|
PHP - How Do I Get Violation Report (json Data) For Content Security Policy Using Php?
I implemented the Content-Security-Policy (CSP). I also included the report-uri so it sends a POST request to myserver.com/csp-report.php
test.php
<?php
header("Content-Security-Policy: default-src 'self'; report-uri http://127.0.0.1/csp-report.php");
?>
I attempted to run these two inline scripts in my test.php file.
<img src="http://evil.example.com/image.png">
<script>alert('XSS');</script>
nothing is saved in the report-uri file! However, using Firebug, the policy is working as it should.
Kindly advise if I have the report-uri synthax wrongly.
Thank you
Edited by terungwa, 20 October 2014 - 09:06 AM. Similar TutorialsI need to email this report but I don't know where to start
I have included the report code.
<html>
<head>
<title>Customer Load Report</title>
</head>
<body>
<h1>Customer Load Report</h1>
<?php
$custid=$_POST["Cust_ID"];
$connect =odbc_connect("removed");
if(!$connect) {
exit("Connection Failed: " . $connect);
}
$sql="SELECT m1_DC.dbo.organizationlocations.cmlName
,m1_DC.dbo.SalesOrders.OMPSHIPPINGMETHODID
,m1_DC.dbo.SalesOrders.UOMPTRUCKNUMBER
,m1_DC.dbo.SalesOrders.ompCustomerPO
,m1_DC.dbo.SalesOrders.UOMPTOTALBOXCOUNT
,m1_DC.dbo.SalesOrders.UOMPVOLUMETOTAL
,m1_DC.dbo.organizationlocations.CMLADDRESSLINE1
,m1_DC.dbo.organizationlocations.CMLADDRESSLINE2
,m1_DC.dbo.organizationlocations.CMLCITY
,m1_DC.dbo.organizationlocations.CMLSTATE
,m1_DC.dbo.organizationlocations.CMLPOSTCODE
,m1_DC.dbo.SalesOrders.OMPREQUESTEDSHIPDATE
,m1_DC.dbo.SalesOrders.ompSalesOrderID
,convert(varchar(10),m1_DC.dbo.SalesOrders.ompRequestedShipDate,110) as ShipDate
FROM m1_DC.dbo.SalesOrders
LEFT OUTER JOIN m1_DC.dbo.organizationlocations ON ompshiporganizationid = cmlorganizationid
AND ompshiplocationid = cmllocationid
WHERE
m1_DC.dbo.SalesOrders.ompCustomerOrganizationID='$custid' and (ompOrderDate>=CONVERT(VARCHAR(10),DATEADD(day, -7, getdate()),110) or
convert(varchar(10),m1_DC.dbo.SalesOrders.ompRequestedShipDate,110) >=getdate())";
$result =odbc_exec($connect,$sql);
if(!$result){
exit("Error in SQL");
}
$data= '';
while (odbc_fetch_row($result)) {
$cmlName=odbc_result($result,"cmlName");
$ompCustomerPO=odbc_result($result,"ompCustomerPO");
$UOMPTOTALBOXCOUNT=odbc_result($result,"UOMPTOTALBOXCOUNT");
$UOMPVOLUMETOTAL=odbc_result($result,"UOMPVOLUMETOTAL");
$CMLADDRESSLINE1=odbc_result($result,"CMLADDRESSLINE1");
$CMLADDRESSLINE2=odbc_result($result,"CMLADDRESSLINE2");
$CMLCITY=odbc_result($result,"CMLCITY");
$CMLSTATE=odbc_result($result,"CMLSTATE");
$CMLPOSTCODE=odbc_result($result,"CMLPOSTCODE");
$ompSalesOrderID=odbc_result($result,"ompSalesOrderID");
$ompRequestedShipDate=odbc_result($result,"ShipDate");
$data .= "<td style='text-align:left' > $ompCustomerPO</td>";
$data .= "<td style='text-align:left'> $UOMPTOTALBOXCOUNT</td>";
$data .= "<td style='text-align:left'> $UOMPVOLUMETOTAL</td>";
$data .= "<td style='text-align:left'> $CMLADDRESSLINE1</td>";
$data .= "<td style='text-align:left'> $CMLADDRESSLINE2</td>";
$data .= "<td style='text-align:left'> $CMLCITY</td>";
$data .= "<td style='text-align:left'> $CMLSTATE</td>";
$data .= "<td style='text-align:left'> $CMLPOSTCODE</td>";
$data .= "<td style='text-align:left'> $ompSalesOrderID</td>";
$data .= "<td style='text-align:left'> $ompRequestedShipDate</td></tr>";
}
echo "<table><tr>";
echo "<th>PO</th>";
echo "<th>Box_count</th>";
echo "<th>Cubes</th>";
echo "<th>ADDRESSLINE</th>";
echo "<th>ADDRESS2</th>";
echo "<th>CITY</th>";
echo "<th>STATE</th>";
echo "<th>ZIP</th>";
echo "<th>Order_ID</th>";
echo "<th>Ship Date</th></tr>";
echo $data;
odbc_close($connect);
?>
</body>
</html>
Hi, Anybody can help me to extract data from son using php
{"location":{"woeid":2293962,"city":"Kasaragod","region":" KL","country":"India","lat":12.5174,"long":74.990662,"timezone_id":"Asia/Kolkata"},"current_observation":{"wind":{"chill":80,"direction":338,"speed":11.81},"atmosphere":{"humidity":70,"visibility":10.0,"pressure":29.8,"rising":0},"astronomy":{"sunrise":"6:54 am","sunset":"6:35 pm"},"condition":{"text":"Clear","code":31,"temperature":80},"pubDate":1549638000},"forecasts":[{"day":"Fri","date":1549564200,"low":76,"high":85,"text":"Sunny","code":32},{"day":"Sat","date":1549650600,"low":76,"high":85,"text":"Sunny","code":32},{"day":"Sun","date":1549737000,"low":75,"high":85,"text":"Sunny","code":32},{"day":"Mon","date":1549823400,"low":76,"high":87,"text":"Mostly Sunny","code":34},{"day":"Tue","date":1549909800,"low":76,"high":89,"text":"Sunny","code":32},{"day":"Wed","date":1549996200,"low":77,"high":88,"text":"Partly Cloudy","code":30},{"day":"Thu","date":1550082600,"low":76,"high":89,"text":"Mostly Sunny","code":34},{"day":"Fri","date":1550169000,"low":76,"high":86,"text":"Sunny","code":32},{"day":"Sat","date":1550255400,"low":76,"high":85,"text":"Sunny","code":32},{"day":"Sun","date":1550341800,"low":74,"high":85,"text":"Sunny","code":32}]}
How to extract data of "current_observation"
Thanks I am also trying to extract the "address_components" from the JSON data, but the array index changes if you do not submit an address line for example. I am trying to get the "sublocality" and "administrative_area_level_1" from the "address_components" below. The API sample is as follows:
{
"results" : [
{
"access_points" : [],
"address_components" : [
{
"long_name" : "10",
"short_name" : "10",
"types" : [ "street_number" ]
},
{
"long_name" : "Gillespie Street",
"short_name" : "Gillespie St",
"types" : [ "route" ]
},
{
"long_name" : "South Beach",
"short_name" : "South Beach",
"types" : [ "political", "sublocality", "sublocality_level_1" ]
},
{
"long_name" : "Durban",
"short_name" : "Durban",
"types" : [ "locality", "political" ]
},
{
"long_name" : "Durban Metro",
"short_name" : "Durban Metro",
"types" : [ "administrative_area_level_2", "political" ]
},
{
"long_name" : "KwaZulu-Natal",
"short_name" : "KZN",
"types" : [ "administrative_area_level_1", "political" ]
},
{
"long_name" : "South Africa",
"short_name" : "ZA",
"types" : [ "country", "political" ]
},
{
"long_name" : "4001",
"short_name" : "4001",
"types" : [ "postal_code" ]
}
],
"formatted_address" : "10 Gillespie St, South Beach, Durban, 4001, South Africa",
"geometry" : {
"location" : {
"lat" : -29.859728,
"lng" : 31.039773
},
"location_type" : "ROOFTOP",
"viewport" : {
"northeast" : {
"lat" : -29.8583790197085,
"lng" : 31.0411219802915
},
"southwest" : {
"lat" : -29.8610769802915,
"lng" : 31.0384240197085
}
}
},
"place_id" : "ChIJGRCdW0mo9x4RcIwU_7S1xa8",
"plus_code" : {
"compound_code" : "42RQ+4W Durban, South Africa",
"global_code" : "5G2H42RQ+4W"
},
"types" : [ "street_address" ]
}
],
"status" : "OK"
}
If you submit a full address to the API, you can use the hard coded index like below: [7] $json_a['results'][0]['address_components'][7]['long_name'] But it is not reliable to hard code the index [7] in this case. So I tested some sample code from above post, it is working, but in some cases it does not return the "long_name" of the "sublocality" or "administrative_admin_level_1":
/* if no address, then the array index change */
// $json_a['results'][0]['address_components'][7]['long_name']
$area = array();
foreach ($json_a['results'][0]['address_components'] as $addrObj) {
foreach($addrObj['types'] as $type) {
if (substr_count($type, 'sublocality')>0) {
$area['short_name'] = $addrObj['short_name'];
$area['long_name'] = $addObj['long_name'];
// var_dump($addrObj);
}
if (substr_count($type, 'administrative_area_level_1')>0) {
$area['short_admin'] = $addrObj['short_name'];
$area['long_admin'] = $addObj['long_name'];
var_dump($addrObj);
}
}
}
In the var_dump() I do get the long_name value though: In this sample it must be "Kwazulu-Natal", but from the code above, it returns a NULL value.
array(3) { ["long_name"]=> string(13) "KwaZulu-Natal" ["short_name"]=> string(3) "KZN" ["types"]=> array(2) { [0]=> string(27) "administrative_area_level_1" [1]=> string(9) "political" } }
Below is the full script I am trying to get to work. The lon, lng and format name is working 100%, it is just this array index problem.
/* get google result in JSON*/
$googleString = file_get_contents($googleUrl); // get json content
$json_a = json_decode($googleString, true); //json decoder
// response status will be 'OK', if able to geocode given address
if($json_a['status']=='OK'){
// get the important data
$lati = isset($json_a['results'][0]['geometry']['location']['lat']) ? $json_a['results'][0]['geometry']['location']['lat'] : "";
$longi = isset($json_a['results'][0]['geometry']['location']['lng']) ? $json_a['results'][0]['geometry']['location']['lng'] : "";
$formatted_address = isset($json_a['results'][0]['formatted_address']) ? $json_a['results'][0]['formatted_address'] : "";
/* if no address, then the array index change */
// $json_a['results'][0]['address_components'][7]['long_name']
$area = array();
foreach ($json_a['results'][0]['address_components'] as $addrObj) {
foreach($addrObj['types'] as $type) {
if (substr_count($type, 'sublocality')>0) {
$area['short_name'] = $addrObj['short_name'];
$area['long_name'] = $addObj['long_name'];
// var_dump($addrObj);
}
if (substr_count($type, 'administrative_area_level_1')>0) {
$area['short_admin'] = $addrObj['short_name'];
$area['long_admin'] = $addObj['long_name'];
var_dump($addrObj);
}
}
}
Is there a better way to get the "sublocality" and "administrative_area_level_1" from the array $area array above. Any pointers will be much appreciated. Hi- I have to post to a URL, grab one field our of the JSON output/response and format nicely to the user. I've tried a few things with some help but none seem to be working. So any help or direction would be greatly appreciate it!! Attempt 1 (works but not formatted nicely) if I post using the browser, it works. the data is sent to the URL (web service) and I can see in the web service logs that the entry has been recorded. the problem is that since i have the URL in "action", i'm taken to that page and the user gets to see the JSON output Code: [Select] //here's the HTML form in offer.php <form action="http://somewebservice.com/<?php echo $PrizeID;?>" method="post" name="myform"> <input name="account" id="account" type="hidden" value="<?php echo $account;?>"/> <input name="dob" id="dob" type="hidden" value="<?php echo $dob;?>"/> <input name="site" id="site" type="hidden" value="<?php echo $site;?>"/> <input id="submit" type="submit" value="submit"/> </form> //here's the output (JSON) after clicking submit {"Prize":"XXXXXX","ConfirmationCode":"######","Error":false,"ErrorMsg":null} Attempt 2 (doens't work) i tried using php but after submit, the page refreshes and no entry is recorded in the web service log Code: [Select] //here's the HTML form in offer.php <form name="myform"> <input name="account" id="account" type="hidden" value="<?php echo $account;?>"/> <input name="dob" id="dob" type="hidden" value="<?php echo $dob;?>"/> <input name="site" id="site" type="hidden" value="<?php echo $site;?>"/> <input id="submit" type="submit" value="submit"/> //here's the php in offer.php <?php if(isset($_POST['submit'])){ $options = array( 'http'=>array( 'method'=>"POST", 'content'=>http_build_query(array( 'account' => $account, 'dob' => $dob, 'site' => $site )) )); $context = stream_context_create($options); $result = file_get_contents("http://somewebservice.com/{$PrizeID}",NULL,$context); var_dump($result); } ?> Last attempt (doesn't work) i tried using php & curl so that i can process in the back and show only the ConfirmationCode to the user in a nice format but it doesn't work. after submit, i'm taken to process.php where i see nothing and no entry is recorded in the web service log Code: [Select] //here's the HTML form in offer.php <form action="process.php" method="post" name="myform"> <input name="account" id="account" type="hidden" value="<?php echo $account;?>"/> <input name="dob" id="dob" type="hidden" value="<?php echo $dob;?>"/> <input name="site" id="site" type="hidden" value="<?php echo $site;?>"/> <input id="submit" type="submit" value="submit"/> </form> //here's the PHP in process.php <?php $postvars=file_get_contents("php://input"); $curl=curl_init("http://somewebservice.com/{$PrizeID}"); curl_setopt($curl,CURLOPT_POSTFIELDS,$postvars); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $result=curl_exec($curl); $decodedresult=json_decode($result,true); ?> i haven't gotten to the point where i grab the ConfirmationCode I want because i want to get this fixed first and also because i can't get that to work but will focus on that once i fix this. Thanks. So when I load my paginator it returns No Results Found. 1) My query is only returning 1 array entry, should be hundreds, maybe I'm not builing it correctly, 2) There is at least 1 array set but its still saying data not found. Heres the template array: Code: [Select] array('id'=>'0', 'name'=>'xmlqoyzgmykrphvyiz', 'date'=>'13-Sep-2002', 'price'=>'8370', 'number'=>'8056', 'address'=>'qdfbc', 'company'=>'taufrid', 'desc'=>'pppzhfhcdqcvbirw', 'age'=>'5512', 'title'=>'zticbcd', 'phone'=>'hvdkltabshgakjqmfrvxo', 'email'=>'eodnqepua', 'zip'=>'eodnqepua', 'country'=>'pdibxicpqipbsgnxyjumsza'), array('id'=>'1', 'name'=>'rbdmbabficcre', 'date'=>'10-Sep-2004', 'price'=>'3075', 'number'=>'3627', 'address'=>'oxcm', 'company'=>'xyzwzv', 'desc'=>'rwndyoedxh', 'age'=>'2134', 'title'=>'lxxyfgdtdffjce', 'phone'=>'zeejvbwy', 'email'=>'ldcikhxwfuulaxeedkogpxftb', 'zip'=>'ldcikhxwfuulaxeedkogpxftb', 'country'=>'pcmobxrdfclcyrx'), array('id'=>'2', 'name'=>'yr', 'date'=>'04-Mar-2007', 'price'=>'7129', 'number'=>'6614', 'address'=>'i', 'company'=>'gcpvrshftfxxlz', 'desc'=>'nyalrdjjl', 'age'=>'4728', 'title'=>'ddfl', 'phone'=>'mnhifzqltvirgiaug', 'email'=>'f', 'zip'=>'f', 'country'=>'epipbmtfsfxetenyedjxzsog'), etc Here is my arry: Code: [Select] $echoarray = array(); $resultsql = mysql_query("SELECT * FROM clients")or die(mysql_error()); while($row = mysql_fetch_array($resultsql)){ $echoarray['id'] = $row['ID']; $echoarray['name'] = $row['First_Name'] . " " . $row['Last_Name']; $echoarray['price'] = $row['Status']; $echoarray['number'] = $row['Sex']; $echoarray['address'] = $row['Phys_Street']; $echoarray['company'] = $row['Agency']; $echoarray['desc'] = $row['Notes']; $echoarray['age'] = $row['Date_Birth']; $echoarray['title'] = $row['Occupation']; $echoarray['phone'] = $row['Phone']; $echoarray['email'] = $row['Email']; $echoarray['zip'] = $row['Phys_Zip']; $echoarray['country'] = $row['Phys_City']; } Here is the template return: Code: [Select] function initArray() { return array( array('id'=>'0', 'name'=>'xmlqoyzgmykrphvyiz', 'date'=>'13-Sep-2002', 'price'=>'8370', 'number'=>'8056', 'address'=>'qdfbc', 'company'=>'taufrid', 'desc'=>'pppzhfhcdqcvbirw', 'age'=>'5512', 'title'=>'zticbcd', 'phone'=>'hvdkltabshgakjqmfrvxo', 'email'=>'eodnqepua', 'zip'=>'eodnqepua', 'country'=>'pdibxicpqipbsgnxyjumsza'), array('id'=>'1', 'name'=>'rbdmbabficcre', 'date'=>'10-Sep-2004', 'price'=>'3075', 'number'=>'3627', 'address'=>'oxcm', 'company'=>'xyzwzv', 'desc'=>'rwndyoedxh', 'age'=>'2134', 'title'=>'lxxyfgdtdffjce', 'phone'=>'zeejvbwy', 'email'=>'ldcikhxwfuulaxeedkogpxftb', 'zip'=>'ldcikhxwfuulaxeedkogpxftb', 'country'=>'pcmobxrdfclcyrx'), array('id'=>'2', 'name'=>'yr', 'date'=>'04-Mar-2007', 'price'=>'7129', 'number'=>'6614', 'address'=>'i', 'company'=>'gcpvrshftfxxlz', 'desc'=>'nyalrdjjl', 'age'=>'4728', 'title'=>'ddfl', 'phone'=>'mnhifzqltvirgiaug', 'email'=>'f', 'zip'=>'f', 'country'=>'epipbmtfsfxetenyedjxzsog'), array('id'=>'3', 'name'=>'bhqggvwolybfdtk', 'date'=>'26-Dec-2000', 'price'=>'1867', 'number'=>'4288', 'address'=>'jo', 'company'=>'goevufkvmbct', 'desc'=>'zhixinabyazbfleozrvovr', 'age'=>'3423', 'title'=>'b', 'phone'=>'odhh', 'email'=>'g', 'zip'=>'g', 'country'=>'idxvdztezvkkaz')); } And Mine: Code: [Select] function initArray() { return $echoarray; } Where am I going wrong here? Hi, I have a problem with some code not working. I need it to get the data from a mysql database and then export it as a json array in the format of id , title, author, date, imageUrl, text. (Please not that these are all variables ) PHP CODE: Code: [Select] <?php $link = mysql_connect('localhost', 'root', ''); if (!$link) { die('Could not connect: ' . mysql_error()); } echo 'Connected successfully'; $arr = array(); $rs = ("SELECT `id`, `title`, `author`, `date`, `imageUrl`, `text` FROM `items`"); while($obj = mysql_query($rs)) { $arr[0] = $obj->id; $arr[1] = $obj->title; $arr[2] = $obj->author; $arr[3] = $obj->date; $arr[4] = $obj->imageUrl; $arr[5] = $obj->text; } echo '{"items":'.json_encode($arr).'}'; ?> Thanks For Your Help borden0108 <?php
ini_set('display_errors', 0);
function escapeArray($array)
{
foreach ($array as $key => $val)
{
if(is_array($val)){
$array[$key]=escapeArray($val);
}
else{
$array[$key]=addslashes($val);
}
}
return $array;
}
$request_type=$_SERVER['REQUEST_METHOD'];
$api_key=$_SERVER['HTTP_X_API_KEY'];
$res=array();
if($api_key!=="643256432"){
$res['msg']="Failu Invalid API KEY";
echo json_encode($res);
die;
}
// Connects to the orcl service (i.e. database) on the "localhost" machine
//$conn = oci_connect('SCOTT', 'admin123', 'localhost/orcl');
$conn = oci_connect('test', 'test', '192.168.10.43/test.test.com');
if (!$conn) {
$e = oci_error();
trigger_error(htmlentities($e['message'], ENT_QUOTES), E_USER_ERROR);
}
$request=file_get_contents("php://input");
$request=escapeArray(json_decode($request,true));
print_r($request);
// die;
if($request_type=="POST"){//for creation of invoice
echo $CONTACT_ID=isset($request['CONTACT_ID'])?$request['CONTACT_ID']:"";
$INV_SERIAL_NO=isset($request['INV_SERIAL_NO'])?$request['INV_SERIAL_NO']:"";
$NAME=isset($request['NAME'])?$request['NAME']:"";
$INV_DATE=isset($request['INV_DATE'])?$request['INV_DATE']:"";
$DUE_DATE=isset($request['DUE_DATE'])?$request['DUE_DATE']:"";
$CURRENCY=isset($request['CURRENCY'])?$request['CURRENCY']:"";
$SUBTOTAL=isset($request['SUBTOTAL'])?$request['SUBTOTAL']:"";
$TAX_TOTAL=isset($request['TAX_TOTAL'])?$request['TAX_TOTAL']:"";
echo $SHIP_SERIAL_NO=isset($request['SHIP_SERIAL_NO'])?$request['SHIP_SERIAL_NO']:"";
$MASTER_NO=isset($request['MASTER_NO'])?$request['MASTER_NO']:"";
$HOUSE_NO=isset($request['HOUSE_NO'])?$request['HOUSE_NO']:"";
$shipment_data=isset($request['shipment_data'])?$request['shipment_data']:"";
if($CONTACT_ID==""){
$res['msg']="CONTACT_ID is required";
}
else if($INV_SERIAL_NO==""){
$res['msg']="INV_SERIAL_NO is required";
}
else if($NAME==""){
$res['msg']="NAME is required";
}
else if($INV_DATE==""){
$res['msg']="INV_DATE is required";
}
else if($DUE_DATE==""){
$res['msg']="DUE_DATE is required";
}
else if($CURRENCY==""){
$res['msg']="CURRENCY is required";
}
else if($SUBTOTAL==""){
$res['msg']="SUBTOTAL is required";
}
else if($TAX_TOTAL==""){
$res['msg']="TAX_TOTAL is required";
}
else if($MASTER_NO==""){
$res['msg']="MASTER_NO is required";
}
else if($HOUSE_NO==""){
$res['msg']="HOUSE_NO is required";
}
else if($SHIP_SERIAL_NO==""){
$res['msg']="SHIP_SERIAL_NO is required";
}
else{
$stid = oci_parse($conn, "Select * from FL_HDR_INVOICE where CONTACT_ID='$CONTACT_ID'");
(oci_execute($stid));
oci_fetch_all($stid, $out);
if(count($out['CONTACT_ID'])==0){
$stid = oci_parse($conn, "Insert into FL_HDR_INVOICE (CONTACT_ID,INV_SERIAL_NO,NAME,INV_DATE,DUE_DATE,CURRENCY,SUBTOTAL,TAX_TOTAL) Values ('$CONTACT_ID','$INV_SERIAL_NO','$NAME',TO_DATE('$INV_DATE','YYYY-MM-DD'),TO_DATE('$DUE_DATE','YYYY-MM-DD'),'$CURRENCY','$SUBTOTAL','$TAX_TOTAL')");
oci_execute($stid);
$stid_2 = oci_parse($conn, "Insert into FL_SHIPMENT_DATA (CONTACT_ID,INV_SERIAL_NO,SHIP_SERIAL_NO,MASTER_NO,HOUSE_NO) Values ('$CONTACT_ID','$INV_SERIAL_NO','$SHIP_SERIAL_NO','$MASTER_NO','$HOUSE_NO')");
oci_execute($stid_2);
if(oci_num_rows($stid)>0){
$res['msg']="Invoice created successfully against this contact_id:".$CONTACT_ID;
}
else{
$res['msg']="Something going wrong please try again later";
}
}
else{
$res['msg']="contact_id must be unique";
}
}
echo json_encode($res);
die;
}
I need to read json data inside an array. Please help correct my code.. i am trying to do an API. I want to print data from response json? I was debug with firebug and show this :
{"umumu":"","levelu":1,"nameu":""}
How to echo data array just levelu. But i don't know how to make it?
thanks
I am retrieving Google Books info in JSON format and displaying it inside a div. I would like to send the contents of this div (name, title, description) to my database using Ajax.
Currently only the ISBN field sends because I have it declared as a variable. However my question is, how do I send the other fields (name, title, author). How do I declare these also, I'm not sure what format they need to be in etc.
My JS
$(document).ready(function() {
$('#submit').click(function(ev) {
ev.preventDefault();
var isbn = $('#isbn_search').val(); //get isbn direct from input
var url='https://www.googleapis.com/books/v1/volumes?q='+isbn;
$.getJSON(url,function(data){
$.each(data.items, function(entryIndex, entry){
var html = '<div class="results well">';
html += '<h3>' + entry.volumeInfo.title + '</h3>';
html += '<div class="author">' + entry.volumeInfo.authors + '</div>';
html += '<div class="description">' + entry.volumeInfo.description + '</div>';
});
});
});
});
My Ajax;
$.ajax({
type: 'POST',
url: 'addIsbnScript.php',
data: {
'isbn' : isbn,
'title' : title
'subtitle' : subtitle,
'authors' : authors,
'description' : description
},
success: function () {
$.growl({
message: " Record added"
});
}
});
Note, if i manually set the vars like below they all do successfully send to my database, so I know my query is working ok
var title = "some text", var author = "some text", Var description = "some text"Thanks in advance for any help, newbie here (incase it wasn't obvious!). J I am retrieving data from a third party's API using AJAX method. I would like to do two things. 1. Display the data records on a page. 2. Create a pagination on the page to display records more efficiently. I am expecting to retrieve possibly hundreds of records. I can normally do this using PHP but since I am retrieving the records using AJAX, the pagination is gonna be a challenge. First things first is to display the records. Here is my AJAX code. It displays the log data fine. But it doesn't display any data in the "output" div. And it gives this error in the console. Uncaught SyntaxError: Unexpected token o in JSON at position 1 at JSON.parse (<anonymous>) at Object.success
<div class="output"></div>
<script>
$.ajax ({
type: 'GET',
url: "https://3rdpartywebsite.com/api/GetCustomers",
dataType: 'json',
processData: false,
contentType: false,
success: function(data) {
console.log(data)
$newData = JSON.parse(data);
$.each($newData, function(i, v) {
$('.output').append(v.LastName);
$('.output').append(v.FirstName);
});
}
});
</script>
What am I doing wrong? Edited November 14, 2020 by imgroootThis is more of a database architect question.
I am building a CMS for website development. I am ready to use it for the first time on one of my clients. Now, my issue is is how to set up some or one of my table(s) for some areas that my client wants to be able to change in the admin section.
In their website on the front page, I put together this nice block slider. Its 6 blocks with text, a background image and nice effects. At first it was always going to be static, which was no issue at all, but later they came to me and asked if they could be able to change words in the boxes themselves in the admin section..
Of course this can be easily done by creating a table that is associated with this home page block thing and each row in the table will correspond to one of the blocks on the home page.
But I believe there might be an easier way to store this type of data without having to create another table for every feature the client wants to edit, for example they also want to be able to edit a slider on another page.
The WordPress database then came into my mind and how they store most of their data as JSON. So I was then thinking of creating a table named 'modules' for examples with three columns (id, title, data). Then inside the data column store the editable fields as a JSON string object.
For example a row could like like :
1, "Front Page Box Slider", {"slider-home" : [ {"data" : "value", "img_1", "value1"}, {"data" : "value", "img_2", "value2"} ]}
I've been doing a bit of research on this and people have just been saying, never do this if you do want your data to be searched through, which I don't.
Can anyone tell me why or why not I should do this, or maybe a better solution to my problem?
Thank you
Edited by carlosmoreeira, 17 September 2014 - 07:37 PM. good evening folks, i have a question regarding the foreach syntax when needing to access something say 3 levels deep into the json architecture here's the example I'm trying to accomplish but when echoing it's not returning the value i need from 3 levels deep. I believe i just don't understand the correct syntax so here's the example any help would he sincerely appreciated.
https://pastebin.com/mEBiMUW5 hello. i got this error and i have no idea why or what is going on. could someone explain in layman's term please and help me out.
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'event_id' cannot be null' in /home/dhsbnet/public_html/ems/add_guest.php:36 Stack trace: #0 /home/dhsbnet/public_html/ems/add_guest.php(36): PDOStatement->execute() #1 {main} thrown in /home/dhsbnet/public_html/ems/add_guest.php on line 36
code being referred to, line 36 is $guests->execute() :
if(isset($_SESSION['sess_user_id']))
{
if(isset($_POST['save']))
{
require "connection.php";
$name = $_POST['guest-name'];
$event = $_POST['event'];
$session = $_SESSION['sess_user_id'];
$status = "";
$status .= "0";
$guests = $dbh->prepare("INSERT INTO guest(guser_id,guest_name,event_id,status) VALUES (?,?,?,?)");
for($i = 0; $i < count($_POST['guest-name']); $i++)
{
if(trim($_POST['guest-name'][$i]) !== '')
{
$guests->bindParam(1, $session, PDO::PARAM_INT);
$guests->bindParam(2, $name[$i], PDO::PARAM_STR);
$guests->bindParam(3, $event, PDO::PARAM_INT);
$guests->bindParam(4, $status, PDO::PARAM_INT);
$guests->execute();
if($guests->rowCount() > 0)
{
echo "<script>window.location.href = 'guest_list.php';</script>";
}
}
}
}
}
<div class="dropdown">
<label>Event : <label/>
<select name="event" id="dd-event" required>
<option value="0" selected>Event</option>
<?php foreach($retrieve as $r): ?>
<option value="<?=$r['event_id']?>"><?=$r['event_name']?></option>
<?php endforeach ?>
</select>
</div>
in db event_id column is int, not null, not auto incremented. TIA!
Hi, I have a connection set up to an API using a PHP script - the API sends back data in JSON format, and if I capture it and echo it, it displays in extremely unfriendly format on the screen. I've tried to find a way to convert this data into readable format, ideally in a HTML table, but although there are articles on converting manually inputted JSON data into a HTML table using Javascript, I can't find a way to do it from a PHP variable. This is what I have so far:
if ($_POST['getcompany']) {
$companyname = $_POST['_Name'];
$ch = curl_init();
$data_array2 = array(
'token' => $token
);
$make_call2 = json_encode($data_array2);
//echo 'Token is '.$token;
$token2 = substr($token, 14);
$token3 = substr($token2, 0, -3);
//echo 'Token 2 is '.$token3;
//echo 'Company Name is '.$companyname;
//curl_setopt($ch, CURLOPT_GET, 1);
//curl_setopt($ch, CURLOPT_POSTFIELDS, $make_call2);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json','Authorization: '.$token3.''));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, 'https://connectionurl?countries=GB&name='.$companyname);
//Execute the request
$result = curl_exec($ch);
echo 'Companies: '.$result; //This displays the data provided by the search, but is in JSON format
So I need a way to get the data held in $result, into a HTML table. Any idea how I can do this? Hello, I have coded a contact form in PHP and I want to know, if according to you, it is secure! I am new in PHP, so I want some feedback from you. Moreover, I have also two problems based on the contact form. It is a bit complicated to explain, thus, I will break each of my problem one by one. FIRST:The first thing I want to know, is if my contact form secure according to you: The HTML with the PHP codes: Code: [Select] <?php if ($_SERVER['REQUEST_METHOD'] == 'POST') { //Assigning variables to elements $first = htmlentities($_POST['first']); $last = htmlentities($_POST['last']); $sub = htmlentities($_POST['subject']); $email = htmlentities($_POST['email']); $web = htmlentities($_POST['website']); $heard = htmlentities($_POST['heard']); $comment = htmlentities($_POST['message']); $cap = htmlentities($_POST['captcha']); //Declaring the email address with body content $to = 'alithebestofall2010@gmail.com'; $body ="First name: '$first' \n\n Last name: '$last' \n\n Subject: '$sub' \n\n Email: '$email' \n\n Website: '$web' \n\n Heard from us: '$heard' \n\n Comments: '$comment'"; //Validate the forms if (empty($first) || empty($last) || empty($sub) || empty($email) || empty($comment) || empty($cap)) { echo '<p class="error">Required fields must be filled!</p>'; header ('refresh= 3; url= index.php'); return false; } elseif (filter_var($first, FILTER_VALIDATE_INT) || filter_var($last, FILTER_VALIDATE_INT)) { echo '<p class="error">You cannot enter a number as either the first or last name!</p>'; return false; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { echo '<p class="error">Incorrect email address!</p>'; return false; } elseif (!($cap === '12')){ echo '<p class="error">Invalid captcha, try again!</p>'; return false; } else { mail ($to, $sub, $body); echo '<p class="success">Thank you for contacting us!</p>'; } } ?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <p>Your first name: <span class="required">*</span></p> <p><input type="text" name="first" size="40" placeholder="Ex: Paul"/></p> <p>Your last name: <span class="required">*</span></p> <p><input type="text" name="last" size="40" placeholder="Ex: Smith"/></p> <p>Subject: <span class="required">*</span></p> <p><input type="text" name="subject" size="40" placeholder="Ex: Contact"/></p> <p>Your email address: <span class="required">*</span></p> <p><input type="text" name="email" size="40" placeholder="Ex: example@xxx.com"/></p> <p>Website:</p> <p><input type="text" name="website" size="40" placeholder="Ex: http//:google.com"/></p> <p>Where you have heard us?: <span class="required">*</span></p> <p><select name="heard"> <option>Internet</option> <option>Newspapers</option> <option>Friends or relatives</option> <option>Others</option> </select></p> <p>Your message: <span class="required">*</span></p> <p><textarea cols="75" rows="20" name="message"></textarea></p> <p>Are you human? Sum this please: 5 + 7 = ?: <span class="required">*</span></p></p> <p><input type="text" name="captcha" size="10"/></p> <p><input type="submit" name="submit" value="Send" class="button"/> <input type="reset" value="Reset" class="button"/></p> </form> SECOND PROBLEM:If a user has made a mistake, he gets the error message so that he can correct! However, when a mistake in the form occurs, all the data the user has entered are disappeared! I want the data to keep appearing so that the user does not start over again to fill the form. THIRD: When the erro message is displayed to notify the user that he made a mistake when submitting the form, the message is displaying on the top of the page. I want it to appear below each respective field. How to do that? In JQuery it is simple, but in PHP, I am confusing! I have a pdo prepared statement that fetches records from mysql database. The records show up on the page. However if there are no records on a page, I get this error message.
"QLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-10' at line 4"
Here is my statement
$getCategoryId = $_GET['id'];
$limit = 10;
$offset = ($page - 1) * $limit;
$statement = $db->prepare("SELECT records.*, categories.* FROM records
LEFT JOIN categories ON records.category_id = categories.category_id
WHERE records.category_id = :category_id
ORDER BY record_id DESC LIMIT {$limit} OFFSET ".$offset);
$statement->bindParam('category_id', $getCategoryId);
$statement->execute();
$results = $statement->fetchAll(PDO::FETCH_ASSOC);
If I remove try and catch block, it'll tell me exactly which line is giving the issue. So from the above code, the error has to do with "$statement->execute();". This is where the error occurs.
As far as I know, the above pdo statement is correct. Can you tell me if something is wrong with it?
Edited by helloworld001, 16 December 2014 - 04:14 PM. Hi, can some one please explain to me the best way to do this, currently I am using txt files on the server to hold the content of the webpage for example: header, title_1, paragraph_1, title_2, paragraph_2 etc. But with more content this is getting very tedious and I'm sure using mysql would be better here's how it works now ( write to file) <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="keywords" content=""> <meta name="description" content=" "> <meta name="robots" content="FOLLOW,INDEX"> <title></title> <link rel='stylesheet' href='../css/style.css' type='text/css'> <link rel="shortcut icon" href=""> <script type="text/javascript" src="../js/ckeditor/ckeditor.js"></script> </head> <body> <?php //This condition will check either the submit button was pressed, for such test you need to check that if there is an element which has the same name as your button. if(isset($_POST['Submit'])) { //this is just the name of the file, it can be used directly but its better to use a variable its just for convinence $file = "../content/menu_header_a.txt"; if(is_writable($file)) { //this is to open the file in write more 'w' says that it will open in writeable more $fh = fopen($file, 'w') or die("can't open file"); //I again used a variable to store the data.... which is to be written to the file //The main point is to receive the data on submit, it is when submit is done, and uppon condition for submit is fulfilled //all the elements of the form are put in the array named $_POST and you can get their values by their names //in the same way I just took the value of 'editor1' it is the name for textarea in which you displayed the text $data = stripslashes(stripslashes($_POST['editor_header_a'])); ///This routine will just write the data to file given the file handle and the data. fwrite($fh, $data); //must close the file after all writing is done. fclose($fh); } else { echo "File is Not Writable<br>"; } } ?> <form method="post"> <textarea name="editor_header_a"> <?php $file = file_get_contents('../content/menu_header_a.txt'); echo $file; ?> </textarea> <script type="text/javascript"> CKEDITOR.replace( 'editor_header_a', { toolbar : [ ['Source','-','Save','NewPage','Preview','-','Templates'], ['Cut','Copy','Paste','PasteText','PasteFromWord','-','Print', 'SpellChecker', 'Scayt'], ['Undo','Redo','-','Find','Replace','-','SelectAll','RemoveFormat'], ['Form', 'Checkbox', 'Radio', 'TextField', 'Textarea', 'Select', 'Button', 'ImageButton', 'HiddenField'], '/', ['Bold','Italic','Underline','Strike','-','Subscript','Superscript'], ['NumberedList','BulletedList','-','Outdent','Indent','Blockquote'], ['JustifyLeft','JustifyCenter','JustifyRight','JustifyBlock'], ['Link','Unlink','Anchor'], ['Image','Flash','Table','HorizontalRule','Smiley','SpecialChar','PageBreak'], '/', ['Styles','Format','Font','FontSize'], ['TextColor','BGColor'], ['Maximize', 'ShowBlocks','-','About'] ] }); </script> </p> <p> <input name="Submit" type="submit" /> </p> </form> </body> </html> display content from file. <?php $file = file_get_contents('content/menu_header_a.txt', 'r'); if(isset($_SESSION['user_id'])){ ?><a href="javascript:open4()"><?php echo $file ?></a><?php } else { echo $file; }?> js Code: [Select] var win=null; function NewWindow(mypage,myname,w,h,scroll,pos){ if(pos=="random"){LeftPosition=(screen.width)?Math.floor(Math.random()*(screen.width-w)):100;TopPosition=(screen.height)?Math.floor(Math.random()*((screen.height-h)-75)):100;} if(pos=="center"){LeftPosition=(screen.width)?(screen.width-w)/2:100;TopPosition=(screen.height)?(screen.height-h)/2:100;} else if((pos!="center" && pos!="random") || pos==null){LeftPosition=0;TopPosition=20} settings='width='+w+',height='+h+',top='+TopPosition+',left='+LeftPosition+',scrollbars='+scroll+',location=no,directories=no,status=no,menubar=no,toolbar=no,resizable=yes'; win=window.open(mypage,myname,settings);} function open4(){ var open4 = window.open('http://localhost/projects/public_html/contentscript/content_menu_header_a.php','jav','width=540,height=480,resizable=yes'); } I like the way it works currently, I just have to click on the content I want to make changes to for the wysiwyg editor to open up but these txt files are doing my head in:). btw Im a still learning all this please try to keep it simple for me Thanks for you help. So i have a basic form that does a pure and simple data entry via MySQL / PHP. However the content being passed through the form is being pasted in from random sources such as PDF, Word Doc, etc... Here's an issue im noticing and do not know how to fix. If someone pastes a paragraph that has a single quote in it, that single quote >> ' << will be replaced in the database with something like so >> ’ << so a word like world's will turn into world’s. Does anyone know if there's a way to fix this issue? Thanks! Hello all,
Appreciate if you folks could pls. help me understand (and more importantly resolve) this very weird error:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ASC, purchase_later_flag ASC, shopper1_buy_flag AS' at line 3' in /var/www/index.php:67 Stack trace: #0 /var/www/index.php(67): PDO->query('SELECT shoplist...') #1 {main} thrown in /var/www/index.php on line 67
Everything seems to work fine when/if I use the following SQL query (which can also be seen commented out in my code towards the end of this post) :
$sql = "SELECT shoplist.*, store_master.store_name, item_master.item_name FROM shoplist, store_master, item_master WHERE shoplist.store_id = store_master.store_id AND shoplist.item_id = item_master.item_id";However, the moment I change my query to the following, which essentially just includes/adds the ORDER BY clause, I receive the error quoted above: $sql = "SELECT shoplist.*, store_master.store_name, item_master.item_name FROM shoplist, store_master, item_master ORDER BY purchased_flag ASC, purchase_later_flag ASC, shopper1_buy_flag ASC, shopper2_buy_flag ASC, store_name ASC) WHERE shoplist.store_id = store_master.store_id AND shoplist.item_id = item_master.item_id";In googling for this error I came across posts that suggested using "ORDER BY FIND_IN_SET()" and "ORDER BY FIELD()"...both of which I tried with no success. Here's the portion of my code which seems to have a problem, and line # 67 is the 3rd from bottom (third last) statement in the code below: <?php
/*
$sql = "SELECT shoplist.*, store_master.store_name, item_master.item_name
FROM shoplist, store_master, item_master
WHERE shoplist.store_id = store_master.store_id
AND shoplist.item_id = item_master.item_id";
*/
$sql = "SELECT shoplist.*, store_master.store_name, item_master.item_name
FROM shoplist, store_master, item_master
ORDER BY FIND_IN_SET(purchased_flag ASC,
purchase_later_flag ASC,
shopper1_buy_flag ASC,
shopper2_buy_flag ASC,
store_name ASC)
WHERE shoplist.store_id = store_master.store_id
AND shoplist.item_id = item_master.item_id";
$result = $pdo->query($sql);
// foreach ($pdo->query($sql) as $row) {
foreach ($result as $row) {
echo '<tr>';
print '<td><span class="filler-checkbox"><input type="checkbox" name="IDnumber[]" value="' . $row["idnumber"] . '" /></span></td>';
Thanks
Good day, How can I create a pdf report on my web page pulling out data from my database. I have never done this before I just need an idea. |
|||||||