I know this issue has been discussed in different questions but the answers people have given don't seem to work on my end. I'm dealing with the following problem:
if ( (preg_match($suspect, $lowmsg) )
|| (preg_match($suspect, strtolower($_POST['name'])))
|| (preg_match($suspect, strtolower($_POST['email']))))
Now, people have been saying that if I put "/" in front and behind quotes like so '/email/' that this would solve the problem. I tried putting the / for email and name but it still brought me back to the same delimiter error.
I also get a final error of: Warning: Cannot modify header information - headers already sent by (my website's send.php:43) on line 61. Does this have anything to do with it or is this just an error as a result of the earlier error?
Here's the entire code for interested parties:
<?php
if(($_POST['email']=="")||($_POST['name']=="")||($_POST['message']==""))
{
echo "<html><body><p>The following fields are <strong>required</strong>.</p><ul>";
if($_POST['name'] == ""){ echo "<li>Name</li>"; }
if($_POST['email'] == ""){ echo "<li>Email</li>"; }
if($_POST['message'] == ""){ echo "<li>Message</li>"; }
echo "</ul><p>Please use your browser's back button to complete the form.</p></body></html>";
}
else
{
$message = "";
$message .= "Name: " . htmlspecialchars($_POST['name'], ENT_QUOTES) . "<br>\n";
$message .= "Email: " . htmlspecialchars($_POST['email'], ENT_QUOTES) . "<br>\n";
$message .= "Message: " . htmlspecialchars($_POST['message'], ENT_QUOTES) . "<br>\n";
$subject = htmlspecialchars($_POST['subject'], ENT_QUOTES);
$pagelink = htmlspecialchars($_POST['pagelink'], ENT_QUOTES);
$repemail = htmlspecialchars($_POST['repemail'], ENT_QUOTES);
$injection_strings = array ( "content-type:","charset=","mime-version:","multipart/mixed","bcc:","cc:");
foreach($injection_strings as $suspect)
{
if((preg_match($suspect, $lowmsg)) || (preg_match($suspect, strtolower($_POST['/name/']))) || (preg_match($suspect, strtolower($_POST['/email/']))))
{
die ( 'Illegal Input. Go back and try again. Your message has not been sent.' );
}
}
$headers = "MIME-Version: 1.0\r\nContent-type: text/html; charset=iso-8859-1\r\n";
$headers .= "From: \"" . $_POST['/name/'] . "\" <" . $_POST['/email/'] . ">\r\n";
$headers .= "Reply-To: " . $_POST['/email/'] . "\r\n\r\n";
mail($repemail, $subject, $message, $headers);
header("Location: " . $pagelink . "");
}
?>
You can try other delimiters, such as / # ~
see regexp.reference.delimiters
Hope that helps.
EDIT: you do not need to do backslash inside $_POST
Use $_POST['name'] instead of $_POST['/name/']
EDIT: try
preg_match("/".$suspect."/i", strtolower($_POST['name']);
However, I dont think you would find any of your $injection_strings inside post name. You may need to rethink how you are searching. "content_type" is not going to match "text/html" with your current statement. You'd need to try other regex like
preg_match("/".$suspect."(.*)/i", strtolower($_POST['name'], $output);
So that it would $output[0], your "suspect" variable. I'm not sure if thats what you are looking for, but maybe sending you to the right track.
EDIT: Here.
If you want to look at say "cc:" and find what email it is, use this.
preg_match("/cc:(.*)/i",'cc:'.$_POST['email'],$output);
$output[0]; would equal your email.
To be compatible with your foreach loop, you may want to change it too,
switch this below code within your "if statements"
preg_match("/".$suspect."(.*)/i",$suspect.$_POST['email'])
Related
ajax driven search(date range is input).
search is working properly however when I am trying to convert status(value 1 & 2 is stored in database) as ON or OFF. I'm getting this error, when I change if ('.$row->status.' === '1' ) to if ('.$row->status.' === 1 ) output is
if (1 === 1 ) else if (2 === 1 ) else if (1 === 1 ) else
foreach ($query as $row)
{
$output .= '
<tr>
if ('.$row->status.' === '1' ) //err
<td>ON</td>
else
<td>OFF</td>
</tr>
You have to go through something like the following thought process...
"I want to output a string "On" or "Off" based on the result of $row->status.
So first you need to determine what the string , let's call it $on_off.
Then you need to create your string segment based upon $on_off.
foreach ($query as $row)
{
// Determine the ON/OFF string to output
$on_off = ($row->status)?'ON':'OFF';
// Create the String Segment.
$output .= '<tr><td>';
$output .= $on_off;
$output .= '</td></tr>';
// Whatever else is here...
}
The reason I have broken $output into 3 commands is to help break up the table tags into something a bit more readable and less prone to mistakes.
I'm trying to loop over multiple servers that need to run 1 at a time using Laravel's withChain. The first job completes just fine but the data I'm passing within the chained jobs gives me the
Attempt to assign property of non-object
When I log out the initial dispatched data it looks just like the constructed data in my array so I'm not sure what I'm doing wrong.
$new_jobs_array = [];
foreach ($this->wasRequest->nodes->sortByDesc('pivot.node_type') as $node) {
if ($node->pivot->node_type != 'WAS_DMGR')
{
$snode = strtolower($node->hostname);
$shortname = strtok($snode, '.');
$fileName = strtolower($mnemonic).'_'.$shortname.'_'.$reqId.'.json';
$sourceJsonPath = base_path() . "/json/was/" . $fileName;
$new_job = 'new BootStrapWasNode('. $node .', '. $this->wasRequest .', '.$sourceJsonPath.')';
array_push($new_jobs_array, $new_job);
} else {
$dmgr_node = $node;
}
}
//Log::info($new_jobs_array);
$dmgr_node_sname = strtok($this->wasRequest->nodes->where('pivot.node_type', 'WAS_DMGR')->pluck('hostname')[0], '.');
$fileName = strtolower($mnemonic).'_'.$dmgr_node_sname.'_'.$reqId.'.json';
$sourceJsonPath = base_path() . "/json/was/" . $fileName;
$this->wasRequest->status = 'Bootstrapping Nodes';
$this->wasRequest->save();
//Log::info("DMGR-------------------".$dmgr_node.", ".$this->wasRequest.", ".$sourceJsonPath);
BootStrapWasNode::withChain($new_jobs_array)->dispatch($dmgr_node, $this->wasRequest, $sourceJsonPath);
I can attach the log view if needed but there is a lot of data for each node. The issue is with the $new_nodes_array, the initial dispatch($dmgr_node,$this->wasRequest,$sourceJsonPath) completes without issue.
Was able to figure out the issue.
This line was incorrect
$new_job = 'new BootStrapWasNode('. $node .', '. $this->wasRequest .','.$sourceJsonPath.')';
It should be
$new_job = new BootStrapWasNode($node, $this->wasRequest, $sourceJsonPath);
Let me start by saying I am NOT a programmer. I'm a retail web manager that knows enough about HTML5 to understand what is going on. Ok now on to my issue. We recently upgraded our eCommerce platform from 3DCart to Magento. It's a completely different monster and I'm fairly lost. I'm trying to integrate Magento's simple pixel (just returns the total not the individual items) into our confirmation page but all of our tests are failing. I've tried bits and pieces of other codes that I've found around the web but I'm still missing the "amount" parameter. Can anyone help me? Below is what we have on our site now (please note this is part of the copy/paste code I've found):
//-------------------------------------------
// START CJ CONVERSION TRACKING PIXEL
//-------------------------------------------
$cjmerchID = '1521251';
$cjaid = '382643';
$cjorder = Mage::getModel('sales/order')->loadByIncrementId(Mage::getSingleton('checkout/session')->getLastRealOrderId());
$cjitems = $cjorder->getAllItems();
$cjorderID = $cjorder->getIncrementId();
//$cjsubtotal = round($cjorder->getSubtotal(), 2);
$i = 1;
foreach ($cjitems as $itemId => $item)
{
$unitPrice = round($item->getPrice(), 2);
$sku = $item->getSku();
$qty = $item->getQtyToInvoice();
//echo $qty . '<br>';
$itemsStr .= '&ITEM;' . $i . '=' . $sku . '&AMT;' . $i . '=' . $unitPrice . '&QTY;' . $i . '=' . $qty . '';
$i++;
}
?>
?<img src="https://www.emjcd.com/u?CID=<?php echo $cjmerchID; ?>&OID;=<?php echo $cjorderID; ?>&TYPE;=<?php echo $cjaid; ?><?php echo $itemsStr; ?>&CURRENCY;=USD&METHOD;=IMG" height="1" width="20">
<?php
//-------------------------------------------
// END CJ CONVERSION TRACKING PIXEL
//-------------------------------------------
According to CJ this is what I'm doing wrong:
Thank you for providing the results of your test. I am seeing the pixel calls on our server. However, both tests failed as the incorrect Action ID is being used and the 'AMOUNT' parameter has no associated value and is being passed back blank. I've attached the integration instructions for your convenience.
The Action ID for the simple action that should be integrated to replace the existing pixel is 382643.
Integration Test
Advertiser: 3448671
Ad: 12313358
Action Id: 346589
Action Type: item_sale
Query String: AMOUNT=&OID=100056687&CID=1521251&CURRENCY=USD&METHOD=IMG&TYPE=346589
Sid: TrackingTest
Surfer: 476602316150531682:VJXkXAhFHzU2 Click Ref:
Action Status: active
img src="https://www.emjcd.com/u?AMOUNT=&CID=1521251&OID=100056687&TYPE=346589&CURRENCY=USD&METHOD=IMG" height="1" width="20"
Please update the pixel to pull in the subtotal (pre-taxed amount of purchase) and to have 'TYPE' populated with 382643.
Any help you can give would me most appreciated!
Diana
See if this code works. what i did is get the subtotal of total checkout order and append a new parameter in img href with AMOUNT. Let me know how the results work out
//-------------------------------------------
// START CJ CONVERSION TRACKING PIXEL
//-------------------------------------------
$cjmerchID = '1521251';
$cjaid = '382643';
$cjorder = Mage::getModel('sales/order')->loadByIncrementId(Mage::getSingleton('checkout/session')->getLastRealOrderId());
$cjitems = $cjorder->getAllItems();
$cjorderID = $cjorder->getIncrementId();
//New Codee
$totals = Mage::getSingleton('checkout/cart')->getQuote()->getTotals();
$subtotal = $totals["subtotal"]->getValue();
//$cjsubtotal = round($cjorder->getSubtotal(), 2);
$i = 1;
foreach ($cjitems as $itemId => $item)
{
$unitPrice = round($item->getPrice(), 2);
$sku = $item->getSku();
$qty = $item->getQtyToInvoice();
//echo $qty . '<br>';
$itemsStr .= '&ITEM;' . $i . '=' . $sku . '&AMT;' . $i . '=' . $unitPrice . '&QTY;' . $i . '=' . $qty . '';
$i++;
}
?>
?<img src="https://www.emjcd.com/u?CID=<?php echo $cjmerchID; ?>&OID;=<?php echo $cjorderID; ?>&TYPE;=<?php echo $cjaid; ?>&AMOUNT;=<?php echo $subtotal; ?><?php echo $itemsStr; ?>&CURRENCY;=USD&METHOD;=IMG" height="1" width="20">
<?php
//-------------------------------------------
// END CJ CONVERSION TRACKING PIXEL
//-------------------------------------------
I am getting data through Ajax call. That data has following code that stores some value from PHP to Javascript variables using .data(). I am pretty sure php variable has valuesbut values does not get stored in js. Take a look
So there is ajax method
'#ajax' => array(
'callback' => 'a_e_get_score',
It calls the function that has js code
$out .= '
<script type="text/javascript">
jQuery("#chkso").data("paragraphs",' . json_encode($this->result->data->analysis->so->paragraphs) . ');
jQuery("#chkso").data("domExpression",' . json_encode($this->result->data->analysis->so->paragraphDOM) . ');
jQuery("#chkso").data("tooSimpleColor",' . json_encode($light_blue) . ');
jQuery("#chkso").data("tooComplexColor",' . json_encode($light_orange) . ');
</script>';
return $out;
Now when I try to run
$("#chkso").data('paragraphs');
it says undefined.
How do I really pass these values ? I know there is another way mentioned here but that does not seems to work for me as well.
Please guide
If you use the drupal_add_js() function.
drupal_add_js(array('myModule' => array('key' => 'value')), 'setting');
then in your javascript file you can access your value like this:
Drupal.settings.myModule.key
If you want to send data to javascript from your module file only, you don't need to use this
'#ajax' => array(
'callback' => 'a_e_get_score',
Thank all for the help. drupal_json_encode did the trick for me. Following code works with no problem.
$out .= '<script type="text/javascript">
var tooSimpleColor = ' . drupal_json_encode($light_blue) . ';
var tooComplexColor = ' . drupal_json_encode($light_orange) . ';
var domExpression = ' . drupal_json_encode($this->result->data->analysis->so->paragraphDOM) . ';
var paragraphs = ' . drupal_json_encode($this->result->data->analysis->so->paragraphs) . ';
</script>';
Regards,
I am sending an email via CodeIgniter's email->send(). I have come across an anomaly that I cannot figure out.
"\r\n" is not working in a certain section of the email. However if I switch "\r\n" to "\r\n\r\n" it works. By works I mean, it adds the 2 line breaks expected.
The problem area is at the bottom.
$order = $this->ordersclass->getOrder( $order_id );
$quantity = $order['no_codes'];
$client = $this->clientclass->getClient( $order['client_id'] );
$multi_d = $this->session->userdata('multi-use-codes-d');
$multi_t = $this->session->userdata('multi-use-codes-t');
$this->load->library('email');
$to = $client['client_email'];
$subject = 'Personal Resiliency Builder Order';
$from = 'accounts#resiliencybuilder.com.au';
$message = "TAX INVOICE\r\n\r\n";
$message .= "Client Name: ". $client['client_name']."\r\n";
$message .= "Invoice Number: ".$order['order_id']."\r\n";
$message .= "Invoice Date: ".$order['order_timestamp']."\r\n\r\n";
$message .= "TOTAL AMOUNT PAYABLE: $".number_format($order['order_amount'],2)."\r\n";
$message .= "GST ON SERVICES: $".number_format(($order['order_amount']/110)*10,2)."\r\n\r\n";
$message .= "ACCOUNT PAID IN FULL VIA CREDIT CARD\r\n\r\n";
$message .= "=============================================================\r\n";
$message .= "DESCRIPTION OF SERVICES\r\n\r\n";
$message .= "Code List Name: ".$this->session->userdata('codelistname') . "\r\n";
$message .= "Quantity: ".$quantity ."\r\n";
$message .= "Single-use Developmental Reports Purchased: ".$order['no_codes_d']."\r\n";
$message .= "Single-use Thriving Reports Purchased: ".$order['no_codes_t']."\r\n";
The last 2 $message variables are the problem.
The email looks like this:
TOTAL AMOUNT PAYABLE: $1,771.00
GST ON SERVICES: $161.00
ACCOUNT PAID IN FULL VIA CREDIT CARD
=============================================================
DESCRIPTION OF SERVICES
Code List Name: fggdgfdgfd
Quantity: 12
Single-use Developmental Reports Purchased: 7 Single-use Thriving
Reports Purchased: 5
Multi-use Developmental Reports Purchased: 5
Multi-use Thriving Reports Purchased: 5
SOLVED. Now looking for the understanding behind it.
After many tests, the formula for failure is: Failure = X + Y:
Failure = X character length + spaces.
In addition, it seams this problem occurs with Microsoft outlook 20xx, but not with hotmail or gmail.
Example:
$message .= "Single-use: Developmental Reports : ddddd\r\n"; ////// fail - length 41
$message .= "Single-use: DevelopmentaldReportsd:dddddd\r\n"; /// fail - length 41
$message .= "Single-use:dDevelopmentaldReportsd:dddddd\r\n"; // pass - length 41
$message .= "Single-use:DevelopmentaldReportsd:dddddddddddddddddddddddddddddd\r\n"; // pass
NOTE: This answer is for developers using CodeIgniter version 2.1.3
This is not tested on any other PHP Framework.
Based on many tests via changing the character length, adding/removing spaces, and testing with different email services:
Outlook version 20xx
Hotmail
Gmail
It is safe to conclude that CodeIgniter version 2.1.3 parses the message in such a way that given a string length around 40 characters long + 1 space character + a newline character and sending the email to all three email serves above, that only Outlook will determine that the newline character is an "Extra" newline character and therefore remove it.
It is possible to change outlooks settings to disable Outlook from removing extra newline characters
As the link suggests: Microsoft Outlook Guide to disabling Extra Newline Removal
EASY DEVELOPER SOLUTION:
Keep your string length to a maximum 39 characters including spaces.