Jump to content

New learning area

Recommended Posts

Can you show me real quick how to put that script you showed me here, to change the filename each time, how to work it into my script some, I am naming files based on 2 things, the name of the file, and the nameoffunny this is the persons name they give the file when entering the form, that is where most of the calls come from that, field, and I noticed I can name them 2 times. Here is my current script. I am not asking for someone to run through this and answer all my questions, but I am asking if a passerbyer sees a question at the bottom they know, if they can answer, with a number so I know which one, then I would appreciate it, this is an area where I ask things I have learnt over the past few weeks, that I need some understanding on, thanks.

<?php$management = true;$errorhandler = "";$filemanager = true;$dateinfo = strtotime("now");$dateformatted = date("n-d-y", $dateinfo);if ($_POST['name'] == "") {	$errorhandler .= "The Name field has been left blank<br />";	}if ($_POST['keywords'] == "") {	$errorhandler .= "The Keywords were left blank<br />";	}if(!is_uploaded_file($_FILES['file']['tmp_name'])){	$errorhandler .= "No file has been uploaded<br />";	$filemanager = false;	}  if ($filemanager === true) {$_accepted_extensions = array('.tiff', '.png', '.mpeg', '.mpg', '.wav', '.avi', '.mid', '.jpg', '.txt', '.gif', '.mp3', '.jpeg', '.gif', '.swf', '.swc', '.flv', '.mov', '.ram', '.rm', '.ra', '.rpm', '.asf', '.wma', '.wmv', '.wm', '.asf', '.wma', '.wm', '.avi', '.mpeg', '.mpg', '.mp2', '.mp3', '.mid', '.midi', '.wav');   if ($filemanager == true) {  $tmp = pathinfo($_FILES['file']['name']);  if (in_array('.' . $tmp['extension'],$_accepted_extensions)) { 	 $filemanager = true; 	 $management = true; 	 }else { 	 $filemanager = false; 	 $management = false; 	 $errorhandler .= "You have attempted to upload the wrong file type<br />"; 	 $errorhandler .= "We only accept mpeg, mpg, wav, avi, mid, jpg<br />"; 	 $errorhandler .= "jpeg, pdf, txt, gif, and mp3 formats<br />"; 	 $errorhandler .= "To request new file types email<br />"; 	 $errorhandler .= "information@theyellowpagesnetwork.com"; 	 }  }	}    // Relative URL with desired folder name and the name of the file on the user's machineif ($management === true && $filemanager === true) {	$newfile = "uploads/".basename($_FILES['file']['name']);	$newfiletemp = "{$_FILES[file][tmp_name]}";	if (file_exists($newfile)) {  $errorhandler .= "The file already exists";  $filemanager = false;	}	if($filemanager === true) {  if (!move_uploaded_file($newfiletemp, $newfile)) { 	 $errorhandler .= "The file was not moved properly"; 	 $filemanager = false; 	 $manager = false;  }	} }if ($filemanager === true || $manager === true) {	$connect = mysql_connect("localhost", "#####", "######");	$select = mysql_select_db("funnyemailforwards"); if (!$connect && !$select) {  $errorhandler .= "The database could not connect, or selected";  $management = false;  $filemanager = false;	}  }if ($filemanager === true && $management === true) {$query = "SELECT * from fileinfo WHERE type = '" . implode("", $_POST['type']) . "' AND nameoffunny = '" . mysql_real_escape_string($_POST['name']) . "' AND keywords = '" . mysql_real_escape_string($_POST['keywords']) . "' AND funnyurl = '" . mysql_real_escape_string($newfile) . "' AND entrydate = '" . mysql_real_escape_string($dateinfo) . "'";$result = mysql_query($query);$matches = mysql_num_rows($result); 	if ($matches == 0) {	$name = $_POST['name'];	$name = strtolower($name);	$name = str_replace(" ", "", $name);$inserter = "INSERT INTO fileinfo (type, nameoffunny, keywords, funnyurl, entrydate) VALUES ('" . implode("", $_POST['type']) . "', '" . mysql_real_escape_string($name) . "', '" . mysql_real_escape_string($_POST['keywords']) . "', '" . mysql_real_escape_string($newfile) . "', '" . mysql_real_escape_string($dateinfo) . "')";	if(mysql_query($inserter)){  	 $management = true; 	 $filemanager = true; 	 }else { 	 $management = false; 	 $filemanager = false; 	 $errorhandler .= "The information was not inserted into the database properly"; 	 echo mysql_error(); 	 }	} else {  $filemanager = false;  $managment = false;  $errorhandler .= "The information was already in the database, could not complete";	}	}if ($management === false || $filemanager === false) {	echo "{$errorhandler}";	} else{	echo "Everything worked out smoothly";	}		?>

There are some things that I don't understand in general about this after I finished with it.1. Which name is the one that is on the urllike http://www.funnyemailforwards.com/uploads/file.txtwhich name on here is the file.txt version, I know the name is what they put in on the form, I had someone modify my htaccess file, so now when someone goes to a 2nd level tier it directs them to display.phpa tier like www.funnyemailforwards.com/file/file.txtthe file.txt is the url I use, for instance if someone typed in something that doens't exist it returns file does not exist at this location. On the display page I have it cut away so it can process each type of file type

<?php# getLoc() grabs the current URL and parses the fake folders into variables.function getLoc(){	$dirname = split("/", getenv("REQUEST_URI"));	foreach ($dirname as $var) {   if (($var!="BidRent")&&($var!="display")&&($var!="")){  	 $p[] = $var;   } 	}	return $p;}# They are called and set here.$pages = getLoc(); $folder = trim($pages[0]);$pagename = trim($pages[1]);$site = "http://www.funnyemailforwards.com/apex/";$pageTitle = "Page For $page1";mysql_connect("localhost", "#####", "#####")or die(mysql_error());mysql_select_db("funnyemailforwards")or die(mysql_error());$select = "SELECT * FROM fileinfo WHERE nameoffunny = '$pagename'";$query = mysql_query($select);$count = mysql_num_rows($query);$fetch = mysql_fetch_assoc($query);if ($count > 0){	if(extract($fetch)) {  $successful = true;	}else  $successful = false;}else{	echo "The file Does not Exist in the database<br />";}/* Ok so now that you have the basic environment set up, you want to take $page1 and search the database for the URINAME (which you need to insert upon data submit, URL friendly -- They need to be unique!) preg_match("/[.doc|.txt|.wod]{4}/i",$string) Once you find one, grab its ID and table its under (if the types of data are in different tables). Once these global variables are set you will include premade files that handle each type of data, think template that will auto populate the page in specific areas with that datas information from the database. (by global variables i mean inside those includes will all use the same variables set here).  So once you figure out what type it is, grabbed its id etc the page continues to load, maybe grab the title while you check and the type to build $pageTitle -- since this is a gateway you need to do as such.  so lets say this is a picture under aaron. $area = "picture"; $uriname = "aaron"; grab the ID or just use the unique uriname and grab its information. the file will parse it as a picture with its info.  You may notice commented includes for header and footer, i dont know how your doing it but i usually cut the top and bottom of my sites off and stick them in their own files, and include on main files, this allows me to not have to edit a hundred files if i just need to change 1 thing at the top of the site.*/?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title><?php echo "{$nameoffunny}" ?></title><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><!--<link href="style.css" rel="stylesheet" type="text/css" />--></head><body><?php$funnyurl = $site . $funnyurl;if (preg_match("/[.txt]$/i", $funnyurl)){require_once("./includes/view_text.php");}elseif (preg_match("/[.jpg|.gif|.jpeg|.bmp|.tiff]$/i",$funnyurl)) {require_once("./includes/view_picture.php");}elseif (preg_match("/[.mov]$/i",$funnyurl)) {require_once("./includes/view_quicktime.php");}elseif (preg_match("/[.ram|.rm|.ra|.rpm]$/i",$funnyurl)) {require_once("./includes/view_realmedia.php");}elseif (preg_match("/[.asf|.wma|.wmv|.wma|.wm|.asf|.avi|.mpeg|.mpg|.mp2|.mp3|.mid|.midi|.wav]$/i",$funnyurl)) {require_once("./includes/view_windowsmedia.php");}elseif (preg_match("/[.swf|.swc|.flv]$/i",$funnyurl)) {require_once("./includes/view_flash.php");}else {echo "No file exists at this location";}?></body></html>

Then on each file I have a place where it handles the appropriate file, based on the type, these are my handling pages, as includes. view windows media player type files

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title><?php echo "{$nameoffunny}" ?></title></head><body><!-- begin embedded WindowsMedia file... -->      <div>      <OBJECT id='mediaPlayer' width="320" height="285"       classid='CLSID:22d6f312-b0f6-11d0-94ab-0080c74c7e95'       codebase='http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab#Version=5,1,52,701'      standby='Loading Microsoft Windows Media Player components...' type='application/x-oleobject'>      <param name='fileName' value="<?=$funnyurl?>">      <param name='animationatStart' value='true'>      <param name='transparentatStart' value='true'>      <param name='autoStart' value="true">      <param name='showControls' value="true">      <param name='loop' value="true">      <EMBED type='application/x-mplayer2'        pluginspage='http://microsoft.com/windows/mediaplayer/en/download/'        id='mediaPlayer' name='mediaPlayer' displaysize='4' autosize='-1'         bgcolor='darkblue' showcontrols="true" showtracker='-1'         showdisplay='0' showstatusbar='-1' videoborder3d='-1' width="320" height="285"        src="<?=$funnyurl?>" autostart="true" designtimesp='5311' loop="true">      </EMBED>      </OBJECT><br />      <!-- ...end embedded WindowsMedia file -->    <!-- begin link to launch external media player... -->        <a href="<?=$funnyurl?>" style='font-size: 85%;' target='_blank'>Launch in external player</a>        <!-- ...end link to launch external media player... -->        </div>  <?php  echo "<a href=" . '"' . $funnyurl . '"' . 'target="_blank">' . $nameoffunny . "</a>";	?></body></html>

Here is for viewing text

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title><?php echo "{$nameoffunny}" ?></title></head><?php$file = file_get_contents($funnyurl);$file = nl2br($file);echo "$file";?>	<?php  echo "<a href=" . '"' . $funnyurl . '"' . 'target="_blank">' . $nameoffunny . "</a>";	?><body></body></html>

view real_media

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title><?php echo "{$nameoffunny}" ?></title></head><body><!-- begin embedded RealMedia file... -->        <!-- begin video window... -->      <div>        <OBJECT id='rvocx' classid='clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA'        width="320" height="240">        <param name='src' value="<?=$funnyurl?>">        <param name='autostart' value="true">        <param name='controls' value='imagewindow'>        <param name='console' value='video'>        <param name='loop' value="true">        <EMBED src="<?=$funnyurl?>" width="320" height="240"         loop="true" type='audio/x-pn-realaudio-plugin' controls='imagewindow' console='video' autostart="true">        </EMBED>        </OBJECT><br />        <!-- ...end video window -->          <!-- begin control panel... -->          <OBJECT id='rvocx' classid='clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA'          width="320" height='30'>          <param name='src' value="<?=$funnyurl?>">          <param name='autostart' value="true">          <param name='controls' value='ControlPanel'>          <param name='console' value='video'>          <EMBED src="<?=$funnyurl?>" width="320" height='30'           controls='ControlPanel' type='audio/x-pn-realaudio-plugin' console='video' autostart="true">          </EMBED>          </OBJECT><br />          <!-- ...end control panel -->          <!-- ...end embedded RealMedia file -->        <!-- begin link to launch external media player... -->        <a href="http://servername/path/to/media.file" style='font-size: 85%;' target='_blank'>Launch in external player</a>        <!-- ...end link to launch external media player... -->       </div><br />   	 <?php  echo "<a href=" . '"' . $funnyurl . '"' . 'target="_blank">' . $nameoffunny . "</a>";	?></body></html>

View Quicktime

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title><?php echo "{$nameoffunny}" ?></title></head><body>        <!-- begin video window... -->  <div>        <OBJECT classid='clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B' width="320"        height="255" codebase='http://www.apple.com/qtactivex/qtplugin.cab'>        <param name='src' value="<?=$funnyurl?>">        <param name='autoplay' value="true">        <param name='controller' value="true">        <param name='loop' value="true">        <EMBED src="<?=$funnyurl?>" width="320" height="255" autoplay="true"         controller="true" loop="true" pluginspage='http://www.apple.com/quicktime/download/'>        </EMBED>        </OBJECT>  </div><br />        <!-- ...end embedded QuickTime file -->   	 <?php  echo "<a href=" . '"' . $funnyurl . '"' . 'target="_blank">' . $nameoffunny . "</a>";	?></body></html>

View Picture

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title><?php echo "{$nameoffunny}" ?></title></head><body><?phpecho '<img src="' . $funnyurl . '" />';?><a href="<?=$funnyurl?>"><?=$nameoffunny?></a></body></html>

View Flash

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title><?php echo "{$nameoffunny}" ?></title></head><!-- begin embedded Flash file... --><div>        <OBJECT classid='clsid:D27CDB6E-AE6D-11cf-96B8-444553540000'        codebase='http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0'        width="320" height="240">        <param name='movie' value="<?=$funnyurl?>">        <param name='quality' value="high">        <param name='bgcolor' value='#FFFFFF'>        <param name='loop' value="true">        <EMBED src="<?=$funnyurl?>" quality='high' bgcolor='#FFFFFF' width="320"        height="240" loop="true" type='application/x-shockwave-flash'        pluginspage='http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash'>        </EMBED>        </OBJECT>  </div><br />        <!-- ...end embedded Flash file --> 	 <?php  echo "<a href=" . '"' . $funnyurl . '"' . 'target="_blank">' . $nameoffunny . "</a>";	?><body></body></html>

And then I have my admin system.1. How is this for my first major script, is it good, I know the players, I got from a generator, but I modified them to match my needs.2. Is there something I left out security wise.3. I see there are multiple ways to append strings together, but I am wondering about something likeif there's a string that has quotation marks<form name="something" id="something"This is just an example, I can't append something in there without<?=$variable?>I don't want to use shorthand but when I try to use<?php echo $variable?> it doesn't workand ?php echo '$variable'?> returns errorsI am just asking in general because I need to figure this out for future projects4. In general was my first main completed, well not completed I am still doing a few things on it, like the admin page, and some db calls on the homepage, but overall is my first main project good, did I do pretty good for my first big programming project.5. Have I offended anyone on this forum at all so far, or annoyed anyone.6.Ok when I named the files there are basically 2 files nameson every script I places a variable like$site = "http://www.funnyemailforwards.com/apex/";Then the other file name in the db was "uploads/filename.ext";So I added those 2 variables together to gethttp://www.funnyemailforwards.com/apex/uploads/filename.extTHis made sure it always matched the proper destination, what I have as my primary name, the one that is used as links and always fed to the display .php is a name that they name it on the form, they pick name, and it's labeled in a variable called nameoffunnythat is what I use to call the information, but I don't understand where the funnyurl the /uploads/filename.ext I don't understand where the filename.ext comes from, I made the script it's there but how did it get there.7. How do I get a different name for each filename, I know that someguy gave me one, and I was looking at that but couldn't integrate it, and I was more of wondering, when someone enters the name int he form, if they enter the same name as another, I wanted to just add a 1-2-3-4-5 or whatever, at the end of it or something, but then I have the problem with the funnyurl, what if someone enters a file that is generally named like demon.awf for example, then someone else downloads the same filename 2-3 times, I think I haev that script to where if someone duplicated filename's like that it returns file already exists, I am pretty sure of that.8. Do my display pages, the pages you view the various content, do you think that those types of scripts will play the types of files I showed in display.php or are there smoe of them I should take out, or some I forgot to put in for one of the types.9. Is my script generally secure, or does anyone have tips on being more secure, or general security advice?10. I use dreamweaver, but I am always in code view, doing everything by hand, when I open a page that has object tags though, it asks me if I wnat to change them to browser safe tags, like embed, this confuses me as aspnetguy said embed was DEPrecated abject was not, so now I am wondering because even w3 said that embed was deprecated, why would dreamweaver 8 tell me that newer browsers may not be abel to use it, when I have the object tags, this severely confused me, it has been doing it for quite awhile now.Or when they made dreamweaver did they get the 2 tags mixed up.11. What are these things I keep seeing where I have my video playerstheclassidparam name12. With javascript what I was wondering one thing about, when some people do javascript they leave out comments, I know they should be there but I use<script type="text/javascript"><!-- code snippet here-->Should it be <!--code//-->What annoys me more than anything, just for an example is this<script type="text/javascript"><!-- hide from older browserscode--></script>sorry but that is just the most annoying thing I have ever seen, it just annoys me for some reason.13. Ok I have a question on the power of php, I had to use htaccess with information like

IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*IndexIgnore *Options -IndexesDirectoryIndex index.php<Limit GET POST>order deny,allowdeny from allallow from all</Limit><Limit PUT DELETE>order deny,allowdeny from all</Limit>RewriteEngine onRewriteCond %{REQUEST_FILENAME} !-fRewriteRule (/.*) display.php

What I don't understand is I was told you don't need htaccess to do this, but I have thought of hundreds of ways, and none are feasable, can someone give me 2-3 examples, of theoretical other ways of doing the same thing that was done with funnyemailforwards, without ever using htaccess.Just so I will understand more that php always has multiple paths to each need.14. Is htaccess worth learningI see it looks easy to understand, I went through tutorials, and I saw a lot, custom error messages, and a lot more.15. Why do someone create a php file without an extension.16. How does php still parse these files without extensions17. How do I set dreamweaver to be able to open these file types.Thanks for all of the help.

Link to comment
Share on other sites

3. If you are not able to use echo, try print();12. Generally they both mean the same, but via syntax, // --> is more secure because if the script sees --> it thinks it is as a bunch of operators, // --> puts it into a comment. But you may use either one.

Link to comment
Share on other sites

If you want to print a quote, you have to escape it:echo "<input type=\"text\" name=\"name\" ... ";The clsid for an object is a reference in the Windows registry to information about the plugin. The parameters are passed along to the plugin the same way parameters are passed to functions in PHP.You don't need htaccess to modify the URL, but that doesn't mean that PHP alone can do it. One way is to use mod_rewrite for Apache.A server will send any file type to be executed with PHP that you tell it to. You can set up a server to send files with no type to PHP, if that's what you really want to do. I assume that file->open will open them in Dreamweaver, but I don't use Dreamweaver so I'm not sure.As for whether or not your application is "good", it's good if it works and doesn't have any bugs. You'll be able to decide if it's good in a matter of time.As for the other questions, it's probably better to ask them individually. It's a lot to wade through when you post your entire source and all the questions you have on it.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...