PHP - Scripts For Review

I've been maintaining my old site http://www.tomsfreelance.com even though it's kind of just a business card at this point. So I decided to implement some javascript stuff I had been working on for other reasons. So far it seems to I have some work to do in Firefox, but I think it's working pretty well otherwise.   This is a bit of an oddball of a site and just about 99% javascript.   Feedback is much appreciated!

Hello all. I'm a newbie to this site and PHP and trying to build a basic contact/info form for an insurance company. I've been testing what I've done in FF, IE, and Google Chrome, and it seems to be generating consistent results ... but I thought I'd run it past the EXPERTS here, so you can tell me all that I've done wrong. : )

Attached is the PHP page that is triggered by a basic HTML page with check boxes, etc. And below is what a resulting email looks like, which is fine by me (of course this is empty).

Thanks for any advice!
-RP

-------------------------------------------------

Name:
Tel:
Company:
State:
Website:
Employees:

===== Type of Business =====
Manufacturer:
Retailer:
Jobber/Restyler:
Distributor:
Motorsports:
Professional Services:

===== Insurance Needs =====
General Liability:
Garage/Keepers:
Property Building:
Property Equipment:
Loss of Income:
Worker's Comp.:
Internet Liability:
Life & Disability:
Product Liability:
Legal Liability:
Property Contents:
Cargo/Mobile Property:
Employee Dishonesty:
401K & Retirement:
Health:
Other:

Personal Comments:

=========================

I have spent a little time lately developing a database class (not finished yet) that automatically will escape the data that is sent to it if used properly. I would like to get some input on it and see what some of you guys think of it. Mainly I would like to know if it is easy to use, if there is any potential issues so far, and if there are any suggestions on better ways to do things in the class. I have attached a copy of the class to this post. Here is an example of how to use it:

Code: [Select]
//create object
$db = new db();

//perform query
$users = $db->table('users')->select('*')->where("name='%s'")->vars("somename")->getResults();

//another way to perform the query above
$db->table('users')->select('*')->where("name='%s'")->vars(array("somename"));
$users = $db->getResults();

You will have to change the db connection properties at the top of the db.class.php file for your own connections. Please let me know of any suggestions, questions or issues that you have.

hello dear community


i try to find a way to use  file_get_contents: a download of set of pages:  Can any body review my approach

.. and as i thought i can find all 790 resultpages within a certain range between Id= 0 and Id= 100000 i thought, that i can go the way with a loop:

http://www.foundationfinder.ch/ShowDetails.php?Id=11233&InterfaceLanguage=&Type=Html
http://www.foundationfinder.ch/ShowDetails.php?Id=927&InterfaceLanguage=1&Type=Html
http://www.foundationfinder.ch/ShowDetails.php?Id=949&InterfaceLanguage=1&Type=Html
http://www.foundationfinder.ch/ShowDetails.php?Id=20011&InterfaceLanguage=1&Type=Html
http://www.foundationfinder.ch/ShowDetails.php?Id=10579&InterfaceLanguage=1&Type=Html

How to mechanize with a loop from 0 to 10000 and throw out 404 responses
once you reach the page we then could use beautifulsoup to get the content (in our case the image file address)
but we also  could just loop trough the images directely with simple webrequests.

Well  - how to proceed:

like this:


<?php
// creating a stream!
$opts = array(
  'http'=>array(
    'method'=>"GET",
    'header'=>"Accept-language: en\r\n" .
              "Cookie: foo=bar\r\n"
  )
);

// opens a file

$file = file_get_contents('http://www.example.com/', false, $context);
?>


a typical page is http://www.foundationfinder.ch/ShowDetails.php?Id=134&InterfaceLanguage=&Type=Html
and the related image is at http://www.foundationfinder.ch/ShowDetails.php?Id=134&InterfaceLanguage=&Type=Image

after downloading the images we will need to OCR them to extract any useful info,
so at some stage we need to look at OCR libs.


I think google opensourced one, and since its google it has a good chance it has a python API


can anybody review the approach - look forward to hear from you

Dear Friends.

Just now I tried to create PHP to make Rest API for my mobile application and I would like to know that it's good coding and need any improve? it is my first time for Rest API. normally I just connect to PHP file directly

on .htaccess

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([0-9A-Za-z_]+)$ function.php?func=$1 [L,QSA]
RewriteRule ^([0-9A-Za-z_]+)/$ function.php?func=$1 [L,QSA]

on function.php

$func = $_GET['func'];
switch( $func) 
{
	case 'lab_info':		//ໜ້າຫຼັກ
		define( '_FUNC', 'lab_info.php');
		break;

	case 'customer_info':		//ຂໍ້ມູນຜູ້ໃຊ້
		define( '_FUNC', 'customer_info.php');
		break;
	default:			// No function
		define( '_FUNC', 'functionnotfound.php');
		break;
}

if( defined( '_FUNC') && constant( '_FUNC') !='')
	require( "func/" . _FUNC);

on customer_info.php

$error = array();
if(isset($_POST['user']) != 'lung'){
    $error['status'] = "422";
    $error['title'] = "Authentication Fail";
    $error['detail'] = "Invalid user authentication";

    echo json_encode($error);die();
}
if(!isset($_POST['user'])){
    $error['status'] = "401";
    $error['title'] = "Invalid Attribute";
    $error['detail'] = "Invalid Attribute For Information";

    echo json_encode($error);die();

}

$result = $conn->query("select Lab_Name,Lab_Username,Lab_Password from tb_labmanagers");
$customer = array();
while($row =mysqli_fetch_assoc($result))
{
    $customer[] = $row;
}

echo json_encode($customer);

this image attached file is result from postman, client need to send user = 'lung' to get information

 

i want the code for review approval platform (costumer reviews for a product  )and in backend editing the code and updating it

Hello,   I'm the sole developer of Aptugo (http://www.aptugo.com), a web RAD development environment with focus on making every developer's life easier. I've spent countless hours over the last two years developing it, and while the main focus is to be a CRUD boilerplate, it can actually build complete websites with great features (Aptugo's website was completely built with Aptugo, and google page insights gave me a score of 92 right out of the oven and without any effort).   Anyway, it would be really nice if you could spend a few minutes taking a look at Aptugo, It is free, and I really want to keep it free forever, in order to be able to achieve that, I really mouth-to-mouth promotion, so I'm not trying to sell you anything here, I'm just asking for help and your empathy! . If you could tell me: "I would use aptugo if it..." I would really appreciate it.    Have a great day, Gaston

	if(get_images_for_delete($username, $newid, $mysqli) !== FALSE){
	// WE are dealing with images
	$images = get_images_for_delete($username, $newid, $mysqli);
	$sourceBucket = "***********";
	$targetBucket = "***********";
	foreach($images as $image){
	// copy our object
	$aws = new s3;
	$aws = $aws->copyObject($targetBucket, $image, $sourceBucket, $image);
	// delete our object
	$aws_delete = new s3;
	$aws_delete = $aws_delete->deleteObject($image);
	// copy our (thumbnail) object
	$aws2 = new s3;
	$aws2 = $aws2->copyObject($targetBucket, "thumb_".$image, $sourceBucket, "thumb_".$image);
	// delete our (thumbnail) object
	$aws_delete2 = new s3;
	$aws_delete2 = $aws_delete2->deleteObject("thumb_".$image);
	}

Is my code. Do I need to declare so many new s3 classes? All the methods are within the same class. Not sure if this is the correct way to go about it.

 In a project that I'm working on I can specify routing rules, which is somewhat similar to mod_rewrite but in PHP. It's currently set up to use full regular expressions, but it's kind of overkill. I'm trying to convert it to use routing rules similar to some of the php frameworks I've seen. The code I've written up below is working, and while it's unlikely that I would need anything more complex, I'm wondering if anyone would like to comment, offer suggestions, or offer criticisms. This little piece of code is just a part of a bigger routing class, but this is the code that I'm concerned with. Thanks.

<?php

$cfg['routes'] = [
    'cars/(:any)/(:any)/(:num).php' => 'cars/$3/$1/$2',
    'default_route'                 => 'cars/index',
    'trucks/parts?year=(:num)'      => 'parts/trucks/$1',
    'vans/articles(:any)'           => 'articles$1' 
];

$uris = [
    'cars/toyota/tercel/2014.php', # /cars/2014/toyota/tercel
    'default_route',               # /cars/index
    'trucks/parts?year=2014',      # /parts/trucks/2014
    'vans/articles?p=42342'        # /articles?p=42342
];

$i = 0;
foreach( $cfg['routes'] as $k => $v )
{
    $k = '|^' . preg_quote( $k ) . '$|uiD';

    $k = str_replace(
        [
            '\(\:any\)',
            '\(\:alnum\)',
            '\(\:num\)',
            '\(\:alpha\)',
            '\(\:segment\)'
        ], [
            '(.+)',
            '([[:alnum:]]+)',
            '([[:digit:]]+)',
            '([[:alpha:]]+)',
            '([^/]*)'
        ], 
        $k
    );

    echo '<br />' . $uris[$i] . '<br />' . $k . '<br />';
    
    if( @preg_match( $k, $uris[$i] ) )
    {
        echo preg_replace( $k, $v, $uris[$i] ) . '<br /><br />';
    }

    $i++;
}

$username = $loggedInUser->username; // This is the logged in username
$time = time();
$makedir = $username.'_'.$time;

$var = getcwd();
$var = str_replace('\users', '\imageuploads', $var);
$dirlocation = $var."\\".test_directory($username, $mysqli);   function test_directory ($username, $mysqli) {
     $stmt = $mysqli->prepare("SELECT Temp_Directory FROM uc_users WHERE user_name LIKE ?");
    $stmt->bind_param("s", $username);
    $stmt->execute();
    $stmt->bind_result($Tempdir);
    while ($stmt->fetch()){
    return $Tempdir;
        }
    } if((!empty(test_directory($username, $mysqli))) && is_dir($dirlocation)){
//echo "this is it";
$thedirectory = $dirlocation;
}

if(empty(test_directory($username, $mysqli))){
//echo "it's not a directory";
$newdir = $var."\\".$makedir;
$query = mysqli_query($mysqli, "UPDATE uc_users SET Temp_Directory='$makedir' WHERE user_name='$username'");
if(!$query){
//echo mysqli_error($mysqli);
}
mkdir($newdir);
//security
chmod($newdir, 0644);
$thedirectory = $newdir;
}

if(!is_dir($dirlocation) && (!empty(test_directory($username, $mysqli)))){
//echo "third one";
mkdir($dirlocation);
chmod($dirlocation, 0644);
$thedirectory = $dirlocation;
}         Ok, so what I'm doing here is testing to see whether a a record exists of the user having a folder in the MySQL database. Then, if it does, make sure that a folder exists at that location. If there is no folder, we create one for the user. If there is already a folder, we leave it alone.   This is for image uploads, and $thedirectory, is where we upload images later on in the script.   Hope that makes sense.   The code seems to work. But how can I improve it and make it more robust? Or should I just leave it alone? Should I return FALSE from the function for better reliability over empty()?  

I have a problem with the below code:
Code: [Select]
<?php
$sql_ranks = ("SELECT vtp_members.id, vtp_members.name, vtp_members.teamleader, teams.team_name, count(vtp_tracking.id) surfs
FROM vtp_members, vtp_tracking, teams
WHERE vtp_members.team_id=".$_GET['t']." AND vtp_tracking.credit_members_id=vtp_members.id AND vtp_tracking.action_date > '$last_sunday' AND vtp_tracking.action_date < '$next_sunday'
GROUP BY teams.team_name
ORDER BY surfs DESC");
$rsranks = mysql_query($sql_ranks);
echo "<br><table align='center' valign='top' border='0' width='300px'>
<tr><td colspan='2' align='center'><font size='2px'><b>Team Rankings (Current Week)</b></font></td></tr>
<tr><td><font size='2px'><b>Team</font></td><td align='right'><font size='2px'>Total Surfs</font></td></tr>";
while ($row = mysql_fetch_array($rsranks)) {
echo "<tr><td><font size='2px'><b>".$row[team_name]."</font></td><td align='right'><font size='2px'>".$row[surfs]."</font></td></tr>";}
echo "</table>";
?>
Problem is that the last output (".$row[surfs].") is the same for all teams. It seems it is not making a total of all id's and not per team_name.

anyone can see what I am doing wrong. I need to sort by team_name and the surfs should display the total of the members with team_id is ".$_GET['t']."

Hi, I'm trying to make my game navigation that involves switching div images to navigate in the game world. It is browser based. The first script, the user clicks on the world map to go to "Teardrop Ocean". The second script lets the user press the "further" button or "back" button to navigate within "Teardrop Ocean". My problem is I'm trying to combine the image map navigation with the "further" and "back" navigation. The problem is, I don't know if it's possible since the first world map script involves javascript. Here is the code, any help greatly appreciated Thanks. Derek



This is the code that uses javascript to process a hidden form to use php to output. This is our "world map" link, that should load the "teardrop ocean" image inside the div, which it doesn't do yet here.
Code: [Select]
<?php

$zone='';

if(isset($_POST['checker']) && $_POST['checker'] == 'checked')
{
   echo "it worked !";

$zone="<img src='teardrop.jpg'/>";   
}

if(isset($_POST['back']))
{
$zone='';
}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<form action="aradia.php" method="post" name="mapform" id="mapform">
<input type="hidden" name="checker" value="checked" />
  <div align="left"> <img src="aradia.jpg" width="256" height="328" border="0" usemap="#Map" /></div>
</form>

<map name="Map" id="Map">
   <area shape="rect" coords="5,176,81,249" href="javascript: void(0);" onclick="javascript: document.getElementById('mapform').submit();" />
</map>
<div align="center"><?php echo $zone;?></div>

<form action="aradia.php" method="post" > <input type = "submit" name="back" value="back" /></form>
</body>
</html>

and here is the "Teardrop ocean" navigation, which uses php to navigate forward and backwards in the zone, but can't go back to the world map, or there is no way to yet.

Code: [Select]
/////////////////////////////GAME NAVIGATION AND MONSTER SEARCH CODE NOT FINISHED//////////////////////////////////
 
if(( !isset($_SESSION['current_background']) && !isset($_SESSION['currentMonster'])) OR (! $_POST))
{
    $_SESSION['current_monster'] = 0;
    $_SESSION['current_background'] = 0;
}


if (!isset($_SESSION['background']) && !isset($_SESSION['monster'])) {
  $_SESSION['background'] = array
  (
    "<img src='sundragon_environments/ocean/ocean1_FRAME.jpg'/>",
    "<img src='sundragon_environments/ocean/ocean1_FRAME2.jpg'/>",
   "<img src='sundragon_environments/ocean/ocean1_FRAME3.jpg'/>",
   "<img src='sundragon_environments/ocean/ocean1_FRAME4.jpg'/>",
   "<img src='sundragon_environments/ocean/ocean1_FRAME5.jpg'/>"
  );
 
   $_SESSION['monster'] = array
  (
    "<img src='sundragon_monsters_source/water/goldfish/goldfish.png'/>",
    "<img src='sundragon_monsters_source/water/eel/eel_transp_FRAME.png '/>",
   "<img src='sundragon_monsters_source/water/shark/shark_transp_FRAME.png'/>",
   "<img src='sundragon_monsters_source/water/octalisk/octalisk_transp_FRAME.png'/>",
   "<img src='sundragon_monsters_source/water/teardrop_ocean_protector/teardrop_ocean_protector.png'/>"
  );
 
 
}
if(!isset($_SESSION['current_background']) && !isset($_SESSION['current_monster']))
{

 
$_SESSION['current_monster']=0;

$_SESSION['current_background'] = 0;
}

if(isset($_POST['further']))
{


$_SESSION['current_monster'] = isset($_SESSION['monster'][$_SESSION['current_monster'] + 1]) ? ($_SESSION['current_monster'] + 1) : 0;
$_SESSION['current_background'] = isset($_SESSION['background'][$_SESSION['current_background'] + 1]) ? ($_SESSION['current_background'] + 1) : 0;
}
elseif(isset($_POST['back']))
{
$_SESSION['current_monster'] = isset($_SESSION['monster'][$_SESSION['current_monster'] - 1]) ? ($_SESSION['current_monster'] - 1) : count($_SESSION['monster'])-1;
$_SESSION['current_background'] = isset($_SESSION['background'][$_SESSION['current_background'] - 1]) ? ($_SESSION['current_background'] - 1) : count($_SESSION['background'])-1;
}

$currentBackground=$_SESSION['background'][$_SESSION['current_background']];
$currentMonster=$_SESSION['monster'][$_SESSION['current_monster']];
and I echo out $currentBackground and $currentMonster in the main game div.

I know this involves MySQL, but it's mostly PHP, so I figured it should go here, forgive me if I posted in the wrong section, though.

Anyway! Let's get down to it. I'd like to combine these two scripts (below). I want the questionnaire script to be a signup requirement in the signup script, and I want it to log the questionnaire into my MySQL database as usual, then prompt the user with a successful sign up.

I'm still really new to PHP and I'm just testing to see if this'll work. How would I go about doing this? Thanks a LOT guys.

Questionnai

<?php
  // Start the session
  require_once('startsession.php');

  // Insert the page header
  $page_title = 'Questionnaire';
  require_once('header.php');

  require_once('appvars.php');
  require_once('connectvars.php');

  // Make sure the user is logged in before going any further.
  if (!isset($_SESSION['user_id'])) 
  {
    echo '<p class="login">Please <a href="login.php">log in</a> to access this page.</p>';
    exit();
  }

  // Show the navigation menu
  require_once('navmenu.php');

  // Connect to the database
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

  // If this user has never answered the questionnaire, insert empty responses into the database
  $query = "SELECT * FROM mismatch_response WHERE user_id = '" . $_SESSION['user_id'] . "'";
  $data = mysqli_query($dbc, $query);
  if (mysqli_num_rows($data) == 0) 
  {
    // First grab the list of topic IDs from the topic table
    $query = "SELECT topic_id FROM mismatch_topic ORDER BY category_id, topic_id";
    $data = mysqli_query($dbc, $query);
    $topicIDs = array();
    while ($row = mysqli_fetch_array($data)) 
{
      array_push($topicIDs, $row['topic_id']);
    }

    // Insert empty response rows into the response table, one per topic
    foreach ($topicIDs as $topic_id) 
{
      $query = "INSERT INTO mismatch_response (user_id, topic_id) VALUES ('" . $_SESSION['user_id']. "', '$topic_id')";
      mysqli_query($dbc, $query);
    }
  }

  // If the questionnaire form has been submitted, write the form responses to the database
  if (isset($_POST['submit'])) 
  {
    // Write the questionnaire response rows to the response table
    foreach ($_POST as $response_id => $response) 
{
      $query = "UPDATE mismatch_response SET response = '$response' WHERE response_id = '$response_id'";
      mysqli_query($dbc, $query);
    }
    echo '<p>Your responses have been saved.</p>';
  }

  // Grab the response data from the database to generate the form
  $query = "SELECT mr.response_id, mr.topic_id, mr.response, " .
    "mt.name AS topic_name, mc.name AS category_name " .
"FROM mismatch_response AS mr " .
"INNER JOIN mismatch_topic AS mt USING (topic_id) " .
"INNER JOIN mismatch_category AS mc USING (category_id) " .
"WHERE mr.user_id = '". $_SESSION['user_id'] . "'";
$data = mysqli_query ($dbc, $query);
$responses = array();
while ($row = mysqli_fetch_array($data)) 
{
  array_push($responses, $row);
}
  
  mysqli_close($dbc);

  // Generate the questionnaire form by looping through the response array
  echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
  echo '<p>How do you feel about each topic?</p>';
  $category = $responses[0]['category_name'];
  echo '<fieldset><legend>' . $responses[0]['category_name'] . '</legend>';
  foreach ($responses as $response) 
  {
    // Only start a new fieldset if the category has changed
    if ($category != $response['category_name']) 
{
      $category = $response['category_name'];
      echo '</fieldset><fieldset><legend>' . $response['category_name'] . '</legend>';
    }

    // Display the topic form field
    echo '<label ' . ($response['response'] == NULL ? 'class="error"' : '') . ' for="' . $response['response_id'] . '">' . $response['topic_name'] . ':</label>';
    echo '<input type="radio" id="' . $response['response_id'] . '" name="' . $response['response_id'] . '" value="1" ' . ($response['response'] == 1 ? 'checked="checked"' : '') . ' />Love ';
    echo '<input type="radio" id="' . $response['response_id'] . '" name="' . $response['response_id'] . '" value="2" ' . ($response['response'] == 2 ? 'checked="checked"' : '') . ' />Hate<br />';
  }
  echo '</fieldset>';
  echo '<input type="submit" value="Save Questionnaire" name="submit" />';
  echo '</form>';

  // Insert the page footer
  require_once('footer.php');
?>



Signup:
<?php
  // Insert the page header
  $page_title = 'Sign Up';
  require_once('header.php');

  require_once('appvars.php');
  require_once('connectvars.php');

  // Connect to the database
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

  if (isset($_POST['submit'])) {
    // Grab the profile data from the POST
    $username = mysqli_real_escape_string($dbc, trim($_POST['username']));
    $password1 = mysqli_real_escape_string($dbc, trim($_POST['password1']));
    $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2']));

    if (!empty($username) && !empty($password1) && !empty($password2) && ($password1 == $password2)) {
      // Make sure someone isn't already registered using this username
      $query = "SELECT * FROM mismatch_user WHERE username = '$username'";
      $data = mysqli_query($dbc, $query);
      if (mysqli_num_rows($data) == 0) {
        // The username is unique, so insert the data into the database
        $query = "INSERT INTO mismatch_user (username, password, join_date) VALUES ('$username', SHA('$password1'), NOW())";
        mysqli_query($dbc, $query);

        // Confirm success with the user
        echo '<p>Your new account has been successfully created. You\'re now ready to <a href="login.php">log in</a>.</p>';

        mysqli_close($dbc);
        exit();
      }
      else {
        // An account already exists for this username, so display an error message
        echo '<p class="error">An account already exists for this username. Please use a different address.</p>';
        $username = "";
      }
    }
    else {
      echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>';
    }
  }

  mysqli_close($dbc);
?>

  <p>Please enter your username and desired password to sign up to Mismatch.</p>
  <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    <fieldset>
      <legend>Registration Info</legend>
      <label for="username">Username:</label>
      <input type="text" id="username" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br />
      <label for="password1">Password:</label>
      <input type="password" id="password1" name="password1" /><br />
      <label for="password2">Password (retype):</label>
      <input type="password" id="password2" name="password2" /><br />
    </fieldset>
    <input type="submit" value="Sign Up" name="submit" />
  </form>

<?php
  // Insert the page footer
  require_once('footer.php');
?>


And here are the pastebins in case you prefer those:

http://pastebin.com/pTXGSMT9 - Questionnaire

http://pastebin.com/28jZhYyY - Signup

Thanks!