dustin/Desktop/Templates/Golf-Website/index.html">Donations</a></div> <div class="toplinks"><a href="tourneyinfo.html">Events</a></div> <div class="toplinks"><a href="file:///C|/Users/Dustin/Desktop/Templates/Golf-Website/index.html">Contact us</a></div> </div> <div class="gap"></div> </div> </div> <div id="heading-bg"> <div align="left">Registration Complete</div> </div> <div id="main"> <p>Thank you for taking the time to register, we will email you back shortly to confirm registration along with an invoice via paypal. This is strictly for your convenience, we will also accept payment at the course on the day of the tournament. Thanks Again!</p> </div> <div id="bottom"> <div class="bottomlink"><a href="default.html">Home</a></div> <div class="sap">|</div> <div class="bottomlink"><a href="aboutus.html">About Us</a></div> <div class="sap">|</div> <div class="bottomlink"><a href="file:///C|/Users/Dustin/Desktop/Templates/Golf-Website/index.html">Donations</a></div> <div class="sap">|</div> <div class="bottomlink"><a href="tourneyinfo.html">Events</a></div> <div class="sap">|</div> <div class="bottomlink"><a href="file:///C|/Users/Dustin/Desktop/Templates/Golf-Website/index.html">Contact Us</a></div> </div> <center><div class="quicklinks"></div> </div> </body> </html> EOD; echo "$theResults"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Tournament Info</title> <link href="golf-website.css" rel="stylesheet" type="text/css" /> </head> <body> <td width="104"><label for="namea"> <div align="right">Golfer #1:</div> </label> </td> <td width="387"><div align="left"> <input name="namea" type="text" id="namea" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><label for="name2"> <div align="right">Golfer #2:</div> </label> </td> <td><div align="left"> <input name="nameb" type="text" id="nameb" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><label for="namec"> <div align="right">Golfer #3:</div> </label> </td> <td><div align="left"> <input name="namec" type="text" id="namec" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><label for="named"> <div align="right">Golfer #4:</div> </label> </td> <td><div align="left"> <input name="named" type="text" id="named" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><div align="right"></div></td> <td><div align="left">The option to sponsor a hole is also available, the price per hole is $200.00, please enter in the box below what you would like the sponsorship to be if any.</div></td> </tr> <tr> <td><div align="right"> <label for="total">Total:</label> </div></td> <td><div align="left"> <input name="total" type="text" id="total" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><div align="right"> <label for="sponsor">Sponsorship:</label> </div></td> <td><div align="left"> <input name="sponsor" type="text" id="sponsor" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><div align="right"> <label for="email">Email: </label> </div></td> <td><div align="left"> <input name="email" type="text" id="email" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><label for="comments">Additional Comments:</label></td> <td><textarea name="comments" cols="35" rows="6" id="comments"></textarea></td> </tr> </table> <p> </p> <blockquote> <blockquote> <blockquote> <blockquote> <blockquote> <p> <input type="submit" name="send" id="send" value="Submit" /> <input type="reset" name="reset" id="reset" value="Reset" /> </p> </blockquote> < </body> </html> MOD EDIT: code tags added. Hi, I need a preg_match for the following criteria: - no leading or trailing white space allowed - only alphanumeric characters and spaces are allowed (no full stops, commas apostrophe's, explanation marks, quotes, etc) - only one space allowed between each word (if there is more than one word) Thanks. One of my virtual hosts contained php_value upload_max_filesize 8M which resulted in error when running as php-fpm. Also, looks like .htaccess files are no longer used. Any other gotcha's??? Reading up on it, looks like I want to move all .htaccess instructions to a https://www.php.net/manual/en/configuration.file.per-user.php file. Should be straight forward enough. Looking at https://www.php.net/manual/en/configuration.changes.php, looks like I should scan /etc/httpd/* as well as any virtual sites defined elsewhere for "php_" and move these requirements elsewhere. Will this also have to be a per directory .user.ini file? Reason I ask is I always thought it was better performance to when possible use apache's conf file than a .htaccess file. I have a html/php i am creating but getting the following error:
[10-May-2019 09:42:13 UTC] PHP Fatal error: Uncaught Error: Call to a member function prepare() on null in C:\inetpub\wwwroot\SupportDesk\php\Add_New_Engineer.php:88
<?php
$server = htmlentities($_SERVER['PHP_SELF']);
if (isset($_POST['submit'])) {
$result = create_eng();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Add A New Engineer | DDS Dashboard</title>
<meta charset="utf-8" />
<link rel="icon" type="image/png" href="../images/favicon-16x16.png"/>
</head>
<body>
<?php
include('nav.php');
include('ConnectionDB.php');
?>
<div class="jumbotron">
<div class="container">
<h1><br><img src="../images/clipboard-customer.png"/> Add New Engineer:</br></h1>
</div>
</div>
<form class="form-horizontal" role="form" id="add_eng" action="<?php $server ?>" method = "post">
<div class="form-group">
<!--<?php //display_msg($msg);?>-->
<label for="EngineerName" class="col-sm-2 control-label">Engineer Name:</label>
<div class="col-sm-6">
<input type="text" class="form-control" id="EngName" name="EngineersName" placeholder="Enter Engineer's Name"></input>
<small class="form-text text-muted">
Enter the new engineer's name above to enter them into the database.
</small>
</div>
<input name="submit" type="submit" value="Create Engineer" class="btn btn-primary default"></input>
<input name="reset" type="Reset" value="Reset Form" class="btn btn-primary default"></input>
</div>
</form>
<br><br>
</body>
</html>
<?php
$sql = "Select * from [Engineers] where [Engineer] not like '%\_%' Escape '\' order by [Engineer] asc";
$stmt = $conn->prepare($sql);
$stmt->execute();
$results=$stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<div class="containerenglist">
<div class="col-sm-5">
<table id="alleng" class="table table-bordered">
<tr>
<th>Active Engineer's Names:</th>
</tr>
<?php
foreach ($results as $row) {
echo "<tr><td>";
echo $row['Engineer'];
echo "</td>";
echo "</tr>";
}
?>
</table>
</div>
</div>
</body>
</html>
<?php
Function create_eng(){
global $msgID;
global $msg, $conn;
include('ConnectionDB.php');
$conn = null;
$msgID = 0;
//Get POST from submit
$eng_name = $_POST['EngineersName'];
//SQL Query
$sql_count = "select count(*) as num from [Engineers] where [Engineer] = :eng_name";
//Query SQL Statement
//echo $eng_name;
$stmt = $conn->prepare($sql_count);
$stmt->bindValue(':eng_name', $eng_name);
//Execute SQL Statement
$stmt->execute();
$results=$stmt->fetchAll(PDO::FETCH_ASSOC);
If($results['num'] > 0){
echo $msg = "Engineer $eng_name exist's in the database";
$msgID = 1;
}else{
$sql_insert = "insert into [Engineers](Engineer) values '$eng_name'";
//Prepare SQL Statement
$stmt = $conn->Prepare($sql_insert);
//Execute SQL Statement
$stmt->execute();
$results=$stmt->fetchAll(PDO::FETCH_ASSOC);
echo $msg = "Engineer $eng_name added to the database";
$msgID = 2;
}
}
?>
Everything works correctly until i try submitting a name to the DB the line that is being pulled is $stmt = $conn->prepare($sql_count);
Hi Buddy I'm new to Php and downloaded shopping cart for www.phpwebcommerce.com/download/plaincart.zip With this code, i'm unable to update the shopping cart. On clicking the update button, it goes to previous page. But in demo version the update is working properly. Kindly help. Thanks Sakhsen How can I make it so that if file_get_contents cannot find the file else <?php $file = file_get_contents("http://www.example.com/lol.txt"); if ( $file == true ) { } else { } I have just made a couple of forms that submit data to a mysql database. I was wondering what measures I need to make to in order to keep the whole thing very secure. At the moment I have stripped the inputs of tags and forward slashes. Is there anything else I should do? Also some field in the form allow the user to enter a url. With these fields I have not stripped them of forward slashes. Is this a bad idea? Should I do something like replace the forward slashes with something else and then reverse this process every time I extract that data from the database? Hi, I am currently working on an Invoice System using PHP and MySQL. However I was just wondering if the system I am using is secure enough. The Client gets a link like this: Code: [Select] mysite.com/?customerid=b3e470c55aad30eb38ee52eec1d8cb52 Each client has a unique "id" I also have an ID for the administrative back-end. I do clean the GET variable before querying the database though. Do I need to secure this with anything else or is this enough, as this is my first time creating anything with PHP and MySQL together. Thanks, mme Hi, I am looking to create a directory that can not be accessed using .htaccess and neither can files directly. But I want to make it so when you are signed into joomla you can access the files via a mp3 player on the sight. My mp3 extention is joomline player flplayer. And I heard that if I cange the name of the file in joomla fomr lovelove.com/audio/love/abc.mp3 to lovelove.com/audio/love/abc.php?name=abc and then that abc.php script (inside the script it checks if you are logged in) will retrieve the file name, and the joomline will play it it will work. is this possible? Also, if not what can I do for this to work? Right now my script is not working as the joomline looks up all the mp3 files as one big string. this is the abc.php which on my site its calld psp.php
<?php
define( '_JEXEC', 1 );
define( 'JPATH_BASE', realpath(dirname(__FILE__).'/../../' ));
require_once ( JPATH_BASE .'/includes/defines.php' );
require_once ( JPATH_BASE .'/includes/framework.php' );
$mainframe =& JFactory::getApplication('site');
if( !empty( $_GET['name'] ) )
{
// check if user is logged
if(JFactory::getUser()->guest) {
die( "ERROR: invalid song or you don't have permissions to download it." );
}
else {
$psp = preg_replace( '#[^-\w]#', '', $_GET['name'] );
$psp_file = "{$_SERVER['DOCUMENT_ROOT']}/audio/live/{$psp}.mp3";
if( file_exists( $psp_file ) )
{
header( 'Cache-Control: public' );
header( 'Content-Description: File Transfer' );
header( "Content-Disposition: attachment; filename={$psp_file}" );
header( 'Content-Type: application/mp3' );
header( 'Content-Transfer-Encoding: binary' );
readfile( $psp_file );
exit;
}
}
}
?>
then I have joomline player jlplayer
<?php
/**
* JoomLine mp3 player - Joomla mp3 player
*
* @version 1.5
* @package JoomLine mp3 player
* @author Anton Voynov (anton@joomline.ru), Sergii Gaievskiy (shturman.kh@gmail.com)
* @copyright (C) 2010 by Anton Voynov(http://www.joomline.ru)
* @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
*
* If you fork this to create your own project,
* please make a reference to JoomLine someplace in your code
* and provide a link to http://www.joomline.ru
**/
defined('_JEXEC') or die('Restricted access');
function ascii2hex($ascii, $reverse = false) {
$hex = array();
for ($i = 0; $i < strlen($ascii); $i++) {
$byte = strtoupper(dechex(ord($ascii{$i})));
$byte = str_repeat('0', 2 - strlen($byte)).$byte;
$hex[] = $byte;
}
if ($reverse) $hex = array_reverse($hex);
return implode(" ",$hex);
}
function read_frame (&$f, &$tagdata, $frame) {
$pos = strpos($tagdata,$frame);
if ( $pos !== FALSE) {
// frame found. read length of this frame
fseek($f, 10+$pos+4);
$frame2len = hexdec(ascii2hex(fread($f,4)));
if (($frame2len-1) > 0) {
// read frame data
fseek($f, 10+$pos+4+2+4+1);
$data = trim(fread($f,$frame2len-1));
$hexfdata = ascii2hex($data);
if ( substr($hexfdata,0,5) == 'FF FE' or substr($hexfdata,0,5) == 'FE FF' ) {
$data = iconv("UCS-2","UTF-8",$data);
} else {
if (!preg_match('//u', $data)) {
$data = iconv("cp1251", "UTF-8",$data);
}
}
return $data;
} else {
return false;
}
} else {
return false;
}
}
function readmp3tag($file) {
$f = fopen($file, 'rb');
rewind($f);
fseek($f, -128, SEEK_END);
$tmp = fread($f,128);
if ($tmp[125] == Chr(0) and $tmp[126] != Chr(0)) {
// ID3 v1.1
$format = 'a3TAG/a30NAME/a30ARTISTS/a30ALBUM/a4YEAR/a28COMMENT/x1/C1TRACK/C1GENRENO';
} else {
// ID3 v1
$format = 'a3TAG/a30NAME/a30ARTISTS/a30ALBUM/a4YEAR/a30COMMENT/C1GENRENO';
}
$id3v1tag = unpack($format, $tmp);
// read tag length
fseek($f, 8);
$tmp = fread($f,2);
$tmp = ascii2hex($tmp);
$taglen= hexdec($tmp);
$tagdata = "";
if ($taglen > 0) {
//read tag data
fseek($f, 10);
$tagdata = fread($f,$taglen);
}
// find song title frame
$title = read_frame ($f, $tagdata, "TIT2");
if (!$title) {
if ($id3v1tag['TAG']== 'TAG' && ascii2hex(substr($id3v1tag['NAME'],0,1)) != '00' ) {
$title = $id3v1tag['NAME'];
} else {
$title = explode(DS,$file);
$title = $title[count($title)-1];
$title = explode('.',$title);
$title=$title[0];
}
if (!preg_match('//u', $title)) $title = iconv("cp1251", "UTF-8",$title);
}
$artist = read_frame ($f, $tagdata, "TPE1");
if (!$artist) {
if ($id3v1tag['TAG']== 'TAG' && ascii2hex(substr($id3v1tag['ARTISTS'],0,1)) != '00') {
$artist = $id3v1tag['ARTISTS'];
} else {
$artist = "";
}
}
if (!preg_match('//u', $artist)) $artist = iconv("cp1251", "UTF-8//TRANSLIT",$artist);
$id3tag['NAME'] = $title;
$id3tag['ARTIST'] = $artist;
return $id3tag;
}
if (DS == "/")
$dir = str_replace("\\",DS,$music_dir);
else
$dir = str_replace("/",DS,$music_dir);
$dir = JPATH_ROOT.DS.$dir;
if (!is_dir($dir)) {
echo "Wrong dir in settings";
} else {
$files = glob($dir.DS."*.{mp3,MP3}",GLOB_BRACE);
if (count($files) > 0) {
sort($files);
$host = $base_uri;
foreach ($files as $file) {
$tags = readmp3tag($file);
$file = explode (DS, $file);
if ($server_utf8 == 1) {
$fname = rawurlencode($file[count($file)-1]);
} else {
$fname = rawurlencode($file[count($file)-1]);
}
$fname = substr($fname, 0, -4);
$file = $host."/".$music_dir."/psp.php?name=".$fname;
echo $file;
$artist = trim($tags['ARTIST']);
$artist = $artist == "" ? "" : "{$tags['ARTIST']} - ";
$playlist[] = '{name:"'.$artist.$tags['NAME'].'",mp3:"'.$file.'"}';
}
}
/*
*
//if(!window.jQuery) {
document.write(unescape('<script type="text/javascript" src="<?=$base_uri?>/modules/mod_jlplayer/js/jq.js">%3C/script%3E'));
document.write(unescape('<script type="text/javascript">jQuery.noConflict();%3C/script%3E'));
//}
*
*/
?>
<script type="text/javascript">
var myPlayList = [
<?php
echo implode(",\n ",$playlist)."\n";
?>
];
Array.prototype.find=function(v){
for (i=0;i<this.length;i++){
if (this[i]==v) return i;
}
return 0;
}
var plIndex = [];
for (i=0;i<myPlayList.length;i++) {
plIndex[i] = i;
}
<?php if ($shfl == 1) : ?>
//shuffle
function randOrd(){
return (Math.round(Math.random())-0.5);
}
plIndex.sort(randOrd);
<?php endif; ?>
function setCookie (name, value) {
document.cookie = name + "=" + escape(value) + "; expires=Thu, 01-Jan-2055 00:00:01 GMT; path=/";
}
function getCookie(name) {
var cookie = " " + document.cookie;
var search = " " + name + "=";
var setStr = null;
var offset = 0;
var end = 0;
if (cookie.length > 0) {
offset = cookie.indexOf(search);
if (offset != -1) {
offset += search.length;
end = cookie.indexOf(";", offset)
if (end == -1) {
end = cookie.length;
}
setStr = unescape(cookie.substring(offset, end));
}
}
return(setStr);
}
function changeShflStatus(el) {
nowPlay = plIndex[playItem];
if (el.checked) {
setCookie("jlp_shfl","shuffle");
plIndex.sort(randOrd);
} else {
setCookie("jlp_shfl","notshuffle");
plIndex.sort();
}
playItem = plIndex.find(nowPlay);
}
</script>
<script type="text/javascript" src="<?=$base_uri?>/modules/mod_jlplayer/js/jq.js"></script>
<script type="text/javascript">jQuery.noConflict();</script>
<link href="<?=$base_uri?>/modules/mod_jlplayer/skin/skin.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="<?=$base_uri?>/modules/mod_jlplayer/js/jquery.jplayer.min.js"></script>
<script type="text/javascript">
var playItem = 0;
jQuery(function(){
var jpPlayTime = jQuery("#jplayer_play_time");
var jpTotalTime = jQuery("#jplayer_total_time");
var jlp_shfl = getCookie("jlp_shfl");
if (jlp_shfl == "shuffle") {
document.getElementById('jlp_shfl').checked = true;
} else if (jlp_shfl == "notshuffle") {
document.getElementById('jlp_shfl').checked = false;
}
jsuri = baseuri+"/modules/mod_jlplayer/js/";
jQuery("#jquery_jplayer").jPlayer({
ready: function() {
displayPlayList();
playListInit(enable_autoplay); // Parameter is a boolean for autoplay.
},
errorAlerts:true,
warningAlerts:true,
swfPath: jsuri
})
.jPlayer("onProgressChange", function(loadPercent, playedPercentRelative, playedPercentAbsolute, playedTime, totalTime) {
jpPlayTime.text(jQuery.jPlayer.convertTime(playedTime));
jpTotalTime.text(jQuery.jPlayer.convertTime(totalTime));
})
.jPlayer("onSoundComplete", function() {
playListNext();
});
jQuery("#jplayer_previous").click( function() {
playListPrev();
return false;
});
jQuery("#jplayer_next").click( function() {
playListNext();
return false;
});
});
function displayPlayList() {
for (i=0; i < myPlayList.length; i++) {
jQuery("#jplayer_playlist").append("<div id='jplayer_playlist_item_"+i+"'>"+ myPlayList[i].name +"</div>");
jQuery("#jplayer_playlist_item_"+i).data( "index", i ).click( function() {
var index = jQuery(this).data("index");
if (plIndex[playItem] != index) {
_index = plIndex.find(index);
playListChange( _index, index );
} else {
jQuery("#jquery_jplayer").jPlayer("play");
}
});
}
}
function playListInit(autoplay) {
if(autoplay) {
playListChange(0, plIndex[0] );
} else {
playListConfig(0, plIndex[0] );
}
}
function playListConfig(_index, index ) {
jQuery("#jplayer_playlist_item_"+plIndex[playItem]).removeClass("jplayer_playlist_current");
jQuery("#jplayer_playlist_item_"+index).addClass("jplayer_playlist_current");
playItem = _index;
jQuery("#jquery_jplayer").jPlayer("setFile", myPlayList[plIndex[playItem]].mp3);
}
function playListChange(_index, index ) {
playListConfig(_index, index );
jQuery("#jquery_jplayer").jPlayer("play");
}
function playListNext() {
var _index = (playItem+1 < myPlayList.length) ? playItem+1 : 0;
var index = plIndex[_index];
playListChange(_index, index );
}
function playListPrev() {
var _index = (playItem-1 >= 0) ? playItem-1 : myPlayList.length-1;
var index = plIndex[_index];
playListChange(_index, index );
}
</script>
<?php include_once(JPATH_ROOT.DS.'modules/mod_jlplayer/skin/tpl.php'); ?>
<?php
}
I was messing around in there with $file
if ($server_utf8 == 1) {
$fname = rawurlencode($file[count($file)-1]);
} else {
$fname = rawurlencode($file[count($file)-1]);
}
$fname = substr($fname, 0, -4);
$file = $host."/".$music_dir."/psp.php?name=".$fname;
echo $file;
I am unsure how to retreive a file title only, with out the whole path, just the name and not even the file ext.It comes up with all the files names in the echo. Also I am not sure how joomline chooses just one file. I am not a php designer and I am quite confused lol Any help would be appreciated! Thank you. hi php freaks I am using pdo as the driver for my new app the issue is I can't seem to find a clear answer. I want to sanise the vars that are coming into the database but pdo is suppose to fix all the issues. Is this true what other things do I need to watch for when using pdo they must have some flaws. Thanks |
|||||||