|
PHP - Php (possible Xampp Permissions) Error?
Hey, practicing my PHP for the first time, starting with a simple upload script with Xampp.
Script: Code: [Select] $target = '/Uploads'; $uploadedfile = $target . basename($_FILES['file']['name']); if(move_uploaded_file($_FILES['file']['tmp_name'], $target)){ echo "The file ". basename($_FILES['file']['name'])." has been uploaded."; } else { echo 'Failed'; } error_reporting(E_ALL); It echos out a successful, but the file is nowhere? Uploads is inside htdocs. Checked my php.ini file: file_uploads = On upload_tmp_dir = "C:\xampp\tmp" upload_max_filesize = 128M Just wondering if there are any permission i may have missed? Similar TutorialsHi folks, I am a complete n00b at php and mysql. I am teaching myself from books and the WWW, but alas I am stuck... the error I get is: Parse error: syntax error, unexpected T_STRING in X:\xampp\htdocs\search.php on line 7 here is the code: <?php mysql_connect ("localhost", "user", "password") or die (mysql_error()); mysql_select_db ("it_homehelp_test") or die (mysql_error()); $term = $_POST['term']; $sql = $mysql_query(select * from it_homehelp_test where ClientName1 like '%term%'); <<<------this is line 7 while ($row = mysql_fetch_array($sql)){ echo 'Client Name:' .$row['ClientName1']; echo 'Address:' .$row['Address1']; echo 'Phone:' .$row['Tel1']; } ?> Any help you can offer would be great. I can also post the ".html" file that creates the search bar if it is needed. Thanks
Hi im coding a php form using a tutorial im completely new at php need help what am i doing wrong Parse error: syntax error, unexpected T_IF in C:\xampp\htdocs\admin\updates_details.php on line 278 while ($data = mysqli_fetch_array($r, MYSQLI_ASSOC)) { echo '<table width="100%" border="1" cellpadding="5" cellspacing="5"> <tr> <td width="11%"><strong>Download</strong></td> <td width="34%"><strong>Update By: ' . $data['update_by'] . '</strong></td> <td width="48%"><strong>Date Created:</strong> ' . $data['dr'] . '</td> <td width="7%"><a href="delete.php?item=update&id=' . $data['update_id'] . '"><img src="../images/delete-icon.png" width="24" height="24" alt="delete" /></a></td> </tr> <tr> <td colspan="4">File: ' . if($data['file'] == 'Yes'){ $data['file']; } . 'Click Here to Download</td> </tr> <tr> <td colspan="4"><p>' . $data['update_msg'] . '</p></td> </tr> </table>'; } // End of WHILE loop. <?php
class Post{
private $user_obj;
private $con;
public function __construct($con, $user){
$this->con = $con;
$this->user_obj = new User($con,$user);
}
public function submitPost($body,$user_to){
$body = strip_tags($body);////Removing HTML TAGS
$body = mysqli_real_escape_string($this->con,$body);
$check_empty = preg_replace('/\s+/', '', $body);//delte all spaces
if($check_empty != ""){
//Current Date and time
$date_added = date("Y-m-d H:i:s");
//get username
$added_by = $this->user_obj->getUsername();
//if user have not a profile send to the none
if($user_to == $added_by){
$user_to = "none";
}
////insert query
$query = mysqli_query($this->con,"INSERT INTO posts VALUES('','$body','$added_by','$user_to','$date_added','no','no','0')");
$retured_id = mysqli_insert_id($this->con);
//insert notification
//Update post count for user
$num_post = $this->user_obj->getNumPosts();
$num_post++;
$update_query = mysqli_query($this->con,"UPDATE users SET num_post = '$num_post' WHERE username = '$added_by'" );
}
public function loadPostsFriends(){
$str = ""; //string to return
$data = mysqli_query($this->con,"SELECT * FROM posts where deleted = 'no' ORDER by id DESC");
while($row = mysqli_fetch_array($data))
{
$id = $row['id'];
$body = $row['body'];
$added_by = $row['added_by'];
$date_time = $row['date_added'];
/// Creating user post on other user profile
if($row['user_to'] == "none"){
user_to = "";
else {
$user_to_obj = new User($con,$row['user_to']);
$user_to_name = $user_to_obj->getFirstandLastname();
$user_to = "to <a href='" . $row['user_to'] . "'>" .$user_to_name . "</a>";
}
// check if user account was closed
$added_by_obj = new User($this->con,$added_by);
if($added_by_obj ->isClosed()){
continue;
}
$user_details_query = mysqli_query($this->con,"SELECT first_name,last_name,profile_pic FROM users where username = '$added_by'");
$user_row = mysqli_fetch_array($user_details_query);
$first_name = $user_row['first_name'];
$last_name = $user_row['last_name'];
$profile_pic= $user_row['profile_pic'];
///time stamp
$date_time_now = date("Y-m-d H:i:s");
$start_date = new Date_Time($date_time);////Time_of_post
$end_date = new Date_Time($date_time_now);///Current_time
$intervel = $start_date->diff($end_date);
if($intervel->y >< 1 ){
if($intervel ==1 )
$time_message = $intervel->y . " year ago";/// 1 Year Ago
else
$time_message = $intervel->y . " years ago"; //1+ year ago
}
else if($intervel-> m >= 1 ){
if($intervel->d == 0){
$days = " ago";
}
else if($intervel->d == 1){
$days = $intervel->d."day ago";
}
else
{
$days = $intervel->d."day ago";
}
if($intervel->m == 1){
$time_message = $intervel->m." month".$days;
}
else
$time_message = $intervel->m." months".$days;
}
}
else if($intervel->d >= 1){
if($intervel->d == 1){
$days = "Yesterday";
}
else
{
$days = $intervel->d."days ago";
}
}
else if($intervel->h >= 1){
if($intervel->h == 1){
$time_message = $intervel->h." hour ago";
}
else
{
$time_message = $intervel->h." hours ago";
}
}
else if($intervel->i >= 1){
if($intervel->i == 1){
$time_message = $intervel->i." minute ago";
}
else
{
$time_message = $intervel->i." minutes ago";
}
}
else{
if($intervel->s < 30){
$time_message = "Just Now";
}
else
{
$time_message = $intervel->s." seconds ago";
}
}
$str .= "<div class='status_post'>
<div calss='post_profile_pic'>
<img src='$profile_pic' width='50'>
</div>
<div calss='posted_by' style='color#ACACAC;'>
<a href = '$added_by'> $first_name $last_name </a> $user_to ; ; $time_message
</div>
<div id = 'post_body'$body<br></div>
</div>
"
}
echo $str;
}
}
?>
When i run this code this show me the error Parse error: syntax error, unexpected 'public' (T_PUBLIC) in C:\xampp\htdocs\social\Classes\Post.php on line 39 the line 39 is public function loadPostsFriends() I check the code again and again but i cant find the error please help in this error Can someone please give me some guidance on how to deal with the following warning Quote
Warning: move_uploaded_file(../usernet/img/60ff59c9f0a830.45733158.jpg): Failed to open stream: Permission denied in /opt/lampp/htdocs/site/admin/add_post.php on line 23 All directories and files in the path have full owner permissions and I've made myself the owner of them all (I'm on a linux system). I've also done the same with the /tmp folder. I can't even think of anything else to change and haven't found anything online that solves the issue. in case it's needed, the php is as follows: <?php
require("assets/initializations.php");
if(isset($_POST['add_post']) && !empty($_FILES['post_image'])) {
$filename = $_FILES['post_image']['name'];
$file_tmp_name = $_FILES['post_image']['tmp_name'];
$filesize = $_FILES['post_image']['size'];
$file_ext = explode('.', $filename);
$file_act_ext = strtolower(end($file_ext));
$allowed = array('jpeg', 'jpg', 'png', 'gif');
if(!in_array($file_act_ext, $allowed)) {
header("Location: add_post.php?message=file_type_not_allowed");
} else {
if($filesize > 10000000) {
header("Location: add_post.php?message=file_too_large");
} else {
$file_new_name = uniqid('', true) . "." . $file_act_ext;
$dir = "../usernet/img/";
$target_file = $dir . basename($file_new_name);
move_uploaded_file($file_tmp_name, $target_file);
echo "<script>alert('Image uploaded successfully');</script>";
}
}
}
I do get the javascript alert that's it's been successfully uploaded, but the image doesn't make it into the specified directory and I get the warnings at the top. I'm also, probably obviously from the path, using XAMPP server for development. TIA I have a Xampp Timezone Error Error Warning: strtotime() [function.strtotime]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'America/New_York' for '-5.0/no DST' instead in C:\Users\cory j\Desktop\xampp\htdocs\NoXIp\Toplist\inc\vote.php on line 56 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' NOW())' at line 1 Line 56 $diffrence = time() - strtotime($getDate['lastVoteDate']); The Date Function in Php.ini [Date] ; Defines the default timezone used by the date functions ; http://php.net/date.timezone date.timezone = "America/New_York" date.timezone = "America/New_York" ; http://php.net/date.default-latitude ;date.default_latitude = 31.7667 ; http://php.net/date.default-longitude ;date.default_longitude = 35.2333 ; http://php.net/date.sunrise-zenith ;date.sunrise_zenith = 90.583333 ; http://php.net/date.sunset-zenith ;date.sunset_zenith = 90.583333 This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=312186.0 I am working from my home computer using windows 8.1. I downloaded Xampp, installed notepad++ and created a simple echo statement using PHP. I then placed the statment into the htdocs file. Then I went to my browser and entered the path as localhost:81/invoice.php (I used 81 because 80 is used for another application). I also changed all of the locations where it defaulted to 80 (using the find function, so I know I covered them all). I still recieved this message below. I know they are seeing each other for two reasons.. 1. I get another error message when I make up a fake file path in localhost folder. 2. The error is a 404. Also, I can see Xampp dashboard at localhost:81/xampp. I am stumped. Could it be my security settings or the fact that I am on a home server? Also, could it be problem with having mysql and microsoft sql server 2008 R2 on the same machine? Any help would be awesome. Also, yes my Xampp is started up (Apache and Mysql). Thanks.
Object not found!
The requested URL was not found on this server. If you entered the URL manually please check your spelling and try again.
If you think this is a server error, please contact the webmaster.
Error 404 localhost Apache/2.4.10 (Win32) OpenSSL/1.0.1i PHP/5.6.3 Edited by Butterbean, 18 December 2014 - 11:16 PM. Hi Guys.
Doing an assignment for uni, and stuck on an error. Ill attach some files to show the problem and any help very much appreciated.
Error and the screen it comes on
Code
<?php $select = mysqli_query($con, "SELECT * FROM categories");
while ($row = mysqli_fetch_assoc($select)) { }
function dispsubcategories($parent_id) {
}
function getnumtopics($cat_id, $subcat_id) {
and the structure of the database
Edited March 28, 2020 by Ben555 I'm doing a flash app where i save webcam images to a folder on the server. I'm able to make this work when running of xampp on my machine, I create the required folder structure and I'm able to read from that folder and display the images, however once i move the stuff onto a live server, it fails to create the folders and it seems to be a permission problem. Is it server specific? i've tried chmod etc but I don't think i'm doing it right. any help, pointers for a non php developer would be most helpful. here's my code snippet <?php //This project is done by vamapaull: http://blog.vamapaull.com/ //The php code is done with some help from Mihai Bojin: http://www.mihaibojin.com/ $uid = $_GET[uid]; $structure = './images/' . date("Ymd") .'/' . $uid. '/'; // To create the nested structure, the $recursive parameter // to mkdir() must be specified. if(is_dir($structure)) { echo "Exists!"; } else { echo "Doesn't exist" ; if (!mkdir($structure,'0777', true) ) { die('Failed to create folders...'); } } if(isset($GLOBALS["HTTP_RAW_POST_DATA"])){ $jpg = $GLOBALS["HTTP_RAW_POST_DATA"]; $img = $_GET["img"]; $filename = 'images/' . date("Ymd"). "/" .$uid. "/img_". mktime(). ".jpg"; file_put_contents($filename, $jpg); } else{ echo "Encoded JPEG information not received."; } ?> Hey guys i have a script that i made with multiple permissions.. i need to add in the pages restitutions for diffrent levels.. so i got the level $query = "SELECT * FROM users WHERE `username`='$username_from_cookie'"; $numresults=mysql_query($query); $numrows=mysql_num_rows($numresults); // get results $result = mysql_query($query) or die("Couldn't execute query"); // now you can display the results returned while ($row10= mysql_fetch_array($result)) { $permissions= $row10["permissions"]; echo '$permissions'; } Now to restick im ok with like to but more then that i get confused.. this shows navigation on levels of permissions.. if ($row10['permissions'] == 2) { print "<a href=\"U.php\"><img src=\"./Icons/Users.png\" title=\"Prof\" /></a>"; } else { print "<img src=\"./Icons/Users_o.png\"/>"; } 2 levels if ($row10['permissions'] == 5) { print "<a href=\"Prof_1.php\"><img src=\"./Icons/sec.png\" title=\"Enseignant(e)\"/></a>"; } elseif ($row10['permissions'] == 2) { print "<a href=\"Prof_1.php\"><img src=\"./Icons/sec.png\" title=\"Enseignant(e)\"/></a>"; } else { print "<img src=\"./Icons/sec_o.png\" title=\"Enseignant(e)\"/>"; } ok so instead of have 10 lines of codes can i $row10['permissions'] == 5&2&3 ??? and can i do if not permissions ==5 redirect to loggin.. thanks Dear Coder Bro, I made a simple php script which copy some files to the server directory through a php loop. It means it will copy some 1000+ files via loop & store into a directory. The script worked fine before some 2 - 3days, Suddenly i saw that script is executing but no files copied to the server's directory. I checked the directory permission & it was 755. I changed the permission to 777 and run the script once again and it worked success... But the problem is the directory permission automatically changes to the old 755. I don't know how it happen. I need to change the directory permission to 777 when i begin to run the script. My Question is. 1.) Why did the directory permission automatically changes to 755. ? 2.) How to solve this problem to avoid the every time directory permission changing behavior ? I Hope expert coder guys will respond soon...! So here is a concept of a permission system that I haven't really seen any where else. Now usually conventional permissions are usually stored in columns whilst the record specifies a bit which is then used to determine if the record has access to that permission.
Below is my concept of how permissions should be done, I'm looking for someone who can help me create the system in a way which would be easily implementable by other applications such as MyBB. In my case I have multiple game servers, and most of my players have accounts created on my forums which are powered by MyBB, I'm currently in the process of integrating their MyBB accounts across all my related game servers, but one thing I've noticed is that I have multiple permission systems created for all of my servers so right now I'm also trying to integrate all of them into one system so please try and understand that I designed this system in a way that could be used by multiple applications.
Any constructive criticism is accepted.
So the idea is that you have 1 table, I'll just list it here to make it easier to follow: - uniperms_nodes Now the uniperms_nodes table will contain the following columns:
- key (Int, Not Null, Primary Key, Auto Increment)
- type (Enum('USER', 'GROUP'), Not Null)
- id (Int, Not Null)
- permission (Varchar(255), Not Null)
- description (Text)
Now here is how it works,a record is inserted into the uniperms_nodes table containing the necessary information. Here is an example:
INSERT INTO `uniperms_nodes` (`type`, `id`, `permission`, `description`)
VALUES ('GROUP', '1', 'my.test.node', 'A simple permission');
With this information inserted, I can simply use the following query in order to get all of the permissions related to the GROUP with the ID of 1. SELECT `permission` FROM `uniperms_nodes` WHERE type='GROUP' AND id=1;With this array of permission nodes I can simply just check if the array has 'my.test.node', if the array contains 'my.test.node' then that means that the group I queried has access to that permission. Now the reason I have the types USER and GROUP is because maybe you would like to give permissions to individual users, but maybe you wouldn't necessarily want to create a new group. I'm currently looking for someone to help me create a lovely interface for this system, so that it's easier for the user to modify a group/user's permissions. If you're interested feel free to message me here on the forums or via email. kieron.wiltshire@outlook.com Edited by KieronWiltshire, 19 November 2014 - 11:15 AM. Wasn't sure exactly where to post this at but here is my issue. I have a directory setup where multiple developers work on a project and they all have "group" access to the folder and files(read, write, execute) so the permissions on the php files need to be 775 so they can upload and overwrite the files via FTP. The problem is that PHP files will not work with permissions of 775 and throw a internal server error unless I change it to something lower. Is there a way to overcome this for these files? Hello needed for permissions well dont know even how to ask . im building simple betting and im want to add message if user has submitted bet but problem im got is once user submit all other bets comes with message how to make it work separate for every single row Here is my code Code: [Select] $statom = $TSUE['TSUE_Database']->query("SELECT count(*), b.betid, a.betid, a.memberid, a.chosen_team FROM rasta_betters a, rasta_betting b WHERE memberid = ".$TSUE['TSUE_Member']->info["memberid"]." AND b.betid = a.betid "); $arr = mysqli_fetch_array($statom); if ($arr[0] > 0) { $forma = '<div class="success">You have placed bet here</div>'; } else{ $team1 = $row['team1']; $team2 = $row['team2']; $pisk = '<input type="checkbox" name="komanda" value="'.$team1.'" />'; $pisk2 = '<input type="checkbox" name="komanda" value="'.$team2.'" />'; $komanda = ''; $komanda = $team1.$pisk; $komanda2 = ''; $komanda2 = $team2.$pisk2; $forma = 'This bet end on:'. date('Y-m-d H:i:s',$row['finish']).''; eval("\$betting_form = \"".$TSUE['TSUE_Template']->LoadTemplate('betting_form')."\";"); $forma .= $betting_form; } $TSUE['TSUE_Member']->info["memberid"] that is actual user id gets id auto Hi I've got a file upload script i've written and I have set the folder to 777 to allow uploads With the permission set to 777 does this open me up to potential uploads from 3rd parties? (ie: viruses etc)? So I thought what I would do is 1: Set folder to 777 to allow uploads 2: Upload file 3: Set folder to 755 to disable uploads Would this be the best method to do it? Or is that a waste of time and am I safe just leaving it as 777 Thanks Hi, I've written the function below to check the permissions of a user based on the table structure of....
staff
staff_roles_id (foreign)
staff_roles
id
roleName
staff_roles_permissions
staff_roles_id (foreign)
staff_permissions_id (foreign)
staff_permissions
id
permissionName
function checkPerm($permission){
global $db;
$user = $_SESSION['userid'];
if(!$stmt = $db->prepare("SELECT * FROM staff LEFT JOIN staff_roles ON staff.staff_roles_id = staff_roles.id LEFT JOIN staff_role_permissions ON staff_roles.id = staff_role_permissions.staff_roles_id LEFT JOIN staff_permissions ON staff_role_permissions.staff_permissions_id = staff_permissions.id WHERE staff.id = ? AND staff_permissions.permissionsName = ?")){
echo $db->error;
exit;
}
$stmt->bind_param('is',$user,$permission);
if(!$stmt->execute()){
echo $db->error();
exit;
};
$stmt->store_result();
$authenticate = $stmt->num_rows;
$stmt->close();
return $authenticate;
}
So for example if I then had the permission of 'adminAccess', I would use the code below to check access, referring to the 'staff_permissions' table
if(checkPerm('adminAccess')){
echo 'you are authorised';
exit;
}
else
{
echo 'you are not authorised';
exit;
}
This works, but Is this the correct way to be going about access for group based permissions or am I missing a glaring security vulnerability here?
If this is suitable then I intend to turn it into a class, and add checkRole() which would just check the user against the 'staff_roles' table. This would then be called by $security->checkRole('example');
$security->checkPermission('example'). Would that be a good idea?
Any advice would be great - I'm not great with functions (and just starting to learn classes!)
Cheers.
I am developing a system that with have 4 different levels of permissions. My question is this. From a structure standpoint, some systems will have the administrators area in one file and the users admin area in another file. Others will have a level of permission with all the different levels of administrative tasks, menus, etc, coming from the database. Is one of these better than the other or does it matter. From a coding standpoint it would be much easier to just have permissions and allow access to user menus and admin pages accordingly. Thanks in advance. This topic has been moved to Other Libraries and Frameworks. http://www.phpfreaks.com/forums/index.php?topic=357211.0 |
|||||||