Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  





Search Forums

(Advanced Search)

Forum Statistics
» Members: 22,229
» Latest member: bulentsakarya
» Forum threads: 72,895
» Forum posts: 373,343

Full Statistics

Latest Threads
HelpDeskz - free ticketin...
Forum: Spotlight
1 minute ago
» Replies: 11   » Views: 273
codeigniter : How to load...
Forum: General Help
5 hours ago
» Replies: 2   » Views: 418
Do you have a hobby?
Forum: Lounge
6 hours ago
» Replies: 37   » Views: 25,440
Route error when the valu...
Forum: CodeIgniter 4 Support
8 hours ago
» Replies: 4   » Views: 80
Fatal error: Cannot acces...
Forum: Issues
8 hours ago
» Replies: 0   » Views: 25
connecting database on do...
Forum: CodeIgniter 4 Support
Yesterday, 04:41 PM
» Replies: 1   » Views: 73
CI 4.0.5 install
Forum: CodeIgniter 4 Support
Yesterday, 03:08 PM
» Replies: 0   » Views: 157
Populate form_multiselect...
Forum: Model-View-Controller
Yesterday, 12:20 PM
» Replies: 2   » Views: 93
How to display corpname f...
Forum: General Help
Yesterday, 11:31 AM
» Replies: 8   » Views: 202
Creating pages for new us...
Forum: General Help
Yesterday, 10:20 AM
» Replies: 0   » Views: 35

 
  Really simple (hopefully) problem.
Posted by: El Forum - 06-23-2007, 02:24 PM - Forum: Archived General Discussion - Replies (3)

[eluser]jord[/eluser]
For whatever reason, I'm having a terrible time getting a very basic code igniter application off the ground.

The welcome page works perfectly fine, but when I attempt to a use a controller / view of my own it doesn't work even if I basically copy/past from the welcome code. Viewing the source in the browser shows that nothing is being sent from the server. 'note' is currently set as the default controller.

Code:

note.php

Code:
<?php
class Note extends Controller()
{
    function Note()
    {
        parent::Controller();    
    }
    
    function index()
    {
        $this->load->view('note_viewer');
    }
}
?>

note_viewer.php is a direct copy of welcome.php

The code is simple, I just can't figure out why it isn't working. There are no errors in the logs.


  validation class esaping bug
Posted by: El Forum - 06-23-2007, 12:36 PM - Forum: Archived Development & Programming - Replies (1)

[eluser]johnman[/eluser]
line 663 in validation.php

Code:
return str_replace(array("'", '"', '<', '>'), array("'", "&quot;", '&lt;', '&gt;'), stripslashes($str));

There shouldn't be a stripslashes there right?


  I think i found a new bug , but im not sure (involves escaping & validation->run)
Posted by: El Forum - 06-23-2007, 12:04 PM - Forum: Archived General Discussion - Replies (1)

[eluser]johnman[/eluser]
I am currenly trying to get my form validation correct and somehow CI is throwing away some of the '\' if i use it in the input fields. Below is the debugging code i used to pinpoint the problem.

Code:
$this->validation->set_error_delimiters('<div class="error">', '</div>');

        if( count($_POST)){
            echo("Voor: ");
            echo($this->validation->name . " ");

        }

        if ($this->validation->run() == FALSE){ //validation failed, reload the view
            $data['query_groups'] = $this->db->get('user_groups');
            
        if(false || count($_POST)){
            echo("NA: ");
            echo($this->validation->name);
            exit;
        }

this gives the following output:
Code:
Voor: aaa\bbb NA: aaabbb

I checked everything until the validation->run and right at that point the '\' disappears.

Im not sure if this is already known since i know there are already some bugreports involving escaping.

(PS i know there shouldn't be any backslashes in a name anyway Smile )

I think i found it:

line 663 in validation.php
Code:
return str_replace(array("'", '"', '<', '>'), array("'", "&quot;", '&lt;', '&gt;'), stripslashes($str));

There shouldn't be a stripslashes there right?

EDIT
I also posted this in the bug topic just to be sure it is known .


  Escaping queries
Posted by: El Forum - 06-23-2007, 11:31 AM - Forum: Archived Development & Programming - Replies (1)

[eluser]VivaUkraine[/eluser]
Hello!
I've a very basic quastion i think...

So i have some form with to text fields, and i this form data is inserting to database..

like this:

Code:
$this->db->insert('news',$_POST);

Does the CI automaticly escaping $_POST data? Or i need to use somethink like:

Code:
$this->db->set('title',$this->db->escape($_POST['title']));

for the each field ?


  Custom 404 controller like any other controller
Posted by: El Forum - 06-23-2007, 08:35 AM - Forum: Archived Development & Programming - Replies (18)

[eluser]Henrik Pejer[/eluser]
Hello fellow CI code crunchers!

I decided to start my venture down the CI-path with a little fix for, as I'd call it, complete custom 404 controller page.

I searched the forum for how I should make a custom 404-page. It seemed like I should extend the Exceptions-class. The only problem is that the 404-event triggers before all the base classes are loaded: I have no controller, database etc.

I think the reason for this is based on security: not letting an ill typed URL somehow get run by CI as a normal controller.

But I realized that by extending not the Exceptions class but rather the Router-class, I was able to 'fool' CI to use one of my own controller, and let the system load as normal.

All I did was copy the '_validate_segments'-function and slightly modify it to return the custom controller I wanted to use as 404-page. My custom 404-controller is called 'custom404controller' and located in my application/controllers/-folder, like any other controller.

A word of advice: before you use this, test it thoroughly! Also make sure that by using this way of handling 404-errors, you do not compromise the security of you application. Also,this is for version 1.5.3 of CI.

This is the extension that seemed to do the trick:

Code:
class MY_Router extends CI_Router{
    
    function MY_Router(){
        parent::CI_Router();
    }
    
    function _validate_segments($segments)

    {

        // Does the requested controller exist in the root folder?

        if (file_exists(APPPATH.'controllers/'.$segments[0].EXT))

        {

            return $segments;

        }



        // Is the controller in a sub-folder?

        if (is_dir(APPPATH.'controllers/'.$segments[0]))

        {        

            // Set the directory and remove it from the segment array

            $this->set_directory($segments[0]);

            $segments = array_slice($segments, 1);

            

            if (count($segments) > 0)

            {

                // Does the requested controller exist in the sub-folder?

                if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].EXT))

                {
                    # HENRIK PEJER MOD: commented out the line below, added the line below that

                    #show_404();
                    return $this->custom_404();

                }

            }

            else

            {

                $this->set_class($this->default_controller);

                $this->set_method('index');

            

                // Does the default controller exist in the sub-folder?

                if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$this->default_controller.EXT))

                {

                    $this->directory = '';

                    return array();

                }

            

            }              

            return $segments;

        }

    

        // Can't find the requested controller...
        # HENRIK PEJER MOD: commented out the line below, added the line below that
        #show_404();
        return $this->custom_404();

    }
    
    function custom_404(){
        # return an array with the name of the controller we want as the 404-handler...
        return array('custom404controller');
    }
}

Any advice, tips or concerns regarding the code above would be very interesting to hear.

Take care and happy CI:ing!


  alpha, xss_clean and i18n in CI
Posted by: El Forum - 06-23-2007, 04:16 AM - Forum: Archived General Discussion - Replies (1)

[eluser]Crimp[/eluser]
I have been trying to resolve two CI issues:

Validation.php -> all TRUE alpha-based functions are ASCII only
Input.php -> xss_clean silently returns an empty $_POST value if entry string is not ASCII

Both problems are already documented in the forums. Unless hacked, these core functions are not usable for anyone outside the basic ASCII geography (not even the ISO-8859-1 folks).

I have attempted, as a start, to change the locale and alter the relevant regexp patterns in Validation.php, but it fails. It seems, to me, that PCRE does not support the extended ASCII charsets despite first checking and then setting the correct locale. I hope someone may be able to assist with this to help resolve these issues. Some example snippets:

CI Validation.php alpha():

Code:
function alpha($str)
    {
        return ( ! preg_match("/^([a-z])+$/i", $str)) ? FALSE : TRUE;
    }

Checking locale (varies according to your region, of course):
Code:
$loc_no = setlocale(LC_ALL, 'no_no', 'no_NO', 'nb_NO','nb_NO.ISO-8859-1','no_NO.ISO-88591');
echo "Preferred locale on this system is '$loc_no'";

Setting tested locale:
Code:
setlocale(LC_ALL, 'no_no');

Replacement pattern:
Code:
function alpha($str)
    {
        return ( ! preg_match("/^([a-zæøåÆØÅ])+$/i", $str)) ? FALSE : TRUE;
    }

Validation strings containing the extra chars still return FALSE. Then there's the bigger xss_clean issue. Has anyone resolved these i18n issues with CI, or just written their own callbacks instead (perhaps a better approach than always hacking the core?), or just turned off those rules and hoped for the best?


  Basic Question for a newbie
Posted by: El Forum - 06-23-2007, 03:03 AM - Forum: Archived Development & Programming - Replies (6)

[eluser]deineMudder[/eluser]
Hello everyone,
i am totally new to CI.
I watched the video tutorials, which are impressive. doing the tutorials step by step on my own server seem to get me some problems already tho.
when i started to extend my controller with a db-query

Code:
$data['query'] = $this->db->get('user');
$this->load->view('login',$data);

it results in Fatal error: Call to a member function on a non-object .

now i havent made anything special at all, just following the video tutorial of "creating a blog in 20min". The scaffolding feature works nicely, tho if i try to connect on my own to the database it seems impossible to work. i was searching the forum already for over an hour to find a proper solution to my problem, but nothing seems to help.

linux server
php4


  template parser attributes
Posted by: El Forum - 06-23-2007, 02:16 AM - Forum: Archived Development & Programming - Replies (2)

[eluser]Unknown[/eluser]
is available to add attributes to parse template tag link ExpressionEngine
For example

Code:
{link slug='your slug here'}


  I think the code is correct. But.........
Posted by: El Forum - 06-22-2007, 11:12 PM - Forum: Archived Development & Programming - Replies (1)

[eluser]java[/eluser]
Here is my code in processing file upload :
Controller:

Code:
class Ungxu extends Controller
{
  function Ungxu()
{
    parent::Controller();
    $this->load->model('tintuc_model','tintuc');
    $this->load->helper('form','url');
}
}
function index()
{
       $this->load->view('ungxu', array('error' => ' ' ));// pass error argument
       // attach file upload (if have)
            
            if(isset($_POST['filename']))
            {
                $this->doUpload();
                $this->email->attach('/uploads/folder/$file_name');
        }
}
function doUpload()
    {
        $config['upload_path'] = '/uploads/ungxu/';
        $config['allowed_types'] = 'doc|txt|rar';
        $config['max_size']    = '100';
        $config['max_width']  = '1024';
        $config['max_height']  = '768';
        
        $this->load->library('upload', $config);
            
            if ( ! $this->upload->do_upload())
            {
                $error = array('error' => $this->upload->display_errors());
                $data['content'] = $this->load->view('dangky', $error, true);
            }    
            else
            {
                $upload_data = $this->upload->data();
                $filename = $upload_data['file_name'];
            }

    }
and view:
Code:
<tr>
&lt;?=$error;?&gt;
    &lt;?=form_open_multipart('ungxu/doUpload'); ?&gt;

      <td style="width: 198px">
      &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp; Tài liệu đính kèm</td>
      <td>&lt;input name="filename" type="file" id="filename" /&gt; (Tối đa 1MB)</td>
</tr>
<tr>
    <td align="center" colspan="2">
     &lt;input type="submit" name="submit" value="Gửi" id="send" style="width:70px;"
&lt;input type="reset" value="Làm lại" /&gt;                            
    </td&gt;
</tr>
   </table>                
  &lt;/form&gt;
My idea is if a visitor upload a file and webpages will automatically attach file to send mail. But when i try it, an error generated:
Quote:An Error Was Encountered
Unable to load the requested language file: language/upload_lang.php
My code have some problems? Please tell me how can resolve it? Thank you..


  Interfacing to a Windows web service advice
Posted by: El Forum - 06-22-2007, 09:36 PM - Forum: Archived General Discussion - Replies (4)

[eluser]Pete Smith[/eluser]
Forgive me if this has been discussed. Some of the terms are used in so many ways that I'm finding searching to be problematic.

I'm building a shopping cart that has to authorize a credit card against a pre-determined Web Payment Service (EFSNet, to be precise). I have 3 options: SOAP, XML, or Name/Value Pairs. The server I'm going to be running on has PHP 4, so I can't use PHP's SOAP Extension. I've heard of nuSOAP but I don't know if it's still being developed and I'm not sure its secure enough to be sending credit card data back and forth with. Thoughts on that?

XML seems promising and I was wondering if there's a way to somehow use the XML-RPC Class to send and receive XML files, perhaps by modifying the code somehow? The only example EFSNet provides (they're clearly a MS shop) uses COM:

Quote:This sample demonstrates an XML POST using the XMLHttpRequest object
found in Microsoft® XML Parser (MSXML), version 3.0 or higher. The example
provided is written in Visual Basic; however, this can be used from any language
that supports Component Object Model (COM) objects.

DOMDocument XML POST Example
Code:
‘ Note: Add project reference to Microsoft XML, Ver 3.0 or 4.0
Dim sXML As String
Dim iDocument As New MSXML2.DOMDocument
Dim iHttp As New MSXML2.XMLHTTP30
sXML = "<Request StoreID='myStoreID'" & _
" StoreKey='myStoreKey'" & _
" ApplicationID='EFSnet samples 1.0'>" & _
"<SystemCheck/>" & _
"</Request>"
iHttp.Open "POST", "https://test.testserver.com/test.dll",
False
iDocument.async = False
iDocument.loadXML sXML
iHttp.Send iDocument
MsgBox iHttp.responseText

Is there a clean way to send/receive XML using CI?

Last is the CGI, Name/Value pairs option which feels like it'd be messy, but maybe CI helpers could make it easier? Is an https GET secure enough that I should be comfortable doing it? Here's what the spec guide has to say:
Quote:Example of Name/Value Pair Send (HTTPS GET)
https://test.testsite.com/
test.dll?Method=SystemCheck&StoreID=myStoreID&StoreKey=mykey&ApplicationID=Test+samples+1&#x2e;0

Example of Name/Value Pair Reply
ResponseCode=0&ResultCode=001&ResultMessage=ON+LINE

I'm sorry if this all sounds a little vague. I've been researching myself into circles to the point where its all a blur. I just need a kick in the butt to send me looking in the right direction. (This is the first time I've ever done anything like this in PHP, let alone in CI. I could do it in Tcl! Much good that does me these days... Smile )



  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.