$C = $_POST['Cc'];
$X = $_POST['X'];
$CX = $_POST['Cc'] . $_POST['X'];
$NC = preg_replace_callback("/x/" ,function() {return rand(0,9);}, $CX);
$New = $NC ;
$NNew = str_repeat($New,10);
echo $NNew;
what's wrong when i output it , it gives me the same number How to make It Don't Give me the same Numbers ??
It's basically you are not changing the seed for the rand method. Each time it's getting same seed and generating same number.
Read this PHP manual : http://php.net/manual/en/function.srand.php
Check the code snippet below:
<?php
// seed with microseconds
function make_seed()
{
list($usec, $sec) = explode(' ', microtime());
return $sec + $usec * 1000000;
}
srand(make_seed());
$randval = rand(0,9);
echo $randval;
?>
Or you can use mt_rand() which is seeded differently on each execution.
Let me start by saying I am NOT a programmer. I'm a retail web manager that knows enough about HTML5 to understand what is going on. Ok now on to my issue. We recently upgraded our eCommerce platform from 3DCart to Magento. It's a completely different monster and I'm fairly lost. I'm trying to integrate Magento's simple pixel (just returns the total not the individual items) into our confirmation page but all of our tests are failing. I've tried bits and pieces of other codes that I've found around the web but I'm still missing the "amount" parameter. Can anyone help me? Below is what we have on our site now (please note this is part of the copy/paste code I've found):
//-------------------------------------------
// START CJ CONVERSION TRACKING PIXEL
//-------------------------------------------
$cjmerchID = '1521251';
$cjaid = '382643';
$cjorder = Mage::getModel('sales/order')->loadByIncrementId(Mage::getSingleton('checkout/session')->getLastRealOrderId());
$cjitems = $cjorder->getAllItems();
$cjorderID = $cjorder->getIncrementId();
//$cjsubtotal = round($cjorder->getSubtotal(), 2);
$i = 1;
foreach ($cjitems as $itemId => $item)
{
$unitPrice = round($item->getPrice(), 2);
$sku = $item->getSku();
$qty = $item->getQtyToInvoice();
//echo $qty . '<br>';
$itemsStr .= '&ITEM;' . $i . '=' . $sku . '&AMT;' . $i . '=' . $unitPrice . '&QTY;' . $i . '=' . $qty . '';
$i++;
}
?>
?<img src="https://www.emjcd.com/u?CID=<?php echo $cjmerchID; ?>&OID;=<?php echo $cjorderID; ?>&TYPE;=<?php echo $cjaid; ?><?php echo $itemsStr; ?>&CURRENCY;=USD&METHOD;=IMG" height="1" width="20">
<?php
//-------------------------------------------
// END CJ CONVERSION TRACKING PIXEL
//-------------------------------------------
According to CJ this is what I'm doing wrong:
Thank you for providing the results of your test. I am seeing the pixel calls on our server. However, both tests failed as the incorrect Action ID is being used and the 'AMOUNT' parameter has no associated value and is being passed back blank. I've attached the integration instructions for your convenience.
The Action ID for the simple action that should be integrated to replace the existing pixel is 382643.
Integration Test
Advertiser: 3448671
Ad: 12313358
Action Id: 346589
Action Type: item_sale
Query String: AMOUNT=&OID=100056687&CID=1521251&CURRENCY=USD&METHOD=IMG&TYPE=346589
Sid: TrackingTest
Surfer: 476602316150531682:VJXkXAhFHzU2 Click Ref:
Action Status: active
img src="https://www.emjcd.com/u?AMOUNT=&CID=1521251&OID=100056687&TYPE=346589&CURRENCY=USD&METHOD=IMG" height="1" width="20"
Please update the pixel to pull in the subtotal (pre-taxed amount of purchase) and to have 'TYPE' populated with 382643.
Any help you can give would me most appreciated!
Diana
See if this code works. what i did is get the subtotal of total checkout order and append a new parameter in img href with AMOUNT. Let me know how the results work out
//-------------------------------------------
// START CJ CONVERSION TRACKING PIXEL
//-------------------------------------------
$cjmerchID = '1521251';
$cjaid = '382643';
$cjorder = Mage::getModel('sales/order')->loadByIncrementId(Mage::getSingleton('checkout/session')->getLastRealOrderId());
$cjitems = $cjorder->getAllItems();
$cjorderID = $cjorder->getIncrementId();
//New Codee
$totals = Mage::getSingleton('checkout/cart')->getQuote()->getTotals();
$subtotal = $totals["subtotal"]->getValue();
//$cjsubtotal = round($cjorder->getSubtotal(), 2);
$i = 1;
foreach ($cjitems as $itemId => $item)
{
$unitPrice = round($item->getPrice(), 2);
$sku = $item->getSku();
$qty = $item->getQtyToInvoice();
//echo $qty . '<br>';
$itemsStr .= '&ITEM;' . $i . '=' . $sku . '&AMT;' . $i . '=' . $unitPrice . '&QTY;' . $i . '=' . $qty . '';
$i++;
}
?>
?<img src="https://www.emjcd.com/u?CID=<?php echo $cjmerchID; ?>&OID;=<?php echo $cjorderID; ?>&TYPE;=<?php echo $cjaid; ?>&AMOUNT;=<?php echo $subtotal; ?><?php echo $itemsStr; ?>&CURRENCY;=USD&METHOD;=IMG" height="1" width="20">
<?php
//-------------------------------------------
// END CJ CONVERSION TRACKING PIXEL
//-------------------------------------------
I have some code that uploads the CSV file to the specified folder, but it doesn't update the database.
public function do_upload()
{
$csv_path = realpath(APPPATH . '/../assets/uploads/CSV/');
$config['upload_path'] = $csv_path;
$config['allowed_types'] = '*'; // All types of files allowed
$config['overwrite'] = true; // Overwrites the existing file
$this->upload->initialize($config);
$this->load->library('upload', $config);
if ( ! $this->upload->do_upload('userfile'))
{
$error = array('error' => $this->upload->display_errors());
$this->layout->buffer('content', 'program/upload', $error);
$this->layout->render();
}
else
{
$image_data = $this->upload->data();
$fname = $image_data['file_name'];
$fpath = $image_data['file_path'].$fname;
$fh = fopen($fpath, "r");
$insert_str = 'INSERT INTO wc_program (JobRef, Area, Parish, AbbrWorkType, WorkType, Timing, TrafficManagement, Location, Duration, Start, Finish) VALUES '."\n";
if ($fh) {
// Create each set of values.
while (($csv_row = fgetcsv($fh, 2000, ',')) !== false) {
foreach ($csv_row as &$row) {
$row = strtr($row, array("'" => "\'", '"' => '\"'));
}
$insert_str .= '("'
// Implode the array and fix pesky apostrophes.
.implode('","', $csv_row)
.'"),'."\n";
}
// Remove the trailing comma.
$insert_str = rtrim($insert_str, ",\n");
// Insert all of the values at once.
$this->db->set($insert_str);
echo '<script type="text/javascript">
alert("Document successfully uploaded and saved to the database.");
location = "program/index";
</script>';
}
else {
echo '<script type="text/javascript">
alert("Sorry! Something went wrong please proceed to try again.");
location = "program/upload";
</script>';
}
}
}
When I run var_dump($fh); it shows: resource(89) of type (stream)
When I run var_dump($fpath) it shows: string(66) "/Applications/MAMP/htdocs/site/assets/uploads/CSV/wc_program.csv"
So it all uploads but what is wrong with it not updating the database?
I have tried all kinds of changing the fopen method but still no joy, I really need it to add to the database and the insert query and set query should do the trick but it doesn't.
Any help greatly appreciated!
You are not running any query on the database. You are mixing active record syntax with simple query syntax. The active record insert query will be executed by calling.
$this->db->insert('my_table');
db::set() does not actually query the database. It takes in a key/value pair that will be inserted or updated after db::insert() or db::update() is called. If you build the query yourself you need to use the db::query() function.
Review the active directory documentation.
You can use $this->db->query('put your query here'), but you lose the benefit of CodeIgniter's built in security. Review CodeIgniter's query functions.
I'll give you examples of just a few of the many ways you can insert into a database using CodeIgniter. The examples will generate the query from your comment. You will need to adjust your code accordingly.
EXAMPLE 1:
$result = $this->db
->set('JobRef', 911847)
->set('Area', 'Coastal')
->set('Parish', 'Yapton')
->set('AbbrWorkType', 'Micro')
->set('WorkType', 'Micro-Asphalt Surfacing')
->set('Timing', 'TBC')
->set('TrafficManagement', 'No Positive Traffic Management')
->set('Location', 'Canal Road (added PMI 16/07/12)')
->set('Duration', '2 days')
->set('Start', '0000-00-00')
->set('Finish', '0000-00-00')
->insert('wc_program');
echo $this->db->last_query() . "\n\n";
echo "RESULT: \n\n";
print_r($result);
EXAMPLE 2 (Using an associative array):
$row = array(
'JobRef' => 911847,
'Area' => 'Coastal',
'Parish' => 'Yapton',
'AbbrWorkType' => 'Micro',
'WorkType' => 'Micro-Asphalt Surfacing',
'Timing' => 'TBC',
'TrafficManagement' => 'No Positive Traffic Management',
'Location' => 'Canal Road (added PMI 16/07/12)',
'Duration' => '2 days',
'Start' => '0000-00-00',
'Finish' => '0000-00-00'
);
$this->db->insert('wc_program', $row);
// This will do the same thing
// $this->db->set($row);
// $this->db->insert('wc_program');
echo $this->db->last_query();
Example 1 and 2 are using the Active Record. The information is stored piece by piece and then the query is built when you make the final call. This has several advantages. It allows you to build queries dynamically without worrying about SQL syntax and order of the keywords. It also escapes your data.
EXAMPLE 3 (Simple Query):
$query = 'INSERT INTO
wc_program
(JobRef, Area, Parish, AbbrWorkType, WorkType, Timing, TrafficManagement, Location, Duration, Start, Finish)
VALUES
("911847","Coastal","Yapton","Micro","Micro-Asphalt Surfacing","TBC","No Positive Traffic Management","Canal Road (added PMI 16/07/12)","2 days","0000-00-00","0000-00-00")';
$result = $this->db->query($query);
echo $this->db->last_query() . "\n\n";
echo "RESULT: \n";
print_r($result);
This way leaves all the protection against injection up to you, can lead to more errors, and is harder to change/maintain.
If you are going to do it this way you should use the following syntax, which will protect against injection.
EXAMPLE 4:
$query = 'INSERT INTO
wc_program
(JobRef, Area, Parish, AbbrWorkType, WorkType, Timing, TrafficManagement, Location, Duration, Start, Finish)
VALUES
(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);';
$row = array(
911847,
'Coastal',
'Yapton',
'Micro',
'Micro-Asphalt Surfacing',
'TBC',
'No Positive Traffic Management',
'Canal Road (added PMI 16/07/12)',
'2 days',
'0000-00-00',
'0000-00-00'
);
$result = $this->db->query($query, $row);
echo $this->db->last_query() . "\n\n";
echo "RESULT: \n";
print_r($result);
CodeIgniter will replace each "?" in the query with the corresponding value from the array after it is escaped. You can use this to run many queries that are of the same form, but have different data just by updating the $row array and benefit from CI's built in security.
I'm building a booking form for a moving business that uses a calendar combined with a start and end time. I built the timepicker with Formidable Pro, and it allows me to check "unique" on time fields which automatically removes them on the selected date. However it doesn't automatically remove the times from within the range between start and end times (ie: if someone chooses to rent a truck from 1am-3am I need 1am,2am,and 3am to be removed from future options but right now it only removes 1am and 3am) . I need to write ajax to remove the in-between times from the options. I'm not sure where to begin. This is the current ajax_time_ options function. Any push in the right direction would be appreciated.
function ajax_time_options(){
global $frmpro_settings, $frmdb, $wpdb;
//posted vars = $time_field, $date_field, $step, $start, $end, $date, $clock
extract($_POST);
$time_key = str_replace('field_', '', $time_field);
$date_key = str_replace('field_', '', $date_field);
if (!preg_match('/^\d{4}-\d{2}-\d{2}$/', trim($date)))
$date = FrmProAppHelper::convert_date($date, $frmpro_settings->date_format, 'Y-m-d');
$date_entries = FrmEntryMeta::getEntryIds("fi.field_key='$date_key' and meta_value='$date'");
$opts = array('' => '');
$time = strtotime($start);
$end = strtotime($end);
$step = explode(':', $step);
$step = (isset($step[1])) ? ($step[0] * 3600 + $step[1] * 60) : ($step[0] * 60);
$format = ($clock) ? 'H:i' : 'h:i A';
while($time <= $end){
$opts[date($format, $time)] = date($format, $time);
$time += $step;
}
if($date_entries and !empty($date_entries)){
$used_times = $wpdb->get_col("SELECT meta_value FROM $frmdb->entry_metas it LEFT JOIN $frmdb->fields fi ON (it.field_id = fi.id) WHERE fi.field_key='$time_key' and it.item_id in (". implode(',', $date_entries).")");
if($used_times and !empty($used_times)){
$number_allowed = apply_filters('frm_allowed_time_count', 1, $time_key, $date_key);
$count = array();
foreach($used_times as $used){
if(!isset($opts[$used]))
continue;
if(!isset($count[$used]))
$count[$used] = 0;
$count[$used]++;
if((int)$count[$used] >= $number_allowed)
unset($opts[$used]);
}
unset($count);
}
}
echo json_encode($opts);
die();
}
I know this issue has been discussed in different questions but the answers people have given don't seem to work on my end. I'm dealing with the following problem:
if ( (preg_match($suspect, $lowmsg) )
|| (preg_match($suspect, strtolower($_POST['name'])))
|| (preg_match($suspect, strtolower($_POST['email']))))
Now, people have been saying that if I put "/" in front and behind quotes like so '/email/' that this would solve the problem. I tried putting the / for email and name but it still brought me back to the same delimiter error.
I also get a final error of: Warning: Cannot modify header information - headers already sent by (my website's send.php:43) on line 61. Does this have anything to do with it or is this just an error as a result of the earlier error?
Here's the entire code for interested parties:
<?php
if(($_POST['email']=="")||($_POST['name']=="")||($_POST['message']==""))
{
echo "<html><body><p>The following fields are <strong>required</strong>.</p><ul>";
if($_POST['name'] == ""){ echo "<li>Name</li>"; }
if($_POST['email'] == ""){ echo "<li>Email</li>"; }
if($_POST['message'] == ""){ echo "<li>Message</li>"; }
echo "</ul><p>Please use your browser's back button to complete the form.</p></body></html>";
}
else
{
$message = "";
$message .= "Name: " . htmlspecialchars($_POST['name'], ENT_QUOTES) . "<br>\n";
$message .= "Email: " . htmlspecialchars($_POST['email'], ENT_QUOTES) . "<br>\n";
$message .= "Message: " . htmlspecialchars($_POST['message'], ENT_QUOTES) . "<br>\n";
$subject = htmlspecialchars($_POST['subject'], ENT_QUOTES);
$pagelink = htmlspecialchars($_POST['pagelink'], ENT_QUOTES);
$repemail = htmlspecialchars($_POST['repemail'], ENT_QUOTES);
$injection_strings = array ( "content-type:","charset=","mime-version:","multipart/mixed","bcc:","cc:");
foreach($injection_strings as $suspect)
{
if((preg_match($suspect, $lowmsg)) || (preg_match($suspect, strtolower($_POST['/name/']))) || (preg_match($suspect, strtolower($_POST['/email/']))))
{
die ( 'Illegal Input. Go back and try again. Your message has not been sent.' );
}
}
$headers = "MIME-Version: 1.0\r\nContent-type: text/html; charset=iso-8859-1\r\n";
$headers .= "From: \"" . $_POST['/name/'] . "\" <" . $_POST['/email/'] . ">\r\n";
$headers .= "Reply-To: " . $_POST['/email/'] . "\r\n\r\n";
mail($repemail, $subject, $message, $headers);
header("Location: " . $pagelink . "");
}
?>
You can try other delimiters, such as / # ~
see regexp.reference.delimiters
Hope that helps.
EDIT: you do not need to do backslash inside $_POST
Use $_POST['name'] instead of $_POST['/name/']
EDIT: try
preg_match("/".$suspect."/i", strtolower($_POST['name']);
However, I dont think you would find any of your $injection_strings inside post name. You may need to rethink how you are searching. "content_type" is not going to match "text/html" with your current statement. You'd need to try other regex like
preg_match("/".$suspect."(.*)/i", strtolower($_POST['name'], $output);
So that it would $output[0], your "suspect" variable. I'm not sure if thats what you are looking for, but maybe sending you to the right track.
EDIT: Here.
If you want to look at say "cc:" and find what email it is, use this.
preg_match("/cc:(.*)/i",'cc:'.$_POST['email'],$output);
$output[0]; would equal your email.
To be compatible with your foreach loop, you may want to change it too,
switch this below code within your "if statements"
preg_match("/".$suspect."(.*)/i",$suspect.$_POST['email'])